193.29.13.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Romania

运营商(isp): Bunea Telecom SRL

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Scanning random ports - tries to find possible vulnerable services	2020-03-02 07:56:05
attack	firewall-block, port(s): 5001/tcp	2020-02-27 06:48:24
attackspambots	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-02-12 04:11:38
attackbotsspam	trying to access non-authorized port	2020-02-07 03:16:12
attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-27 23:56:46
attackbots	firewall-block, port(s): 3392/tcp, 3393/tcp	2020-01-26 07:50:32
attackbots	01/15/2020-08:08:26.768607 193.29.13.20 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-01-15 22:05:39
attackspambots	Fail2Ban Ban Triggered	2020-01-06 08:33:14
attackbots	firewall-block, port(s): 4001/tcp	2019-12-28 22:55:08
attack	Scanning random ports - tries to find possible vulnerable services	2019-12-22 20:37:26
attackbots	Multiport scan : 4 ports scanned 4404 6001 9060 9696	2019-12-07 08:33:00
attackspambots	firewall-block, port(s): 3333/tcp, 11111/tcp, 22222/tcp, 33333/tcp	2019-11-28 03:58:06
attackbotsspam	firewall-block, port(s): 33896/tcp	2019-11-23 00:58:41
attackspam	firewall-block, port(s): 3392/tcp, 3393/tcp	2019-11-21 08:22:08
attackspambots	Automatic report - Port Scan	2019-11-20 06:51:25
attackspam	Fail2Ban Ban Triggered	2019-11-17 03:01:41
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-16 14:56:15
attack	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-11-09 04:25:02
attackbots	193.29.13.20 was recorded 5 times by 4 hosts attempting to connect to the following ports: 5656,5757,5454. Incident counter (4h, 24h, all-time): 5, 24, 80	2019-11-06 06:27:50
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-03 02:35:01
attackbotsspam	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-10-27 16:50:17
attackbotsspam	firewall-block, port(s): 3388/tcp, 3389/tcp	2019-10-26 01:05:40
attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-10 02:40:14
attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-05 20:19:09
attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 04-10-2019 16:45:51.	2019-10-05 00:12:01
attackspambots	1568374412 - 09/13/2019 13:33:32 Host: 193.29.13.20/193.29.13.20 Port: 6667 TCP Blocked	2019-09-13 19:45:46
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-09-11 23:22:01
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-09-09 00:30:24
attackspam	firewall-block, port(s): 3625/tcp	2019-08-20 00:06:18
attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-17 19:23:44

相同子网IP讨论:

IP	类型	评论内容	时间
193.29.13.31	attack	ataque tcp intento de intrusion	2020-09-29 02:02:05
193.29.13.35	attackspambots	TCP ports : 3388 / 3389 / 3390 / 3391	2020-09-25 01:57:26
193.29.13.35	attackspambots	Scanning	2020-09-24 17:37:30
193.29.13.27	attackbots	Unauthorized connection attempt detected from IP address 193.29.13.27 to port 3391 [T]	2020-08-13 04:45:51
193.29.13.89	attack	Unauthorized connection attempt from IP address 193.29.13.89 on Port 3306(MYSQL)	2020-07-27 02:57:03
193.29.13.89	attack	[mysql-auth] MySQL auth attack	2020-07-25 12:59:15
193.29.13.89	attackspambots	Jul 17 14:11:30 debian-2gb-nbg1-2 kernel: \[17246444.579554\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=193.29.13.89 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=111 ID=256 PROTO=TCP SPT=6000 DPT=3306 WINDOW=16384 RES=0x00 SYN URGP=0	2020-07-18 00:38:08
193.29.13.33	attack	Port scan: Attack repeated for 24 hours	2020-07-17 03:14:27
193.29.13.11	attackbotsspam	3389BruteforceStormFW21	2020-07-05 06:37:32
193.29.13.133	attackspam	Icarus honeypot on github	2020-06-26 20:37:47
193.29.13.125	attackspambots	May 13 14:32:19 vps691689 sshd[21673]: error: Received disconnect from 193.29.13.125 port 45740:3: com.jcraft.jsch.JSchException: Auth fail [preauth] ...	2020-05-14 03:38:38
193.29.13.92	attackbotsspam	[MySQL inject/portscan] tcp/3306 *(RWIN=16384)(04301449)	2020-04-30 23:17:48
193.29.13.119	attackspam	Unauthorised access (Apr 13) SRC=193.29.13.119 LEN=40 TTL=116 ID=256 TCP DPT=3306 WINDOW=16384 SYN	2020-04-14 03:31:58
193.29.13.54	attack	ET SCAN Potential SSH Scan - port: 22 proto: TCP cat: Attempted Information Leak	2020-03-20 23:24:46
193.29.13.54	attack	SSH login attempts.	2020-03-20 13:47:55

