106.13.218.105

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Failed password for root from 106.13.218.105 port 35222 ssh2 Invalid user zq from 106.13.218.105 port 36884 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.218.105 Invalid user zq from 106.13.218.105 port 36884 Failed password for invalid user zq from 106.13.218.105 port 36884 ssh2	2020-07-06 16:28:44
attackbots	firewall-block, port(s): 550/tcp	2020-07-04 16:32:36
attack	May 21 18:49:39 gw1 sshd[15138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.218.105 May 21 18:49:41 gw1 sshd[15138]: Failed password for invalid user jtj from 106.13.218.105 port 37480 ssh2 ...	2020-05-21 22:03:25
attackspambots	Invalid user web from 106.13.218.105 port 35734	2020-05-01 13:48:43
attackbots	Apr 19 19:11:48 eventyay sshd[10712]: Failed password for root from 106.13.218.105 port 32840 ssh2 Apr 19 19:14:03 eventyay sshd[10752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.218.105 Apr 19 19:14:05 eventyay sshd[10752]: Failed password for invalid user test from 106.13.218.105 port 59826 ssh2 ...	2020-04-20 03:09:52

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.218.56	attack	Time: Sat Aug 29 08:54:29 2020 +0000 IP: 106.13.218.56 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 29 08:39:11 vps3 sshd[14978]: Invalid user www from 106.13.218.56 port 49730 Aug 29 08:39:13 vps3 sshd[14978]: Failed password for invalid user www from 106.13.218.56 port 49730 ssh2 Aug 29 08:52:07 vps3 sshd[17971]: Invalid user mssql from 106.13.218.56 port 39852 Aug 29 08:52:10 vps3 sshd[17971]: Failed password for invalid user mssql from 106.13.218.56 port 39852 ssh2 Aug 29 08:54:26 vps3 sshd[18504]: Invalid user alex from 106.13.218.56 port 34172	2020-08-29 17:41:36
106.13.218.56	attack	SSH brutforce	2020-08-29 04:37:37
106.13.218.56	attackbots	Fail2Ban Ban Triggered	2020-08-28 23:40:41
106.13.218.119	attack	Unauthorized connection attempt detected from IP address 106.13.218.119 to port 2220 [J]	2020-01-22 21:33:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.218.105
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44994
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.218.105.			IN	A

;; AUTHORITY SECTION:
.			595	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041901 1800 900 604800 86400

