106.13.231.71 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Port scan on 2 port(s): 2375 2376	2020-05-23 20:13:43

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.231.150	attackspam	Oct 13 17:13:23 lunarastro sshd[24773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.231.150 Oct 13 17:13:26 lunarastro sshd[24773]: Failed password for invalid user margarita from 106.13.231.150 port 49772 ssh2	2020-10-13 22:12:00
106.13.231.150	attackbotsspam	Oct 13 03:11:30 haigwepa sshd[32217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.231.150 Oct 13 03:11:32 haigwepa sshd[32217]: Failed password for invalid user vicky from 106.13.231.150 port 59356 ssh2 ...	2020-10-13 13:37:23
106.13.231.150	attackbotsspam	SSH bruteforce	2020-10-13 06:21:04
106.13.231.10	attack	Invalid user edu from 106.13.231.10 port 44588	2020-10-12 07:32:27
106.13.231.10	attackspambots	Fail2Ban	2020-10-11 23:47:39
106.13.231.10	attackspam	SSH Brute Force	2020-10-11 15:46:49
106.13.231.10	attack	Oct 11 01:27:39 host2 sshd[2374354]: Failed password for root from 106.13.231.10 port 35668 ssh2 Oct 11 01:28:45 host2 sshd[2374369]: Invalid user paraccel from 106.13.231.10 port 48100 Oct 11 01:28:45 host2 sshd[2374369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.231.10 Oct 11 01:28:45 host2 sshd[2374369]: Invalid user paraccel from 106.13.231.10 port 48100 Oct 11 01:28:47 host2 sshd[2374369]: Failed password for invalid user paraccel from 106.13.231.10 port 48100 ssh2 ...	2020-10-11 09:04:42
106.13.231.171	attackspam	Oct 10 10:48:35 shivevps sshd[17119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.231.171 Oct 10 10:48:38 shivevps sshd[17119]: Failed password for invalid user test from 106.13.231.171 port 43654 ssh2 Oct 10 10:50:24 shivevps sshd[17195]: Invalid user install from 106.13.231.171 port 55200 ...	2020-10-11 05:24:39
106.13.231.171	attack	SSH auth scanning - multiple failed logins	2020-10-10 21:29:56
106.13.231.103	attackspam	$f2bV_matches	2020-10-09 05:10:45
106.13.231.103	attack	$f2bV_matches	2020-10-08 21:23:31
106.13.231.103	attackbots	Oct 7 20:40:21 localhost sshd[101788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.231.103 user=root Oct 7 20:40:23 localhost sshd[101788]: Failed password for root from 106.13.231.103 port 56326 ssh2 Oct 7 20:43:35 localhost sshd[102102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.231.103 user=root Oct 7 20:43:37 localhost sshd[102102]: Failed password for root from 106.13.231.103 port 41860 ssh2 Oct 7 20:46:36 localhost sshd[102379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.231.103 user=root Oct 7 20:46:38 localhost sshd[102379]: Failed password for root from 106.13.231.103 port 55618 ssh2 ...	2020-10-08 13:17:32
106.13.231.103	attack	Oct 7 20:40:21 localhost sshd[101788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.231.103 user=root Oct 7 20:40:23 localhost sshd[101788]: Failed password for root from 106.13.231.103 port 56326 ssh2 Oct 7 20:43:35 localhost sshd[102102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.231.103 user=root Oct 7 20:43:37 localhost sshd[102102]: Failed password for root from 106.13.231.103 port 41860 ssh2 Oct 7 20:46:36 localhost sshd[102379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.231.103 user=root Oct 7 20:46:38 localhost sshd[102379]: Failed password for root from 106.13.231.103 port 55618 ssh2 ...	2020-10-08 08:38:31
106.13.231.171	attackspam	(sshd) Failed SSH login from 106.13.231.171 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 5 09:28:55 server sshd[15252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.231.171 user=root Oct 5 09:28:57 server sshd[15252]: Failed password for root from 106.13.231.171 port 33792 ssh2 Oct 5 09:33:28 server sshd[16386]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.231.171 user=root Oct 5 09:33:31 server sshd[16386]: Failed password for root from 106.13.231.171 port 58858 ssh2 Oct 5 09:35:51 server sshd[17124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.231.171 user=root	2020-10-06 04:37:27
106.13.231.171	attackbots	SSH bruteforce	2020-10-05 20:40:47

