106.13.29.5 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-06-27T06:48:11.902079MailD postfix/smtpd[21385]: warning: unknown[106.13.29.5]: SASL LOGIN authentication failed: authentication failure 2020-06-27T06:48:14.586337MailD postfix/smtpd[21343]: warning: unknown[106.13.29.5]: SASL LOGIN authentication failed: authentication failure 2020-06-27T06:48:16.531646MailD postfix/smtpd[21385]: warning: unknown[106.13.29.5]: SASL LOGIN authentication failed: authentication failure	2020-06-27 13:36:19
attackspambots	2019-12-26 dovecot_login authenticator failed for \(REMOVED\) \[106.13.29.5\]: 535 Incorrect authentication data \(set_id=nologin\) 2019-12-26 dovecot_login authenticator failed for \(REMOVED\) \[106.13.29.5\]: 535 Incorrect authentication data \(set_id=info@REMOVED\) 2019-12-26 dovecot_login authenticator failed for \(REMOVED\) \[106.13.29.5\]: 535 Incorrect authentication data \(set_id=info\)	2019-12-27 02:47:25

类型

评论内容

时间

attack

2020-06-27T06:48:11.902079MailD postfix/smtpd[21385]: warning: unknown[106.13.29.5]: SASL LOGIN authentication failed: authentication failure
2020-06-27T06:48:14.586337MailD postfix/smtpd[21343]: warning: unknown[106.13.29.5]: SASL LOGIN authentication failed: authentication failure
2020-06-27T06:48:16.531646MailD postfix/smtpd[21385]: warning: unknown[106.13.29.5]: SASL LOGIN authentication failed: authentication failure

2020-06-27 13:36:19

attackspambots

2019-12-26 dovecot_login authenticator failed for \(**REMOVED**\) \[106.13.29.5\]: 535 Incorrect authentication data \(set_id=nologin\)
2019-12-26 dovecot_login authenticator failed for \(**REMOVED**\) \[106.13.29.5\]: 535 Incorrect authentication data \(set_id=info@**REMOVED**\)
2019-12-26 dovecot_login authenticator failed for \(**REMOVED**\) \[106.13.29.5\]: 535 Incorrect authentication data \(set_id=info\)

