106.13.30.99 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	fail2ban	2020-08-11 01:27:11
attackbotsspam	2020-08-07T14:03:04.532300amanda2.illicoweb.com sshd\[43453\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.99 user=root 2020-08-07T14:03:06.503975amanda2.illicoweb.com sshd\[43453\]: Failed password for root from 106.13.30.99 port 59930 ssh2 2020-08-07T14:05:27.781028amanda2.illicoweb.com sshd\[43867\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.99 user=root 2020-08-07T14:05:29.049938amanda2.illicoweb.com sshd\[43867\]: Failed password for root from 106.13.30.99 port 39308 ssh2 2020-08-07T14:07:41.497539amanda2.illicoweb.com sshd\[44189\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.99 user=root ...	2020-08-07 21:33:15
attack	Jul 30 09:07:14 plex-server sshd[2407821]: Invalid user zhangjunzhe from 106.13.30.99 port 48186 Jul 30 09:07:14 plex-server sshd[2407821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.99 Jul 30 09:07:14 plex-server sshd[2407821]: Invalid user zhangjunzhe from 106.13.30.99 port 48186 Jul 30 09:07:16 plex-server sshd[2407821]: Failed password for invalid user zhangjunzhe from 106.13.30.99 port 48186 ssh2 Jul 30 09:10:17 plex-server sshd[2409402]: Invalid user huyi from 106.13.30.99 port 57990 ...	2020-07-30 17:17:09
attackbotsspam	SSH BruteForce Attack	2020-07-19 12:11:59
attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-11T11:56:38Z and 2020-07-11T12:01:39Z	2020-07-11 20:44:40
attack	$f2bV_matches	2020-07-09 18:10:38
attack	Jul 7 00:40:53 vps647732 sshd[10432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.99 Jul 7 00:40:55 vps647732 sshd[10432]: Failed password for invalid user tanghua from 106.13.30.99 port 45332 ssh2 ...	2020-07-07 06:59:50
attack	2020-06-29T04:39:32 t 22d[54496]: pam_unix(22d:auth): authentication failure, logname= uid=0 euid=0 tty=22 ruser= rhost=106.13.30.99 ", "Jun 29 04:39:35 t 22d[54496]: Failed password for invalid user jenkins from 106.13.30.99 port 35344 222"], "failures": 3, "mlfid": " t 22d[54496]: ", "user": "jenkins", "ip4": "106.13.30.99"}	2020-06-29 22:51:33

