106.13.161.29 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Feb 4 03:14:16 web1 sshd\[25753\]: Invalid user xelloss from 106.13.161.29 Feb 4 03:14:16 web1 sshd\[25753\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.161.29 Feb 4 03:14:18 web1 sshd\[25753\]: Failed password for invalid user xelloss from 106.13.161.29 port 51342 ssh2 Feb 4 03:17:10 web1 sshd\[26061\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.161.29 user=root Feb 4 03:17:12 web1 sshd\[26061\]: Failed password for root from 106.13.161.29 port 42986 ssh2	2020-02-04 21:24:40
attack	Jan 14 22:11:03 vps58358 sshd\[30714\]: Invalid user testuser from 106.13.161.29Jan 14 22:11:05 vps58358 sshd\[30714\]: Failed password for invalid user testuser from 106.13.161.29 port 52208 ssh2Jan 14 22:14:28 vps58358 sshd\[30746\]: Invalid user hms from 106.13.161.29Jan 14 22:14:30 vps58358 sshd\[30746\]: Failed password for invalid user hms from 106.13.161.29 port 49406 ssh2Jan 14 22:17:51 vps58358 sshd\[30774\]: Invalid user gan from 106.13.161.29Jan 14 22:17:53 vps58358 sshd\[30774\]: Failed password for invalid user gan from 106.13.161.29 port 46614 ssh2 ...	2020-01-15 05:21:34

类型

评论内容

时间

attackspam

Feb  4 03:14:16 web1 sshd\[25753\]: Invalid user xelloss from 106.13.161.29
Feb  4 03:14:16 web1 sshd\[25753\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.161.29
Feb  4 03:14:18 web1 sshd\[25753\]: Failed password for invalid user xelloss from 106.13.161.29 port 51342 ssh2
Feb  4 03:17:10 web1 sshd\[26061\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.161.29  user=root
Feb  4 03:17:12 web1 sshd\[26061\]: Failed password for root from 106.13.161.29 port 42986 ssh2

2020-02-04 21:24:40

attack

Jan 14 22:11:03 vps58358 sshd\[30714\]: Invalid user testuser from 106.13.161.29Jan 14 22:11:05 vps58358 sshd\[30714\]: Failed password for invalid user testuser from 106.13.161.29 port 52208 ssh2Jan 14 22:14:28 vps58358 sshd\[30746\]: Invalid user hms from 106.13.161.29Jan 14 22:14:30 vps58358 sshd\[30746\]: Failed password for invalid user hms from 106.13.161.29 port 49406 ssh2Jan 14 22:17:51 vps58358 sshd\[30774\]: Invalid user gan from 106.13.161.29Jan 14 22:17:53 vps58358 sshd\[30774\]: Failed password for invalid user gan from 106.13.161.29 port 46614 ssh2
...

