106.13.41.25 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Failed password for root from 106.13.41.25 port 52524 ssh2	2020-08-01 19:12:20
attackspambots	TCP (SYN) 106.13.41.25:58475 -> port 1834, len 44	2020-07-16 15:40:02
attackbots	Unauthorized connection attempt detected from IP address 106.13.41.25 to port 251	2020-07-13 03:06:58
attackspam	Bruteforce detected by fail2ban	2020-06-09 01:28:40
attackspambots	Jun 6 10:34:44 vps46666688 sshd[16601]: Failed password for root from 106.13.41.25 port 41350 ssh2 ...	2020-06-06 22:11:08
attackspambots	Jun 2 22:40:24 h2779839 sshd[12121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.25 user=root Jun 2 22:40:26 h2779839 sshd[12121]: Failed password for root from 106.13.41.25 port 54192 ssh2 Jun 2 22:42:56 h2779839 sshd[12155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.25 user=root Jun 2 22:42:58 h2779839 sshd[12155]: Failed password for root from 106.13.41.25 port 38976 ssh2 Jun 2 22:45:29 h2779839 sshd[12204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.25 user=root Jun 2 22:45:32 h2779839 sshd[12204]: Failed password for root from 106.13.41.25 port 51982 ssh2 Jun 2 22:47:54 h2779839 sshd[12238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.25 user=root Jun 2 22:47:56 h2779839 sshd[12238]: Failed password for root from 106.13.41.25 port 36756 ssh2 Jun 2 22:50 ...	2020-06-03 05:01:23
attack	Invalid user umi from 106.13.41.25 port 54154	2020-05-21 16:46:00
attackbotsspam	2020-04-29T04:14:31.012967shield sshd\[6370\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.25 user=root 2020-04-29T04:14:32.903215shield sshd\[6370\]: Failed password for root from 106.13.41.25 port 53458 ssh2 2020-04-29T04:17:15.027454shield sshd\[6660\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.25 user=root 2020-04-29T04:17:17.569983shield sshd\[6660\]: Failed password for root from 106.13.41.25 port 60816 ssh2 2020-04-29T04:19:50.457470shield sshd\[7016\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.25 user=root	2020-04-29 14:08:22
attackbotsspam	failed root login	2020-04-23 13:27:44

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.41.87	attack	2020-10-10T21:33:05.633586hostname sshd[29936]: Failed password for invalid user ark from 106.13.41.87 port 39526 ssh2 2020-10-10T21:36:13.475247hostname sshd[31217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.87 user=root 2020-10-10T21:36:15.718396hostname sshd[31217]: Failed password for root from 106.13.41.87 port 38682 ssh2 ...	2020-10-10 23:09:58
106.13.41.87	attackspam	$f2bV_matches	2020-10-10 15:00:24
106.13.41.87	attackspam	2020-08-29T05:55:18.581280vps751288.ovh.net sshd\[28780\]: Invalid user osman from 106.13.41.87 port 41516 2020-08-29T05:55:18.587995vps751288.ovh.net sshd\[28780\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.87 2020-08-29T05:55:20.581813vps751288.ovh.net sshd\[28780\]: Failed password for invalid user osman from 106.13.41.87 port 41516 ssh2 2020-08-29T05:59:45.603174vps751288.ovh.net sshd\[28809\]: Invalid user zl from 106.13.41.87 port 43118 2020-08-29T05:59:45.611360vps751288.ovh.net sshd\[28809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.87	2020-08-29 12:23:32
106.13.41.87	attack	SSH Brute Force	2020-08-23 03:28:49
106.13.41.87	attackbots	Invalid user backups from 106.13.41.87 port 57670	2020-08-21 17:10:03
106.13.41.87	attack	Aug 18 12:26:33 fhem-rasp sshd[4460]: Invalid user erik from 106.13.41.87 port 36794 ...	2020-08-18 18:27:41
106.13.41.87	attackspam	B: Abusive ssh attack	2020-08-17 16:36:01
106.13.41.87	attackspambots	Aug 11 22:24:37 lunarastro sshd[25544]: Failed password for root from 106.13.41.87 port 50008 ssh2 Aug 11 22:31:30 lunarastro sshd[25842]: Failed password for root from 106.13.41.87 port 35798 ssh2	2020-08-12 02:06:53
106.13.41.87	attack	2020-08-07T22:19:21.685393v22018076590370373 sshd[12093]: Failed password for root from 106.13.41.87 port 49836 ssh2 2020-08-07T22:23:57.334993v22018076590370373 sshd[6127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.87 user=root 2020-08-07T22:23:59.729392v22018076590370373 sshd[6127]: Failed password for root from 106.13.41.87 port 55430 ssh2 2020-08-07T22:28:29.786020v22018076590370373 sshd[28201]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.87 user=root 2020-08-07T22:28:32.186316v22018076590370373 sshd[28201]: Failed password for root from 106.13.41.87 port 32792 ssh2 ...	2020-08-08 04:55:28
106.13.41.93	attackspambots	Aug 2 22:16:32 rocket sshd[4367]: Failed password for root from 106.13.41.93 port 47160 ssh2 Aug 2 22:19:15 rocket sshd[4702]: Failed password for root from 106.13.41.93 port 36404 ssh2 ...	2020-08-03 05:53:05
106.13.41.87	attackspam	$f2bV_matches	2020-07-15 05:08:19
106.13.41.87	attack	Jul 13 08:23:14 nas sshd[28743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.87 Jul 13 08:23:16 nas sshd[28743]: Failed password for invalid user ajit from 106.13.41.87 port 39206 ssh2 Jul 13 08:38:29 nas sshd[29290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.87 ...	2020-07-13 15:22:13
106.13.41.250	attackspam	2020-06-30T15:35:43.680917mail.broermann.family sshd[12311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.250 2020-06-30T15:35:43.676279mail.broermann.family sshd[12311]: Invalid user ranjit from 106.13.41.250 port 42956 2020-06-30T15:35:45.628377mail.broermann.family sshd[12311]: Failed password for invalid user ranjit from 106.13.41.250 port 42956 ssh2 2020-06-30T15:39:24.283278mail.broermann.family sshd[12605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.250 user=root 2020-06-30T15:39:26.571854mail.broermann.family sshd[12605]: Failed password for root from 106.13.41.250 port 59246 ssh2 ...	2020-07-01 01:46:06
106.13.41.87	attack	Invalid user marvin from 106.13.41.87 port 43660	2020-06-28 14:34:18
106.13.41.93	attack	Jun 23 13:01:27 rush sshd[16603]: Failed password for root from 106.13.41.93 port 52542 ssh2 Jun 23 13:06:06 rush sshd[16676]: Failed password for backup from 106.13.41.93 port 43864 ssh2 Jun 23 13:08:04 rush sshd[16708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.93 ...	2020-06-23 23:57:25