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.231.71
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34386
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.231.71.			IN	A

;; AUTHORITY SECTION:
.			594	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052301 1800 900 604800 86400

;; Query time: 308 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 23 20:13:37 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 71.231.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 71.231.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
165.227.210.71	attack	SSH authentication failure x 6 reported by Fail2Ban ...	2020-04-05 23:37:46
185.69.24.243	attackspam	Apr 5 15:35:02 lock-38 sshd[596560]: Failed password for root from 185.69.24.243 port 48562 ssh2 Apr 5 15:48:06 lock-38 sshd[596939]: Failed password for root from 185.69.24.243 port 53530 ssh2 Apr 5 15:51:55 lock-38 sshd[597028]: Failed password for root from 185.69.24.243 port 37212 ssh2 Apr 5 15:55:53 lock-38 sshd[597138]: Failed password for root from 185.69.24.243 port 49126 ssh2 Apr 5 15:59:51 lock-38 sshd[597256]: Failed password for root from 185.69.24.243 port 32802 ssh2 ...	2020-04-05 23:11:31
92.63.194.91	attack	Apr 5 17:22:04 meumeu sshd[8830]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.91 Apr 5 17:22:06 meumeu sshd[8830]: Failed password for invalid user admin from 92.63.194.91 port 44133 ssh2 Apr 5 17:22:26 meumeu sshd[8883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.91 ...	2020-04-05 23:27:26
222.128.15.208	attack	(sshd) Failed SSH login from 222.128.15.208 (-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 5 14:46:07 ubnt-55d23 sshd[6335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.128.15.208 user=root Apr 5 14:46:09 ubnt-55d23 sshd[6335]: Failed password for root from 222.128.15.208 port 42554 ssh2	2020-04-05 23:27:48
1.186.57.150	attackbots	Fail2Ban Ban Triggered	2020-04-05 23:17:38
173.245.239.228	attackbots	failed_logins	2020-04-05 22:57:34
116.111.173.51	attackspambots	Automatic report - Port Scan Attack	2020-04-05 23:29:21
95.138.190.64	attack	Apr 5 06:41:18 * sshd[26993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.138.190.64 user=r.r Apr 5 06:41:19 * sshd[26993]: Failed password for r.r from 95.138.190.64 port 53082 ssh2 Apr 5 06:41:19 * sshd[26993]: Received disconnect from 95.138.190.64: 11: Bye Bye [preauth] Apr 5 06:49:45 * sshd[28026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.138.190.64 user=r.r Apr 5 06:49:47 * sshd[28026]: Failed password for r.r from 95.138.190.64 port 44430 ssh2 Apr 5 06:49:47 * sshd[28026]: Received disconnect from 95.138.190.64: 11: Bye Bye [preauth] Apr 5 06:53:58 * sshd[28750]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.138.190.64 user=r.r Apr 5 06:54:00 * sshd[28750]: Failed password for r.r from 95.138.190.64 port 36592 ssh2 Apr 5 06:54:00 *** sshd[28750]: Received disconnect from 95.138.190.64: 11: Bye By........ -------------------------------	2020-04-05 23:11:13
178.128.81.125	attack	Apr 5 12:44:05 IngegnereFirenze sshd[21514]: Failed password for invalid user staff from 178.128.81.125 port 33071 ssh2 ...	2020-04-05 22:48:23
