106.13.135.165

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Sep 14 01:20:03 dev0-dcde-rnet sshd[9211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.135.165 Sep 14 01:20:05 dev0-dcde-rnet sshd[9211]: Failed password for invalid user 123 from 106.13.135.165 port 57082 ssh2 Sep 14 01:22:16 dev0-dcde-rnet sshd[9218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.135.165	2019-09-14 07:57:22
attackspambots	ssh intrusion attempt	2019-09-06 10:46:44
attackspambots	Aug 25 23:50:43 MK-Soft-Root2 sshd\[1463\]: Invalid user name from 106.13.135.165 port 46986 Aug 25 23:50:43 MK-Soft-Root2 sshd\[1463\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.135.165 Aug 25 23:50:45 MK-Soft-Root2 sshd\[1463\]: Failed password for invalid user name from 106.13.135.165 port 46986 ssh2 ...	2019-08-26 07:49:43
attackspambots	SSH Bruteforce attempt	2019-08-14 07:12:25
attackspambots	Aug 1 09:25:29 xb3 sshd[14595]: Failed password for invalid user report from 106.13.135.165 port 54418 ssh2 Aug 1 09:25:29 xb3 sshd[14595]: Received disconnect from 106.13.135.165: 11: Bye Bye [preauth] Aug 1 09:44:31 xb3 sshd[26206]: Failed password for invalid user cathyreis from 106.13.135.165 port 53704 ssh2 Aug 1 09:44:31 xb3 sshd[26206]: Received disconnect from 106.13.135.165: 11: Bye Bye [preauth] Aug 1 09:47:51 xb3 sshd[20282]: Failed password for invalid user ts from 106.13.135.165 port 52136 ssh2 Aug 1 09:47:51 xb3 sshd[20282]: Received disconnect from 106.13.135.165: 11: Bye Bye [preauth] Aug 1 09:51:04 xb3 sshd[16823]: Failed password for invalid user postgres from 106.13.135.165 port 50462 ssh2 Aug 1 09:51:04 xb3 sshd[16823]: Received disconnect from 106.13.135.165: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.13.135.165	2019-08-01 20:27:09

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.135.76	attackbots	2020-04-17 UTC: (16x) - css,docker,ds,ef,ey,git(2x),hd,m,rj,root(2x),test,test1,ubuntu,wf	2020-04-18 18:36:24
106.13.135.76	attackspambots	SSH login attempts.	2020-04-16 13:27:04
106.13.135.76	attackspam	Invalid user ubuntu from 106.13.135.76 port 54612	2020-04-12 04:08:45
106.13.135.107	attackbotsspam	Mar 30 19:38:04 lock-38 sshd[349647]: Invalid user rt from 106.13.135.107 port 47798 Mar 30 19:38:04 lock-38 sshd[349647]: Failed password for invalid user rt from 106.13.135.107 port 47798 ssh2 Mar 30 19:40:05 lock-38 sshd[349765]: Invalid user f from 106.13.135.107 port 39550 Mar 30 19:40:05 lock-38 sshd[349765]: Invalid user f from 106.13.135.107 port 39550 Mar 30 19:40:05 lock-38 sshd[349765]: Failed password for invalid user f from 106.13.135.107 port 39550 ssh2 ...	2020-03-31 01:55:09
106.13.135.107	attackbots	Mar 29 20:13:01 ns381471 sshd[17371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.135.107 Mar 29 20:13:03 ns381471 sshd[17371]: Failed password for invalid user dto from 106.13.135.107 port 45796 ssh2	2020-03-30 02:18:01
106.13.135.107	attackbots	Mar 27 14:52:37 ks10 sshd[975472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.135.107 Mar 27 14:52:39 ks10 sshd[975472]: Failed password for invalid user rakesh from 106.13.135.107 port 33398 ssh2 ...	2020-03-28 01:27:24
106.13.135.107	attackspam	$f2bV_matches	2020-03-26 20:47:35
106.13.135.107	attack	$f2bV_matches	2020-03-24 14:18:39
106.13.135.107	attackbots	SASL PLAIN auth failed: ruser=...	2020-03-21 08:44:27
106.13.135.107	attack	Mar 12 14:23:26 lock-38 sshd[29427]: Invalid user linux from 106.13.135.107 port 54306 Mar 12 14:23:26 lock-38 sshd[29427]: Failed password for invalid user linux from 106.13.135.107 port 54306 ssh2 Mar 12 14:25:05 lock-38 sshd[29430]: Invalid user shuangbo from 106.13.135.107 port 45318 Mar 12 14:25:05 lock-38 sshd[29430]: Invalid user shuangbo from 106.13.135.107 port 45318 Mar 12 14:25:05 lock-38 sshd[29430]: Failed password for invalid user shuangbo from 106.13.135.107 port 45318 ssh2 ...	2020-03-12 21:32:02
106.13.135.107	attackbots	SSH auth scanning - multiple failed logins	2020-03-07 17:10:26
106.13.135.107	attack	Mar 4 00:31:28 lnxded64 sshd[9015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.135.107	2020-03-04 07:57:33
106.13.135.156	attack	W 5701,/var/log/auth.log,-,-	2020-02-27 20:28:48
106.13.135.98	attack	Feb 20 05:29:12 game-panel sshd[32203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.135.98 Feb 20 05:29:14 game-panel sshd[32203]: Failed password for invalid user john from 106.13.135.98 port 58260 ssh2 Feb 20 05:32:47 game-panel sshd[32302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.135.98	2020-02-20 13:47:57
106.13.135.156	attackbotsspam	Feb 11 21:05:18 sachi sshd\[3960\]: Invalid user karen1 from 106.13.135.156 Feb 11 21:05:18 sachi sshd\[3960\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.135.156 Feb 11 21:05:20 sachi sshd\[3960\]: Failed password for invalid user karen1 from 106.13.135.156 port 43334 ssh2 Feb 11 21:09:42 sachi sshd\[4538\]: Invalid user wpyan from 106.13.135.156 Feb 11 21:09:42 sachi sshd\[4538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.135.156	2020-02-12 16:28:42

