106.13.29.5 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-06-27T06:48:11.902079MailD postfix/smtpd[21385]: warning: unknown[106.13.29.5]: SASL LOGIN authentication failed: authentication failure 2020-06-27T06:48:14.586337MailD postfix/smtpd[21343]: warning: unknown[106.13.29.5]: SASL LOGIN authentication failed: authentication failure 2020-06-27T06:48:16.531646MailD postfix/smtpd[21385]: warning: unknown[106.13.29.5]: SASL LOGIN authentication failed: authentication failure	2020-06-27 13:36:19
attackspambots	2019-12-26 dovecot_login authenticator failed for \(REMOVED\) \[106.13.29.5\]: 535 Incorrect authentication data \(set_id=nologin\) 2019-12-26 dovecot_login authenticator failed for \(REMOVED\) \[106.13.29.5\]: 535 Incorrect authentication data \(set_id=info@REMOVED\) 2019-12-26 dovecot_login authenticator failed for \(REMOVED\) \[106.13.29.5\]: 535 Incorrect authentication data \(set_id=info\)	2019-12-27 02:47:25

类型

评论内容

时间

attack

2020-06-27T06:48:11.902079MailD postfix/smtpd[21385]: warning: unknown[106.13.29.5]: SASL LOGIN authentication failed: authentication failure
2020-06-27T06:48:14.586337MailD postfix/smtpd[21343]: warning: unknown[106.13.29.5]: SASL LOGIN authentication failed: authentication failure
2020-06-27T06:48:16.531646MailD postfix/smtpd[21385]: warning: unknown[106.13.29.5]: SASL LOGIN authentication failed: authentication failure

2020-06-27 13:36:19

attackspambots

2019-12-26 dovecot_login authenticator failed for \(**REMOVED**\) \[106.13.29.5\]: 535 Incorrect authentication data \(set_id=nologin\)
2019-12-26 dovecot_login authenticator failed for \(**REMOVED**\) \[106.13.29.5\]: 535 Incorrect authentication data \(set_id=info@**REMOVED**\)
2019-12-26 dovecot_login authenticator failed for \(**REMOVED**\) \[106.13.29.5\]: 535 Incorrect authentication data \(set_id=info\)

2019-12-27 02:47:25

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.29.92	attack	Oct 11 20:46:26 host1 sshd[1939991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Oct 11 20:46:28 host1 sshd[1939991]: Failed password for root from 106.13.29.92 port 38310 ssh2 Oct 11 20:48:49 host1 sshd[1940182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Oct 11 20:48:51 host1 sshd[1940182]: Failed password for root from 106.13.29.92 port 43866 ssh2 Oct 11 20:51:08 host1 sshd[1940329]: Invalid user patna from 106.13.29.92 port 49420 ...	2020-10-12 02:55:56
106.13.29.92	attackspam	Oct 11 12:41:43 sip sshd[1900837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 Oct 11 12:41:43 sip sshd[1900837]: Invalid user silverline from 106.13.29.92 port 37980 Oct 11 12:41:44 sip sshd[1900837]: Failed password for invalid user silverline from 106.13.29.92 port 37980 ssh2 ...	2020-10-11 18:47:43
106.13.29.92	attackspambots	Oct 8 15:26:02 server sshd[5488]: Failed password for root from 106.13.29.92 port 41186 ssh2 Oct 8 15:44:12 server sshd[15449]: Failed password for root from 106.13.29.92 port 40996 ssh2 Oct 8 15:48:03 server sshd[17361]: Failed password for root from 106.13.29.92 port 55728 ssh2	2020-10-08 22:11:47
106.13.29.92	attackbots	Oct 8 06:16:10 nas sshd[24454]: Failed password for root from 106.13.29.92 port 52612 ssh2 Oct 8 06:21:15 nas sshd[24583]: Failed password for root from 106.13.29.92 port 53776 ssh2 ...	2020-10-08 14:05:41
106.13.29.92	attackbots	Sep 26 17:20:18 santamaria sshd\[8452\]: Invalid user kbe from 106.13.29.92 Sep 26 17:20:18 santamaria sshd\[8452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 Sep 26 17:20:20 santamaria sshd\[8452\]: Failed password for invalid user kbe from 106.13.29.92 port 39212 ssh2 ...	2020-09-26 23:48:31
106.13.29.92	attack	(sshd) Failed SSH login from 106.13.29.92 (CN/China/-): 5 in the last 3600 secs	2020-09-26 15:39:49
106.13.29.92	attackbotsspam	Aug 28 19:31:23 h2829583 sshd[31484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92	2020-08-29 04:00:17
106.13.29.92	attackbotsspam	Aug 25 21:49:02 ns382633 sshd\[1956\]: Invalid user student from 106.13.29.92 port 52190 Aug 25 21:49:02 ns382633 sshd\[1956\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 Aug 25 21:49:04 ns382633 sshd\[1956\]: Failed password for invalid user student from 106.13.29.92 port 52190 ssh2 Aug 25 21:59:47 ns382633 sshd\[3592\]: Invalid user ubuntu from 106.13.29.92 port 41598 Aug 25 21:59:47 ns382633 sshd\[3592\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92	2020-08-26 07:07:16
106.13.29.92	attackbots	Aug 25 20:41:09 itv-usvr-02 sshd[31153]: Invalid user cyn from 106.13.29.92 port 58054 Aug 25 20:41:09 itv-usvr-02 sshd[31153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 Aug 25 20:41:09 itv-usvr-02 sshd[31153]: Invalid user cyn from 106.13.29.92 port 58054 Aug 25 20:41:11 itv-usvr-02 sshd[31153]: Failed password for invalid user cyn from 106.13.29.92 port 58054 ssh2 Aug 25 20:50:09 itv-usvr-02 sshd[31519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Aug 25 20:50:10 itv-usvr-02 sshd[31519]: Failed password for root from 106.13.29.92 port 40918 ssh2	2020-08-25 22:44:53
106.13.29.92	attack	$f2bV_matches	2020-08-20 21:07:18
106.13.29.92	attackbotsspam	Aug 15 22:42:46 abendstille sshd\[21864\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Aug 15 22:42:49 abendstille sshd\[21864\]: Failed password for root from 106.13.29.92 port 60320 ssh2 Aug 15 22:44:52 abendstille sshd\[23719\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Aug 15 22:44:54 abendstille sshd\[23719\]: Failed password for root from 106.13.29.92 port 33326 ssh2 Aug 15 22:46:54 abendstille sshd\[25727\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root ...	2020-08-16 04:58:16
106.13.29.92	attackspambots	Aug 1 12:20:50 mout sshd[14126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=root Aug 1 12:20:52 mout sshd[14126]: Failed password for root from 106.13.29.92 port 44218 ssh2	2020-08-01 18:26:23
106.13.29.92	attackbots	Invalid user MYUSER from 106.13.29.92 port 35020	2020-07-31 14:40:37
106.13.29.92	attackbotsspam	Invalid user MYUSER from 106.13.29.92 port 35020	2020-07-29 15:28:52
106.13.29.92	attackbotsspam	SSH Brute-Force reported by Fail2Ban	2020-07-18 13:18:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.29.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24207
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.29.5.			IN	A

