106.13.121.8 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jan 8 08:33:24 MK-Soft-VM8 sshd[7410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.8 Jan 8 08:33:26 MK-Soft-VM8 sshd[7410]: Failed password for invalid user gr from 106.13.121.8 port 58726 ssh2 ...	2020-01-08 15:34:59
attack	Invalid user test from 106.13.121.8 port 53072	2019-12-29 07:48:20
attack	Dec 14 23:45:28 meumeu sshd[12450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.8 Dec 14 23:45:30 meumeu sshd[12450]: Failed password for invalid user webadmin from 106.13.121.8 port 50246 ssh2 Dec 14 23:52:12 meumeu sshd[13791]: Failed password for root from 106.13.121.8 port 53494 ssh2 ...	2019-12-15 07:04:22

类型

评论内容

时间

attack

Jan  8 08:33:24 MK-Soft-VM8 sshd[7410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.8 
Jan  8 08:33:26 MK-Soft-VM8 sshd[7410]: Failed password for invalid user gr from 106.13.121.8 port 58726 ssh2
...

2020-01-08 15:34:59

attack

Invalid user test from 106.13.121.8 port 53072

2019-12-29 07:48:20

attack

Dec 14 23:45:28 meumeu sshd[12450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.8 
Dec 14 23:45:30 meumeu sshd[12450]: Failed password for invalid user webadmin from 106.13.121.8 port 50246 ssh2
Dec 14 23:52:12 meumeu sshd[13791]: Failed password for root from 106.13.121.8 port 53494 ssh2
...

2019-12-15 07:04:22

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.121.62	attackspam	odoo8 ...	2020-04-23 00:53:34
106.13.121.175	attackspam	SSH login attempts.	2020-03-11 20:16:20
106.13.121.175	attackspambots	Mar 4 08:36:00 MK-Soft-VM6 sshd[15715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.175 Mar 4 08:36:02 MK-Soft-VM6 sshd[15715]: Failed password for invalid user shiyic from 106.13.121.175 port 53458 ssh2 ...	2020-03-04 15:43:16
106.13.121.175	attack	Automatic report - Banned IP Access	2020-02-20 06:22:10
106.13.121.175	attackspam	Feb 11 07:57:46 pornomens sshd\[25862\]: Invalid user epe from 106.13.121.175 port 42065 Feb 11 07:57:46 pornomens sshd\[25862\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.175 Feb 11 07:57:48 pornomens sshd\[25862\]: Failed password for invalid user epe from 106.13.121.175 port 42065 ssh2 ...	2020-02-11 15:02:12
106.13.121.175	attack	$f2bV_matches	2020-02-09 10:39:51
106.13.121.175	attack	Jan 31 23:02:03 srv-ubuntu-dev3 sshd[85929]: Invalid user deployer from 106.13.121.175 Jan 31 23:02:03 srv-ubuntu-dev3 sshd[85929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.175 Jan 31 23:02:03 srv-ubuntu-dev3 sshd[85929]: Invalid user deployer from 106.13.121.175 Jan 31 23:02:06 srv-ubuntu-dev3 sshd[85929]: Failed password for invalid user deployer from 106.13.121.175 port 35586 ssh2 Jan 31 23:04:54 srv-ubuntu-dev3 sshd[86190]: Invalid user uftp from 106.13.121.175 Jan 31 23:04:54 srv-ubuntu-dev3 sshd[86190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.175 Jan 31 23:04:54 srv-ubuntu-dev3 sshd[86190]: Invalid user uftp from 106.13.121.175 Jan 31 23:04:57 srv-ubuntu-dev3 sshd[86190]: Failed password for invalid user uftp from 106.13.121.175 port 49125 ssh2 Jan 31 23:07:52 srv-ubuntu-dev3 sshd[86448]: Invalid user admin from 106.13.121.175 ...	2020-02-01 07:44:16
106.13.121.175	attackspambots	Unauthorized connection attempt detected from IP address 106.13.121.175 to port 2220 [J]	2020-01-23 21:01:29
106.13.121.175	attack	Invalid user asterisk from 106.13.121.175 port 48503	2020-01-03 19:16:34
106.13.121.175	attackspam	SSH login attempts.	2020-01-01 01:44:21
106.13.121.175	attack	Dec 1 01:27:02 hosting sshd[20392]: Invalid user sunyna from 106.13.121.175 port 41204 Dec 1 01:27:02 hosting sshd[20392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.175 Dec 1 01:27:02 hosting sshd[20392]: Invalid user sunyna from 106.13.121.175 port 41204 Dec 1 01:27:04 hosting sshd[20392]: Failed password for invalid user sunyna from 106.13.121.175 port 41204 ssh2 Dec 1 01:41:23 hosting sshd[21373]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.175 user=root Dec 1 01:41:24 hosting sshd[21373]: Failed password for root from 106.13.121.175 port 57555 ssh2 ...	2019-12-01 07:15:16
106.13.121.175	attack	SSH bruteforce	2019-11-30 02:00:32
106.13.121.175	attackspambots	Invalid user murai1 from 106.13.121.175 port 44494 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.175 Failed password for invalid user murai1 from 106.13.121.175 port 44494 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.175 user=root Failed password for root from 106.13.121.175 port 60389 ssh2	2019-11-26 14:58:06
106.13.121.175	attackspam	Nov 17 17:47:25 pornomens sshd\[21352\]: Invalid user aliyeh from 106.13.121.175 port 49720 Nov 17 17:47:25 pornomens sshd\[21352\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.175 Nov 17 17:47:27 pornomens sshd\[21352\]: Failed password for invalid user aliyeh from 106.13.121.175 port 49720 ssh2 ...	2019-11-18 01:22:23
106.13.121.175	attack	Invalid user deutchland from 106.13.121.175 port 49644	2019-11-16 05:33:35

