106.13.29.200 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jul 6 16:12:11 server1 sshd\[19831\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.200 user=root Jul 6 16:12:13 server1 sshd\[19831\]: Failed password for root from 106.13.29.200 port 38714 ssh2 Jul 6 16:15:38 server1 sshd\[20842\]: Invalid user jts3 from 106.13.29.200 Jul 6 16:15:39 server1 sshd\[20842\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.200 Jul 6 16:15:41 server1 sshd\[20842\]: Failed password for invalid user jts3 from 106.13.29.200 port 53040 ssh2 ...	2020-07-07 06:33:28
attackbots	2020-07-04T01:13:23.403092shield sshd\[11132\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.200 user=root 2020-07-04T01:13:25.313404shield sshd\[11132\]: Failed password for root from 106.13.29.200 port 52844 ssh2 2020-07-04T01:15:44.223330shield sshd\[11538\]: Invalid user sambaup from 106.13.29.200 port 57594 2020-07-04T01:15:44.227009shield sshd\[11538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.200 2020-07-04T01:15:45.826369shield sshd\[11538\]: Failed password for invalid user sambaup from 106.13.29.200 port 57594 ssh2	2020-07-04 13:56:53
attackbotsspam	2020-06-16T15:09:38.964897homeassistant sshd[5548]: Invalid user aman from 106.13.29.200 port 58472 2020-06-16T15:09:38.971789homeassistant sshd[5548]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.200 ...	2020-06-16 23:30:23
attackspambots	(sshd) Failed SSH login from 106.13.29.200 (CN/China/-): 5 in the last 3600 secs	2020-06-03 17:16:35
attackspam	May 31 11:32:53 h2646465 sshd[660]: Invalid user wei from 106.13.29.200 May 31 11:32:53 h2646465 sshd[660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.200 May 31 11:32:53 h2646465 sshd[660]: Invalid user wei from 106.13.29.200 May 31 11:32:55 h2646465 sshd[660]: Failed password for invalid user wei from 106.13.29.200 port 42856 ssh2 May 31 11:49:01 h2646465 sshd[1738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.200 user=root May 31 11:49:03 h2646465 sshd[1738]: Failed password for root from 106.13.29.200 port 35408 ssh2 May 31 11:51:59 h2646465 sshd[1984]: Invalid user admin from 106.13.29.200 May 31 11:51:59 h2646465 sshd[1984]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.200 May 31 11:51:59 h2646465 sshd[1984]: Invalid user admin from 106.13.29.200 May 31 11:52:01 h2646465 sshd[1984]: Failed password for invalid user admin from 106.13.29.200 por	2020-05-31 18:22:17
attackbots	May 21 22:59:29 haigwepa sshd[16688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.200 May 21 22:59:31 haigwepa sshd[16688]: Failed password for invalid user ihg from 106.13.29.200 port 58792 ssh2 ...	2020-05-22 05:14:14
attackbots	Invalid user guido from 106.13.29.200 port 42502	2020-05-01 13:49:11
attack	Invalid user nw from 106.13.29.200 port 34914	2020-04-25 16:25:44

