106.13.134.164

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Apr 6 00:47:38 vmd48417 sshd[14398]: Failed password for root from 106.13.134.164 port 50976 ssh2	2020-04-06 07:17:15
attackbots	Invalid user wenyan from 106.13.134.164 port 45748	2020-02-29 07:23:28
attack	Unauthorized connection attempt detected from IP address 106.13.134.164 to port 2220 [J]	2020-01-26 13:15:26
attack	Invalid user direction from 106.13.134.164	2020-01-21 08:37:15
attackbotsspam	Invalid user dennard from 106.13.134.164 port 55072	2020-01-04 04:39:18
attackbots	Dec 19 15:39:34 mail sshd\[25062\]: Invalid user shot from 106.13.134.164 Dec 19 15:39:34 mail sshd\[25062\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.164 Dec 19 15:39:36 mail sshd\[25062\]: Failed password for invalid user shot from 106.13.134.164 port 53990 ssh2 ...	2019-12-19 22:51:35
attackbots	[ssh] SSH attack	2019-12-13 19:55:00
attackbotsspam	Dec 9 10:24:21 jane sshd[1416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.164 Dec 9 10:24:22 jane sshd[1416]: Failed password for invalid user admin from 106.13.134.164 port 54356 ssh2 ...	2019-12-09 17:51:36
attack	2019-11-23T20:11:40.495440abusebot-5.cloudsearch.cf sshd\[10812\]: Invalid user grung from 106.13.134.164 port 45920	2019-11-24 04:14:49
attackspam	Nov 8 04:52:09 tdfoods sshd\[2170\]: Invalid user car123 from 106.13.134.164 Nov 8 04:52:09 tdfoods sshd\[2170\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.164 Nov 8 04:52:11 tdfoods sshd\[2170\]: Failed password for invalid user car123 from 106.13.134.164 port 58672 ssh2 Nov 8 04:57:26 tdfoods sshd\[2563\]: Invalid user mk@123 from 106.13.134.164 Nov 8 04:57:26 tdfoods sshd\[2563\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.164	2019-11-08 23:09:48

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.134.142	attackspam	(sshd) Failed SSH login from 106.13.134.142 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 8 10:48:46 optimus sshd[26065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.142 user=root Sep 8 10:48:48 optimus sshd[26065]: Failed password for root from 106.13.134.142 port 58966 ssh2 Sep 8 10:54:08 optimus sshd[28026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.142 user=root Sep 8 10:54:10 optimus sshd[28026]: Failed password for root from 106.13.134.142 port 57340 ssh2 Sep 8 10:59:37 optimus sshd[29889]: Did not receive identification string from 106.13.134.142	2020-09-09 00:13:09
106.13.134.142	attackspam	firewall-block, port(s): 7374/tcp	2020-09-08 15:44:46
106.13.134.142	attackspambots	k+ssh-bruteforce	2020-09-08 08:18:33
106.13.134.142	attackbotsspam	firewall-block, port(s): 29420/tcp	2020-09-03 03:43:07
106.13.134.142	attack	Invalid user zt from 106.13.134.142 port 38514	2020-09-02 19:21:55
106.13.134.142	attackbots	" "	2020-09-01 00:36:51
106.13.134.142	attackbots	Invalid user anon from 106.13.134.142 port 49572	2020-08-17 04:12:17
106.13.134.19	attackbots	May 19 20:50:46 vmd48417 sshd[18889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.19	2020-05-20 04:03:28
106.13.134.19	attackspambots	May 8 23:00:10 vps46666688 sshd[31277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.19 May 8 23:00:13 vps46666688 sshd[31277]: Failed password for invalid user anonymous from 106.13.134.19 port 41980 ssh2 ...	2020-05-10 01:38:55
106.13.134.19	attackspambots	May 1 13:38:17 ns392434 sshd[13174]: Invalid user pai from 106.13.134.19 port 34706 May 1 13:38:17 ns392434 sshd[13174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.19 May 1 13:38:17 ns392434 sshd[13174]: Invalid user pai from 106.13.134.19 port 34706 May 1 13:38:19 ns392434 sshd[13174]: Failed password for invalid user pai from 106.13.134.19 port 34706 ssh2 May 1 13:45:20 ns392434 sshd[13444]: Invalid user kalista from 106.13.134.19 port 45798 May 1 13:45:20 ns392434 sshd[13444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.19 May 1 13:45:20 ns392434 sshd[13444]: Invalid user kalista from 106.13.134.19 port 45798 May 1 13:45:22 ns392434 sshd[13444]: Failed password for invalid user kalista from 106.13.134.19 port 45798 ssh2 May 1 13:47:52 ns392434 sshd[13496]: Invalid user test_user from 106.13.134.19 port 43416	2020-05-02 00:47:01
106.13.134.19	attack	2020-04-21T12:55:14.597397homeassistant sshd[7451]: Invalid user admin from 106.13.134.19 port 57042 2020-04-21T12:55:14.609134homeassistant sshd[7451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.19 ...	2020-04-21 23:49:49
106.13.134.248	attack	Automatic report - SSH Brute-Force Attack	2020-04-12 21:16:58
106.13.134.19	attack	SSH Brute-Force reported by Fail2Ban	2020-04-11 05:38:52
106.13.134.19	attackbots	Apr 9 23:21:42 php1 sshd\[20825\]: Invalid user deploy from 106.13.134.19 Apr 9 23:21:42 php1 sshd\[20825\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.19 Apr 9 23:21:44 php1 sshd\[20825\]: Failed password for invalid user deploy from 106.13.134.19 port 45516 ssh2 Apr 9 23:25:43 php1 sshd\[21241\]: Invalid user deploy from 106.13.134.19 Apr 9 23:25:43 php1 sshd\[21241\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.19	2020-04-10 19:34:21
106.13.134.161	attack	Mar 25 18:35:51 itv-usvr-01 sshd[14660]: Invalid user marissa from 106.13.134.161 Mar 25 18:35:51 itv-usvr-01 sshd[14660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.134.161 Mar 25 18:35:51 itv-usvr-01 sshd[14660]: Invalid user marissa from 106.13.134.161 Mar 25 18:35:52 itv-usvr-01 sshd[14660]: Failed password for invalid user marissa from 106.13.134.161 port 43756 ssh2	2020-03-28 01:29:13

