120.29.157.206

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT. Hipernet Indodata

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	May 4 20:26:02 system,error,critical: login failure for user admin from 120.29.157.206 via telnet May 4 20:26:03 system,error,critical: login failure for user ubnt from 120.29.157.206 via telnet May 4 20:26:04 system,error,critical: login failure for user root from 120.29.157.206 via telnet May 4 20:26:06 system,error,critical: login failure for user root from 120.29.157.206 via telnet May 4 20:26:07 system,error,critical: login failure for user root from 120.29.157.206 via telnet May 4 20:26:08 system,error,critical: login failure for user service from 120.29.157.206 via telnet May 4 20:26:09 system,error,critical: login failure for user administrator from 120.29.157.206 via telnet May 4 20:26:10 system,error,critical: login failure for user root from 120.29.157.206 via telnet May 4 20:26:11 system,error,critical: login failure for user root from 120.29.157.206 via telnet May 4 20:26:12 system,error,critical: login failure for user admin from 120.29.157.206 via telnet	2020-05-05 05:45:39
attackspam	Apr 28 12:07:09 system,error,critical: login failure for user admin from 120.29.157.206 via telnet Apr 28 12:07:10 system,error,critical: login failure for user admin from 120.29.157.206 via telnet Apr 28 12:07:11 system,error,critical: login failure for user admin from 120.29.157.206 via telnet Apr 28 12:07:13 system,error,critical: login failure for user root from 120.29.157.206 via telnet Apr 28 12:07:14 system,error,critical: login failure for user service from 120.29.157.206 via telnet Apr 28 12:07:15 system,error,critical: login failure for user mother from 120.29.157.206 via telnet Apr 28 12:07:16 system,error,critical: login failure for user root from 120.29.157.206 via telnet Apr 28 12:07:17 system,error,critical: login failure for user root from 120.29.157.206 via telnet Apr 28 12:07:18 system,error,critical: login failure for user root from 120.29.157.206 via telnet Apr 28 12:07:19 system,error,critical: login failure for user root from 120.29.157.206 via telnet	2020-04-29 03:52:16

类型

评论内容

时间

attack

May  4 20:26:02 system,error,critical: login failure for user admin from 120.29.157.206 via telnet
May  4 20:26:03 system,error,critical: login failure for user ubnt from 120.29.157.206 via telnet
May  4 20:26:04 system,error,critical: login failure for user root from 120.29.157.206 via telnet
May  4 20:26:06 system,error,critical: login failure for user root from 120.29.157.206 via telnet
May  4 20:26:07 system,error,critical: login failure for user root from 120.29.157.206 via telnet
May  4 20:26:08 system,error,critical: login failure for user service from 120.29.157.206 via telnet
May  4 20:26:09 system,error,critical: login failure for user administrator from 120.29.157.206 via telnet
May  4 20:26:10 system,error,critical: login failure for user root from 120.29.157.206 via telnet
May  4 20:26:11 system,error,critical: login failure for user root from 120.29.157.206 via telnet
May  4 20:26:12 system,error,critical: login failure for user admin from 120.29.157.206 via telnet

2020-05-05 05:45:39

attackspam

Apr 28 12:07:09 system,error,critical: login failure for user admin from 120.29.157.206 via telnet
Apr 28 12:07:10 system,error,critical: login failure for user admin from 120.29.157.206 via telnet
Apr 28 12:07:11 system,error,critical: login failure for user admin from 120.29.157.206 via telnet
Apr 28 12:07:13 system,error,critical: login failure for user root from 120.29.157.206 via telnet
Apr 28 12:07:14 system,error,critical: login failure for user service from 120.29.157.206 via telnet
Apr 28 12:07:15 system,error,critical: login failure for user mother from 120.29.157.206 via telnet
Apr 28 12:07:16 system,error,critical: login failure for user root from 120.29.157.206 via telnet
Apr 28 12:07:17 system,error,critical: login failure for user root from 120.29.157.206 via telnet
Apr 28 12:07:18 system,error,critical: login failure for user root from 120.29.157.206 via telnet
Apr 28 12:07:19 system,error,critical: login failure for user root from 120.29.157.206 via telnet

2020-04-29 03:52:16

相同子网IP讨论:

IP	类型	评论内容	时间
120.29.157.118	attackspam	TCP (SYN) 120.29.157.118:42063 -> port 23, len 44	2020-06-17 17:16:19
120.29.157.118	attack	DATE:2020-06-10 15:19:59, IP:120.29.157.118, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-06-11 01:11:26
120.29.157.253	attackspambots	Unauthorised access (Dec 30) SRC=120.29.157.253 LEN=52 TTL=108 ID=2692 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-30 15:57:29
120.29.157.253	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2019-12-26 05:14:19
120.29.157.253	attackspam	Unauthorized connection attempt from IP address 120.29.157.253 on Port 445(SMB)	2019-12-15 21:26:51
120.29.157.253	attack	Unauthorized connection attempt from IP address 120.29.157.253 on Port 445(SMB)	2019-11-28 06:16:53
120.29.157.251	attackspambots	PHI,WP GET /wp-login.php	2019-08-21 05:25:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.29.157.206
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37717
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.29.157.206.			IN	A

