193.29.13.11 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Romania

运营商(isp): Bunea Telecom SRL

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	3389BruteforceStormFW21	2020-07-05 06:37:32

相同子网IP讨论:

IP	类型	评论内容	时间
193.29.13.31	attack	ataque tcp intento de intrusion	2020-09-29 02:02:05
193.29.13.35	attackspambots	TCP ports : 3388 / 3389 / 3390 / 3391	2020-09-25 01:57:26
193.29.13.35	attackspambots	Scanning	2020-09-24 17:37:30
193.29.13.27	attackbots	Unauthorized connection attempt detected from IP address 193.29.13.27 to port 3391 [T]	2020-08-13 04:45:51
193.29.13.89	attack	Unauthorized connection attempt from IP address 193.29.13.89 on Port 3306(MYSQL)	2020-07-27 02:57:03
193.29.13.89	attack	[mysql-auth] MySQL auth attack	2020-07-25 12:59:15
193.29.13.89	attackspambots	Jul 17 14:11:30 debian-2gb-nbg1-2 kernel: \[17246444.579554\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=193.29.13.89 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=111 ID=256 PROTO=TCP SPT=6000 DPT=3306 WINDOW=16384 RES=0x00 SYN URGP=0	2020-07-18 00:38:08
193.29.13.33	attack	Port scan: Attack repeated for 24 hours	2020-07-17 03:14:27
193.29.13.133	attackspam	Icarus honeypot on github	2020-06-26 20:37:47
193.29.13.125	attackspambots	May 13 14:32:19 vps691689 sshd[21673]: error: Received disconnect from 193.29.13.125 port 45740:3: com.jcraft.jsch.JSchException: Auth fail [preauth] ...	2020-05-14 03:38:38
193.29.13.92	attackbotsspam	[MySQL inject/portscan] tcp/3306 *(RWIN=16384)(04301449)	2020-04-30 23:17:48
193.29.13.119	attackspam	Unauthorised access (Apr 13) SRC=193.29.13.119 LEN=40 TTL=116 ID=256 TCP DPT=3306 WINDOW=16384 SYN	2020-04-14 03:31:58
193.29.13.54	attack	ET SCAN Potential SSH Scan - port: 22 proto: TCP cat: Attempted Information Leak	2020-03-20 23:24:46
193.29.13.54	attack	SSH login attempts.	2020-03-20 13:47:55
193.29.13.30	attack	1 attempts against mh-modsecurity-ban on sand	2020-03-07 07:36:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 193.29.13.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56124
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;193.29.13.11.			IN	A

;; AUTHORITY SECTION:
.			514	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070401 1800 900 604800 86400

