106.13.29.200 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jul 6 16:12:11 server1 sshd\[19831\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.200 user=root Jul 6 16:12:13 server1 sshd\[19831\]: Failed password for root from 106.13.29.200 port 38714 ssh2 Jul 6 16:15:38 server1 sshd\[20842\]: Invalid user jts3 from 106.13.29.200 Jul 6 16:15:39 server1 sshd\[20842\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.200 Jul 6 16:15:41 server1 sshd\[20842\]: Failed password for invalid user jts3 from 106.13.29.200 port 53040 ssh2 ...	2020-07-07 06:33:28
attackbots	2020-07-04T01:13:23.403092shield sshd\[11132\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.200 user=root 2020-07-04T01:13:25.313404shield sshd\[11132\]: Failed password for root from 106.13.29.200 port 52844 ssh2 2020-07-04T01:15:44.223330shield sshd\[11538\]: Invalid user sambaup from 106.13.29.200 port 57594 2020-07-04T01:15:44.227009shield sshd\[11538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.200 2020-07-04T01:15:45.826369shield sshd\[11538\]: Failed password for invalid user sambaup from 106.13.29.200 port 57594 ssh2	2020-07-04 13:56:53
attackbotsspam	2020-06-16T15:09:38.964897homeassistant sshd[5548]: Invalid user aman from 106.13.29.200 port 58472 2020-06-16T15:09:38.971789homeassistant sshd[5548]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.200 ...	2020-06-16 23:30:23
attackspambots	(sshd) Failed SSH login from 106.13.29.200 (CN/China/-): 5 in the last 3600 secs	2020-06-03 17:16:35
attackspam	May 31 11:32:53 h2646465 sshd[660]: Invalid user wei from 106.13.29.200 May 31 11:32:53 h2646465 sshd[660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.200 May 31 11:32:53 h2646465 sshd[660]: Invalid user wei from 106.13.29.200 May 31 11:32:55 h2646465 sshd[660]: Failed password for invalid user wei from 106.13.29.200 port 42856 ssh2 May 31 11:49:01 h2646465 sshd[1738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.200 user=root May 31 11:49:03 h2646465 sshd[1738]: Failed password for root from 106.13.29.200 port 35408 ssh2 May 31 11:51:59 h2646465 sshd[1984]: Invalid user admin from 106.13.29.200 May 31 11:51:59 h2646465 sshd[1984]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.200 May 31 11:51:59 h2646465 sshd[1984]: Invalid user admin from 106.13.29.200 May 31 11:52:01 h2646465 sshd[1984]: Failed password for invalid user admin from 106.13.29.200 por	2020-05-31 18:22:17
attackbots	May 21 22:59:29 haigwepa sshd[16688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.200 May 21 22:59:31 haigwepa sshd[16688]: Failed password for invalid user ihg from 106.13.29.200 port 58792 ssh2 ...	2020-05-22 05:14:14
attackbots	Invalid user guido from 106.13.29.200 port 42502	2020-05-01 13:49:11
attack	Invalid user nw from 106.13.29.200 port 34914	2020-04-25 16:25:44

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.29.92	attack	Oct 11 20:46:26 host1 sshd[1939991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Oct 11 20:46:28 host1 sshd[1939991]: Failed password for root from 106.13.29.92 port 38310 ssh2 Oct 11 20:48:49 host1 sshd[1940182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Oct 11 20:48:51 host1 sshd[1940182]: Failed password for root from 106.13.29.92 port 43866 ssh2 Oct 11 20:51:08 host1 sshd[1940329]: Invalid user patna from 106.13.29.92 port 49420 ...	2020-10-12 02:55:56
106.13.29.92	attackspam	Oct 11 12:41:43 sip sshd[1900837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 Oct 11 12:41:43 sip sshd[1900837]: Invalid user silverline from 106.13.29.92 port 37980 Oct 11 12:41:44 sip sshd[1900837]: Failed password for invalid user silverline from 106.13.29.92 port 37980 ssh2 ...	2020-10-11 18:47:43
106.13.29.92	attackspambots	Oct 8 15:26:02 server sshd[5488]: Failed password for root from 106.13.29.92 port 41186 ssh2 Oct 8 15:44:12 server sshd[15449]: Failed password for root from 106.13.29.92 port 40996 ssh2 Oct 8 15:48:03 server sshd[17361]: Failed password for root from 106.13.29.92 port 55728 ssh2	2020-10-08 22:11:47
