106.13.5.245 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Apr 24 06:48:20 icinga sshd[64911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.5.245 Apr 24 06:48:22 icinga sshd[64911]: Failed password for invalid user dk from 106.13.5.245 port 59056 ssh2 Apr 24 06:51:19 icinga sshd[5027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.5.245 ...	2020-04-24 14:34:20
attackspambots	Invalid user confluence from 106.13.5.245 port 47756	2020-04-24 06:51:31
attackspambots	$f2bV_matches	2020-04-05 22:31:51

类型

评论内容

时间

attackbotsspam

Apr 24 06:48:20 icinga sshd[64911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.5.245 
Apr 24 06:48:22 icinga sshd[64911]: Failed password for invalid user dk from 106.13.5.245 port 59056 ssh2
Apr 24 06:51:19 icinga sshd[5027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.5.245 
...

2020-04-24 14:34:20

attackspambots

Invalid user confluence from 106.13.5.245 port 47756

2020-04-24 06:51:31

attackspambots

$f2bV_matches

2020-04-05 22:31:51

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.56.204	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-05 05:33:41
106.13.56.204	attack	" "	2020-10-04 21:28:25
106.13.56.204	attackspambots	24241/tcp 17910/tcp 7001/tcp... [2020-08-04/10-03]22pkt,22pt.(tcp)	2020-10-04 13:15:53
106.13.50.219	attackbotsspam	Sep 3 19:47:59 lnxweb61 sshd[30349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.219	2020-09-04 03:50:33
106.13.50.219	attackspam	(sshd) Failed SSH login from 106.13.50.219 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 3 01:43:25 server sshd[13990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.219 user=root Sep 3 01:43:27 server sshd[13990]: Failed password for root from 106.13.50.219 port 49370 ssh2 Sep 3 02:00:52 server sshd[18563]: Invalid user guest from 106.13.50.219 port 50700 Sep 3 02:00:54 server sshd[18563]: Failed password for invalid user guest from 106.13.50.219 port 50700 ssh2 Sep 3 02:03:49 server sshd[19321]: Invalid user postgres from 106.13.50.219 port 56616	2020-09-03 19:25:41
106.13.50.219	attack	Aug 30 16:04:11 vpn01 sshd[30284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.219 Aug 30 16:04:13 vpn01 sshd[30284]: Failed password for invalid user jordi from 106.13.50.219 port 59596 ssh2 ...	2020-08-30 23:54:36
106.13.50.145	attack	Aug 29 16:10:12 lukav-desktop sshd\[27316\]: Invalid user user from 106.13.50.145 Aug 29 16:10:12 lukav-desktop sshd\[27316\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 Aug 29 16:10:13 lukav-desktop sshd\[27316\]: Failed password for invalid user user from 106.13.50.145 port 50782 ssh2 Aug 29 16:15:05 lukav-desktop sshd\[24216\]: Invalid user smbguest from 106.13.50.145 Aug 29 16:15:05 lukav-desktop sshd\[24216\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145	2020-08-30 01:35:18
106.13.50.145	attackbotsspam	Aug 28 03:47:35 lanister sshd[1746]: Invalid user francis from 106.13.50.145 Aug 28 03:47:37 lanister sshd[1746]: Failed password for invalid user francis from 106.13.50.145 port 56854 ssh2 Aug 28 03:49:55 lanister sshd[1811]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 user=root Aug 28 03:49:57 lanister sshd[1811]: Failed password for root from 106.13.50.145 port 51058 ssh2	2020-08-28 17:07:51
106.13.50.219	attack	SSH BruteForce Attack	2020-08-27 22:14:32
106.13.52.107	attackbots	20 attempts against mh-ssh on echoip	2020-08-26 20:28:49
106.13.50.145	attackspam	Aug 26 10:28:43 dhoomketu sshd[2669964]: Invalid user relay from 106.13.50.145 port 45712 Aug 26 10:28:43 dhoomketu sshd[2669964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 Aug 26 10:28:43 dhoomketu sshd[2669964]: Invalid user relay from 106.13.50.145 port 45712 Aug 26 10:28:45 dhoomketu sshd[2669964]: Failed password for invalid user relay from 106.13.50.145 port 45712 ssh2 Aug 26 10:31:55 dhoomketu sshd[2670037]: Invalid user eswar from 106.13.50.145 port 56230 ...	2020-08-26 13:24:05
106.13.50.145	attackspambots	Aug 25 16:56:38 fhem-rasp sshd[8571]: Invalid user hugo from 106.13.50.145 port 59826 ...	2020-08-26 03:51:41
106.13.52.107	attackspam	Aug 25 05:08:10 serwer sshd\[21470\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.107 user=root Aug 25 05:08:13 serwer sshd\[21470\]: Failed password for root from 106.13.52.107 port 40932 ssh2 Aug 25 05:15:21 serwer sshd\[28095\]: Invalid user mc from 106.13.52.107 port 34882 Aug 25 05:15:21 serwer sshd\[28095\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.107 ...	2020-08-25 21:13:36
106.13.50.145	attack	Aug 25 13:25:59 itv-usvr-01 sshd[6902]: Invalid user superman from 106.13.50.145 Aug 25 13:25:59 itv-usvr-01 sshd[6902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 Aug 25 13:25:59 itv-usvr-01 sshd[6902]: Invalid user superman from 106.13.50.145 Aug 25 13:26:01 itv-usvr-01 sshd[6902]: Failed password for invalid user superman from 106.13.50.145 port 38080 ssh2 Aug 25 13:34:37 itv-usvr-01 sshd[7235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 user=root Aug 25 13:34:38 itv-usvr-01 sshd[7235]: Failed password for root from 106.13.50.145 port 59844 ssh2	2020-08-25 16:04:57
106.13.50.145	attack	Unauthorized SSH login attempts	2020-08-23 17:21:10

