106.13.104.8 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	firewall-block, port(s): 24565/tcp	2020-10-06 02:37:22
attack	Found on CINS badguys / proto=6 . srcport=54148 . dstport=11451 . (3502)	2020-10-05 18:25:25
attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 93 - port: 5069 proto: tcp cat: Misc Attackbytes: 60	2020-08-27 02:04:47
attackspam	Jun 20 22:35:42 dignus sshd[31848]: Failed password for invalid user helong from 106.13.104.8 port 57672 ssh2 Jun 20 22:39:35 dignus sshd[32144]: Invalid user raimundo from 106.13.104.8 port 50040 Jun 20 22:39:35 dignus sshd[32144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.104.8 Jun 20 22:39:37 dignus sshd[32144]: Failed password for invalid user raimundo from 106.13.104.8 port 50040 ssh2 Jun 20 22:43:29 dignus sshd[32450]: Invalid user help from 106.13.104.8 port 42402 ...	2020-06-21 13:46:28
attackspam	May 13 12:13:04 itv-usvr-02 sshd[4982]: Invalid user readnews from 106.13.104.8 port 35802 May 13 12:13:04 itv-usvr-02 sshd[4982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.104.8 May 13 12:13:04 itv-usvr-02 sshd[4982]: Invalid user readnews from 106.13.104.8 port 35802 May 13 12:13:06 itv-usvr-02 sshd[4982]: Failed password for invalid user readnews from 106.13.104.8 port 35802 ssh2 May 13 12:15:23 itv-usvr-02 sshd[5060]: Invalid user debian from 106.13.104.8 port 60236	2020-05-13 14:53:24
attackbotsspam	Invalid user sebastian from 106.13.104.8 port 51016	2020-04-27 07:05:33
attackbots	Apr 20 16:01:37 server sshd[19518]: Failed password for root from 106.13.104.8 port 59874 ssh2 Apr 20 16:07:11 server sshd[23360]: Failed password for root from 106.13.104.8 port 33458 ssh2 Apr 20 16:12:34 server sshd[27270]: Failed password for invalid user admin from 106.13.104.8 port 59472 ssh2	2020-04-21 03:33:10

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.104.92	attackspam	Feb 27 05:49:11 server sshd[1957796]: Failed password for invalid user deploy from 106.13.104.92 port 39558 ssh2 Feb 27 05:53:57 server sshd[1958756]: Failed password for invalid user ashish from 106.13.104.92 port 36904 ssh2 Feb 27 05:58:40 server sshd[1959634]: Failed password for invalid user odoo from 106.13.104.92 port 34232 ssh2	2020-02-27 13:47:37
106.13.104.92	attackbotsspam	Feb 23 22:49:15 sshd[8426]: Failed password for invalid user debian-spamd from 106.13.104.92 port 54358 ssh2	2020-02-24 05:50:43
106.13.104.92	attackspambots	2020-01-17 05:24:19 server sshd[12758]: Failed password for invalid user jack from 106.13.104.92 port 47900 ssh2	2020-01-18 01:12:52
106.13.104.92	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2020-01-16 04:52:24
106.13.104.92	attack	Jan 14 12:29:37 vzmaster sshd[27337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.104.92 user=r.r Jan 14 12:29:39 vzmaster sshd[27337]: Failed password for r.r from 106.13.104.92 port 43520 ssh2 Jan 14 12:46:09 vzmaster sshd[31085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.104.92 user=r.r Jan 14 12:46:11 vzmaster sshd[31085]: Failed password for r.r from 106.13.104.92 port 55852 ssh2 Jan 14 12:49:15 vzmaster sshd[4403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.104.92 user=r.r Jan 14 12:49:17 vzmaster sshd[4403]: Failed password for r.r from 106.13.104.92 port 51164 ssh2 Jan 14 12:53:04 vzmaster sshd[11160]: Invalid user ubuntu from 106.13.104.92 Jan 14 12:53:04 vzmaster sshd[11160]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.104.92 Jan 14 12:53:06 vzmaster ss........ -------------------------------	2020-01-14 21:33:58
106.13.104.103	attackspambots	Nov 11 21:02:12 server sshd\[3170\]: Invalid user rolimnet from 106.13.104.103 Nov 11 21:02:12 server sshd\[3170\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.104.103 Nov 11 21:02:14 server sshd\[3170\]: Failed password for invalid user rolimnet from 106.13.104.103 port 17928 ssh2 Nov 12 09:25:19 server sshd\[8102\]: Invalid user rolimnet from 106.13.104.103 Nov 12 09:25:19 server sshd\[8102\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.104.103 ...	2019-11-12 19:18:11
106.13.104.94	attackbots	Sep 4 00:42:42 markkoudstaal sshd[18728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.104.94 Sep 4 00:42:44 markkoudstaal sshd[18728]: Failed password for invalid user vboxuser from 106.13.104.94 port 36128 ssh2 Sep 4 00:46:21 markkoudstaal sshd[19120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.104.94	2019-09-04 11:22:33
106.13.104.94	attackspam	Aug 28 20:14:34 [munged] sshd[17268]: Invalid user vishvjit from 106.13.104.94 port 38867 Aug 28 20:14:34 [munged] sshd[17268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.104.94	2019-08-29 07:19:33
106.13.104.94	attackspambots	Brute force attempt	2019-07-13 01:19:06
106.13.104.94	attackspambots	Jun 28 07:01:50 ns341937 sshd[14140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.104.94 Jun 28 07:01:52 ns341937 sshd[14140]: Failed password for invalid user css from 106.13.104.94 port 48983 ssh2 Jun 28 07:16:28 ns341937 sshd[16953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.104.94 ...	2019-06-28 14:47:10