;; AUTHORITY SECTION:
.			429	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122600 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 27 02:47:21 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 5.29.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 5.29.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
146.185.202.137	attackbots	B: Magento admin pass test (wrong country)	2019-11-06 19:59:01
146.66.244.246	attack	5x Failed Password	2019-11-06 20:16:39
139.199.6.107	attack	Nov 5 15:30:35 server sshd\[9110\]: Failed password for invalid user arash from 139.199.6.107 port 56353 ssh2 Nov 6 10:03:19 server sshd\[1502\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.6.107 user=root Nov 6 10:03:21 server sshd\[1502\]: Failed password for root from 139.199.6.107 port 47939 ssh2 Nov 6 10:32:34 server sshd\[9669\]: Invalid user cloudadmin from 139.199.6.107 Nov 6 10:32:34 server sshd\[9669\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.6.107 ...	2019-11-06 20:23:04
183.230.93.59	attackbots	Nov 6 08:30:58 v22018086721571380 sshd[11165]: Failed password for invalid user icinga from 183.230.93.59 port 40606 ssh2 Nov 6 09:34:21 v22018086721571380 sshd[12714]: Failed password for invalid user 123qwe15 from 183.230.93.59 port 40402 ssh2	2019-11-06 20:22:42
35.199.154.128	attackspam	Nov 6 11:31:10 zooi sshd[24771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.199.154.128 Nov 6 11:31:12 zooi sshd[24771]: Failed password for invalid user data from 35.199.154.128 port 56716 ssh2 ...	2019-11-06 19:57:17
51.91.212.79	attack	Connection by 51.91.212.79 on port: 1025 got caught by honeypot at 11/6/2019 10:55:07 AM	2019-11-06 19:59:16
51.89.41.85	attackspam	CloudCIX Reconnaissance Scan Detected, PTR: ns3152050.ip-51-89-41.eu.	2019-11-06 20:08:38
138.204.235.30	attackspam	Nov 6 11:03:54 legacy sshd[25899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.235.30 Nov 6 11:03:55 legacy sshd[25899]: Failed password for invalid user connect from 138.204.235.30 port 39969 ssh2 Nov 6 11:08:41 legacy sshd[26039]: Failed password for root from 138.204.235.30 port 59516 ssh2 ...	2019-11-06 19:44:26
114.67.80.39	attackspam	Nov 6 06:55:14 plusreed sshd[31076]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.80.39 user=root Nov 6 06:55:16 plusreed sshd[31076]: Failed password for root from 114.67.80.39 port 38462 ssh2 ...	2019-11-06 20:25:00
188.214.93.66	attack	Autoban 188.214.93.66 AUTH/CONNECT	2019-11-06 19:48:02
77.247.108.229	attackspambots	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-11-06 19:45:16
159.65.121.65	attackspambots	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-11-06 19:46:47
208.109.9.95	attackspambots	2019-11-05 UTC: 8x - (8x)	2019-11-06 20:06:04
80.237.119.229	attackbotsspam	[portscan] Port scan	2019-11-06 19:51:30
185.162.235.242	attackspam	Nov 6 07:22:55 icecube postfix/smtpd[53607]: NOQUEUE: reject: RCPT from unknown[185.162.235.242]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo=	2019-11-06 20:19:43

最近上报的IP列表

46.101.191.133	82.194.17.106	62.33.211.129	31.184.197.10
253.215.119.43	37.200.99.65	66.27.166.108	195.250.94.143
217.33.18.99	82.229.224.19	46.253.252.162	197.41.236.121
173.244.149.103	192.171.248.0	222.97.62.233	106.168.81.168
71.196.219.187	105.80.75.157	216.228.210.12	166.131.142.209