106.13.29.92	attackbots	Oct 8 06:16:10 nas sshd[24454]: Failed password for root from 106.13.29.92 port 52612 ssh2 Oct 8 06:21:15 nas sshd[24583]: Failed password for root from 106.13.29.92 port 53776 ssh2 ...	2020-10-08 14:05:41
106.13.29.92	attackbots	Sep 26 17:20:18 santamaria sshd\[8452\]: Invalid user kbe from 106.13.29.92 Sep 26 17:20:18 santamaria sshd\[8452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 Sep 26 17:20:20 santamaria sshd\[8452\]: Failed password for invalid user kbe from 106.13.29.92 port 39212 ssh2 ...	2020-09-26 23:48:31
106.13.29.92	attack	(sshd) Failed SSH login from 106.13.29.92 (CN/China/-): 5 in the last 3600 secs	2020-09-26 15:39:49
106.13.29.92	attackbotsspam	Aug 28 19:31:23 h2829583 sshd[31484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92	2020-08-29 04:00:17
106.13.29.92	attackbotsspam	Aug 25 21:49:02 ns382633 sshd\[1956\]: Invalid user student from 106.13.29.92 port 52190 Aug 25 21:49:02 ns382633 sshd\[1956\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 Aug 25 21:49:04 ns382633 sshd\[1956\]: Failed password for invalid user student from 106.13.29.92 port 52190 ssh2 Aug 25 21:59:47 ns382633 sshd\[3592\]: Invalid user ubuntu from 106.13.29.92 port 41598 Aug 25 21:59:47 ns382633 sshd\[3592\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92	2020-08-26 07:07:16
106.13.29.92	attackbots	Aug 25 20:41:09 itv-usvr-02 sshd[31153]: Invalid user cyn from 106.13.29.92 port 58054 Aug 25 20:41:09 itv-usvr-02 sshd[31153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 Aug 25 20:41:09 itv-usvr-02 sshd[31153]: Invalid user cyn from 106.13.29.92 port 58054 Aug 25 20:41:11 itv-usvr-02 sshd[31153]: Failed password for invalid user cyn from 106.13.29.92 port 58054 ssh2 Aug 25 20:50:09 itv-usvr-02 sshd[31519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Aug 25 20:50:10 itv-usvr-02 sshd[31519]: Failed password for root from 106.13.29.92 port 40918 ssh2	2020-08-25 22:44:53
106.13.29.92	attack	$f2bV_matches	2020-08-20 21:07:18
106.13.29.92	attackbotsspam	Aug 15 22:42:46 abendstille sshd\[21864\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Aug 15 22:42:49 abendstille sshd\[21864\]: Failed password for root from 106.13.29.92 port 60320 ssh2 Aug 15 22:44:52 abendstille sshd\[23719\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Aug 15 22:44:54 abendstille sshd\[23719\]: Failed password for root from 106.13.29.92 port 33326 ssh2 Aug 15 22:46:54 abendstille sshd\[25727\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root ...	2020-08-16 04:58:16
106.13.29.92	attackspambots	Aug 1 12:20:50 mout sshd[14126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Aug 1 12:20:52 mout sshd[14126]: Failed password for root from 106.13.29.92 port 44218 ssh2	2020-08-01 18:26:23
106.13.29.92	attackbots	Invalid user MYUSER from 106.13.29.92 port 35020	2020-07-31 14:40:37
106.13.29.92	attackbotsspam	Invalid user MYUSER from 106.13.29.92 port 35020	2020-07-29 15:28:52
106.13.29.92	attackbotsspam	SSH Brute-Force reported by Fail2Ban	2020-07-18 13:18:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.29.200
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54647
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.29.200.			IN	A

;; AUTHORITY SECTION:
.			407	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042500 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 25 16:25:40 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 200.29.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 200.29.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