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 193.29.13.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57144
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;193.29.13.20.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon May 20 12:31:41 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 20.13.29.193.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 20.13.29.193.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
2400:8500:1301:739:133:130:89:115	attackspam	ssh failed login	2019-11-02 05:00:09
123.206.17.68	attack	Nov 2 03:16:34 lcl-usvr-02 sshd[8263]: Invalid user 1 from 123.206.17.68 port 33940 Nov 2 03:16:34 lcl-usvr-02 sshd[8263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.17.68 Nov 2 03:16:34 lcl-usvr-02 sshd[8263]: Invalid user 1 from 123.206.17.68 port 33940 Nov 2 03:16:36 lcl-usvr-02 sshd[8263]: Failed password for invalid user 1 from 123.206.17.68 port 33940 ssh2 Nov 2 03:23:10 lcl-usvr-02 sshd[9700]: Invalid user sex4pl from 123.206.17.68 port 46526 ...	2019-11-02 05:36:08
177.42.250.234	attackbotsspam	445/tcp [2019-11-01]1pkt	2019-11-02 05:09:12
104.245.144.45	attack	(From linker.kathryn@gmail.com) Do you want to promote your advertisement on thousands of advertising sites monthly? One tiny investment every month will get you virtually unlimited traffic to your site forever! Check out our site for details: http://morebusiness.myadsubmissions.xyz	2019-11-02 05:20:20
36.230.145.211	attackbotsspam	23/tcp [2019-11-01]1pkt	2019-11-02 05:07:37
159.65.24.7	attack	Nov 1 22:03:32 vps647732 sshd[22493]: Failed password for root from 159.65.24.7 port 49258 ssh2 ...	2019-11-02 05:10:24
5.179.20.26	attack	445/tcp [2019-11-01]1pkt	2019-11-02 05:28:49
42.51.204.24	attackspambots	Nov 1 23:21:20 sauna sshd[163333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.204.24 Nov 1 23:21:22 sauna sshd[163333]: Failed password for invalid user smceachern from 42.51.204.24 port 42194 ssh2 ...	2019-11-02 05:30:09
159.203.139.128	attackbotsspam	Nov 1 21:52:04 srv01 sshd[26170]: Invalid user Badboy from 159.203.139.128 Nov 1 21:52:04 srv01 sshd[26170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.139.128 Nov 1 21:52:04 srv01 sshd[26170]: Invalid user Badboy from 159.203.139.128 Nov 1 21:52:06 srv01 sshd[26170]: Failed password for invalid user Badboy from 159.203.139.128 port 42852 ssh2 Nov 1 21:55:42 srv01 sshd[26415]: Invalid user drachenbot from 159.203.139.128 ...	2019-11-02 05:15:39
113.53.18.234	attackspambots	Unauthorized connection attempt from IP address 113.53.18.234 on Port 445(SMB)	2019-11-02 05:08:10
51.38.80.173	attack	Nov 1 22:09:31 MK-Soft-VM5 sshd[17674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.80.173 Nov 1 22:09:34 MK-Soft-VM5 sshd[17674]: Failed password for invalid user bnc from 51.38.80.173 port 58656 ssh2 ...	2019-11-02 05:24:11
104.131.169.32	attack	WordPress login Brute force / Web App Attack on client site.	2019-11-02 05:22:37
116.212.141.50	attack	Automatic report - Banned IP Access	2019-11-02 05:36:54
59.3.71.222	attackbotsspam	2019-11-01T20:51:46.327167abusebot-5.cloudsearch.cf sshd\[15988\]: Invalid user bjorn from 59.3.71.222 port 50398	2019-11-02 05:38:12
179.159.104.36	attackbotsspam	23/tcp [2019-11-01]1pkt	2019-11-02 05:02:16

最近上报的IP列表

96.44.133.110	23.168.146.11	43.241.19.211	22.97.215.102
110.249.218.69	198.111.35.37	138.185.129.2	253.116.228.14
230.51.152.142	77.247.110.53	120.132.105.173	59.106.172.195
193.102.4.18	77.82.90.20	109.197.29.246	202.168.159.54
85.159.236.210	69.77.172.81	53.71.83.9	176.235.187.147