106.13.1.203 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Dec 27 18:13:41 plusreed sshd[31314]: Invalid user younan from 106.13.1.203 ...	2019-12-28 07:25:15
attackspam	Dec 19 07:23:10 dev0-dcde-rnet sshd[25843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 Dec 19 07:23:12 dev0-dcde-rnet sshd[25843]: Failed password for invalid user pillsworth from 106.13.1.203 port 36242 ssh2 Dec 19 07:28:59 dev0-dcde-rnet sshd[25888]: Failed password for www-data from 106.13.1.203 port 53876 ssh2	2019-12-19 15:30:47
attackbots	--- report --- Dec 18 11:33:53 sshd: Connection from 106.13.1.203 port 38504 Dec 18 11:33:55 sshd: Invalid user muthuletchimi from 106.13.1.203 Dec 18 11:33:57 sshd: Failed password for invalid user muthuletchimi from 106.13.1.203 port 38504 ssh2 Dec 18 11:33:57 sshd: Received disconnect from 106.13.1.203: 11: Bye Bye [preauth]	2019-12-19 03:34:38
attack	$f2bV_matches	2019-12-18 13:10:22
attackspam	Dec 12 12:49:06 server sshd\[24700\]: Invalid user vandusen from 106.13.1.203 Dec 12 12:49:06 server sshd\[24700\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 Dec 12 12:49:08 server sshd\[24700\]: Failed password for invalid user vandusen from 106.13.1.203 port 59426 ssh2 Dec 12 12:58:39 server sshd\[27612\]: Invalid user hamzeh from 106.13.1.203 Dec 12 12:58:39 server sshd\[27612\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 ...	2019-12-12 20:13:05
attack	Triggered by Fail2Ban at Vostok web server	2019-12-11 13:01:01
attackspambots	Dec 9 16:18:21 vtv3 sshd[20162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 Dec 9 16:18:23 vtv3 sshd[20162]: Failed password for invalid user omiya from 106.13.1.203 port 55956 ssh2 Dec 9 16:25:33 vtv3 sshd[23737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 Dec 9 16:50:29 vtv3 sshd[4408]: Failed password for root from 106.13.1.203 port 48960 ssh2 Dec 9 16:56:54 vtv3 sshd[7399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 Dec 9 16:56:56 vtv3 sshd[7399]: Failed password for invalid user yuanwd from 106.13.1.203 port 47556 ssh2 Dec 9 17:10:18 vtv3 sshd[13525]: Failed password for root from 106.13.1.203 port 44780 ssh2 Dec 9 17:17:43 vtv3 sshd[17143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 Dec 9 17:17:45 vtv3 sshd[17143]: Failed password for invalid user wwwadmin from 1	2019-12-10 07:08:08
attack	Nov 27 15:53:09 mail sshd\[29826\]: Invalid user marian123 from 106.13.1.203 Nov 27 15:53:09 mail sshd\[29826\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 Nov 27 15:53:11 mail sshd\[29826\]: Failed password for invalid user marian123 from 106.13.1.203 port 42772 ssh2 ...	2019-11-28 00:55:21
attackspam	Nov 12 06:24:07 localhost sshd\[24460\]: Invalid user Show@123 from 106.13.1.203 port 42310 Nov 12 06:24:07 localhost sshd\[24460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 Nov 12 06:24:09 localhost sshd\[24460\]: Failed password for invalid user Show@123 from 106.13.1.203 port 42310 ssh2 Nov 12 06:29:19 localhost sshd\[24715\]: Invalid user juping from 106.13.1.203 port 50370 Nov 12 06:29:19 localhost sshd\[24715\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 ...	2019-11-12 17:02:14
attackbotsspam	Nov 10 01:27:33 srv3 sshd\[22794\]: Invalid user jie from 106.13.1.203 Nov 10 01:27:33 srv3 sshd\[22794\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 Nov 10 01:27:35 srv3 sshd\[22794\]: Failed password for invalid user jie from 106.13.1.203 port 52582 ssh2 ...	2019-11-10 18:21:05
attack	Nov 8 13:53:26 server sshd\[10946\]: Failed password for invalid user ts_server from 106.13.1.203 port 39394 ssh2 Nov 9 13:17:25 server sshd\[24434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 user=root Nov 9 13:17:27 server sshd\[24434\]: Failed password for root from 106.13.1.203 port 44480 ssh2 Nov 9 13:29:12 server sshd\[27537\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 user=root Nov 9 13:29:14 server sshd\[27537\]: Failed password for root from 106.13.1.203 port 38340 ssh2 ...	2019-11-09 22:41:42
