106.13.11.195 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Lines containing failures of 106.13.11.195 Oct 21 04:41:37 nxxxxxxx sshd[21576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.11.195 user=r.r Oct 21 04:41:39 nxxxxxxx sshd[21576]: Failed password for r.r from 106.13.11.195 port 57988 ssh2 Oct 21 04:41:39 nxxxxxxx sshd[21576]: Received disconnect from 106.13.11.195 port 57988:11: Bye Bye [preauth] Oct 21 04:41:39 nxxxxxxx sshd[21576]: Disconnected from authenticating user r.r 106.13.11.195 port 57988 [preauth] Oct 21 04:49:47 nxxxxxxx sshd[22646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.11.195 user=r.r Oct 21 04:49:48 nxxxxxxx sshd[22646]: Failed password for r.r from 106.13.11.195 port 56696 ssh2 Oct 21 04:49:48 nxxxxxxx sshd[22646]: Received disconnect from 106.13.11.195 port 56696:11: Bye Bye [preauth] Oct 21 04:49:48 nxxxxxxx sshd[22646]: Disconnected from authenticating user r.r 106.13.11.195 port 56696 [preauth........ ------------------------------	2019-10-23 07:55:46
attack	2019-10-21T06:38:14.736945abusebot-3.cloudsearch.cf sshd\[21051\]: Invalid user cf from 106.13.11.195 port 36614	2019-10-21 17:46:02

类型

评论内容

时间

attackbots

Lines containing failures of 106.13.11.195
Oct 21 04:41:37 nxxxxxxx sshd[21576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.11.195  user=r.r
Oct 21 04:41:39 nxxxxxxx sshd[21576]: Failed password for r.r from 106.13.11.195 port 57988 ssh2
Oct 21 04:41:39 nxxxxxxx sshd[21576]: Received disconnect from 106.13.11.195 port 57988:11: Bye Bye [preauth]
Oct 21 04:41:39 nxxxxxxx sshd[21576]: Disconnected from authenticating user r.r 106.13.11.195 port 57988 [preauth]
Oct 21 04:49:47 nxxxxxxx sshd[22646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.11.195  user=r.r
Oct 21 04:49:48 nxxxxxxx sshd[22646]: Failed password for r.r from 106.13.11.195 port 56696 ssh2
Oct 21 04:49:48 nxxxxxxx sshd[22646]: Received disconnect from 106.13.11.195 port 56696:11: Bye Bye [preauth]
Oct 21 04:49:48 nxxxxxxx sshd[22646]: Disconnected from authenticating user r.r 106.13.11.195 port 56696 [preauth........
------------------------------

2019-10-23 07:55:46

attack

2019-10-21T06:38:14.736945abusebot-3.cloudsearch.cf sshd\[21051\]: Invalid user cf from 106.13.11.195 port 36614

