106.13.218.105

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Failed password for root from 106.13.218.105 port 35222 ssh2 Invalid user zq from 106.13.218.105 port 36884 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.218.105 Invalid user zq from 106.13.218.105 port 36884 Failed password for invalid user zq from 106.13.218.105 port 36884 ssh2	2020-07-06 16:28:44
attackbots	firewall-block, port(s): 550/tcp	2020-07-04 16:32:36
attack	May 21 18:49:39 gw1 sshd[15138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.218.105 May 21 18:49:41 gw1 sshd[15138]: Failed password for invalid user jtj from 106.13.218.105 port 37480 ssh2 ...	2020-05-21 22:03:25
attackspambots	Invalid user web from 106.13.218.105 port 35734	2020-05-01 13:48:43
attackbots	Apr 19 19:11:48 eventyay sshd[10712]: Failed password for root from 106.13.218.105 port 32840 ssh2 Apr 19 19:14:03 eventyay sshd[10752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.218.105 Apr 19 19:14:05 eventyay sshd[10752]: Failed password for invalid user test from 106.13.218.105 port 59826 ssh2 ...	2020-04-20 03:09:52

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.218.56	attack	Time: Sat Aug 29 08:54:29 2020 +0000 IP: 106.13.218.56 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 29 08:39:11 vps3 sshd[14978]: Invalid user www from 106.13.218.56 port 49730 Aug 29 08:39:13 vps3 sshd[14978]: Failed password for invalid user www from 106.13.218.56 port 49730 ssh2 Aug 29 08:52:07 vps3 sshd[17971]: Invalid user mssql from 106.13.218.56 port 39852 Aug 29 08:52:10 vps3 sshd[17971]: Failed password for invalid user mssql from 106.13.218.56 port 39852 ssh2 Aug 29 08:54:26 vps3 sshd[18504]: Invalid user alex from 106.13.218.56 port 34172	2020-08-29 17:41:36
106.13.218.56	attack	SSH brutforce	2020-08-29 04:37:37
106.13.218.56	attackbots	Fail2Ban Ban Triggered	2020-08-28 23:40:41
106.13.218.119	attack	Unauthorized connection attempt detected from IP address 106.13.218.119 to port 2220 [J]	2020-01-22 21:33:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.218.105
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44994
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.218.105.			IN	A

;; AUTHORITY SECTION:
.			595	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041901 1800 900 604800 86400

;; Query time: 90 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 20 03:09:48 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 105.218.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 105.218.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
66.249.65.203	attackbots	Automatic report - Banned IP Access	2020-09-21 06:17:22
223.16.221.46	attackbotsspam	Sep 20 16:00:52 roki-contabo sshd\[24601\]: Invalid user nagios from 223.16.221.46 Sep 20 16:00:52 roki-contabo sshd\[24601\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.16.221.46 Sep 20 16:00:54 roki-contabo sshd\[24601\]: Failed password for invalid user nagios from 223.16.221.46 port 41619 ssh2 Sep 20 19:01:22 roki-contabo sshd\[26183\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.16.221.46 user=root Sep 20 19:01:24 roki-contabo sshd\[26183\]: Failed password for root from 223.16.221.46 port 59779 ssh2 ...	2020-09-21 06:51:52
15.206.49.33	attack	15.206.49.33 - - [20/Sep/2020:21:48:01 +0100] "POST /wp-login.php HTTP/1.1" 200 2504 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 15.206.49.33 - - [20/Sep/2020:21:48:03 +0100] "POST /wp-login.php HTTP/1.1" 200 2474 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 15.206.49.33 - - [20/Sep/2020:21:48:05 +0100] "POST /wp-login.php HTTP/1.1" 200 2475 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-21 06:18:27
109.252.206.195	attackbots	Unauthorized connection attempt from IP address 109.252.206.195 on Port 445(SMB)	2020-09-21 06:54:26
217.218.175.166	attackspam	Unauthorized connection attempt from IP address 217.218.175.166 on Port 445(SMB)	2020-09-21 06:52:12
170.130.187.50	attackbotsspam	TCP (SYN) 170.130.187.50:58792 -> port 3306, len 44	2020-09-21 06:16:24
131.193.192.52	attack	2020-09-20T23:19:49.961472cyberdyne sshd[974496]: Failed password for invalid user admin from 131.193.192.52 port 46596 ssh2 2020-09-20T23:23:25.761551cyberdyne sshd[975301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.193.192.52 user=root 2020-09-20T23:23:27.113217cyberdyne sshd[975301]: Failed password for root from 131.193.192.52 port 57616 ssh2 2020-09-20T23:27:04.926597cyberdyne sshd[976111]: Invalid user ubuntu from 131.193.192.52 port 40416 ...	2020-09-21 05:55:02
51.15.170.129	attackspambots	fail2ban -- 51.15.170.129 ...	2020-09-21 06:00:20
47.90.80.159	attackbots	Bad_requests	2020-09-21 05:59:06
94.102.51.28	attackbotsspam	Sep 20 23:34:26 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=15031 PROTO=TCP SPT=57870 DPT=10840 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 20 23:50:25 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=7302 PROTO=TCP SPT=57870 DPT=50650 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 20 23:51:08 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=3608 PROTO=TCP SPT=57870 DPT=44656 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 20 23:59:39 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=51801 PROTO=TCP SPT=57870 DPT=52496 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 00:09:01 *hidde ...	2020-09-21 06:23:41
156.96.47.16	attackbotsspam	TCP (SYN) 156.96.47.16:17106 -> port 23, len 44	2020-09-21 05:56:20
89.187.187.148	attack	[2020-09-20 12:51:57] NOTICE[1239][C-00005a9d] chan_sip.c: Call from '' (89.187.187.148:52501) to extension '000000000000972592277524' rejected because extension not found in context 'public'. [2020-09-20 12:51:57] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-20T12:51:57.556-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="000000000000972592277524",SessionID="0x7f4d48965da8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/89.187.187.148/52501",ACLName="no_extension_match" [2020-09-20 13:01:56] NOTICE[1239][C-00005aa7] chan_sip.c: Call from '' (89.187.187.148:52855) to extension '1011972595375946' rejected because extension not found in context 'public'. [2020-09-20 13:01:56] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-20T13:01:56.401-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="1011972595375946",SessionID="0x7f4d4844faa8",LocalAddress="IPV4/UDP/192.168.244.6/5060",R ...	2020-09-21 06:12:54
64.225.47.15	attackbotsspam	Sep 20 21:58:09 raspberrypi sshd[1223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.47.15 user=root Sep 20 21:58:10 raspberrypi sshd[1223]: Failed password for invalid user root from 64.225.47.15 port 36664 ssh2 ...	2020-09-21 06:22:09
27.100.26.45	attackbotsspam	Unauthorized connection attempt from IP address 27.100.26.45 on Port 445(SMB)	2020-09-21 05:55:52
23.101.196.5	attackspambots	Sep 20 22:09:30 rush sshd[16644]: Failed password for root from 23.101.196.5 port 38688 ssh2 Sep 20 22:09:41 rush sshd[16646]: Failed password for root from 23.101.196.5 port 54286 ssh2 ...	2020-09-21 06:18:06

最近上报的IP列表

219.231.136.94	202.159.252.18	54.169.217.10	27.101.105.222
96.77.105.80	78.37.122.177	123.21.253.145	109.94.51.250
49.233.223.86	35.234.74.221	35.220.236.137	24.246.243.220
5.21.61.212	213.186.34.106	199.195.249.82	198.251.83.248
197.50.13.170	191.31.104.17	188.120.244.86	178.184.218.211