193.29.13.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Romania

运营商(isp): Bunea Telecom SRL

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Scanning random ports - tries to find possible vulnerable services	2020-03-02 07:56:05
attack	firewall-block, port(s): 5001/tcp	2020-02-27 06:48:24
attackspambots	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-02-12 04:11:38
attackbotsspam	trying to access non-authorized port	2020-02-07 03:16:12
attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-27 23:56:46
attackbots	firewall-block, port(s): 3392/tcp, 3393/tcp	2020-01-26 07:50:32
attackbots	01/15/2020-08:08:26.768607 193.29.13.20 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-01-15 22:05:39
attackspambots	Fail2Ban Ban Triggered	2020-01-06 08:33:14
attackbots	firewall-block, port(s): 4001/tcp	2019-12-28 22:55:08
attack	Scanning random ports - tries to find possible vulnerable services	2019-12-22 20:37:26
attackbots	Multiport scan : 4 ports scanned 4404 6001 9060 9696	2019-12-07 08:33:00
attackspambots	firewall-block, port(s): 3333/tcp, 11111/tcp, 22222/tcp, 33333/tcp	2019-11-28 03:58:06
attackbotsspam	firewall-block, port(s): 33896/tcp	2019-11-23 00:58:41
attackspam	firewall-block, port(s): 3392/tcp, 3393/tcp	2019-11-21 08:22:08
attackspambots	Automatic report - Port Scan	2019-11-20 06:51:25
attackspam	Fail2Ban Ban Triggered	2019-11-17 03:01:41
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-16 14:56:15
attack	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-11-09 04:25:02
attackbots	193.29.13.20 was recorded 5 times by 4 hosts attempting to connect to the following ports: 5656,5757,5454. Incident counter (4h, 24h, all-time): 5, 24, 80	2019-11-06 06:27:50
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-03 02:35:01
attackbotsspam	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-10-27 16:50:17
attackbotsspam	firewall-block, port(s): 3388/tcp, 3389/tcp	2019-10-26 01:05:40
attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-10 02:40:14
attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-05 20:19:09
attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 04-10-2019 16:45:51.	2019-10-05 00:12:01
attackspambots	1568374412 - 09/13/2019 13:33:32 Host: 193.29.13.20/193.29.13.20 Port: 6667 TCP Blocked	2019-09-13 19:45:46
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-09-11 23:22:01
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-09-09 00:30:24
attackspam	firewall-block, port(s): 3625/tcp	2019-08-20 00:06:18
attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-17 19:23:44

相同子网IP讨论:

IP	类型	评论内容	时间
193.29.13.31	attack	ataque tcp intento de intrusion	2020-09-29 02:02:05
193.29.13.35	attackspambots	TCP ports : 3388 / 3389 / 3390 / 3391	2020-09-25 01:57:26
193.29.13.35	attackspambots	Scanning	2020-09-24 17:37:30
193.29.13.27	attackbots	Unauthorized connection attempt detected from IP address 193.29.13.27 to port 3391 [T]	2020-08-13 04:45:51
193.29.13.89	attack	Unauthorized connection attempt from IP address 193.29.13.89 on Port 3306(MYSQL)	2020-07-27 02:57:03
193.29.13.89	attack	[mysql-auth] MySQL auth attack	2020-07-25 12:59:15
193.29.13.89	attackspambots	Jul 17 14:11:30 debian-2gb-nbg1-2 kernel: \[17246444.579554\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=193.29.13.89 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=111 ID=256 PROTO=TCP SPT=6000 DPT=3306 WINDOW=16384 RES=0x00 SYN URGP=0	2020-07-18 00:38:08
193.29.13.33	attack	Port scan: Attack repeated for 24 hours	2020-07-17 03:14:27
193.29.13.11	attackbotsspam	3389BruteforceStormFW21	2020-07-05 06:37:32
193.29.13.133	attackspam	Icarus honeypot on github	2020-06-26 20:37:47
193.29.13.125	attackspambots	May 13 14:32:19 vps691689 sshd[21673]: error: Received disconnect from 193.29.13.125 port 45740:3: com.jcraft.jsch.JSchException: Auth fail [preauth] ...	2020-05-14 03:38:38
193.29.13.92	attackbotsspam	[MySQL inject/portscan] tcp/3306 *(RWIN=16384)(04301449)	2020-04-30 23:17:48
193.29.13.119	attackspam	Unauthorised access (Apr 13) SRC=193.29.13.119 LEN=40 TTL=116 ID=256 TCP DPT=3306 WINDOW=16384 SYN	2020-04-14 03:31:58
193.29.13.54	attack	ET SCAN Potential SSH Scan - port: 22 proto: TCP cat: Attempted Information Leak	2020-03-20 23:24:46
193.29.13.54	attack	SSH login attempts.	2020-03-20 13:47:55

