106.13.221.203

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Lines containing failures of 106.13.221.203 Oct 6 17:39:15 shared05 sshd[28756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.221.203 user=r.r Oct 6 17:39:17 shared05 sshd[28756]: Failed password for r.r from 106.13.221.203 port 37884 ssh2 Oct 6 17:39:18 shared05 sshd[28756]: Received disconnect from 106.13.221.203 port 37884:11: Bye Bye [preauth] Oct 6 17:39:18 shared05 sshd[28756]: Disconnected from authenticating user r.r 106.13.221.203 port 37884 [preauth] Oct 6 18:00:47 shared05 sshd[4401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.221.203 user=r.r Oct 6 18:00:49 shared05 sshd[4401]: Failed password for r.r from 106.13.221.203 port 55688 ssh2 Oct 6 18:00:49 shared05 sshd[4401]: Received disconnect from 106.13.221.203 port 55688:11: Bye Bye [preauth] Oct 6 18:00:49 shared05 sshd[4401]: Disconnected from authenticating user r.r 106.13.221.203 port 55688 [pr........ ------------------------------	2019-10-11 01:57:32

类型

评论内容

时间

attack

Lines containing failures of 106.13.221.203
Oct  6 17:39:15 shared05 sshd[28756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.221.203  user=r.r
Oct  6 17:39:17 shared05 sshd[28756]: Failed password for r.r from 106.13.221.203 port 37884 ssh2
Oct  6 17:39:18 shared05 sshd[28756]: Received disconnect from 106.13.221.203 port 37884:11: Bye Bye [preauth]
Oct  6 17:39:18 shared05 sshd[28756]: Disconnected from authenticating user r.r 106.13.221.203 port 37884 [preauth]
Oct  6 18:00:47 shared05 sshd[4401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.221.203  user=r.r
Oct  6 18:00:49 shared05 sshd[4401]: Failed password for r.r from 106.13.221.203 port 55688 ssh2
Oct  6 18:00:49 shared05 sshd[4401]: Received disconnect from 106.13.221.203 port 55688:11: Bye Bye [preauth]
Oct  6 18:00:49 shared05 sshd[4401]: Disconnected from authenticating user r.r 106.13.221.203 port 55688 [pr........
------------------------------

2019-10-11 01:57:32

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.221.4	attack	Unauthorised access (Jun 20) SRC=106.13.221.4 LEN=52 TOS=0x02 TTL=115 ID=2709 DF TCP DPT=445 WINDOW=8192 CWR ECE SYN	2020-06-21 08:09:16
106.13.221.44	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-10 01:46:37
106.13.221.44	attack	$f2bV_matches	2019-12-06 14:09:26
106.13.221.44	attack	firewall-block, port(s): 7001/tcp, 9200/tcp	2019-10-22 18:13:24

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.221.203
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5220
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.221.203.			IN	A