2020-01-15 05:21:34

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.161.17	attackbotsspam	106.13.161.17 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 12 02:48:23 jbs1 sshd[9341]: Failed password for root from 139.199.18.194 port 50498 ssh2 Oct 12 02:48:27 jbs1 sshd[9395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.107.214 user=root Oct 12 02:48:29 jbs1 sshd[9395]: Failed password for root from 175.24.107.214 port 47498 ssh2 Oct 12 02:49:06 jbs1 sshd[9764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.161.17 user=root Oct 12 02:49:07 jbs1 sshd[9772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.102.246 user=root IP Addresses Blocked: 139.199.18.194 (CN/China/-) 175.24.107.214 (CN/China/-)	2020-10-13 03:27:39
106.13.161.17	attack	106.13.161.17 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 12 02:48:23 jbs1 sshd[9341]: Failed password for root from 139.199.18.194 port 50498 ssh2 Oct 12 02:48:27 jbs1 sshd[9395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.107.214 user=root Oct 12 02:48:29 jbs1 sshd[9395]: Failed password for root from 175.24.107.214 port 47498 ssh2 Oct 12 02:49:06 jbs1 sshd[9764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.161.17 user=root Oct 12 02:49:07 jbs1 sshd[9772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.102.246 user=root IP Addresses Blocked: 139.199.18.194 (CN/China/-) 175.24.107.214 (CN/China/-)	2020-10-12 18:58:49
106.13.161.17	attackspam	s3.hscode.pl - SSH Attack	2020-10-01 09:14:47
106.13.161.17	attackspambots	Sep 30 19:11:28 gw1 sshd[2207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.161.17 Sep 30 19:11:30 gw1 sshd[2207]: Failed password for invalid user rene from 106.13.161.17 port 40950 ssh2 ...	2020-10-01 01:52:01
106.13.161.17	attack	Sep 29 20:11:17 firewall sshd[11230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.161.17 Sep 29 20:11:17 firewall sshd[11230]: Invalid user testman from 106.13.161.17 Sep 29 20:11:19 firewall sshd[11230]: Failed password for invalid user testman from 106.13.161.17 port 49660 ssh2 ...	2020-09-30 18:03:04
106.13.161.17	attackspam	Sep 22 14:46:03 mail sshd\[58063\]: Invalid user cfabllc from 106.13.161.17 Sep 22 14:46:03 mail sshd\[58063\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.161.17 ...	2020-09-23 07:34:57
106.13.161.17	attackspam	[f2b] sshd bruteforce, retries: 1	2020-09-22 02:43:22
106.13.161.17	attackspam	SSH-BruteForce	2020-09-21 18:27:23
106.13.161.250	attack	$f2bV_matches	2020-09-21 18:10:16
106.13.161.250	attack	Invalid user dwh from 106.13.161.250 port 58260	2020-09-15 03:36:04
106.13.161.250	attackspam	Brute force attempt	2020-09-14 19:31:43
106.13.161.250	attack	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-08-28 00:58:09
106.13.161.17	attackbots	Aug 25 21:51:23 minden010 sshd[9402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.161.17 Aug 25 21:51:25 minden010 sshd[9402]: Failed password for invalid user joe from 106.13.161.17 port 58984 ssh2 Aug 25 22:00:52 minden010 sshd[10498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.161.17 ...	2020-08-26 04:49:31
106.13.161.17	attack	[SID2] Fail2ban detected 5 failed SSH login attempts within 30 minutes. This report was submitted automatically.	2020-08-25 14:59:14
106.13.161.250	attackbots	Port scan denied	2020-08-24 15:11:24

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.161.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24951
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.161.29.			IN	A

;; AUTHORITY SECTION:
.			354	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011401 1800 900 604800 86400