attackbotsspam	Nov 8 13:22:46 server sshd\[2904\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 user=root Nov 8 13:22:48 server sshd\[2904\]: Failed password for root from 106.13.1.203 port 39998 ssh2 Nov 8 13:48:38 server sshd\[9673\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 user=root Nov 8 13:48:40 server sshd\[9673\]: Failed password for root from 106.13.1.203 port 60662 ssh2 Nov 8 13:53:24 server sshd\[10946\]: Invalid user ts_server from 106.13.1.203 Nov 8 13:53:24 server sshd\[10946\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 ...	2019-11-08 20:50:41
attackbotsspam	Invalid user jiong from 106.13.1.203 port 36514	2019-10-29 07:36:20
attackbotsspam	Invalid user jiong from 106.13.1.203 port 36514	2019-10-27 17:48:57
attackspam	Oct 22 23:58:51 plusreed sshd[667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 user=root Oct 22 23:58:52 plusreed sshd[667]: Failed password for root from 106.13.1.203 port 41164 ssh2 ...	2019-10-23 12:08:57
attack	Oct 22 06:56:56 h2177944 sshd\[14257\]: Invalid user real from 106.13.1.203 port 49838 Oct 22 06:56:56 h2177944 sshd\[14257\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 Oct 22 06:56:58 h2177944 sshd\[14257\]: Failed password for invalid user real from 106.13.1.203 port 49838 ssh2 Oct 22 07:02:11 h2177944 sshd\[14932\]: Invalid user av from 106.13.1.203 port 57708 ...	2019-10-22 13:50:50
attackbots	Oct 20 19:28:05 server sshd\[681\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 user=root Oct 20 19:28:07 server sshd\[681\]: Failed password for root from 106.13.1.203 port 49246 ssh2 Oct 20 19:42:52 server sshd\[4500\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 user=root Oct 20 19:42:54 server sshd\[4500\]: Failed password for root from 106.13.1.203 port 39964 ssh2 Oct 20 19:48:18 server sshd\[6256\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 user=root ...	2019-10-21 02:39:10
attackbots	Oct 14 22:41:37 ns41 sshd[29920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203	2019-10-15 04:53:29
attackspambots	Oct 8 08:05:02 vmd17057 sshd\[29950\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 user=root Oct 8 08:05:05 vmd17057 sshd\[29950\]: Failed password for root from 106.13.1.203 port 51852 ssh2 Oct 8 08:14:39 vmd17057 sshd\[30588\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 user=root ...	2019-10-08 18:27:40
attackspambots	SSH bruteforce (Triggered fail2ban)	2019-08-26 10:52:20
attack	2019-08-20T01:54:05.706422enmeeting.mahidol.ac.th sshd\[1193\]: User root from 106.13.1.203 not allowed because not listed in AllowUsers 2019-08-20T01:54:05.832810enmeeting.mahidol.ac.th sshd\[1193\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 user=root 2019-08-20T01:54:07.817644enmeeting.mahidol.ac.th sshd\[1193\]: Failed password for invalid user root from 106.13.1.203 port 44518 ssh2 ...	2019-08-20 07:08:44
attack	Jul 23 13:49:31 work-partkepr sshd\[15383\]: Invalid user usuario from 106.13.1.203 port 40274 Jul 23 13:49:31 work-partkepr sshd\[15383\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 ...	2019-07-23 22:47:29
attack	2019-07-16T00:04:47.312193centos sshd\[24315\]: Invalid user telnet from 106.13.1.203 port 51956 2019-07-16T00:04:47.317218centos sshd\[24315\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 2019-07-16T00:04:49.890094centos sshd\[24315\]: Failed password for invalid user telnet from 106.13.1.203 port 51956 ssh2	2019-07-16 07:56:15

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.199.185	attackspam	Oct 14 00:55:57 Ubuntu-1404-trusty-64-minimal sshd\[22541\]: Invalid user kirk from 106.13.199.185 Oct 14 00:55:57 Ubuntu-1404-trusty-64-minimal sshd\[22541\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.199.185 Oct 14 00:55:59 Ubuntu-1404-trusty-64-minimal sshd\[22541\]: Failed password for invalid user kirk from 106.13.199.185 port 40344 ssh2 Oct 14 01:04:02 Ubuntu-1404-trusty-64-minimal sshd\[31459\]: Invalid user claudia from 106.13.199.185 Oct 14 01:04:02 Ubuntu-1404-trusty-64-minimal sshd\[31459\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.199.185	2020-10-14 08:36:13