;; AUTHORITY SECTION:
.			270	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101000 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 11 01:57:28 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 203.221.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 203.221.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
179.84.140.196	attackbots	(sshd) Failed SSH login from 179.84.140.196 (BR/Brazil/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 11 12:53:05 server2 sshd[23980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.84.140.196 user=root Sep 11 12:53:07 server2 sshd[23980]: Failed password for root from 179.84.140.196 port 26418 ssh2 Sep 11 12:53:09 server2 sshd[24014]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.84.140.196 user=root Sep 11 12:53:10 server2 sshd[24014]: Failed password for root from 179.84.140.196 port 26419 ssh2 Sep 11 12:53:14 server2 sshd[24599]: Invalid user ubnt from 179.84.140.196	2020-09-12 16:14:56
115.42.127.133	attackbots	Port scan denied	2020-09-12 16:13:40
222.186.173.238	attack	Sep 12 10:21:02 host sshd[29903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root Sep 12 10:21:03 host sshd[29903]: Failed password for root from 222.186.173.238 port 24924 ssh2 ...	2020-09-12 16:25:37
217.219.129.3	attackbotsspam	(sshd) Failed SSH login from 217.219.129.3 (IR/Iran/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 11 21:25:25 server sshd[3836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.219.129.3 user=root Sep 11 21:25:27 server sshd[3836]: Failed password for root from 217.219.129.3 port 22562 ssh2 Sep 11 21:37:08 server sshd[6827]: Invalid user user from 217.219.129.3 port 20438 Sep 11 21:37:09 server sshd[6827]: Failed password for invalid user user from 217.219.129.3 port 20438 ssh2 Sep 11 21:41:50 server sshd[8007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.219.129.3 user=root	2020-09-12 16:09:20
88.20.216.110	attack	2020-09-12T11:17:20.205613snf-827550 sshd[19036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.red-88-20-216.staticip.rima-tde.net 2020-09-12T11:17:20.188478snf-827550 sshd[19036]: Invalid user server from 88.20.216.110 port 55354 2020-09-12T11:17:22.238401snf-827550 sshd[19036]: Failed password for invalid user server from 88.20.216.110 port 55354 ssh2 ...	2020-09-12 16:31:28
218.92.0.246	attackbotsspam	Sep 12 13:01:10 gw1 sshd[1873]: Failed password for root from 218.92.0.246 port 45368 ssh2 Sep 12 13:01:24 gw1 sshd[1873]: error: maximum authentication attempts exceeded for root from 218.92.0.246 port 45368 ssh2 [preauth] ...	2020-09-12 16:07:07
124.43.22.106	attack	Icarus honeypot on github	2020-09-12 16:43:03
179.246.3.108	attackspambots	(sshd) Failed SSH login from 179.246.3.108 (BR/Brazil/179-246-3-108.user.vivozap.com.br): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 11 12:53:22 optimus sshd[20242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.246.3.108 user=root Sep 11 12:53:23 optimus sshd[20242]: Failed password for root from 179.246.3.108 port 21378 ssh2 Sep 11 12:53:27 optimus sshd[20272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.246.3.108 user=root Sep 11 12:53:29 optimus sshd[20272]: Failed password for root from 179.246.3.108 port 21379 ssh2 Sep 11 12:53:31 optimus sshd[20309]: Invalid user ubnt from 179.246.3.108	2020-09-12 16:07:22
152.231.107.44	attack	Sep 12 03:52:21 vlre-nyc-1 sshd\[30281\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.231.107.44 user=root Sep 12 03:52:23 vlre-nyc-1 sshd\[30281\]: Failed password for root from 152.231.107.44 port 44480 ssh2 Sep 12 03:57:58 vlre-nyc-1 sshd\[30387\]: Invalid user info from 152.231.107.44 Sep 12 03:57:58 vlre-nyc-1 sshd\[30387\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.231.107.44 Sep 12 03:57:59 vlre-nyc-1 sshd\[30387\]: Failed password for invalid user info from 152.231.107.44 port 40499 ssh2 ...	2020-09-12 16:32:55
180.76.174.39	attackspambots	Sep 12 09:48:39 markkoudstaal sshd[7438]: Failed password for root from 180.76.174.39 port 55268 ssh2 Sep 12 09:50:06 markkoudstaal sshd[7893]: Failed password for root from 180.76.174.39 port 41690 ssh2 ...	2020-09-12 16:37:29
49.249.239.198	attackspambots	Failed password for invalid user root from 49.249.239.198 port 50461 ssh2	2020-09-12 16:29:52
200.69.141.210	attackspambots	$f2bV_matches	2020-09-12 16:23:33
84.185.68.129	attackspambots	<6 unauthorized SSH connections	2020-09-12 16:26:06
42.233.250.167	attackspam	Sep 11 18:49:31 sshgateway sshd\[26693\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.233.250.167 user=root Sep 11 18:49:33 sshgateway sshd\[26693\]: Failed password for root from 42.233.250.167 port 32146 ssh2 Sep 11 18:53:00 sshgateway sshd\[27192\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.233.250.167 user=root	2020-09-12 16:28:05
109.199.164.71	attackbotsspam	2020-09-12T07:34:58.331006abusebot.cloudsearch.cf sshd[18720]: Invalid user pi from 109.199.164.71 port 55090 2020-09-12T07:34:58.417758abusebot.cloudsearch.cf sshd[18721]: Invalid user pi from 109.199.164.71 port 55092 2020-09-12T07:34:58.513291abusebot.cloudsearch.cf sshd[18720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.199.164.71 2020-09-12T07:34:58.331006abusebot.cloudsearch.cf sshd[18720]: Invalid user pi from 109.199.164.71 port 55090 2020-09-12T07:35:01.240127abusebot.cloudsearch.cf sshd[18720]: Failed password for invalid user pi from 109.199.164.71 port 55090 ssh2 2020-09-12T07:34:58.606437abusebot.cloudsearch.cf sshd[18721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.199.164.71 2020-09-12T07:34:58.417758abusebot.cloudsearch.cf sshd[18721]: Invalid user pi from 109.199.164.71 port 55092 2020-09-12T07:35:01.330617abusebot.cloudsearch.cf sshd[18721]: Failed password for invalid us ...	2020-09-12 16:24:29

最近上报的IP列表

103.43.44.130	106.35.7.169	85.224.48.135	213.45.145.104
94.183.118.69	84.182.127.31	155.67.149.105	86.16.49.34
115.59.199.149	3.6.231.92	115.25.121.15	230.108.130.198
3.20.174.29	73.239.105.246	113.162.176.166	86.228.17.215
93.11.185.136	201.232.151.186	190.233.204.173	91.65.16.32