2019-10-21 17:46:02

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.112.221	attackspambots	SSH Brute Force	2020-10-14 06:22:15
106.13.110.36	attackbotsspam	Oct 8 00:31:13 localhost sshd\[14781\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.110.36 user=root Oct 8 00:31:14 localhost sshd\[14781\]: Failed password for root from 106.13.110.36 port 43010 ssh2 Oct 8 00:35:02 localhost sshd\[14830\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.110.36 user=root Oct 8 00:35:04 localhost sshd\[14830\]: Failed password for root from 106.13.110.36 port 45266 ssh2 Oct 8 00:38:38 localhost sshd\[15064\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.110.36 user=root ...	2020-10-08 06:42:32
106.13.110.36	attackspambots	Oct 7 16:38:33 pornomens sshd\[22540\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.110.36 user=root Oct 7 16:38:35 pornomens sshd\[22540\]: Failed password for root from 106.13.110.36 port 55654 ssh2 Oct 7 16:46:35 pornomens sshd\[22624\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.110.36 user=root ...	2020-10-07 23:03:29
106.13.110.36	attack	(sshd) Failed SSH login from 106.13.110.36 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 7 00:38:21 optimus sshd[13008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.110.36 user=root Oct 7 00:38:23 optimus sshd[13008]: Failed password for root from 106.13.110.36 port 52966 ssh2 Oct 7 00:42:36 optimus sshd[14240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.110.36 user=root Oct 7 00:42:38 optimus sshd[14240]: Failed password for root from 106.13.110.36 port 55600 ssh2 Oct 7 00:46:55 optimus sshd[15803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.110.36 user=root	2020-10-07 15:09:06
106.13.110.36	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-25 00:09:08
106.13.110.36	attackbotsspam	Port scan denied	2020-09-24 15:51:03
106.13.110.36	attack	Port Scan/VNC login attempt ...	2020-09-24 07:17:40
106.13.112.221	attack	Time: Mon Sep 21 00:09:18 2020 +0000 IP: 106.13.112.221 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 21 00:02:02 3 sshd[22815]: Invalid user vncuser from 106.13.112.221 port 58838 Sep 21 00:02:03 3 sshd[22815]: Failed password for invalid user vncuser from 106.13.112.221 port 58838 ssh2 Sep 21 00:05:36 3 sshd[23659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.112.221 user=root Sep 21 00:05:38 3 sshd[23659]: Failed password for root from 106.13.112.221 port 34822 ssh2 Sep 21 00:09:15 3 sshd[24544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.112.221 user=root	2020-09-21 18:08:49
106.13.112.221	attack	Sep 14 20:52:28 web1 sshd[18049]: Invalid user cx from 106.13.112.221 port 58842 Sep 14 20:52:28 web1 sshd[18049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.112.221 Sep 14 20:52:28 web1 sshd[18049]: Invalid user cx from 106.13.112.221 port 58842 Sep 14 20:52:30 web1 sshd[18049]: Failed password for invalid user cx from 106.13.112.221 port 58842 ssh2 Sep 14 21:01:41 web1 sshd[21718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.112.221 user=root Sep 14 21:01:43 web1 sshd[21718]: Failed password for root from 106.13.112.221 port 34234 ssh2 Sep 14 21:05:11 web1 sshd[23129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.112.221 user=root Sep 14 21:05:13 web1 sshd[23129]: Failed password for root from 106.13.112.221 port 48436 ssh2 Sep 14 21:08:42 web1 sshd[24727]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ...	2020-09-15 01:49:48
106.13.112.221	attackspam	Sep 14 08:27:25 nuernberg-4g-01 sshd[29381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.112.221 Sep 14 08:27:27 nuernberg-4g-01 sshd[29381]: Failed password for invalid user tates from 106.13.112.221 port 51960 ssh2 Sep 14 08:28:42 nuernberg-4g-01 sshd[29770]: Failed password for root from 106.13.112.221 port 37826 ssh2	2020-09-14 17:34:42
106.13.110.74	attackbots	Invalid user allinone from 106.13.110.74 port 52948	2020-09-12 19:59:19
106.13.110.74	attackspam	2020-09-12T03:48:28.295726randservbullet-proofcloud-66.localdomain sshd[14000]: Invalid user ambari from 106.13.110.74 port 33328 2020-09-12T03:48:28.300536randservbullet-proofcloud-66.localdomain sshd[14000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.110.74 2020-09-12T03:48:28.295726randservbullet-proofcloud-66.localdomain sshd[14000]: Invalid user ambari from 106.13.110.74 port 33328 2020-09-12T03:48:30.020778randservbullet-proofcloud-66.localdomain sshd[14000]: Failed password for invalid user ambari from 106.13.110.74 port 33328 ssh2 ...	2020-09-12 12:01:52
106.13.110.74	attack	Sep 12 04:16:50 localhost sshd[3067914]: Connection closed by 106.13.110.74 port 50376 [preauth] ...	2020-09-12 03:50:18
106.13.112.221	attackspam	2020-09-07T15:04:07.008324vps-d63064a2 sshd[25927]: User root from 106.13.112.221 not allowed because not listed in AllowUsers 2020-09-07T15:04:08.972910vps-d63064a2 sshd[25927]: Failed password for invalid user root from 106.13.112.221 port 45974 ssh2 2020-09-07T15:07:19.090762vps-d63064a2 sshd[25960]: Invalid user peu01 from 106.13.112.221 port 49050 2020-09-07T15:07:19.101048vps-d63064a2 sshd[25960]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.112.221 2020-09-07T15:07:19.090762vps-d63064a2 sshd[25960]: Invalid user peu01 from 106.13.112.221 port 49050 2020-09-07T15:07:21.070626vps-d63064a2 sshd[25960]: Failed password for invalid user peu01 from 106.13.112.221 port 49050 ssh2 ...	2020-09-08 01:10:16
106.13.112.221	attackspambots	$f2bV_matches	2020-09-07 16:35:46

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.11.195
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51031
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.11.195.			IN	A