;; Query time: 114 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 15 05:21:31 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 29.161.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 29.161.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
186.118.99.18	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-12 06:02:10,287 INFO [amun_request_handler] PortScan Detected on Port: 445 (186.118.99.18)	2019-09-12 18:04:56
103.60.222.76	attackbotsspam	ECShop Remote Code Execution Vulnerability, PTR: PTR record not found	2019-09-12 19:33:28
113.235.123.56	attackspam	Lines containing failures of 113.235.123.56 Sep 10 23:49:53 mx-in-01 sshd[26548]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.235.123.56 user=r.r Sep 10 23:49:55 mx-in-01 sshd[26548]: Failed password for r.r from 113.235.123.56 port 52532 ssh2 Sep 10 23:49:59 mx-in-01 sshd[26548]: Failed password for r.r from 113.235.123.56 port 52532 ssh2 Sep 10 23:50:02 mx-in-01 sshd[26548]: Failed password for r.r from 113.235.123.56 port 52532 ssh2 Sep 10 23:50:05 mx-in-01 sshd[26548]: Failed password for r.r from 113.235.123.56 port 52532 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=113.235.123.56	2019-09-12 18:27:31
47.254.131.53	attackspambots	Sep 12 13:02:49 [host] sshd[2682]: Invalid user ftp_test from 47.254.131.53 Sep 12 13:02:49 [host] sshd[2682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.254.131.53 Sep 12 13:02:51 [host] sshd[2682]: Failed password for invalid user ftp_test from 47.254.131.53 port 53012 ssh2	2019-09-12 19:20:50
73.171.226.23	attack	Aug 16 04:59:01 vtv3 sshd\[27027\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.171.226.23 user=root Aug 16 04:59:03 vtv3 sshd\[27027\]: Failed password for root from 73.171.226.23 port 50394 ssh2 Aug 16 05:05:05 vtv3 sshd\[30000\]: Invalid user bot from 73.171.226.23 port 42808 Aug 16 05:05:05 vtv3 sshd\[30000\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.171.226.23 Aug 16 05:05:07 vtv3 sshd\[30000\]: Failed password for invalid user bot from 73.171.226.23 port 42808 ssh2 Aug 16 05:16:24 vtv3 sshd\[3298\]: Invalid user eric from 73.171.226.23 port 55864 Aug 16 05:16:24 vtv3 sshd\[3298\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.171.226.23 Aug 16 05:16:26 vtv3 sshd\[3298\]: Failed password for invalid user eric from 73.171.226.23 port 55864 ssh2 Aug 16 05:22:07 vtv3 sshd\[6000\]: Invalid user pass from 73.171.226.23 port 48278 Aug 16 05:22:07 vtv3 sshd\[600	2019-09-12 19:24:49
201.182.152.58	attack	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-09-12 18:17:29
45.55.187.39	attackspam	Sep 12 12:08:21 mail sshd\[9102\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.187.39 user=root Sep 12 12:08:23 mail sshd\[9102\]: Failed password for root from 45.55.187.39 port 48712 ssh2 Sep 12 12:14:16 mail sshd\[10176\]: Invalid user redmine from 45.55.187.39 port 56860 Sep 12 12:14:16 mail sshd\[10176\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.187.39 Sep 12 12:14:18 mail sshd\[10176\]: Failed password for invalid user redmine from 45.55.187.39 port 56860 ssh2	2019-09-12 19:41:05
36.66.56.234	attack	Unauthorized SSH login attempts	2019-09-12 19:12:23
120.14.214.82	attackbotsspam	Unauthorised access (Sep 12) SRC=120.14.214.82 LEN=40 TTL=49 ID=53158 TCP DPT=23 WINDOW=25923 SYN	2019-09-12 19:26:29
189.68.60.142	attack	Lines containing failures of 189.68.60.142 Sep 11 05:19:44 * sshd[15218]: Invalid user admin from 189.68.60.142 port 41374 Sep 11 05:19:44 * sshd[15218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.68.60.142 Sep 11 05:19:46 * sshd[15218]: Failed password for invalid user admin from 189.68.60.142 port 41374 ssh2 Sep 11 05:19:46 * sshd[15218]: Received disconnect from 189.68.60.142 port 41374:11: Bye Bye [preauth] Sep 11 05:19:46 * sshd[15218]: Disconnected from invalid user admin 189.68.60.142 port 41374 [preauth] Sep 11 05:31:58 * sshd[16585]: Invalid user mysql from 189.68.60.142 port 41108 Sep 11 05:31:58 * sshd[16585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.68.60.142 Sep 11 05:32:01 * sshd[16585]: Failed password for invalid user mysql from 189.68.60.142 port 41108 ssh2 Sep 11 05:32:01 *** sshd[16585]: Received disconnect from 189.68.60.142 port 41108:1........ ------------------------------	2019-09-12 19:04:55
24.35.32.239	attack	Sep 12 00:11:41 finn sshd[336]: Invalid user oracle from 24.35.32.239 port 60268 Sep 12 00:11:41 finn sshd[336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.35.32.239 Sep 12 00:11:42 finn sshd[336]: Failed password for invalid user oracle from 24.35.32.239 port 60268 ssh2 Sep 12 00:11:42 finn sshd[336]: Received disconnect from 24.35.32.239 port 60268:11: Bye Bye [preauth] Sep 12 00:11:42 finn sshd[336]: Disconnected from 24.35.32.239 port 60268 [preauth] Sep 12 00:20:17 finn sshd[2109]: Invalid user support from 24.35.32.239 port 44356 Sep 12 00:20:17 finn sshd[2109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.35.32.239 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=24.35.32.239	2019-09-12 19:25:21
51.79.73.206	attackbotsspam	Sep 12 05:51:52 bouncer sshd\[4214\]: Invalid user wocloud from 51.79.73.206 port 33174 Sep 12 05:51:52 bouncer sshd\[4214\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.73.206 Sep 12 05:51:53 bouncer sshd\[4214\]: Failed password for invalid user wocloud from 51.79.73.206 port 33174 ssh2 ...	2019-09-12 18:56:57
112.72.97.158	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-12 02:18:35,941 INFO [amun_request_handler] PortScan Detected on Port: 445 (112.72.97.158)	2019-09-12 19:27:04
198.27.90.106	attack	Sep 12 07:19:58 ny01 sshd[27381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.27.90.106 Sep 12 07:20:00 ny01 sshd[27381]: Failed password for invalid user testuser from 198.27.90.106 port 45067 ssh2 Sep 12 07:25:43 ny01 sshd[28687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.27.90.106	2019-09-12 19:35:34
120.52.152.18	attackbotsspam	Portscan or hack attempt detected by psad/fwsnort	2019-09-12 19:34:59

最近上报的IP列表

82.207.211.186	41.49.213.206	192.17.199.223	161.115.250.19
83.252.140.76	111.125.214.200	56.93.41.43	134.216.245.142
202.143.127.129	77.244.41.122	97.115.88.243	36.32.33.169
200.233.231.243	184.105.219.92	94.140.116.73	107.175.191.28
111.19.135.91	203.151.59.5	72.58.79.245	155.4.35.142