;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jul 05 06:37:28 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 11.13.29.193.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 11.13.29.193.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
119.123.177.156	attackspambots	Sep 29 12:34:22 pornomens sshd\[19017\]: Invalid user hadoop from 119.123.177.156 port 37392 Sep 29 12:34:22 pornomens sshd\[19017\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.123.177.156 Sep 29 12:34:25 pornomens sshd\[19017\]: Failed password for invalid user hadoop from 119.123.177.156 port 37392 ssh2 ...	2020-09-29 21:35:27
117.131.29.87	attackbotsspam	Sep 29 11:33:59 mavik sshd[23696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.131.29.87 user=root Sep 29 11:34:01 mavik sshd[23696]: Failed password for root from 117.131.29.87 port 49718 ssh2 Sep 29 11:35:09 mavik sshd[23755]: Invalid user postgres from 117.131.29.87 Sep 29 11:35:09 mavik sshd[23755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.131.29.87 Sep 29 11:35:11 mavik sshd[23755]: Failed password for invalid user postgres from 117.131.29.87 port 33170 ssh2 ...	2020-09-29 21:32:01
61.132.52.24	attack	Invalid user hue from 61.132.52.24 port 33496	2020-09-29 21:25:15
219.153.33.234	attack	Sep 29 11:33:34 [host] sshd[24987]: Invalid user d Sep 29 11:33:34 [host] sshd[24987]: pam_unix(sshd: Sep 29 11:33:36 [host] sshd[24987]: Failed passwor	2020-09-29 21:37:40
80.252.136.182	attackbotsspam	80.252.136.182 - - [29/Sep/2020:14:01:49 +0200] "POST /wp-login.php HTTP/1.0" 200 4794 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-29 21:44:48
103.122.32.99	attackbotsspam	20/9/28@17:02:36: FAIL: Alarm-Network address from=103.122.32.99 ...	2020-09-29 21:39:16
119.45.12.105	attackspambots	Sep 28 23:56:10 s158375 sshd[7869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.12.105	2020-09-29 21:51:25
197.5.145.93	attackspambots	Sep 29 20:09:57 itv-usvr-01 sshd[32052]: Invalid user postfix from 197.5.145.93 Sep 29 20:09:57 itv-usvr-01 sshd[32052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.5.145.93 Sep 29 20:09:57 itv-usvr-01 sshd[32052]: Invalid user postfix from 197.5.145.93 Sep 29 20:09:59 itv-usvr-01 sshd[32052]: Failed password for invalid user postfix from 197.5.145.93 port 11129 ssh2 Sep 29 20:15:12 itv-usvr-01 sshd[32273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.5.145.93 user=list Sep 29 20:15:14 itv-usvr-01 sshd[32273]: Failed password for list from 197.5.145.93 port 11130 ssh2	2020-09-29 21:42:07
167.172.25.74	attackspambots	2020-09-29T15:31:41.872623ns386461 sshd\[8171\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.25.74 user=root 2020-09-29T15:31:44.516457ns386461 sshd\[8171\]: Failed password for root from 167.172.25.74 port 42762 ssh2 2020-09-29T15:31:46.386042ns386461 sshd\[8211\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.25.74 user=root 2020-09-29T15:31:48.714551ns386461 sshd\[8211\]: Failed password for root from 167.172.25.74 port 51578 ssh2 2020-09-29T15:31:51.453420ns386461 sshd\[8304\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.25.74 user=root ...	2020-09-29 21:34:25
87.251.74.18	attackbotsspam	TCP (SYN) 87.251.74.18:45563 -> port 13390, len 44	2020-09-29 21:52:25
156.96.118.58	attackspam	SMTP	2020-09-29 21:41:16
114.247.215.219	attackbots	Invalid user ospite from 114.247.215.219 port 35818	2020-09-29 21:45:29
186.22.238.134	attackbots	Sep 28 22:39:32 mellenthin postfix/smtpd[8520]: NOQUEUE: reject: RCPT from unknown[186.22.238.134]: 554 5.7.1 Service unavailable; Client host [186.22.238.134] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/186.22.238.134; from= to= proto=ESMTP helo=	2020-09-29 21:36:22
118.25.131.80	attack	Sep 29 07:05:30 rush sshd[21829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.131.80 Sep 29 07:05:32 rush sshd[21829]: Failed password for invalid user freebsd from 118.25.131.80 port 59312 ssh2 Sep 29 07:09:18 rush sshd[21961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.131.80 ...	2020-09-29 21:56:31
119.45.213.145	attackbotsspam	Sep 29 14:10:34 xeon sshd[31116]: Failed password for invalid user operator from 119.45.213.145 port 43418 ssh2	2020-09-29 21:31:40

最近上报的IP列表

191.138.70.131	186.62.41.189	105.103.175.235	80.41.223.195
90.101.98.93	84.210.216.189	126.62.135.109	96.126.193.142
116.179.132.164	63.105.0.224	68.46.224.197	81.92.75.183
97.64.46.22	37.93.152.181	106.122.34.133	126.85.165.32
193.227.8.212	119.177.175.168	94.19.132.31	190.235.170.96