2019-12-27 02:47:25

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.29.92	attack	Oct 11 20:46:26 host1 sshd[1939991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Oct 11 20:46:28 host1 sshd[1939991]: Failed password for root from 106.13.29.92 port 38310 ssh2 Oct 11 20:48:49 host1 sshd[1940182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Oct 11 20:48:51 host1 sshd[1940182]: Failed password for root from 106.13.29.92 port 43866 ssh2 Oct 11 20:51:08 host1 sshd[1940329]: Invalid user patna from 106.13.29.92 port 49420 ...	2020-10-12 02:55:56
106.13.29.92	attackspam	Oct 11 12:41:43 sip sshd[1900837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 Oct 11 12:41:43 sip sshd[1900837]: Invalid user silverline from 106.13.29.92 port 37980 Oct 11 12:41:44 sip sshd[1900837]: Failed password for invalid user silverline from 106.13.29.92 port 37980 ssh2 ...	2020-10-11 18:47:43
106.13.29.92	attackspambots	Oct 8 15:26:02 server sshd[5488]: Failed password for root from 106.13.29.92 port 41186 ssh2 Oct 8 15:44:12 server sshd[15449]: Failed password for root from 106.13.29.92 port 40996 ssh2 Oct 8 15:48:03 server sshd[17361]: Failed password for root from 106.13.29.92 port 55728 ssh2	2020-10-08 22:11:47
106.13.29.92	attackbots	Oct 8 06:16:10 nas sshd[24454]: Failed password for root from 106.13.29.92 port 52612 ssh2 Oct 8 06:21:15 nas sshd[24583]: Failed password for root from 106.13.29.92 port 53776 ssh2 ...	2020-10-08 14:05:41
106.13.29.92	attackbots	Sep 26 17:20:18 santamaria sshd\[8452\]: Invalid user kbe from 106.13.29.92 Sep 26 17:20:18 santamaria sshd\[8452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 Sep 26 17:20:20 santamaria sshd\[8452\]: Failed password for invalid user kbe from 106.13.29.92 port 39212 ssh2 ...	2020-09-26 23:48:31
106.13.29.92	attack	(sshd) Failed SSH login from 106.13.29.92 (CN/China/-): 5 in the last 3600 secs	2020-09-26 15:39:49
106.13.29.92	attackbotsspam	Aug 28 19:31:23 h2829583 sshd[31484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92	2020-08-29 04:00:17
106.13.29.92	attackbotsspam	Aug 25 21:49:02 ns382633 sshd\[1956\]: Invalid user student from 106.13.29.92 port 52190 Aug 25 21:49:02 ns382633 sshd\[1956\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 Aug 25 21:49:04 ns382633 sshd\[1956\]: Failed password for invalid user student from 106.13.29.92 port 52190 ssh2 Aug 25 21:59:47 ns382633 sshd\[3592\]: Invalid user ubuntu from 106.13.29.92 port 41598 Aug 25 21:59:47 ns382633 sshd\[3592\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92	2020-08-26 07:07:16
106.13.29.92	attackbots	Aug 25 20:41:09 itv-usvr-02 sshd[31153]: Invalid user cyn from 106.13.29.92 port 58054 Aug 25 20:41:09 itv-usvr-02 sshd[31153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 Aug 25 20:41:09 itv-usvr-02 sshd[31153]: Invalid user cyn from 106.13.29.92 port 58054 Aug 25 20:41:11 itv-usvr-02 sshd[31153]: Failed password for invalid user cyn from 106.13.29.92 port 58054 ssh2 Aug 25 20:50:09 itv-usvr-02 sshd[31519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Aug 25 20:50:10 itv-usvr-02 sshd[31519]: Failed password for root from 106.13.29.92 port 40918 ssh2	2020-08-25 22:44:53
106.13.29.92	attack	$f2bV_matches	2020-08-20 21:07:18
106.13.29.92	attackbotsspam	Aug 15 22:42:46 abendstille sshd\[21864\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Aug 15 22:42:49 abendstille sshd\[21864\]: Failed password for root from 106.13.29.92 port 60320 ssh2 Aug 15 22:44:52 abendstille sshd\[23719\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Aug 15 22:44:54 abendstille sshd\[23719\]: Failed password for root from 106.13.29.92 port 33326 ssh2 Aug 15 22:46:54 abendstille sshd\[25727\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root ...	2020-08-16 04:58:16
106.13.29.92	attackspambots	Aug 1 12:20:50 mout sshd[14126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Aug 1 12:20:52 mout sshd[14126]: Failed password for root from 106.13.29.92 port 44218 ssh2	2020-08-01 18:26:23
106.13.29.92	attackbots	Invalid user MYUSER from 106.13.29.92 port 35020	2020-07-31 14:40:37
106.13.29.92	attackbotsspam	Invalid user MYUSER from 106.13.29.92 port 35020	2020-07-29 15:28:52
106.13.29.92	attackbotsspam	SSH Brute-Force reported by Fail2Ban	2020-07-18 13:18:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.29.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24207
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.29.5.			IN	A