106.13.18.86	attack	Oct 13 22:44:07 ovpn sshd\[4846\]: Invalid user bank from 106.13.18.86 Oct 13 22:44:07 ovpn sshd\[4846\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.18.86 Oct 13 22:44:09 ovpn sshd\[4846\]: Failed password for invalid user bank from 106.13.18.86 port 40152 ssh2 Oct 13 22:49:51 ovpn sshd\[6264\]: Invalid user app from 106.13.18.86 Oct 13 22:49:51 ovpn sshd\[6264\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.18.86	2020-10-14 06:32:18
106.13.112.221	attackspambots	SSH Brute Force	2020-10-14 06:22:15
106.13.107.196	attack	detected by Fail2Ban	2020-10-14 03:40:12
106.13.167.3	attackspambots	$f2bV_matches	2020-10-14 00:54:19
106.13.176.235	attackbots	Oct 13 17:35:32 vps-de sshd[31531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.176.235 Oct 13 17:35:34 vps-de sshd[31531]: Failed password for invalid user administrator from 106.13.176.235 port 44476 ssh2 Oct 13 17:38:10 vps-de sshd[31576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.176.235 user=root Oct 13 17:38:12 vps-de sshd[31576]: Failed password for invalid user root from 106.13.176.235 port 46026 ssh2 Oct 13 17:40:52 vps-de sshd[31667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.176.235 Oct 13 17:40:55 vps-de sshd[31667]: Failed password for invalid user bogdan from 106.13.176.235 port 47544 ssh2 ...	2020-10-14 00:35:35
106.13.172.167	attack	Oct 13 12:08:23 mavik sshd[4476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.172.167 Oct 13 12:08:26 mavik sshd[4476]: Failed password for invalid user alyson from 106.13.172.167 port 53886 ssh2 Oct 13 12:11:25 mavik sshd[4864]: Invalid user ov from 106.13.172.167 Oct 13 12:11:25 mavik sshd[4864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.172.167 Oct 13 12:11:27 mavik sshd[4864]: Failed password for invalid user ov from 106.13.172.167 port 38074 ssh2 ...	2020-10-13 22:50:33
106.13.199.185	attackbotsspam	Oct 13 12:45:55 cho sshd[570596]: Failed password for root from 106.13.199.185 port 47964 ssh2 Oct 13 12:50:26 cho sshd[570880]: Invalid user robertl from 106.13.199.185 port 46944 Oct 13 12:50:26 cho sshd[570880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.199.185 Oct 13 12:50:26 cho sshd[570880]: Invalid user robertl from 106.13.199.185 port 46944 Oct 13 12:50:28 cho sshd[570880]: Failed password for invalid user robertl from 106.13.199.185 port 46944 ssh2 ...	2020-10-13 21:26:41
106.13.107.196	attackspambots	SSH Brute Force (V)	2020-10-13 18:59:17
106.13.167.3	attackspambots	$f2bV_matches	2020-10-13 16:04:31
106.13.176.235	attackbotsspam	$f2bV_matches	2020-10-13 15:46:03
106.13.172.167	attackspambots	Oct 13 05:38:58 cdc sshd[8168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.172.167 user=root Oct 13 05:39:00 cdc sshd[8168]: Failed password for invalid user root from 106.13.172.167 port 39998 ssh2	2020-10-13 14:11:20
106.13.196.51	attackspambots	Oct 13 06:59:41 host2 sshd[95972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.196.51 user=root Oct 13 06:59:42 host2 sshd[95972]: Failed password for root from 106.13.196.51 port 45412 ssh2 Oct 13 07:03:10 host2 sshd[96589]: Invalid user sorin from 106.13.196.51 port 58764 Oct 13 07:03:10 host2 sshd[96589]: Invalid user sorin from 106.13.196.51 port 58764 ...	2020-10-13 13:28:56
106.13.199.185	attack	Lines containing failures of 106.13.199.185 Oct 13 01:27:52 kmh-vmh-003-fsn07 sshd[25840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.199.185 user=r.r Oct 13 01:27:53 kmh-vmh-003-fsn07 sshd[25840]: Failed password for r.r from 106.13.199.185 port 35652 ssh2 Oct 13 01:27:55 kmh-vmh-003-fsn07 sshd[25840]: Received disconnect from 106.13.199.185 port 35652:11: Bye Bye [preauth] Oct 13 01:27:55 kmh-vmh-003-fsn07 sshd[25840]: Disconnected from authenticating user r.r 106.13.199.185 port 35652 [preauth] Oct 13 01:45:36 kmh-vmh-003-fsn07 sshd[28116]: Invalid user evelyn from 106.13.199.185 port 39580 Oct 13 01:45:36 kmh-vmh-003-fsn07 sshd[28116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.199.185 Oct 13 01:45:38 kmh-vmh-003-fsn07 sshd[28116]: Failed password for invalid user evelyn from 106.13.199.185 port 39580 ssh2 Oct 13 01:45:40 kmh-vmh-003-fsn07 sshd[28116]: Received d........ ------------------------------	2020-10-13 12:53:50