;; Query time: 90 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 20 03:09:48 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 105.218.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 105.218.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
45.84.196.28	attackspam	Mar 17 21:15:29 163-172-32-151 sshd[3008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.84.196.28 user=root Mar 17 21:15:31 163-172-32-151 sshd[3008]: Failed password for root from 45.84.196.28 port 44020 ssh2 ...	2020-03-18 04:33:38
185.36.81.78	attack	Mar 17 21:02:20 srv01 postfix/smtpd\[22129\]: warning: unknown\[185.36.81.78\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 17 21:05:45 srv01 postfix/smtpd\[24865\]: warning: unknown\[185.36.81.78\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 17 21:07:25 srv01 postfix/smtpd\[22129\]: warning: unknown\[185.36.81.78\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 17 21:08:55 srv01 postfix/smtpd\[15629\]: warning: unknown\[185.36.81.78\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 17 21:09:28 srv01 postfix/smtpd\[15629\]: warning: unknown\[185.36.81.78\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-03-18 04:21:00
154.8.231.250	attack	2020-03-17T18:15:28.046847dmca.cloudsearch.cf sshd[19872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.231.250 user=root 2020-03-17T18:15:29.688657dmca.cloudsearch.cf sshd[19872]: Failed password for root from 154.8.231.250 port 53223 ssh2 2020-03-17T18:18:10.185892dmca.cloudsearch.cf sshd[20027]: Invalid user neutron from 154.8.231.250 port 40865 2020-03-17T18:18:10.190874dmca.cloudsearch.cf sshd[20027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.231.250 2020-03-17T18:18:10.185892dmca.cloudsearch.cf sshd[20027]: Invalid user neutron from 154.8.231.250 port 40865 2020-03-17T18:18:12.073463dmca.cloudsearch.cf sshd[20027]: Failed password for invalid user neutron from 154.8.231.250 port 40865 ssh2 2020-03-17T18:20:48.887835dmca.cloudsearch.cf sshd[20182]: Invalid user bot from 154.8.231.250 port 56741 ...	2020-03-18 04:01:59
68.183.186.25	attackspam	Mar 17 20:20:13 sd-53420 sshd\[16582\]: User root from 68.183.186.25 not allowed because none of user's groups are listed in AllowGroups Mar 17 20:20:13 sd-53420 sshd\[16582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.186.25 user=root Mar 17 20:20:15 sd-53420 sshd\[16582\]: Failed password for invalid user root from 68.183.186.25 port 60098 ssh2 Mar 17 20:23:35 sd-53420 sshd\[17693\]: User root from 68.183.186.25 not allowed because none of user's groups are listed in AllowGroups Mar 17 20:23:35 sd-53420 sshd\[17693\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.186.25 user=root ...	2020-03-18 04:13:34
106.13.175.210	attackspambots	Mar 17 20:55:41 srv-ubuntu-dev3 sshd[100329]: Invalid user ldapuser from 106.13.175.210 Mar 17 20:55:41 srv-ubuntu-dev3 sshd[100329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.175.210 Mar 17 20:55:41 srv-ubuntu-dev3 sshd[100329]: Invalid user ldapuser from 106.13.175.210 Mar 17 20:55:43 srv-ubuntu-dev3 sshd[100329]: Failed password for invalid user ldapuser from 106.13.175.210 port 42810 ssh2 Mar 17 20:59:56 srv-ubuntu-dev3 sshd[100944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.175.210 user=root Mar 17 20:59:58 srv-ubuntu-dev3 sshd[100944]: Failed password for root from 106.13.175.210 port 52192 ssh2 Mar 17 21:04:11 srv-ubuntu-dev3 sshd[101630]: Invalid user operator from 106.13.175.210 Mar 17 21:04:11 srv-ubuntu-dev3 sshd[101630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.175.210 Mar 17 21:04:11 srv-ubuntu-dev3 sshd[101630]: I ...	2020-03-18 04:31:57
54.36.108.162	attackspambots	CMS (WordPress or Joomla) login attempt.	2020-03-18 04:20:39
193.86.203.74	attackspambots	Chat Spam	2020-03-18 04:14:34
216.198.66.12	attack	Mar 17 21:51:52 tuotantolaitos sshd[14084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.198.66.12 Mar 17 21:51:54 tuotantolaitos sshd[14084]: Failed password for invalid user hip from 216.198.66.12 port 43602 ssh2 ...	2020-03-18 04:15:05
118.122.148.193	attackspambots	Mar 17 19:20:40 sshd\[4241\]: User root from 118.122.148.193 not allowed because not listed in AllowUsersMar 17 19:20:42 sshd\[4241\]: Failed password for invalid user root from 118.122.148.193 port 35416 ssh2 ...	2020-03-18 04:08:51
175.24.110.17	attackbots	k+ssh-bruteforce	2020-03-18 04:13:20
49.235.35.200	attackbots	Mar 18 02:52:30 itv-usvr-02 sshd[12238]: Invalid user tommy from 49.235.35.200 port 59866 Mar 18 02:52:30 itv-usvr-02 sshd[12238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.35.200 Mar 18 02:52:30 itv-usvr-02 sshd[12238]: Invalid user tommy from 49.235.35.200 port 59866 Mar 18 02:52:32 itv-usvr-02 sshd[12238]: Failed password for invalid user tommy from 49.235.35.200 port 59866 ssh2 Mar 18 02:58:09 itv-usvr-02 sshd[12408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.35.200 user=root Mar 18 02:58:12 itv-usvr-02 sshd[12408]: Failed password for root from 49.235.35.200 port 42732 ssh2	2020-03-18 04:15:57
83.103.59.192	attack	-	2020-03-18 03:58:23
220.137.46.115	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-18 04:00:49
222.186.42.136	attackspam	Mar 17 21:11:12 debian64 sshd[19342]: Failed password for root from 222.186.42.136 port 60077 ssh2 Mar 17 21:11:15 debian64 sshd[19342]: Failed password for root from 222.186.42.136 port 60077 ssh2 ...	2020-03-18 04:16:38
122.227.230.11	attack	Mar 17 19:35:07 legacy sshd[11745]: Failed password for root from 122.227.230.11 port 33164 ssh2 Mar 17 19:38:57 legacy sshd[11855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.227.230.11 Mar 17 19:39:00 legacy sshd[11855]: Failed password for invalid user torrents from 122.227.230.11 port 47844 ssh2 ...	2020-03-18 04:03:19

最近上报的IP列表

219.231.136.94	202.159.252.18	54.169.217.10	27.101.105.222
96.77.105.80	78.37.122.177	123.21.253.145	109.94.51.250
49.233.223.86	35.234.74.221	35.220.236.137	24.246.243.220
5.21.61.212	213.186.34.106	199.195.249.82	198.251.83.248
197.50.13.170	191.31.104.17	188.120.244.86	178.184.218.211