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.29.92	attack	Oct 11 20:46:26 host1 sshd[1939991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Oct 11 20:46:28 host1 sshd[1939991]: Failed password for root from 106.13.29.92 port 38310 ssh2 Oct 11 20:48:49 host1 sshd[1940182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Oct 11 20:48:51 host1 sshd[1940182]: Failed password for root from 106.13.29.92 port 43866 ssh2 Oct 11 20:51:08 host1 sshd[1940329]: Invalid user patna from 106.13.29.92 port 49420 ...	2020-10-12 02:55:56
106.13.29.92	attackspam	Oct 11 12:41:43 sip sshd[1900837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 Oct 11 12:41:43 sip sshd[1900837]: Invalid user silverline from 106.13.29.92 port 37980 Oct 11 12:41:44 sip sshd[1900837]: Failed password for invalid user silverline from 106.13.29.92 port 37980 ssh2 ...	2020-10-11 18:47:43
106.13.29.92	attackspambots	Oct 8 15:26:02 server sshd[5488]: Failed password for root from 106.13.29.92 port 41186 ssh2 Oct 8 15:44:12 server sshd[15449]: Failed password for root from 106.13.29.92 port 40996 ssh2 Oct 8 15:48:03 server sshd[17361]: Failed password for root from 106.13.29.92 port 55728 ssh2	2020-10-08 22:11:47
106.13.29.92	attackbots	Oct 8 06:16:10 nas sshd[24454]: Failed password for root from 106.13.29.92 port 52612 ssh2 Oct 8 06:21:15 nas sshd[24583]: Failed password for root from 106.13.29.92 port 53776 ssh2 ...	2020-10-08 14:05:41
106.13.29.92	attackbots	Sep 26 17:20:18 santamaria sshd\[8452\]: Invalid user kbe from 106.13.29.92 Sep 26 17:20:18 santamaria sshd\[8452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 Sep 26 17:20:20 santamaria sshd\[8452\]: Failed password for invalid user kbe from 106.13.29.92 port 39212 ssh2 ...	2020-09-26 23:48:31
106.13.29.92	attack	(sshd) Failed SSH login from 106.13.29.92 (CN/China/-): 5 in the last 3600 secs	2020-09-26 15:39:49
106.13.29.92	attackbotsspam	Aug 28 19:31:23 h2829583 sshd[31484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92	2020-08-29 04:00:17
106.13.29.92	attackbotsspam	Aug 25 21:49:02 ns382633 sshd\[1956\]: Invalid user student from 106.13.29.92 port 52190 Aug 25 21:49:02 ns382633 sshd\[1956\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 Aug 25 21:49:04 ns382633 sshd\[1956\]: Failed password for invalid user student from 106.13.29.92 port 52190 ssh2 Aug 25 21:59:47 ns382633 sshd\[3592\]: Invalid user ubuntu from 106.13.29.92 port 41598 Aug 25 21:59:47 ns382633 sshd\[3592\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92	2020-08-26 07:07:16
106.13.29.92	attackbots	Aug 25 20:41:09 itv-usvr-02 sshd[31153]: Invalid user cyn from 106.13.29.92 port 58054 Aug 25 20:41:09 itv-usvr-02 sshd[31153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 Aug 25 20:41:09 itv-usvr-02 sshd[31153]: Invalid user cyn from 106.13.29.92 port 58054 Aug 25 20:41:11 itv-usvr-02 sshd[31153]: Failed password for invalid user cyn from 106.13.29.92 port 58054 ssh2 Aug 25 20:50:09 itv-usvr-02 sshd[31519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Aug 25 20:50:10 itv-usvr-02 sshd[31519]: Failed password for root from 106.13.29.92 port 40918 ssh2	2020-08-25 22:44:53
106.13.29.92	attack	$f2bV_matches	2020-08-20 21:07:18
106.13.29.92	attackbotsspam	Aug 15 22:42:46 abendstille sshd\[21864\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Aug 15 22:42:49 abendstille sshd\[21864\]: Failed password for root from 106.13.29.92 port 60320 ssh2 Aug 15 22:44:52 abendstille sshd\[23719\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Aug 15 22:44:54 abendstille sshd\[23719\]: Failed password for root from 106.13.29.92 port 33326 ssh2 Aug 15 22:46:54 abendstille sshd\[25727\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root ...	2020-08-16 04:58:16
106.13.29.92	attackspambots	Aug 1 12:20:50 mout sshd[14126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Aug 1 12:20:52 mout sshd[14126]: Failed password for root from 106.13.29.92 port 44218 ssh2	2020-08-01 18:26:23
106.13.29.92	attackbots	Invalid user MYUSER from 106.13.29.92 port 35020	2020-07-31 14:40:37
106.13.29.92	attackbotsspam	Invalid user MYUSER from 106.13.29.92 port 35020	2020-07-29 15:28:52
106.13.29.92	attackbotsspam	SSH Brute-Force reported by Fail2Ban	2020-07-18 13:18:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.29.200
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54647
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.29.200.			IN	A

;; AUTHORITY SECTION:
.			407	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042500 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 25 16:25:40 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 200.29.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 200.29.13.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
52.71.205.120	attack	[portscan] tcp/81 [alter-web/web-proxy] *(RWIN=43521)(04301449)	2020-05-01 00:53:48
71.6.231.83	attackbotsspam	[portscan] tcp/22 [SSH] *(RWIN=65535)(04301449)	2020-05-01 00:22:32
114.95.168.80	attackbots	[portscan] tcp/1433 [MsSQL] *(RWIN=1024)(04301449)	2020-05-01 00:14:57
54.91.82.218	attackbots	[portscan] tcp/81 [alter-web/web-proxy] *(RWIN=43521)(04301449)	2020-05-01 00:24:43
219.129.237.188	attack	[MySQL inject/portscan] tcp/3306 *(RWIN=16384)(04301449)	2020-05-01 00:31:41
104.211.13.242	attack	[portscan] tcp/3389 [MS RDP] *(RWIN=1024)(04301449)	2020-05-01 00:18:20
128.74.131.113	attackbotsspam	" "	2020-05-01 00:42:59
86.164.69.27	attack	Unauthorized connection attempt detected from IP address 86.164.69.27 to port 23	2020-05-01 00:51:41
134.175.228.42	attack	[portscan] tcp/3389 [MS RDP] *(RWIN=1024)(04301449)	2020-05-01 00:12:19
112.195.205.233	attackbots	[portscan] tcp/23 [TELNET] *(RWIN=59089)(04301449)	2020-05-01 00:16:16
51.255.109.174	attack	[portscan] udp/1900 [ssdp] *(RWIN=-)(04301449)	2020-05-01 00:25:25
112.115.107.94	attackbotsspam	[portscan] tcp/1433 [MsSQL] *(RWIN=16384)(04301449)	2020-05-01 00:16:53
45.95.169.249	attackbotsspam	Attempted to connect 2 times to port 22 TCP	2020-05-01 00:27:58
118.243.61.146	attackbots	1588254873 - 04/30/2020 15:54:33 Host: 118.243.61.146/118.243.61.146 Port: 445 TCP Blocked	2020-05-01 00:45:20
182.129.252.237	attack	[portscan] tcp/1433 [MsSQL] *(RWIN=1024)(04301449)	2020-05-01 00:38:06

最近上报的IP列表

190.72.232.14	45.58.138.242	114.237.188.89	178.184.50.174
106.201.61.13	13.48.206.212	115.124.71.110	187.177.32.99
47.6.141.153	159.0.247.33	109.238.215.116	36.48.145.134
94.102.50.151	169.56.8.196	14.135.120.19	45.9.188.145
211.110.154.227	78.149.219.252	77.220.204.135	49.176.147.156