193.106.29.106

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Ukraine

运营商(isp): Infium UAB

主机名(hostname): unknown

机构(organization): Infium, UAB

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Port scan on 8 port(s): 29417 30690 33389 33891 33892 33893 33896 41622	2019-09-02 02:11:49
attackbots	Port scan on 9 port(s): 4509 4517 4522 4531 4533 4540 4542 4544 4545	2019-08-29 00:49:23
attackbotsspam	firewall-block, port(s): 7040/tcp	2019-08-26 04:53:31
attackbotsspam	Port scan on 3 port(s): 9893 9894 9898	2019-08-25 17:29:53
attackspam	Aug 12 13:01:36 h2177944 kernel: \[3931462.659822\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=52726 PROTO=TCP SPT=55519 DPT=5881 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 12 13:04:11 h2177944 kernel: \[3931616.927695\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=5359 PROTO=TCP SPT=55519 DPT=3301 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 12 13:04:40 h2177944 kernel: \[3931646.743624\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=31868 PROTO=TCP SPT=55519 DPT=5634 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 12 13:07:47 h2177944 kernel: \[3931832.950198\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=22776 PROTO=TCP SPT=55519 DPT=3145 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 12 13:11:08 h2177944 kernel: \[3932034.757455\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.1	2019-08-12 19:17:51
attackspam	Aug 11 01:37:36 h2177944 kernel: \[3804045.275519\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=42431 PROTO=TCP SPT=55519 DPT=4215 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 11 01:37:55 h2177944 kernel: \[3804065.053453\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=34858 PROTO=TCP SPT=55519 DPT=5803 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 11 01:44:02 h2177944 kernel: \[3804431.781607\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=18508 PROTO=TCP SPT=55519 DPT=4176 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 11 01:44:05 h2177944 kernel: \[3804434.995262\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=12994 PROTO=TCP SPT=55519 DPT=5452 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 11 02:06:35 h2177944 kernel: \[3805784.222810\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=193.106.29.106 DST=85.214.	2019-08-11 08:07:09
attackspam	Portscan or hack attempt detected by psad/fwsnort	2019-07-06 21:38:59
attack	firewall-block, port(s): 2211/tcp, 2213/tcp	2019-07-03 07:47:52
attack	Port scan on 4 port(s): 8629 8637 8639 8643	2019-06-25 18:06:12

相同子网IP讨论:

IP	类型	评论内容	时间
193.106.29.66	attackspam	RDP Bruteforce	2020-09-30 08:43:56
193.106.29.66	attackbotsspam	RDP Bruteforce	2020-09-30 01:34:46
193.106.29.66	attackbots	RDP Brute-Force (Grieskirchen RZ1)	2020-09-29 17:34:19
193.106.29.66	attackbotsspam	Icarus honeypot on github	2020-08-24 18:13:37
193.106.29.122	attack	firewall-block, port(s): 60001/tcp	2020-08-17 08:21:38
193.106.29.66	attackspam	Unauthorized connection attempt detected from IP address 193.106.29.66 to port 3389 [T]	2020-08-16 04:05:07
193.106.29.210	attackbots	nginx/IPasHostname/a4a6f	2020-08-10 15:19:31
193.106.29.210	attack	nginx/IPasHostname/a4a6f	2020-08-08 01:10:40
193.106.29.75	attackbotsspam	Port scan denied	2020-07-13 23:37:30
193.106.29.75	attackspam	SIP/5060 Probe, BF, Hack -	2020-06-04 17:37:09
193.106.29.75	attackspambots	05/31/2020-16:25:13.852605 193.106.29.75 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-01 06:08:54
193.106.29.66	attack	TCP port 3306: Scan and connection	2020-02-21 06:23:34
193.106.29.75	attackspambots	unauthorized connection attempt	2020-02-04 19:28:10
193.106.29.75	attackspambots	WARNING / DENIED / DUDE CONNECT FROM 193.106.29.75	2020-01-14 04:32:02
193.106.29.122	attackbots	Fail2Ban Ban Triggered	2019-12-05 15:58:18

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 193.106.29.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52571
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;193.106.29.106.			IN	A

;; AUTHORITY SECTION:
.			2258	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050100 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed May 01 23:19:05 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