222.186.180.9	attackspam	Apr 5 23:34:53 bacztwo sshd[24816]: error: PAM: Authentication failure for root from 222.186.180.9 Apr 5 23:34:56 bacztwo sshd[24816]: error: PAM: Authentication failure for root from 222.186.180.9 Apr 5 23:35:00 bacztwo sshd[24816]: error: PAM: Authentication failure for root from 222.186.180.9 Apr 5 23:35:00 bacztwo sshd[24816]: Failed keyboard-interactive/pam for root from 222.186.180.9 port 7322 ssh2 Apr 5 23:34:49 bacztwo sshd[24816]: error: PAM: Authentication failure for root from 222.186.180.9 Apr 5 23:34:53 bacztwo sshd[24816]: error: PAM: Authentication failure for root from 222.186.180.9 Apr 5 23:34:56 bacztwo sshd[24816]: error: PAM: Authentication failure for root from 222.186.180.9 Apr 5 23:35:00 bacztwo sshd[24816]: error: PAM: Authentication failure for root from 222.186.180.9 Apr 5 23:35:00 bacztwo sshd[24816]: Failed keyboard-interactive/pam for root from 222.186.180.9 port 7322 ssh2 Apr 5 23:35:04 bacztwo sshd[24816]: error: PAM: Authentication failure for ...	2020-04-05 23:38:40
35.226.246.200	attack	Apr 5 16:14:45 s1 sshd\[15193\]: User root from 35.226.246.200 not allowed because not listed in AllowUsers Apr 5 16:14:45 s1 sshd\[15193\]: Failed password for invalid user root from 35.226.246.200 port 42642 ssh2 Apr 5 16:16:58 s1 sshd\[18100\]: User root from 35.226.246.200 not allowed because not listed in AllowUsers Apr 5 16:16:58 s1 sshd\[18100\]: Failed password for invalid user root from 35.226.246.200 port 54816 ssh2 Apr 5 16:19:15 s1 sshd\[20016\]: User root from 35.226.246.200 not allowed because not listed in AllowUsers Apr 5 16:19:15 s1 sshd\[20016\]: Failed password for invalid user root from 35.226.246.200 port 38762 ssh2 ...	2020-04-05 23:15:07
45.43.18.112	attackbotsspam	php vulnerability probing	2020-04-05 23:30:21
139.219.15.116	attackbotsspam	2020-04-05T14:38:00.939605librenms sshd[24024]: Failed password for root from 139.219.15.116 port 50772 ssh2 2020-04-05T14:43:49.983425librenms sshd[24655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.15.116 user=root 2020-04-05T14:43:51.927622librenms sshd[24655]: Failed password for root from 139.219.15.116 port 54274 ssh2 ...	2020-04-05 23:01:28
139.59.4.200	attackspam	139.59.4.200 - - [05/Apr/2020:14:43:19 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.200 - - [05/Apr/2020:14:43:20 +0200] "POST /wp-login.php HTTP/1.1" 200 2297 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.200 - - [05/Apr/2020:14:43:21 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.200 - - [05/Apr/2020:14:43:22 +0200] "POST /wp-login.php HTTP/1.1" 200 2272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.200 - - [05/Apr/2020:14:43:23 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.4.200 - - [05/Apr/2020:14:43:23 +0200] "POST /wp-login.php HTTP/1.1" 200 2272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-05 23:32:37
35.200.241.227	attackbots	SSH Brute-Force reported by Fail2Ban	2020-04-05 22:46:03

最近上报的IP列表

88.208.45.149	241.15.60.167	42.82.70.15	114.119.165.213
177.32.69.162	178.92.8.216	88.208.45.147	78.132.137.229
177.80.89.137	2003:dc:6f1a:9a00:f5ce:c675:f95e:3092	95.167.185.18	157.230.33.138
125.93.183.138	128.199.83.7	113.173.231.205	115.127.77.242
119.136.146.149	5.189.166.240	88.208.45.144	40.85.228.107