;; AUTHORITY SECTION:
.			213	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042801 1800 900 604800 86400

;; Query time: 129 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 29 03:52:11 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 206.157.29.120.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 206.157.29.120.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
165.227.193.157	attackspambots	"fail2ban match"	2020-08-13 16:15:44
212.64.60.50	attackbots	Aug 13 08:51:01 web-main sshd[826755]: Failed password for root from 212.64.60.50 port 37485 ssh2 Aug 13 08:55:45 web-main sshd[826759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.60.50 user=root Aug 13 08:55:48 web-main sshd[826759]: Failed password for root from 212.64.60.50 port 48426 ssh2	2020-08-13 16:27:32
103.141.208.157	attackbots	Port Scan ...	2020-08-13 16:55:47
104.131.67.151	attackbots	Auto Fail2Ban report, multiple SSH login attempts.	2020-08-13 16:13:20
122.51.176.111	attackbots	Aug 13 05:47:35 ns37 sshd[6221]: Failed password for root from 122.51.176.111 port 42908 ssh2 Aug 13 05:47:35 ns37 sshd[6221]: Failed password for root from 122.51.176.111 port 42908 ssh2	2020-08-13 16:41:08
106.12.123.82	attack	SSH Brute Force	2020-08-13 16:33:50
51.195.166.192	attackspambots	detected by Fail2Ban	2020-08-13 16:28:31
213.37.100.199	attackbots	Aug 13 05:53:45 buvik sshd[3654]: Failed password for root from 213.37.100.199 port 33620 ssh2 Aug 13 05:58:00 buvik sshd[4225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.37.100.199 user=root Aug 13 05:58:01 buvik sshd[4225]: Failed password for root from 213.37.100.199 port 44726 ssh2 ...	2020-08-13 16:53:07
106.53.2.93	attackspambots	Aug 13 07:02:19 eventyay sshd[16010]: Failed password for root from 106.53.2.93 port 45844 ssh2 Aug 13 07:06:36 eventyay sshd[16079]: Failed password for root from 106.53.2.93 port 38512 ssh2 ...	2020-08-13 16:37:35
182.162.104.153	attackspam	SSH brutforce	2020-08-13 16:43:34
218.92.0.221	attackspam	Aug 13 10:47:06 abendstille sshd\[15390\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.221 user=root Aug 13 10:47:08 abendstille sshd\[15390\]: Failed password for root from 218.92.0.221 port 38747 ssh2 Aug 13 10:47:14 abendstille sshd\[15478\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.221 user=root Aug 13 10:47:16 abendstille sshd\[15478\]: Failed password for root from 218.92.0.221 port 62476 ssh2 Aug 13 10:47:18 abendstille sshd\[15478\]: Failed password for root from 218.92.0.221 port 62476 ssh2 ...	2020-08-13 16:49:43
34.86.22.69	attackspambots	Aug 13 01:07:42 pixelmemory sshd[120181]: Failed password for root from 34.86.22.69 port 44868 ssh2 Aug 13 01:13:52 pixelmemory sshd[121250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.86.22.69 user=root Aug 13 01:13:54 pixelmemory sshd[121250]: Failed password for root from 34.86.22.69 port 60494 ssh2 Aug 13 01:19:55 pixelmemory sshd[122340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.86.22.69 user=root Aug 13 01:19:56 pixelmemory sshd[122340]: Failed password for root from 34.86.22.69 port 47834 ssh2 ...	2020-08-13 16:57:36
116.252.254.223	attackspambots	port scan and connect, tcp 1433 (ms-sql-s)	2020-08-13 16:36:33
141.101.174.249	attack	port scan and connect, tcp 1433 (ms-sql-s)	2020-08-13 16:35:54
139.199.85.241	attack	Aug 13 10:47:04 itv-usvr-01 sshd[3114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.85.241 user=root Aug 13 10:47:05 itv-usvr-01 sshd[3114]: Failed password for root from 139.199.85.241 port 53796 ssh2 Aug 13 10:49:16 itv-usvr-01 sshd[3231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.85.241 user=root Aug 13 10:49:18 itv-usvr-01 sshd[3231]: Failed password for root from 139.199.85.241 port 46890 ssh2 Aug 13 10:51:21 itv-usvr-01 sshd[3325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.85.241 user=root Aug 13 10:51:23 itv-usvr-01 sshd[3325]: Failed password for root from 139.199.85.241 port 39974 ssh2	2020-08-13 16:45:39

最近上报的IP列表

212.129.54.224	17.167.171.166	42.116.218.125	37.76.185.120
14.166.20.42	49.234.234.124	188.235.199.134	209.133.156.6
189.144.31.13	78.71.234.246	52.234.6.201	152.32.254.193
250.153.194.17	179.251.116.201	71.93.44.104	218.90.175.215
25.109.72.223	45.5.136.250	229.225.4.54	114.35.137.255