106.29.106.193.in-addr.arpa domain name pointer server05.talleremprendedor.info.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
106.29.106.193.in-addr.arpa	name = server05.talleremprendedor.info.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
89.248.174.223	attackbots	11/16/2019-19:28:45.967922 89.248.174.223 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-17 09:33:35
208.90.13.103	attackspam	port scan and connect, tcp 23 (telnet)	2019-11-17 13:25:16
109.237.212.66	attack	Nov 13 03:08:09 rb06 sshd[864]: Failed password for r.r from 109.237.212.66 port 44194 ssh2 Nov 13 03:08:09 rb06 sshd[864]: Received disconnect from 109.237.212.66: 11: Bye Bye [preauth] Nov 13 03:26:02 rb06 sshd[7083]: Failed password for r.r from 109.237.212.66 port 50626 ssh2 Nov 13 03:26:02 rb06 sshd[7083]: Received disconnect from 109.237.212.66: 11: Bye Bye [preauth] Nov 13 03:29:26 rb06 sshd[16718]: Failed password for invalid user ludovicus from 109.237.212.66 port 60510 ssh2 Nov 13 03:29:26 rb06 sshd[16718]: Received disconnect from 109.237.212.66: 11: Bye Bye [preauth] Nov 13 03:32:51 rb06 sshd[17514]: Failed password for invalid user cperez from 109.237.212.66 port 42730 ssh2 Nov 13 03:32:51 rb06 sshd[17514]: Received disconnect from 109.237.212.66: 11: Bye Bye [preauth] Nov 13 03:36:10 rb06 sshd[16831]: Failed password for r.r from 109.237.212.66 port 52518 ssh2 Nov 13 03:36:10 rb06 sshd[16831]: Received disconnect from 109.237.212.66: 11: Bye Bye [preauth] ........ -------------------------------	2019-11-17 09:33:05
112.195.200.153	attackspam	badbot	2019-11-17 13:23:27
111.241.106.196	attack	" "	2019-11-17 13:06:16
185.176.27.6	attackbotsspam	Nov 17 06:09:15 mc1 kernel: \[5253618.678028\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.6 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=39636 PROTO=TCP SPT=45486 DPT=27681 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 17 06:18:02 mc1 kernel: \[5254145.617775\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.6 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=54456 PROTO=TCP SPT=45486 DPT=13948 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 17 06:19:01 mc1 kernel: \[5254204.507101\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.6 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=1490 PROTO=TCP SPT=45486 DPT=17585 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-17 13:22:54
104.42.25.12	attack	Nov 17 02:11:29 ns381471 sshd[4748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.25.12 Nov 17 02:11:31 ns381471 sshd[4748]: Failed password for invalid user ezis from 104.42.25.12 port 2048 ssh2	2019-11-17 09:41:10
107.161.91.219	attack	SASL Brute Force	2019-11-17 09:40:07
198.245.63.94	attackspambots	Nov 17 05:54:46 localhost sshd\[9735\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.245.63.94 user=root Nov 17 05:54:49 localhost sshd\[9735\]: Failed password for root from 198.245.63.94 port 52894 ssh2 Nov 17 05:58:23 localhost sshd\[10163\]: Invalid user aichele from 198.245.63.94 port 32846 Nov 17 05:58:23 localhost sshd\[10163\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.245.63.94	2019-11-17 13:11:59
139.194.45.167	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/139.194.45.167/ ID - 1H : (36) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ID NAME ASN : ASN23700 IP : 139.194.45.167 CIDR : 139.194.32.0/19 PREFIX COUNT : 110 UNIQUE IP COUNT : 765440 ATTACKS DETECTED ASN23700 : 1H - 2 3H - 2 6H - 2 12H - 3 24H - 6 DateTime : 2019-11-17 05:58:01 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-17 13:25:37
66.85.188.242	attackspambots	Automatic report - XMLRPC Attack	2019-11-17 13:15:16
154.223.40.244	attackspam	2019-11-16T22:47:39.199590shield sshd\[627\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.223.40.244 user=root 2019-11-16T22:47:40.881841shield sshd\[627\]: Failed password for root from 154.223.40.244 port 46264 ssh2 2019-11-16T22:51:40.732160shield sshd\[1347\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.223.40.244 user=root 2019-11-16T22:51:42.499746shield sshd\[1347\]: Failed password for root from 154.223.40.244 port 50370 ssh2 2019-11-16T22:55:46.240359shield sshd\[2341\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.223.40.244 user=root	2019-11-17 09:35:24
201.49.110.210	attack	Nov 17 07:19:16 vtv3 sshd\[27314\]: Invalid user amedo from 201.49.110.210 port 46016 Nov 17 07:19:16 vtv3 sshd\[27314\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.110.210 Nov 17 07:19:18 vtv3 sshd\[27314\]: Failed password for invalid user amedo from 201.49.110.210 port 46016 ssh2 Nov 17 07:25:11 vtv3 sshd\[28909\]: Invalid user kawame from 201.49.110.210 port 33486 Nov 17 07:25:11 vtv3 sshd\[28909\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.110.210 Nov 17 07:35:51 vtv3 sshd\[31703\]: Invalid user aerobics from 201.49.110.210 port 49756 Nov 17 07:35:51 vtv3 sshd\[31703\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.110.210 Nov 17 07:35:53 vtv3 sshd\[31703\]: Failed password for invalid user aerobics from 201.49.110.210 port 49756 ssh2 Nov 17 07:40:17 vtv3 sshd\[386\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh	2019-11-17 13:22:19
112.21.191.253	attackbots	Nov 17 01:58:19 h2177944 sshd\[15639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.21.191.253 user=root Nov 17 01:58:21 h2177944 sshd\[15639\]: Failed password for root from 112.21.191.253 port 54248 ssh2 Nov 17 02:04:49 h2177944 sshd\[16268\]: Invalid user karum from 112.21.191.253 port 42847 Nov 17 02:04:49 h2177944 sshd\[16268\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.21.191.253 ...	2019-11-17 09:32:10
58.144.150.233	attackbotsspam	2019-11-17T05:58:05.106352stark.klein-stark.info sshd\[18158\]: Invalid user chas from 58.144.150.233 port 42612 2019-11-17T05:58:05.113400stark.klein-stark.info sshd\[18158\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.144.150.233 2019-11-17T05:58:07.370442stark.klein-stark.info sshd\[18158\]: Failed password for invalid user chas from 58.144.150.233 port 42612 ssh2 ...	2019-11-17 13:18:37

最近上报的IP列表

1.206.210.194	197.86.217.37	182.106.171.72	190.184.178.23
189.209.114.108	115.124.64.187	145.196.250.211	198.169.192.157
37.120.184.155	135.120.129.129	132.133.181.102	111.169.125.246
222.42.224.20	177.73.62.123	187.95.236.246	178.17.174.68
41.198.233.175	185.244.25.92	116.66.236.131	15.130.232.189