;; AUTHORITY SECTION:
.			372	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102100 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 21 17:45:59 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 195.11.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 195.11.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
119.45.54.166	attackbotsspam	Oct 1 22:00:32 ns382633 sshd\[22035\]: Invalid user power from 119.45.54.166 port 44922 Oct 1 22:00:32 ns382633 sshd\[22035\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.54.166 Oct 1 22:00:34 ns382633 sshd\[22035\]: Failed password for invalid user power from 119.45.54.166 port 44922 ssh2 Oct 1 22:13:42 ns382633 sshd\[23476\]: Invalid user admin from 119.45.54.166 port 34508 Oct 1 22:13:42 ns382633 sshd\[23476\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.54.166	2020-10-02 05:51:04
128.199.123.0	attackbotsspam	Oct 1 12:21:13 plex-server sshd[1590372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.123.0 Oct 1 12:21:13 plex-server sshd[1590372]: Invalid user max from 128.199.123.0 port 39184 Oct 1 12:21:15 plex-server sshd[1590372]: Failed password for invalid user max from 128.199.123.0 port 39184 ssh2 Oct 1 12:24:56 plex-server sshd[1591872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.123.0 user=root Oct 1 12:24:59 plex-server sshd[1591872]: Failed password for root from 128.199.123.0 port 38426 ssh2 ...	2020-10-02 05:37:35
178.128.63.36	attackspam	SSH Invalid Login	2020-10-02 05:58:46
106.12.182.38	attackbotsspam	Fail2Ban Ban Triggered	2020-10-02 06:01:52
102.165.30.53	attackspam	TCP (SYN) 102.165.30.53:51296 -> port 21242, len 44	2020-10-02 05:58:20
110.49.70.246	attack	Oct 1 23:25:15 ovpn sshd\[32011\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.246 user=root Oct 1 23:25:18 ovpn sshd\[32011\]: Failed password for root from 110.49.70.246 port 44864 ssh2 Oct 1 23:46:09 ovpn sshd\[4808\]: Invalid user bruno from 110.49.70.246 Oct 1 23:46:09 ovpn sshd\[4808\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.246 Oct 1 23:46:11 ovpn sshd\[4808\]: Failed password for invalid user bruno from 110.49.70.246 port 42972 ssh2	2020-10-02 05:51:31
150.136.254.88	attackbotsspam	(mod_security) mod_security (id:210492) triggered by 150.136.254.88 (US/United States/-): 5 in the last 3600 secs	2020-10-02 06:03:45
182.148.13.246	attackspam	SSH Invalid Login	2020-10-02 05:48:15
81.69.171.202	attackspambots	Oct 1 18:21:41 gw1 sshd[3293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.69.171.202 Oct 1 18:21:44 gw1 sshd[3293]: Failed password for invalid user hue from 81.69.171.202 port 42622 ssh2 ...	2020-10-02 05:56:25
42.48.194.164	attackbots	TCP (SYN) 42.48.194.164:40896 -> port 2222, len 44	2020-10-02 05:50:47
51.15.84.255	attackspam	2020-10-01T17:49:45.708266sorsha.thespaminator.com sshd[6912]: Invalid user db from 51.15.84.255 port 51094 2020-10-01T17:49:47.671224sorsha.thespaminator.com sshd[6912]: Failed password for invalid user db from 51.15.84.255 port 51094 ssh2 ...	2020-10-02 05:53:02
116.7.28.142	attackbots	TCP (SYN) 116.7.28.142:18184 -> port 445, len 44	2020-10-02 05:45:55
178.80.54.189	attackspam	178.80.54.189 - - [30/Sep/2020:22:01:12 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 178.80.54.189 - - [30/Sep/2020:22:01:13 +0100] "POST /wp-login.php HTTP/1.1" 200 7644 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 178.80.54.189 - - [30/Sep/2020:22:02:13 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" ...	2020-10-02 05:35:57
112.26.98.122	attackbots	Invalid user postgres from 112.26.98.122 port 54705	2020-10-02 05:43:01
23.105.196.142	attackspam	Invalid user user from 23.105.196.142 port 52594	2020-10-02 06:00:39

最近上报的IP列表

249.17.113.29	220.216.232.230	35.140.180.16	232.93.196.102
203.210.239.126	21.197.171.47	77.39.35.20	131.180.93.71
250.196.31.105	135.163.146.135	115.172.98.117	179.113.87.199
198.220.113.72	56.118.36.206	180.218.106.39	220.204.81.108
36.208.102.166	14.184.9.130	253.107.15.134	10.86.102.135