193.106.29.106

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Ukraine

运营商(isp): Infium UAB

主机名(hostname): unknown

机构(organization): Infium, UAB

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Port scan on 8 port(s): 29417 30690 33389 33891 33892 33893 33896 41622	2019-09-02 02:11:49
attackbots	Port scan on 9 port(s): 4509 4517 4522 4531 4533 4540 4542 4544 4545	2019-08-29 00:49:23
attackbotsspam	firewall-block, port(s): 7040/tcp	2019-08-26 04:53:31
attackbotsspam	Port scan on 3 port(s): 9893 9894 9898	2019-08-25 17:29:53
attackspam	Aug 12 13:01:36 h2177944 kernel: \[3931462.659822\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=52726 PROTO=TCP SPT=55519 DPT=5881 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 12 13:04:11 h2177944 kernel: \[3931616.927695\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=5359 PROTO=TCP SPT=55519 DPT=3301 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 12 13:04:40 h2177944 kernel: \[3931646.743624\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=31868 PROTO=TCP SPT=55519 DPT=5634 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 12 13:07:47 h2177944 kernel: \[3931832.950198\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=22776 PROTO=TCP SPT=55519 DPT=3145 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 12 13:11:08 h2177944 kernel: \[3932034.757455\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.1	2019-08-12 19:17:51
attackspam	Aug 11 01:37:36 h2177944 kernel: \[3804045.275519\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=42431 PROTO=TCP SPT=55519 DPT=4215 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 11 01:37:55 h2177944 kernel: \[3804065.053453\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=34858 PROTO=TCP SPT=55519 DPT=5803 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 11 01:44:02 h2177944 kernel: \[3804431.781607\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=18508 PROTO=TCP SPT=55519 DPT=4176 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 11 01:44:05 h2177944 kernel: \[3804434.995262\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=12994 PROTO=TCP SPT=55519 DPT=5452 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 11 02:06:35 h2177944 kernel: \[3805784.222810\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.	2019-08-11 08:07:09
attackspam	Portscan or hack attempt detected by psad/fwsnort	2019-07-06 21:38:59
attack	firewall-block, port(s): 2211/tcp, 2213/tcp	2019-07-03 07:47:52
attack	Port scan on 4 port(s): 8629 8637 8639 8643	2019-06-25 18:06:12

相同子网IP讨论:

IP	类型	评论内容	时间
193.106.29.66	attackspam	RDP Bruteforce	2020-09-30 08:43:56
193.106.29.66	attackbotsspam	RDP Bruteforce	2020-09-30 01:34:46
193.106.29.66	attackbots	RDP Brute-Force (Grieskirchen RZ1)	2020-09-29 17:34:19
193.106.29.66	attackbotsspam	Icarus honeypot on github	2020-08-24 18:13:37
193.106.29.122	attack	firewall-block, port(s): 60001/tcp	2020-08-17 08:21:38
193.106.29.66	attackspam	Unauthorized connection attempt detected from IP address 193.106.29.66 to port 3389 [T]	2020-08-16 04:05:07
193.106.29.210	attackbots	nginx/IPasHostname/a4a6f	2020-08-10 15:19:31
193.106.29.210	attack	nginx/IPasHostname/a4a6f	2020-08-08 01:10:40
193.106.29.75	attackbotsspam	Port scan denied	2020-07-13 23:37:30
193.106.29.75	attackspam	SIP/5060 Probe, BF, Hack -	2020-06-04 17:37:09
193.106.29.75	attackspambots	05/31/2020-16:25:13.852605 193.106.29.75 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-01 06:08:54
193.106.29.66	attack	TCP port 3306: Scan and connection	2020-02-21 06:23:34
193.106.29.75	attackspambots	unauthorized connection attempt	2020-02-04 19:28:10
193.106.29.75	attackspambots	WARNING / DENIED / DUDE CONNECT FROM 193.106.29.75	2020-01-14 04:32:02
193.106.29.122	attackbots	Fail2Ban Ban Triggered	2019-12-05 15:58:18

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 193.106.29.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52571
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;193.106.29.106.			IN	A

;; AUTHORITY SECTION:
.			2258	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050100 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed May 01 23:19:05 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