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.121.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32433
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.121.8.			IN	A

;; AUTHORITY SECTION:
.			572	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121401 1800 900 604800 86400

;; Query time: 97 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 15 07:04:19 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 8.121.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 8.121.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
164.132.172.221	attack	Port scan on 1 port(s): 445	2019-06-24 16:15:41
47.74.219.129	attack	Jun 24 00:17:37 shadeyouvpn sshd[28744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.74.219.129 user=r.r Jun 24 00:17:39 shadeyouvpn sshd[28744]: Failed password for r.r from 47.74.219.129 port 57422 ssh2 Jun 24 00:17:40 shadeyouvpn sshd[28744]: Received disconnect from 47.74.219.129: 11: Bye Bye [preauth] Jun 24 00:26:40 shadeyouvpn sshd[1518]: Connection closed by 47.74.219.129 [preauth] Jun 24 00:27:33 shadeyouvpn sshd[1894]: Did not receive identification string from 47.74.219.129 Jun 24 00:28:27 shadeyouvpn sshd[2311]: Connection closed by 47.74.219.129 [preauth] Jun 24 00:29:23 shadeyouvpn sshd[2994]: Connection closed by 47.74.219.129 [preauth] Jun 24 00:30:10 shadeyouvpn sshd[3338]: Connection closed by 47.74.219.129 [preauth] Jun 24 00:31:01 shadeyouvpn sshd[3750]: Connection closed by 47.74.219.129 [preauth] Jun 24 00:31:51 shadeyouvpn sshd[4278]: Connection closed by 47.74.219.129 [preauth] Jun 24 00:32:42 shade........ -------------------------------	2019-06-24 16:17:26
183.163.235.23	attack	Jun 24 06:42:53 mxgate1 postfix/postscreen[18846]: CONNECT from [183.163.235.23]:50736 to [176.31.12.44]:25 Jun 24 06:42:53 mxgate1 postfix/dnsblog[18968]: addr 183.163.235.23 listed by domain zen.spamhaus.org as 127.0.0.11 Jun 24 06:42:59 mxgate1 postfix/postscreen[18846]: DNSBL rank 2 for [183.163.235.23]:50736 Jun x@x Jun 24 06:43:00 mxgate1 postfix/postscreen[18846]: HANGUP after 1.3 from [183.163.235.23]:50736 in tests after SMTP handshake Jun 24 06:43:00 mxgate1 postfix/postscreen[18846]: DISCONNECT [183.163.235.23]:50736 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=183.163.235.23	2019-06-24 16:16:22
91.163.112.140	attack	2019-06-24T15:16:24.129898dc.hostname-sakh.net sshd[3078]: Invalid user fs5 from 91.163.112.140 port 9376 2019-06-24T15:16:24.134731dc.hostname-sakh.net sshd[3078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.163.112.140 2019-06-24T15:16:26.296820dc.hostname-sakh.net sshd[3078]: Failed password for invalid user fs5 from 91.163.112.140 port 9376 ssh2 2019-06-24T15:25:29.521330dc.hostname-sakh.net sshd[3221]: Invalid user cdr from 91.163.112.140 port 9434 2019-06-24T15:25:29.526125dc.hostname-sakh.net sshd[3221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.163.112.140 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=91.163.112.140	2019-06-24 16:26:39
179.40.31.151	attack	3389BruteforceIDS	2019-06-24 16:34:53
109.169.240.163	attackbots	Jun 24 06:52:13 ubuntu-2gb-nbg1-dc3-1 sshd[23103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.169.240.163 Jun 24 06:52:15 ubuntu-2gb-nbg1-dc3-1 sshd[23103]: Failed password for invalid user admin from 109.169.240.163 port 51482 ssh2 ...	2019-06-24 16:13:08
185.211.245.198	attackspam	Brute-Force attack detected (95) and blocked by Fail2Ban.	2019-06-24 15:56:11
66.240.205.34	attack	24.06.2019 07:17:26 Connection to port 54984 blocked by firewall	2019-06-24 16:42:53