123.59.213.68	attackspambots	Jul 19 19:48:45 mail sshd\[14597\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.59.213.68 user=mysql Jul 19 19:48:47 mail sshd\[14597\]: Failed password for mysql from 123.59.213.68 port 48686 ssh2 Jul 19 19:55:06 mail sshd\[14705\]: Invalid user jhonny from 123.59.213.68 Jul 19 19:55:06 mail sshd\[14705\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.59.213.68 Jul 19 19:55:08 mail sshd\[14705\]: Failed password for invalid user jhonny from 123.59.213.68 port 59810 ssh2 ...	2020-07-20 04:39:50
128.14.180.70	attackspambots	1900/udp 1900/udp 1900/udp... [2020-07-07/19]21pkt,1pt.(udp)	2020-07-20 04:55:38
178.35.177.138	attackbotsspam	Automatic report - Banned IP Access	2020-07-20 04:51:07
200.117.143.26	attackspambots	TCP (SYN) 200.117.143.26:1766 -> port 23, len 44	2020-07-20 04:38:34
222.186.42.13	attackspambots	TCP (SYN) 222.186.42.13:9090 -> port 22, len 44	2020-07-20 04:48:05
37.192.20.22	attackspam	Unauthorized connection attempt detected from IP address 37.192.20.22 to port 23 [T]	2020-07-20 04:45:53
49.245.105.4	attackspambots	2020-07-19T19:52:01.983229abusebot-4.cloudsearch.cf sshd[27784]: Invalid user git from 49.245.105.4 port 53336 2020-07-19T19:52:01.990729abusebot-4.cloudsearch.cf sshd[27784]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.245.105.4 2020-07-19T19:52:01.983229abusebot-4.cloudsearch.cf sshd[27784]: Invalid user git from 49.245.105.4 port 53336 2020-07-19T19:52:03.929721abusebot-4.cloudsearch.cf sshd[27784]: Failed password for invalid user git from 49.245.105.4 port 53336 ssh2 2020-07-19T19:57:11.077736abusebot-4.cloudsearch.cf sshd[27790]: Invalid user nagios from 49.245.105.4 port 49612 2020-07-19T19:57:11.087047abusebot-4.cloudsearch.cf sshd[27790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.245.105.4 2020-07-19T19:57:11.077736abusebot-4.cloudsearch.cf sshd[27790]: Invalid user nagios from 49.245.105.4 port 49612 2020-07-19T19:57:12.915631abusebot-4.cloudsearch.cf sshd[27790]: Failed password f ...	2020-07-20 05:02:50
139.162.106.178	attack	TCP (SYN) 139.162.106.178:51392 -> port 23, len 44	2020-07-20 04:56:52
129.204.203.218	attack	Jul 19 22:22:52 debian-2gb-nbg1-2 kernel: \[17448715.494084\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=129.204.203.218 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=6980 PROTO=TCP SPT=52999 DPT=26291 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-20 04:37:09
192.35.168.204	attackbotsspam	Fail2Ban Ban Triggered	2020-07-20 05:10:42
187.170.151.188	attackbotsspam	Lines containing failures of 187.170.151.188 Jul 19 18:00:03 shared11 sshd[19054]: Invalid user start from 187.170.151.188 port 40354 Jul 19 18:00:03 shared11 sshd[19054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.170.151.188 Jul 19 18:00:04 shared11 sshd[19054]: Failed password for invalid user start from 187.170.151.188 port 40354 ssh2 Jul 19 18:00:05 shared11 sshd[19054]: Received disconnect from 187.170.151.188 port 40354:11: Bye Bye [preauth] Jul 19 18:00:05 shared11 sshd[19054]: Disconnected from invalid user start 187.170.151.188 port 40354 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=187.170.151.188	2020-07-20 04:49:27
186.4.151.103	attackspambots	445/tcp 1433/tcp... [2020-06-08/07-19]4pkt,2pt.(tcp)	2020-07-20 04:46:48
118.186.2.211	attack	1433/tcp 1433/tcp 1433/tcp... [2020-05-21/07-19]7pkt,1pt.(tcp)	2020-07-20 05:05:38
218.92.0.178	attackspambots	Unauthorized access on Port 22 [ssh]	2020-07-20 05:01:00
193.228.91.109	attackspambots	Jul 19 20:32:43 ssh2 sshd[91337]: Connection from 193.228.91.109 port 53772 on 192.240.101.3 port 22 Jul 19 20:32:47 ssh2 sshd[91337]: User root from 193.228.91.109 not allowed because not listed in AllowUsers Jul 19 20:32:47 ssh2 sshd[91337]: Failed password for invalid user root from 193.228.91.109 port 53772 ssh2 ...	2020-07-20 04:46:25

最近上报的IP列表

190.72.232.14	45.58.138.242	114.237.188.89	178.184.50.174
106.201.61.13	13.48.206.212	115.124.71.110	187.177.32.99
47.6.141.153	159.0.247.33	109.238.215.116	36.48.145.134
94.102.50.151	169.56.8.196	14.135.120.19	45.9.188.145
211.110.154.227	78.149.219.252	77.220.204.135	49.176.147.156