106.29.106.193.in-addr.arpa domain name pointer server05.talleremprendedor.info.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
106.29.106.193.in-addr.arpa	name = server05.talleremprendedor.info.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
190.24.138.66	attackbots	Unauthorized connection attempt from IP address 190.24.138.66 on Port 445(SMB)	2020-09-24 07:31:44
69.76.196.64	attack	Automatic report - Banned IP Access	2020-09-24 07:31:30
209.17.96.74	attackspambots	UDP 209.17.96.74:50990 -> port 137, len 78	2020-09-24 07:53:10
119.28.4.215	attackbots	SSH Invalid Login	2020-09-24 07:25:43
86.57.222.46	attackspam	Unauthorized connection attempt from IP address 86.57.222.46 on Port 445(SMB)	2020-09-24 07:52:25
118.71.153.198	attackbotsspam	Unauthorized connection attempt from IP address 118.71.153.198 on Port 445(SMB)	2020-09-24 07:33:02
190.200.228.69	attackspambots	Unauthorised access (Sep 23) SRC=190.200.228.69 LEN=52 TTL=113 ID=8078 DF TCP DPT=445 WINDOW=8192 SYN	2020-09-24 07:22:58
218.92.0.145	attackbots	Sep 24 01:48:25 dev0-dcde-rnet sshd[22282]: Failed password for root from 218.92.0.145 port 42538 ssh2 Sep 24 01:48:39 dev0-dcde-rnet sshd[22282]: error: maximum authentication attempts exceeded for root from 218.92.0.145 port 42538 ssh2 [preauth] Sep 24 01:48:47 dev0-dcde-rnet sshd[22289]: Failed password for root from 218.92.0.145 port 8036 ssh2	2020-09-24 07:49:37
95.169.6.47	attack	$f2bV_matches	2020-09-24 07:52:07
40.117.41.110	attack	Sep 24 02:27:36 root sshd[2319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.117.41.110 user=root Sep 24 02:27:38 root sshd[2319]: Failed password for root from 40.117.41.110 port 45397 ssh2 ...	2020-09-24 07:45:49
41.64.172.51	attackspambots	port scan and connect, tcp 1433 (ms-sql-s)	2020-09-24 07:49:10
182.155.117.238	attackbots	Port Scan detected! ...	2020-09-24 07:37:44
163.172.32.190	attackbots	163.172.32.190 - - [23/Sep/2020:22:53:22 +0000] "POST /wp-login.php HTTP/1.1" 200 2077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 163.172.32.190 - - [23/Sep/2020:22:53:24 +0000] "POST /wp-login.php HTTP/1.1" 200 2055 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 163.172.32.190 - - [23/Sep/2020:22:53:31 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 163.172.32.190 - - [23/Sep/2020:22:53:33 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 163.172.32.190 - - [23/Sep/2020:22:53:34 +0000] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"	2020-09-24 07:28:24
140.143.121.45	attackspam	2020-09-23T19:06:00.482372mail.broermann.family sshd[23458]: Failed password for invalid user nifi from 140.143.121.45 port 33550 ssh2 2020-09-23T19:06:02.472343mail.broermann.family sshd[23466]: Invalid user hadoop from 140.143.121.45 port 33826 2020-09-23T19:06:02.475776mail.broermann.family sshd[23466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.121.45 2020-09-23T19:06:02.472343mail.broermann.family sshd[23466]: Invalid user hadoop from 140.143.121.45 port 33826 2020-09-23T19:06:04.751154mail.broermann.family sshd[23466]: Failed password for invalid user hadoop from 140.143.121.45 port 33826 ssh2 ...	2020-09-24 12:01:31
39.65.147.118	attackspam	Honeypot hit.	2020-09-24 07:53:54

最近上报的IP列表

1.206.210.194	197.86.217.37	182.106.171.72	190.184.178.23
189.209.114.108	115.124.64.187	145.196.250.211	198.169.192.157
37.120.184.155	135.120.129.129	132.133.181.102	111.169.125.246
222.42.224.20	177.73.62.123	187.95.236.246	178.17.174.68
41.198.233.175	185.244.25.92	116.66.236.131	15.130.232.189