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.135.165
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32049
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.135.165.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080100 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 01 20:27:01 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 165.135.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 165.135.13.106.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
181.123.9.3	attack	2019-10-23T20:15:06.557882abusebot-6.cloudsearch.cf sshd\[12267\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.123.9.3 user=root	2019-10-24 06:14:41
5.189.16.37	attackspambots	Oct 23 23:18:03 mc1 kernel: \[3151828.941088\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=5.189.16.37 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=34474 PROTO=TCP SPT=54940 DPT=1952 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 23 23:20:05 mc1 kernel: \[3151951.176216\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=5.189.16.37 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=53135 PROTO=TCP SPT=54940 DPT=75 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 23 23:24:39 mc1 kernel: \[3152224.973576\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=5.189.16.37 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=25004 PROTO=TCP SPT=54940 DPT=761 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-24 05:47:34
182.72.139.6	attackspambots	reported_by_cryptodad	2019-10-24 05:42:33
176.9.136.175	attackbots	Automatic report - Banned IP Access	2019-10-24 06:11:44
81.22.45.51	attackbots	10/23/2019-17:05:50.394256 81.22.45.51 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-24 05:53:00
51.79.143.36	attackbotsspam	WordPress brute force	2019-10-24 06:06:35
119.57.103.38	attack	Oct 23 21:30:25 venus sshd\[9178\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.57.103.38 user=root Oct 23 21:30:26 venus sshd\[9178\]: Failed password for root from 119.57.103.38 port 35929 ssh2 Oct 23 21:34:36 venus sshd\[9230\]: Invalid user team from 119.57.103.38 port 54643 Oct 23 21:34:36 venus sshd\[9230\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.57.103.38 ...	2019-10-24 05:45:38
176.53.84.27	attackspam	techno.ws 176.53.84.27 \[23/Oct/2019:23:11:07 +0200\] "POST /wp-login.php HTTP/1.1" 200 5604 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" techno.ws 176.53.84.27 \[23/Oct/2019:23:11:07 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4070 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-10-24 06:13:08
190.60.95.3	attackbots	Unauthorised access (Oct 23) SRC=190.60.95.3 LEN=52 TTL=115 ID=17981 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-24 06:00:46
140.143.19.50	attackbotsspam	ECShop Remote Code Execution Vulnerability	2019-10-24 05:59:19
65.49.212.67	attack	Oct 23 23:30:55 amit sshd\[28905\]: Invalid user ldapuser from 65.49.212.67 Oct 23 23:30:55 amit sshd\[28905\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.49.212.67 Oct 23 23:30:57 amit sshd\[28905\]: Failed password for invalid user ldapuser from 65.49.212.67 port 49178 ssh2 ...	2019-10-24 05:46:37
51.77.137.211	attackbotsspam	2019-10-23T21:18:01.151150abusebot-5.cloudsearch.cf sshd\[9883\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.ip-51-77-137.eu user=root	2019-10-24 05:41:13
52.86.107.147	attackspam	WordPress brute force	2019-10-24 06:04:57
81.22.45.190	attackbotsspam	Oct 23 23:17:13 h2177944 kernel: \[4741281.198665\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.190 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=55460 PROTO=TCP SPT=56981 DPT=26561 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 23 23:17:18 h2177944 kernel: \[4741286.058180\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.190 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=22144 PROTO=TCP SPT=56981 DPT=27141 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 23 23:19:02 h2177944 kernel: \[4741389.895925\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.190 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=43160 PROTO=TCP SPT=56981 DPT=27410 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 23 23:21:55 h2177944 kernel: \[4741563.380216\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.190 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=33525 PROTO=TCP SPT=56981 DPT=27199 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 23 23:23:58 h2177944 kernel: \[4741685.860807\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.190 DST=85.214.117.9	2019-10-24 05:40:50
181.49.219.114	attack	Oct 23 23:16:26 vpn01 sshd[5958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.49.219.114 Oct 23 23:16:29 vpn01 sshd[5958]: Failed password for invalid user db2server from 181.49.219.114 port 60851 ssh2 ...	2019-10-24 05:47:08

最近上报的IP列表

172.12.14.44	69.158.249.186	83.171.253.169	5.189.206.224
193.93.195.74	167.114.226.137	189.130.243.87	91.187.99.172
120.92.133.21	139.59.181.142	69.14.36.75	218.195.119.227
106.12.119.148	186.251.211.6	109.193.156.211	123.139.90.166
143.208.249.94	194.177.207.16	36.68.236.248	14.143.245.10