106.13.167.3	attack	Oct 13 02:32:08 ip106 sshd[4461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.167.3 Oct 13 02:32:10 ip106 sshd[4461]: Failed password for invalid user kate from 106.13.167.3 port 41908 ssh2 ...	2020-10-13 08:39:45

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.1.203
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30741
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.1.203.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 16 07:56:08 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 203.1.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 203.1.13.106.in-addr.arpa: SERVFAIL

IP	类型	评论内容	时间
122.7.229.168	attackspam	Unauthorized connection attempt detected from IP address 122.7.229.168 to port 6656 [T]	2020-01-27 05:53:13
36.6.155.171	attackspam	Unauthorized connection attempt detected from IP address 36.6.155.171 to port 6656 [T]	2020-01-27 05:44:01
222.186.31.166	attack	Jan 26 22:45:08 dcd-gentoo sshd[30569]: User root from 222.186.31.166 not allowed because none of user's groups are listed in AllowGroups Jan 26 22:45:11 dcd-gentoo sshd[30569]: error: PAM: Authentication failure for illegal user root from 222.186.31.166 Jan 26 22:45:08 dcd-gentoo sshd[30569]: User root from 222.186.31.166 not allowed because none of user's groups are listed in AllowGroups Jan 26 22:45:11 dcd-gentoo sshd[30569]: error: PAM: Authentication failure for illegal user root from 222.186.31.166 Jan 26 22:45:08 dcd-gentoo sshd[30569]: User root from 222.186.31.166 not allowed because none of user's groups are listed in AllowGroups Jan 26 22:45:11 dcd-gentoo sshd[30569]: error: PAM: Authentication failure for illegal user root from 222.186.31.166 Jan 26 22:45:11 dcd-gentoo sshd[30569]: Failed keyboard-interactive/pam for invalid user root from 222.186.31.166 port 26021 ssh2 ...	2020-01-27 05:47:32
14.115.68.63	attack	Unauthorized connection attempt detected from IP address 14.115.68.63 to port 6656 [T]	2020-01-27 05:44:18
182.211.179.95	attack	Unauthorized connection attempt detected from IP address 182.211.179.95 to port 4567 [J]	2020-01-27 05:49:41
58.255.4.174	attack	Unauthorized connection attempt detected from IP address 58.255.4.174 to port 6656 [T]	2020-01-27 05:40:32
49.79.192.108	attackspambots	Unauthorized connection attempt detected from IP address 49.79.192.108 to port 6656 [T]	2020-01-27 06:03:10
36.33.21.99	attackspam	Unauthorized connection attempt detected from IP address 36.33.21.99 to port 6656 [T]	2020-01-27 05:43:28
121.230.191.27	attack	Unauthorized connection attempt detected from IP address 121.230.191.27 to port 6656 [T]	2020-01-27 05:53:38
189.176.3.213	attackspambots	Unauthorized connection attempt detected from IP address 189.176.3.213 to port 81 [J]	2020-01-27 05:49:22
59.173.12.166	attackbots	Unauthorized connection attempt detected from IP address 59.173.12.166 to port 1433 [T]	2020-01-27 06:02:40
39.66.15.228	attackspam	Unauthorized connection attempt detected from IP address 39.66.15.228 to port 6656 [T]	2020-01-27 05:42:37
183.51.118.88	attackbotsspam	Unauthorized connection attempt detected from IP address 183.51.118.88 to port 6656 [T]	2020-01-27 06:09:22
114.104.130.253	attackspam	Unauthorized connection attempt detected from IP address 114.104.130.253 to port 6656 [T]	2020-01-27 05:58:06
106.122.168.24	attackbotsspam	Unauthorized connection attempt detected from IP address 106.122.168.24 to port 6656 [T]	2020-01-27 06:01:07

最近上报的IP列表

180.120.198.106	192.168.1.104	61.191.30.220	36.65.62.14
114.106.134.223	188.25.103.101	43.228.180.62	218.86.28.38
171.127.162.123	187.137.156.81	119.183.225.165	17.43.216.183
113.176.7.225	156.220.240.234	157.47.249.34	21.13.32.126
193.148.14.200	63.85.162.49	186.226.36.57	136.4.37.3