137.135.102.98	attackbots	Jun 24 04:48:29 ip-172-30-0-179 sshd\[27773\]: Invalid user support from 137.135.102.98\ Jun 24 04:48:36 ip-172-30-0-179 sshd\[27775\]: Invalid user ubnt from 137.135.102.98\ Jun 24 04:48:39 ip-172-30-0-179 sshd\[27777\]: Invalid user cisco from 137.135.102.98\ Jun 24 04:48:43 ip-172-30-0-179 sshd\[27779\]: Invalid user pi from 137.135.102.98\ Jun 24 04:51:53 ip-172-30-0-179 sshd\[27891\]: Invalid user admin from 137.135.102.98\ Jun 24 04:51:57 ip-172-30-0-179 sshd\[27893\]: Invalid user admin from 137.135.102.98\	2019-06-24 16:18:25
14.116.222.170	attackspam	Jun 24 06:39:11 xb3 sshd[10470]: Failed password for invalid user minigames from 14.116.222.170 port 58919 ssh2 Jun 24 06:39:11 xb3 sshd[10470]: Received disconnect from 14.116.222.170: 11: Bye Bye [preauth] Jun 24 06:41:18 xb3 sshd[3095]: Failed password for invalid user ares from 14.116.222.170 port 39776 ssh2 Jun 24 06:41:18 xb3 sshd[3095]: Received disconnect from 14.116.222.170: 11: Bye Bye [preauth] Jun 24 06:42:47 xb3 sshd[6674]: Failed password for invalid user remoto from 14.116.222.170 port 46344 ssh2 Jun 24 06:42:47 xb3 sshd[6674]: Received disconnect from 14.116.222.170: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.116.222.170	2019-06-24 16:20:21
159.65.126.173	attackspam	Automatic report - Web App Attack	2019-06-24 16:28:38
190.14.203.106	attackbotsspam	190.14.203.106 - - \[24/Jun/2019:06:50:26 +0200\] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 190.14.203.106 - - \[24/Jun/2019:06:50:27 +0200\] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 190.14.203.106 - - \[24/Jun/2019:06:50:30 +0200\] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 190.14.203.106 - - \[24/Jun/2019:06:50:31 +0200\] "POST /wp-login.php HTTP/1.1" 200 1710 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 190.14.203.106 - - \[24/Jun/2019:06:50:32 +0200\] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 190.14.203.106 - - \[24/Jun/2019:06:50:32 +0200\] "POST /wp-login.php HTTP/1.1" 200 1710 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:6	2019-06-24 16:42:19
122.154.120.230	attack	Unauthorised access (Jun 24) SRC=122.154.120.230 LEN=52 TTL=114 ID=14475 DF TCP DPT=445 WINDOW=8192 SYN	2019-06-24 16:31:02
131.196.4.98	attack	Jun 24 07:33:19 our-server-hostname postfix/smtpd[21718]: connect from unknown[131.196.4.98] Jun x@x Jun 24 07:33:22 our-server-hostname postfix/smtpd[21718]: lost connection after RCPT from unknown[131.196.4.98] Jun 24 07:33:22 our-server-hostname postfix/smtpd[21718]: disconnect from unknown[131.196.4.98] Jun 24 07:34:32 our-server-hostname postfix/smtpd[26250]: connect from unknown[131.196.4.98] Jun x@x Jun x@x Jun x@x Jun 24 07:34:37 our-server-hostname postfix/smtpd[26250]: lost connection after RCPT from unknown[131.196.4.98] Jun 24 07:34:37 our-server-hostname postfix/smtpd[26250]: disconnect from unknown[131.196.4.98] Jun 24 07:35:02 our-server-hostname postfix/smtpd[26266]: connect from unknown[131.196.4.98] Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun x@x Jun 24 07:35:10 our-server-hostname postfix/smtpd[26266]: lost connection after RCPT from unknown[131.196.4.98] Jun 24 07:35:10 our-server-hostname postfix/smtpd[26266]:........ -------------------------------	2019-06-24 16:27:07
51.255.65.46	attackspam	Automatic report - Web App Attack	2019-06-24 16:13:35

最近上报的IP列表

120.212.150.222	179.181.109.10	51.75.17.122	121.63.116.5
16.58.14.75	134.175.37.91	114.40.154.218	78.164.147.50
124.156.55.225	181.101.84.134	123.110.185.94	47.19.54.70
94.191.113.146	85.66.230.83	180.176.161.246	172.31.87.215
94.132.124.240	212.142.224.166	205.160.13.142	213.102.91.54

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表