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.41.25
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58418
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.41.25.			IN	A

;; AUTHORITY SECTION:
.			561	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042300 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 23 13:27:40 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 25.41.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 25.41.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
139.59.213.125	attackspambots	Dec 18 18:25:44 reporting6 sshd[23557]: Did not receive identification string from 139.59.213.125 Dec 18 18:28:04 reporting6 sshd[24755]: reveeclipse mapping checking getaddrinfo for 353897.cloudwaysapps.com [139.59.213.125] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 18 18:28:04 reporting6 sshd[24755]: User r.r from 139.59.213.125 not allowed because not listed in AllowUsers Dec 18 18:28:04 reporting6 sshd[24755]: Failed password for invalid user r.r from 139.59.213.125 port 37836 ssh2 Dec 18 18:28:10 reporting6 sshd[24814]: reveeclipse mapping checking getaddrinfo for 353897.cloudwaysapps.com [139.59.213.125] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 18 18:28:10 reporting6 sshd[24814]: User r.r from 139.59.213.125 not allowed because not listed in AllowUsers Dec 18 18:28:10 reporting6 sshd[24814]: Failed password for invalid user r.r from 139.59.213.125 port 42598 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=139.59.213.125	2019-12-19 05:36:47
91.242.161.167	attackspam	auto-add	2019-12-19 05:54:33
95.172.61.50	attackspambots	Unauthorized connection attempt from IP address 95.172.61.50 on Port 445(SMB)	2019-12-19 05:32:28
154.126.173.50	attack	Scanning random ports - tries to find possible vulnerable services	2019-12-19 05:47:20
84.22.40.25	attackspam	Unauthorized connection attempt from IP address 84.22.40.25 on Port 445(SMB)	2019-12-19 05:29:08
94.67.107.8	attackbots	Unauthorized connection attempt from IP address 94.67.107.8 on Port 445(SMB)	2019-12-19 05:46:10
91.133.211.174	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 18-12-2019 16:05:55.	2019-12-19 05:50:09
150.107.213.95	attackbotsspam	Dec 16 21:15:50 linuxrulz sshd[18705]: Invalid user herington from 150.107.213.95 port 55803 Dec 16 21:15:50 linuxrulz sshd[18705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.107.213.95 Dec 16 21:15:52 linuxrulz sshd[18705]: Failed password for invalid user herington from 150.107.213.95 port 55803 ssh2 Dec 16 21:15:52 linuxrulz sshd[18705]: Received disconnect from 150.107.213.95 port 55803:11: Bye Bye [preauth] Dec 16 21:15:52 linuxrulz sshd[18705]: Disconnected from 150.107.213.95 port 55803 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=150.107.213.95	2019-12-19 05:36:14
167.114.115.22	attackspambots	Invalid user admin from 167.114.115.22 port 50776	2019-12-19 05:41:00
93.152.159.11	attackspam	Dec 18 15:30:50 ns41 sshd[26418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.152.159.11 Dec 18 15:30:50 ns41 sshd[26418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.152.159.11	2019-12-19 05:43:40
188.35.187.50	attackbotsspam	Dec 18 22:34:26 nextcloud sshd\[16298\]: Invalid user semanaz from 188.35.187.50 Dec 18 22:34:26 nextcloud sshd\[16298\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.35.187.50 Dec 18 22:34:27 nextcloud sshd\[16298\]: Failed password for invalid user semanaz from 188.35.187.50 port 54074 ssh2 ...	2019-12-19 05:50:27
180.87.202.113	attackspam	Unauthorized connection attempt from IP address 180.87.202.113 on Port 445(SMB)	2019-12-19 05:53:06
188.166.31.205	attackbots	SSH brute-force: detected 22 distinct usernames within a 24-hour window.	2019-12-19 05:40:01
51.15.51.2	attack	$f2bV_matches	2019-12-19 06:00:01
202.83.17.223	attackspambots	2019-12-18T19:06:32.083516Z 6b71a5c399e5 New connection: 202.83.17.223:49708 (172.17.0.5:2222) [session: 6b71a5c399e5] 2019-12-18T19:13:46.845658Z a814bd65835e New connection: 202.83.17.223:32860 (172.17.0.5:2222) [session: a814bd65835e]	2019-12-19 06:07:29

最近上报的IP列表

134.122.49.204	197.52.140.80	182.73.196.163	140.136.209.28
175.4.208.106	5.180.185.253	13.90.47.174	197.249.19.211
47.56.179.83	189.12.133.85	23.239.21.83	84.38.180.17
59.8.79.4	245.18.193.52	201.225.72.9	159.173.86.218
236.4.233.120	19.232.33.82	60.44.15.174	159.18.123.253