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.134.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50058
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.134.164.			IN	A

;; AUTHORITY SECTION:
.			421	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110401 1800 900 604800 86400

;; Query time: 201 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 05 11:29:29 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 164.134.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 164.134.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
94.231.103.68	attackspam	xmlrpc attack	2020-03-19 02:16:04
45.133.99.2	attack	2020-03-18 19:45:02 dovecot_login authenticator failed for $\[45.133.99.2\]$ \[45.133.99.2\]: 535 Incorrect authentication data $set_id=info@orogest.it$ 2020-03-18 19:45:09 dovecot_login authenticator failed for $\[45.133.99.2\]$ \[45.133.99.2\]: 535 Incorrect authentication data 2020-03-18 19:45:18 dovecot_login authenticator failed for $\[45.133.99.2\]$ \[45.133.99.2\]: 535 Incorrect authentication data 2020-03-18 19:45:23 dovecot_login authenticator failed for $\[45.133.99.2\]$ \[45.133.99.2\]: 535 Incorrect authentication data 2020-03-18 19:45:36 dovecot_login authenticator failed for $\[45.133.99.2\]$ \[45.133.99.2\]: 535 Incorrect authentication data	2020-03-19 02:51:57
106.12.48.217	attackbotsspam	Mar 18 08:25:32 server1 sshd\[11518\]: Invalid user influxdb from 106.12.48.217 Mar 18 08:25:32 server1 sshd\[11518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 Mar 18 08:25:34 server1 sshd\[11518\]: Failed password for invalid user influxdb from 106.12.48.217 port 47616 ssh2 Mar 18 08:29:27 server1 sshd\[12495\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 user=root Mar 18 08:29:29 server1 sshd\[12495\]: Failed password for root from 106.12.48.217 port 60872 ssh2 ...	2020-03-19 02:34:09
1.52.203.142	attack	Is trying to log in mailbox	2020-03-19 02:17:55
122.117.17.48	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-19 02:49:00
190.0.30.90	attackspambots	Mar 18 16:27:36 www1 sshd\[33383\]: Invalid user chendaocheng from 190.0.30.90Mar 18 16:27:38 www1 sshd\[33383\]: Failed password for invalid user chendaocheng from 190.0.30.90 port 51012 ssh2Mar 18 16:31:01 www1 sshd\[33784\]: Invalid user tomcat from 190.0.30.90Mar 18 16:31:03 www1 sshd\[33784\]: Failed password for invalid user tomcat from 190.0.30.90 port 50876 ssh2Mar 18 16:34:29 www1 sshd\[34009\]: Invalid user musicbot from 190.0.30.90Mar 18 16:34:32 www1 sshd\[34009\]: Failed password for invalid user musicbot from 190.0.30.90 port 50738 ssh2 ...	2020-03-19 02:15:38
190.208.32.110	attack	Mar 18 17:59:56 xeon sshd[57878]: Failed password for invalid user chris from 190.208.32.110 port 51922 ssh2	2020-03-19 02:47:57
58.87.67.142	attackspam	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-03-19 02:41:43
193.37.255.114	attack	" "	2020-03-19 02:36:39
218.21.217.122	attack	firewall-block, port(s): 1433/tcp	2020-03-19 02:46:28
107.175.189.180	attackspambots	SIP/5060 Probe, BF, Hack -	2020-03-19 02:19:30
5.39.29.252	attackspambots	SSH Authentication Attempts Exceeded	2020-03-19 02:36:12
156.203.181.0	attackspam	20/3/18@09:07:51: FAIL: Alarm-Telnet address from=156.203.181.0 ...	2020-03-19 02:56:51
116.206.15.49	attack	Honeypot attack, port: 445, PTR: subs31-116-206-15-49.three.co.id.	2020-03-19 02:57:25
188.166.23.215	attack	Mar 18 19:14:22 vpn01 sshd[16449]: Failed password for root from 188.166.23.215 port 52234 ssh2 ...	2020-03-19 02:55:29

最近上报的IP列表

141.136.76.217	104.13.221.147	148.163.72.166	110.34.22.102
148.163.123.125	109.120.32.71	31.171.247.15	68.113.158.89
23.23.175.195	102.182.104.168	149.28.237.175	138.197.156.48
185.114.183.95	175.161.93.163	125.167.58.248	105.4.4.152
109.107.235.224	178.128.170.140	91.121.76.97	78.140.200.50