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 193.29.13.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57144
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;193.29.13.20.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon May 20 12:31:41 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 20.13.29.193.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 20.13.29.193.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
1.220.215.253	attack	Brute force RDP, port 3389	2019-07-06 07:37:12
177.125.164.225	attackspam	SSH Brute-Force attacks	2019-07-06 07:14:36
14.139.191.130	attack	DATE:2019-07-05 19:59:53, IP:14.139.191.130, PORT:ssh SSH brute force auth (ermes)	2019-07-06 07:14:05
198.20.87.98	attack	Port scan: Attack repeated for 24 hours	2019-07-06 07:28:36
67.211.254.117	attackspambots	Unauthorized connection attempt from IP address 67.211.254.117 on Port 445(SMB)	2019-07-06 06:56:13
202.111.10.73	attackbots	Unauthorised access (Jul 5) SRC=202.111.10.73 LEN=40 PREC=0x20 TTL=232 ID=49932 TCP DPT=445 WINDOW=1024 SYN	2019-07-06 06:48:48
109.110.52.77	attackbotsspam	Jul 5 23:50:39 mail sshd\[3287\]: Invalid user internet from 109.110.52.77 Jul 5 23:50:39 mail sshd\[3287\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.110.52.77 Jul 5 23:50:41 mail sshd\[3287\]: Failed password for invalid user internet from 109.110.52.77 port 38262 ssh2 ...	2019-07-06 07:07:45
186.206.129.160	attack	Jul 5 22:27:35 ArkNodeAT sshd\[23493\]: Invalid user samp from 186.206.129.160 Jul 5 22:27:35 ArkNodeAT sshd\[23493\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.206.129.160 Jul 5 22:27:37 ArkNodeAT sshd\[23493\]: Failed password for invalid user samp from 186.206.129.160 port 42966 ssh2	2019-07-06 07:33:41
142.93.240.141	attack	WordPress wp-login brute force :: 142.93.240.141 0.060 BYPASS [06/Jul/2019:07:00:48 1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-06 06:50:29
104.238.116.94	attackspam	Jul 5 22:51:01 thevastnessof sshd[31977]: Failed password for root from 104.238.116.94 port 46780 ssh2 ...	2019-07-06 07:35:04
207.46.13.49	attack	Automatic report - Web App Attack	2019-07-06 07:23:21
31.28.9.114	attackspam	Many RDP login attempts detected by IDS script	2019-07-06 07:17:23
103.23.100.217	attackspambots	Jul 6 01:25:04 srv-4 sshd\[22366\]: Invalid user ts from 103.23.100.217 Jul 6 01:25:04 srv-4 sshd\[22366\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.100.217 Jul 6 01:25:06 srv-4 sshd\[22366\]: Failed password for invalid user ts from 103.23.100.217 port 50680 ssh2 ...	2019-07-06 06:57:28
138.97.66.113	attackbots	Autoban 138.97.66.113 ABORTED AUTH	2019-07-06 07:25:19
51.38.80.173	attack	$f2bV_matches	2019-07-06 07:12:48

最近上报的IP列表

96.44.133.110	23.168.146.11	43.241.19.211	22.97.215.102
110.249.218.69	198.111.35.37	138.185.129.2	253.116.228.14
230.51.152.142	77.247.110.53	120.132.105.173	59.106.172.195
193.102.4.18	77.82.90.20	109.197.29.246	202.168.159.54
85.159.236.210	69.77.172.81	53.71.83.9	176.235.187.147