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.30.80	attack	Invalid user tsf from 106.13.30.80 port 57910	2020-02-15 08:43:40
106.13.30.80	attackbots	Unauthorized connection attempt detected from IP address 106.13.30.80 to port 2220 [J]	2020-01-22 20:53:34
106.13.30.80	attackbotsspam	Invalid user bandel from 106.13.30.80 port 35940 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80 Failed password for invalid user bandel from 106.13.30.80 port 35940 ssh2 Invalid user el from 106.13.30.80 port 57032 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80	2019-12-25 01:42:33
106.13.30.80	attackbots	Nov 26 20:56:55 game-panel sshd[16997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80 Nov 26 20:56:57 game-panel sshd[16997]: Failed password for invalid user meineke from 106.13.30.80 port 51780 ssh2 Nov 26 21:04:09 game-panel sshd[17216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80	2019-11-27 05:20:24
106.13.30.80	attack	Oct 21 12:41:38 penfold sshd[18648]: Invalid user Adminixxxr from 106.13.30.80 port 40146 Oct 21 12:41:38 penfold sshd[18648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80 Oct 21 12:41:40 penfold sshd[18648]: Failed password for invalid user Adminixxxr from 106.13.30.80 port 40146 ssh2 Oct 21 12:41:42 penfold sshd[18648]: Received disconnect from 106.13.30.80 port 40146:11: Bye Bye [preauth] Oct 21 12:41:42 penfold sshd[18648]: Disconnected from 106.13.30.80 port 40146 [preauth] Oct 21 13:06:44 penfold sshd[19601]: Invalid user dev from 106.13.30.80 port 54170 Oct 21 13:06:44 penfold sshd[19601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80 Oct 21 13:06:46 penfold sshd[19601]: Failed password for invalid user dev from 106.13.30.80 port 54170 ssh2 Oct 21 13:06:47 penfold sshd[19601]: Received disconnect from 106.13.30.80 port 54170:11: Bye Bye [preauth] Oct 2........ -------------------------------	2019-10-26 16:24:20
106.13.30.80	attackspam	Automatic report - Banned IP Access	2019-10-24 15:57:51
106.13.30.80	attack	Oct 21 12:41:38 penfold sshd[18648]: Invalid user Adminixxxr from 106.13.30.80 port 40146 Oct 21 12:41:38 penfold sshd[18648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80 Oct 21 12:41:40 penfold sshd[18648]: Failed password for invalid user Adminixxxr from 106.13.30.80 port 40146 ssh2 Oct 21 12:41:42 penfold sshd[18648]: Received disconnect from 106.13.30.80 port 40146:11: Bye Bye [preauth] Oct 21 12:41:42 penfold sshd[18648]: Disconnected from 106.13.30.80 port 40146 [preauth] Oct 21 13:06:44 penfold sshd[19601]: Invalid user dev from 106.13.30.80 port 54170 Oct 21 13:06:44 penfold sshd[19601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80 Oct 21 13:06:46 penfold sshd[19601]: Failed password for invalid user dev from 106.13.30.80 port 54170 ssh2 Oct 21 13:06:47 penfold sshd[19601]: Received disconnect from 106.13.30.80 port 54170:11: Bye Bye [preauth] Oct 2........ -------------------------------	2019-10-24 00:31:26
106.13.30.143	attackbots	2019-08-07T00:08:49.648892abusebot-2.cloudsearch.cf sshd\[10594\]: Invalid user lines from 106.13.30.143 port 39444	2019-08-07 08:38:48
106.13.30.143	attackbotsspam	Automatic report - Banned IP Access	2019-07-29 15:53:07

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.30.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30807
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.30.99.			IN	A

