119.29.249.20 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	[portscan] Port scan	2019-09-05 07:47:59

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.29.249.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40981
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.29.249.20.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090402 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Sep 05 07:47:54 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 20.249.29.119.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 20.249.29.119.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
220.143.30.145	attack	37215/tcp 23/tcp... [2019-07-04/05]4pkt,2pt.(tcp)	2019-07-07 06:43:46
80.216.38.173	attackspambots	5555/tcp 5555/tcp 5555/tcp... [2019-05-13/07-06]4pkt,1pt.(tcp)	2019-07-07 06:53:59
114.108.177.104	attack	proto=tcp . spt=34942 . dpt=25 . (listed on Blocklist de Jul 05) (522)	2019-07-07 06:41:55
207.180.196.202	attackspam	207.180.196.202 - - [07/Jul/2019:00:50:53 +0200] "GET /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 207.180.196.202 - - [07/Jul/2019:00:50:53 +0200] "POST /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 207.180.196.202 - - [07/Jul/2019:00:50:53 +0200] "GET /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 207.180.196.202 - - [07/Jul/2019:00:50:54 +0200] "POST /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 207.180.196.202 - - [07/Jul/2019:00:50:54 +0200] "GET /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 207.180.196.202 - - [07/Jul/2019:00:50:54 +0200] "POST /wp-login.php HTTP/1.1" 200 4405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" .	2019-07-07 07:11:18
165.22.92.182	attackbots	Jul 7 00:44:14 server2 sshd\[2831\]: User root from 165.22.92.182 not allowed because not listed in AllowUsers Jul 7 00:44:14 server2 sshd\[2833\]: Invalid user admin from 165.22.92.182 Jul 7 00:44:15 server2 sshd\[2835\]: Invalid user admin from 165.22.92.182 Jul 7 00:44:15 server2 sshd\[2837\]: Invalid user user from 165.22.92.182 Jul 7 00:44:15 server2 sshd\[2839\]: Invalid user ubnt from 165.22.92.182 Jul 7 00:44:15 server2 sshd\[2841\]: Invalid user admin from 165.22.92.182	2019-07-07 06:46:51
149.202.45.205	attackbots	SSH-BruteForce	2019-07-07 07:04:28
141.98.10.34	attackbots	2019-07-06T23:35:19.963065ns1.unifynetsol.net postfix/smtpd\[22673\]: warning: unknown\[141.98.10.34\]: SASL LOGIN authentication failed: authentication failure 2019-07-07T00:39:36.687727ns1.unifynetsol.net postfix/smtpd\[22673\]: warning: unknown\[141.98.10.34\]: SASL LOGIN authentication failed: authentication failure 2019-07-07T01:43:45.720058ns1.unifynetsol.net postfix/smtpd\[4101\]: warning: unknown\[141.98.10.34\]: SASL LOGIN authentication failed: authentication failure 2019-07-07T02:47:50.812738ns1.unifynetsol.net postfix/smtpd\[16014\]: warning: unknown\[141.98.10.34\]: SASL LOGIN authentication failed: authentication failure 2019-07-07T03:52:00.346380ns1.unifynetsol.net postfix/smtpd\[25717\]: warning: unknown\[141.98.10.34\]: SASL LOGIN authentication failed: authentication failure	2019-07-07 06:27:29
157.55.39.101	attackbots	Automatic report - Web App Attack	2019-07-07 07:03:12
114.112.81.182	attack	Jul 6 16:05:35 unicornsoft sshd\[3077\]: Invalid user data from 114.112.81.182 Jul 6 16:05:36 unicornsoft sshd\[3077\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.112.81.182 Jul 6 16:05:38 unicornsoft sshd\[3077\]: Failed password for invalid user data from 114.112.81.182 port 37904 ssh2	2019-07-07 06:36:29
197.47.129.158	attack	DATE:2019-07-06_15:14:10, IP:197.47.129.158, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2019-07-07 06:58:45
37.49.231.107	attackbotsspam	Port Scan detected from 37.49.231.107 (NL/Netherlands/-). 4 hits in the last 150 seconds	2019-07-07 07:00:23
66.70.130.144	attackbotsspam	Jul 6 15:14:55 dedicated sshd[28019]: Invalid user cq from 66.70.130.144 port 59080	2019-07-07 06:37:02
191.53.223.84	attackbots	Jul 6 09:13:55 web1 postfix/smtpd[5953]: warning: unknown[191.53.223.84]: SASL PLAIN authentication failed: authentication failure ...	2019-07-07 07:04:06
220.143.92.249	attackbots	37215/tcp 37215/tcp [2019-07-04/05]2pkt	2019-07-07 06:39:32
218.92.0.193	attackbotsspam	Apr 20 14:32:37 vtv3 sshd\[26444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.193 user=root Apr 20 14:32:38 vtv3 sshd\[26444\]: Failed password for root from 218.92.0.193 port 37503 ssh2 Apr 20 14:32:42 vtv3 sshd\[26444\]: Failed password for root from 218.92.0.193 port 37503 ssh2 Apr 20 14:32:45 vtv3 sshd\[26444\]: Failed password for root from 218.92.0.193 port 37503 ssh2 Apr 20 14:32:48 vtv3 sshd\[26444\]: Failed password for root from 218.92.0.193 port 37503 ssh2 May 11 19:44:52 vtv3 sshd\[28214\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.193 user=root May 11 19:44:54 vtv3 sshd\[28214\]: Failed password for root from 218.92.0.193 port 13987 ssh2 May 11 19:44:57 vtv3 sshd\[28214\]: Failed password for root from 218.92.0.193 port 13987 ssh2 May 11 19:44:59 vtv3 sshd\[28214\]: Failed password for root from 218.92.0.193 port 13987 ssh2 May 11 19:45:03 vtv3 sshd\[28214\]: Failed password for r	2019-07-07 07:10:02

Recently Reported IPs

122.161.96.18	115.229.253.79	54.242.164.70	139.51.37.68
247.186.243.39	232.198.95.147	142.150.10.120	220.230.123.203
115.207.203.156	111.38.9.114	77.99.249.120	201.176.167.9
45.231.193.171	120.79.244.203	113.173.242.130	65.110.118.170
41.82.1.114	40.117.122.190	115.216.135.2	85.13.2.117