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.104.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18517
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.104.8.			IN	A

;; AUTHORITY SECTION:
.			556	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042001 1800 900 604800 86400

;; Query time: 34 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 21 03:33:07 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 8.104.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 8.104.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
54.38.36.210	attackbotsspam	Dec 7 08:30:18 MK-Soft-VM5 sshd[10132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.36.210 Dec 7 08:30:19 MK-Soft-VM5 sshd[10132]: Failed password for invalid user Sauli from 54.38.36.210 port 49500 ssh2 ...	2019-12-07 16:27:17
165.227.186.227	attackbots	2019-12-07T08:32:19.126488abusebot-5.cloudsearch.cf sshd\[4252\]: Invalid user backup from 165.227.186.227 port 58400	2019-12-07 16:51:31
142.93.33.62	attack	2019-12-07T08:33:09.552083abusebot-8.cloudsearch.cf sshd\[24153\]: Invalid user matusalem from 142.93.33.62 port 34856	2019-12-07 16:50:43
198.108.67.105	attack	" "	2019-12-07 16:37:07
159.65.234.23	attack	WordPress wp-login brute force :: 159.65.234.23 0.196 - [07/Dec/2019:06:42:25 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1805 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2019-12-07 16:47:27
80.151.236.165	attackbotsspam	Dec 7 09:18:57 localhost sshd\[4008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.151.236.165 user=root Dec 7 09:18:59 localhost sshd\[4008\]: Failed password for root from 80.151.236.165 port 39744 ssh2 Dec 7 09:26:11 localhost sshd\[4797\]: Invalid user nexus from 80.151.236.165 port 58163	2019-12-07 16:42:54
138.197.176.130	attackbotsspam	Dec 7 08:54:35 lnxmysql61 sshd[21488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.176.130 Dec 7 08:54:35 lnxmysql61 sshd[21488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.176.130	2019-12-07 16:29:57
118.24.153.230	attackspam	Dec 7 09:17:13 eventyay sshd[22118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.153.230 Dec 7 09:17:16 eventyay sshd[22118]: Failed password for invalid user financial from 118.24.153.230 port 41296 ssh2 Dec 7 09:24:46 eventyay sshd[22370]: Failed password for backup from 118.24.153.230 port 48618 ssh2 ...	2019-12-07 16:36:15
54.186.91.71	attackbotsspam	07.12.2019 07:29:03 - Bad Robot Ignore Robots.txt	2019-12-07 16:41:43
162.144.46.28	attack	[munged]::443 162.144.46.28 - - [07/Dec/2019:07:28:59 +0100] "POST /[munged]: HTTP/1.1" 200 7750 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-12-07 16:44:40
176.226.206.242	attackspam	UTC: 2019-12-06 port: 23/tcp	2019-12-07 16:39:24
114.220.75.30	attackspam	Dec 7 09:35:08 MK-Soft-Root2 sshd[1664]: Failed password for root from 114.220.75.30 port 51840 ssh2 ...	2019-12-07 17:01:09
103.205.68.2	attackspam	Dec 7 14:20:52 areeb-Workstation sshd[12428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.205.68.2 Dec 7 14:20:54 areeb-Workstation sshd[12428]: Failed password for invalid user host from 103.205.68.2 port 37386 ssh2 ...	2019-12-07 17:02:04
138.94.160.57	attack	Dec 6 22:18:55 wbs sshd\[25932\]: Invalid user anom from 138.94.160.57 Dec 6 22:18:55 wbs sshd\[25932\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=57-160-94-138.turbonetburitis.com.br Dec 6 22:18:57 wbs sshd\[25932\]: Failed password for invalid user anom from 138.94.160.57 port 50490 ssh2 Dec 6 22:26:47 wbs sshd\[26635\]: Invalid user leau from 138.94.160.57 Dec 6 22:26:47 wbs sshd\[26635\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=57-160-94-138.turbonetburitis.com.br	2019-12-07 16:41:17
67.87.115.126	attackspambots	port scan and connect, tcp 23 (telnet)	2019-12-07 16:26:09

最近上报的IP列表

103.97.3.112	103.45.179.28	210.56.69.117	96.231.107.91
87.228.206.227	84.58.203.118	67.23.31.238	61.2.216.249
191.253.55.85	60.164.251.217	54.118.20.247	152.42.98.209
238.254.112.250	73.156.97.11	28.42.216.248	51.5.245.225
50.234.173.102	45.248.71.20	41.222.232.146	37.142.3.77