;; AUTHORITY SECTION:
.			429	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122600 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 27 02:47:21 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 5.29.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 5.29.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.255.173.245	attackbots	Oct 5 07:57:08 jane sshd[16049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.173.245 Oct 5 07:57:10 jane sshd[16049]: Failed password for invalid user P4ssw0rd@2016 from 51.255.173.245 port 56484 ssh2 ...	2019-10-05 14:24:52
54.38.241.162	attack	Oct 5 06:10:02 SilenceServices sshd[12923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.241.162 Oct 5 06:10:04 SilenceServices sshd[12923]: Failed password for invalid user P@$$w0rt_111 from 54.38.241.162 port 44302 ssh2 Oct 5 06:17:56 SilenceServices sshd[15072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.241.162	2019-10-05 14:03:53
119.29.104.238	attackbotsspam	2019-10-05T01:49:01.0454811495-001 sshd\[59445\]: Failed password for root from 119.29.104.238 port 50368 ssh2 2019-10-05T02:02:47.5503591495-001 sshd\[60435\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.104.238 user=root 2019-10-05T02:02:49.1523351495-001 sshd\[60435\]: Failed password for root from 119.29.104.238 port 36512 ssh2 2019-10-05T02:07:26.7339401495-001 sshd\[60798\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.104.238 user=root 2019-10-05T02:07:28.6378401495-001 sshd\[60798\]: Failed password for root from 119.29.104.238 port 41304 ssh2 2019-10-05T02:12:10.6505491495-001 sshd\[61071\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.104.238 user=root ...	2019-10-05 14:30:37
93.174.93.171	attack	10/04/2019-23:53:44.662665 93.174.93.171 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-05 14:13:24
49.68.95.106	attackspam	Email spam message	2019-10-05 14:04:45
62.234.86.83	attackspam	Oct 5 01:42:16 xtremcommunity sshd\[194900\]: Invalid user Hotdog@2017 from 62.234.86.83 port 54575 Oct 5 01:42:16 xtremcommunity sshd\[194900\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.86.83 Oct 5 01:42:17 xtremcommunity sshd\[194900\]: Failed password for invalid user Hotdog@2017 from 62.234.86.83 port 54575 ssh2 Oct 5 01:46:48 xtremcommunity sshd\[194962\]: Invalid user QWERTASDFG from 62.234.86.83 port 42643 Oct 5 01:46:48 xtremcommunity sshd\[194962\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.86.83 ...	2019-10-05 13:59:48
190.16.230.50	attackbotsspam	$f2bV_matches	2019-10-05 14:05:10
129.204.126.140	attack	SSH brutforce	2019-10-05 14:01:03
185.176.27.50	attackbotsspam	10/05/2019-07:15:47.663593 185.176.27.50 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-05 14:31:56
40.73.65.160	attack	ssh failed login	2019-10-05 14:27:34
51.83.46.178	attack	Oct 5 08:14:49 meumeu sshd[24278]: Failed password for root from 51.83.46.178 port 44826 ssh2 Oct 5 08:18:46 meumeu sshd[24808]: Failed password for root from 51.83.46.178 port 57020 ssh2 ...	2019-10-05 14:25:49
106.13.32.70	attackbotsspam	Oct 5 07:45:34 localhost sshd\[24094\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.32.70 user=root Oct 5 07:45:35 localhost sshd\[24094\]: Failed password for root from 106.13.32.70 port 47978 ssh2 Oct 5 07:50:14 localhost sshd\[24583\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.32.70 user=root	2019-10-05 14:17:38
97.74.6.64	attackspambots	xmlrpc attack	2019-10-05 14:18:50
121.138.213.2	attackbots	Oct 5 06:21:31 game-panel sshd[22335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.138.213.2 Oct 5 06:21:32 game-panel sshd[22335]: Failed password for invalid user Kitty2017 from 121.138.213.2 port 39269 ssh2 Oct 5 06:25:53 game-panel sshd[22613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.138.213.2	2019-10-05 14:26:56
183.134.65.22	attackbotsspam	$f2bV_matches	2019-10-05 14:15:35

最近上报的IP列表

46.101.191.133	82.194.17.106	62.33.211.129	31.184.197.10
253.215.119.43	37.200.99.65	66.27.166.108	195.250.94.143
217.33.18.99	82.229.224.19	46.253.252.162	197.41.236.121
173.244.149.103	192.171.248.0	222.97.62.233	106.168.81.168
71.196.219.187	105.80.75.157	216.228.210.12	166.131.142.209