;; AUTHORITY SECTION:
.			455	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062900 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 29 22:51:22 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 99.30.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 99.30.13.106.in-addr.arpa.: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.139.45.75	attack	MAIL: User Login Brute Force Attempt	2020-09-01 00:54:36
45.143.223.105	attackspam	[2020-08-31 11:56:35] NOTICE[1185][C-00008ecd] chan_sip.c: Call from '' (45.143.223.105:54988) to extension '800096646132660946' rejected because extension not found in context 'public'. [2020-08-31 11:56:35] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-31T11:56:35.292-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="800096646132660946",SessionID="0x7f10c43e3a48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.223.105/54988",ACLName="no_extension_match" [2020-08-31 11:57:04] NOTICE[1185][C-00008ece] chan_sip.c: Call from '' (45.143.223.105:51990) to extension '80022146132660946' rejected because extension not found in context 'public'. [2020-08-31 11:57:04] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-31T11:57:04.142-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="80022146132660946",SessionID="0x7f10c416cce8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddre ...	2020-09-01 00:11:04
222.186.3.249	attackspam	Aug 31 16:45:23 localhost sshd[15664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.3.249 user=root Aug 31 16:45:24 localhost sshd[15664]: Failed password for root from 222.186.3.249 port 46425 ssh2 Aug 31 16:45:28 localhost sshd[15664]: Failed password for root from 222.186.3.249 port 46425 ssh2 Aug 31 16:45:23 localhost sshd[15664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.3.249 user=root Aug 31 16:45:24 localhost sshd[15664]: Failed password for root from 222.186.3.249 port 46425 ssh2 Aug 31 16:45:28 localhost sshd[15664]: Failed password for root from 222.186.3.249 port 46425 ssh2 Aug 31 16:45:23 localhost sshd[15664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.3.249 user=root Aug 31 16:45:24 localhost sshd[15664]: Failed password for root from 222.186.3.249 port 46425 ssh2 Aug 31 16:45:28 localhost sshd[15664]: Failed pas ...	2020-09-01 00:46:34
89.178.114.78	attackspambots	1598877245 - 08/31/2020 14:34:05 Host: 89.178.114.78/89.178.114.78 Port: 445 TCP Blocked	2020-09-01 00:10:20
195.54.167.190	attack	195.54.167.190 - - \[31/Aug/2020:18:28:04 +0200\] "POST //xmlrpc.php HTTP/1.0" 200 735 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/78.0.3904.108 Safari/537.36" 195.54.167.190 - - \[31/Aug/2020:18:28:04 +0200\] "POST //xmlrpc.php HTTP/1.0" 200 733 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/78.0.3904.108 Safari/537.36" 195.54.167.190 - - \[31/Aug/2020:18:28:05 +0200\] "POST //xmlrpc.php HTTP/1.0" 200 735 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/78.0.3904.108 Safari/537.36"	2020-09-01 00:36:02
147.253.217.244	attack	Used for spam	2020-09-01 00:38:17
51.89.102.190	attackspambots	2020-08-31 10:02:57.184806-0500 localhost smtpd[89098]: NOQUEUE: reject: RCPT from unknown[51.89.102.190]: 450 4.7.25 Client host rejected: cannot find your hostname, [51.89.102.190]; from= to= proto=ESMTP helo=	2020-09-01 00:57:55
104.131.39.193	attackbotsspam	Aug 31 18:49:42 fhem-rasp sshd[6421]: Failed password for root from 104.131.39.193 port 55050 ssh2 Aug 31 18:49:42 fhem-rasp sshd[6421]: Disconnected from authenticating user root 104.131.39.193 port 55050 [preauth] ...	2020-09-01 00:52:26
192.99.10.122	attackbotsspam	SmallBizIT.US 3 packets to tcp(8545)	2020-09-01 00:11:31
60.175.124.27	attackspam	CN CN/China/- Hits: 11	2020-09-01 00:18:58
51.75.202.218	attackspam	Failed password for invalid user zy from 51.75.202.218 port 58814 ssh2	2020-09-01 00:46:48
14.140.95.157	attackbots	2020-08-31 12:03:32,750 fail2ban.actions [937]: NOTICE [sshd] Ban 14.140.95.157 2020-08-31 12:44:25,066 fail2ban.actions [937]: NOTICE [sshd] Ban 14.140.95.157 2020-08-31 13:21:31,067 fail2ban.actions [937]: NOTICE [sshd] Ban 14.140.95.157 2020-08-31 13:55:32,054 fail2ban.actions [937]: NOTICE [sshd] Ban 14.140.95.157 2020-08-31 14:33:57,820 fail2ban.actions [937]: NOTICE [sshd] Ban 14.140.95.157 ...	2020-09-01 00:17:19
170.210.71.10	attackbotsspam	Aug 31 17:28:35 vmd17057 sshd[6542]: Failed password for backup from 170.210.71.10 port 51785 ssh2 ...	2020-09-01 00:31:09
87.116.74.66	attackspam	2020-08-31 07:20:26.803594-0500 localhost smtpd[76680]: NOQUEUE: reject: RCPT from 87-116-74-66.ip.btc-net.bg[87.116.74.66]: 554 5.7.1 Service unavailable; Client host [87.116.74.66] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/87.116.74.66; from= to= proto=ESMTP helo=<87-116-74-66.ip.btc-net.bg>	2020-09-01 01:00:42
67.49.89.233	attack	TCP (SYN) 67.49.89.233:12911 -> port 8080, len 44	2020-09-01 00:43:33

最近上报的IP列表

193.27.228.158	191.179.127.234	13.72.77.101	193.27.228.159
167.86.88.34	14.230.214.93	1.53.156.5	187.18.35.116
41.234.169.116	192.241.227.85	181.44.6.241	174.219.128.79
77.242.17.68	192.241.223.78	192.241.221.150	36.71.138.21
192.35.168.89	176.88.86.60	186.224.238.16	102.189.64.60