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.5.245
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4007
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.5.245.			IN	A

;; AUTHORITY SECTION:
.			388	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040500 1800 900 604800 86400

;; Query time: 43 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 05 22:31:43 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 245.5.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 245.5.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
46.105.31.249	attack	Aug 6 15:45:02 SilenceServices sshd[17554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.31.249 Aug 6 15:45:04 SilenceServices sshd[17554]: Failed password for invalid user vr from 46.105.31.249 port 49568 ssh2 Aug 6 15:49:16 SilenceServices sshd[20620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.31.249	2019-08-07 00:43:57
206.189.73.71	attackbotsspam	Aug 6 13:17:12 vpn01 sshd\[30456\]: Invalid user meteo from 206.189.73.71 Aug 6 13:17:12 vpn01 sshd\[30456\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.73.71 Aug 6 13:17:15 vpn01 sshd\[30456\]: Failed password for invalid user meteo from 206.189.73.71 port 46360 ssh2	2019-08-07 01:14:25
41.238.137.189	attackbotsspam	Aug 6 06:19:23 master sshd[14015]: Failed password for invalid user admin from 41.238.137.189 port 48768 ssh2	2019-08-07 01:35:00
111.56.176.213	attack	Telnet Server BruteForce Attack	2019-08-07 00:20:01
185.220.101.56	attackbotsspam	Aug 6 18:02:29 nginx sshd[85264]: Connection from 185.220.101.56 port 37638 on 10.23.102.80 port 22 Aug 6 18:02:30 nginx sshd[85264]: Received disconnect from 185.220.101.56 port 37638:11: bye [preauth]	2019-08-07 00:26:36
152.136.214.13	attackbots	HTTP/80/443 Probe, BF, WP, Hack -	2019-08-07 00:39:51
116.31.75.26	attack	2019-08-06T13:56:08.280000abusebot-7.cloudsearch.cf sshd\[585\]: Invalid user yumiko from 116.31.75.26 port 52676	2019-08-07 00:36:18
94.232.136.126	attackspam	Aug 6 14:03:34 vpn01 sshd\[30587\]: Invalid user godzilla from 94.232.136.126 Aug 6 14:03:34 vpn01 sshd\[30587\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.232.136.126 Aug 6 14:03:37 vpn01 sshd\[30587\]: Failed password for invalid user godzilla from 94.232.136.126 port 49829 ssh2	2019-08-07 01:22:43
202.83.127.157	attackbotsspam	Aug 6 17:19:52 microserver sshd[33523]: Invalid user koenraad from 202.83.127.157 port 33052 Aug 6 17:19:52 microserver sshd[33523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.83.127.157 Aug 6 17:19:55 microserver sshd[33523]: Failed password for invalid user koenraad from 202.83.127.157 port 33052 ssh2 Aug 6 17:24:31 microserver sshd[34184]: Invalid user white from 202.83.127.157 port 45156 Aug 6 17:24:31 microserver sshd[34184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.83.127.157 Aug 6 17:38:09 microserver sshd[36119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.83.127.157 user=root Aug 6 17:38:12 microserver sshd[36119]: Failed password for root from 202.83.127.157 port 53334 ssh2 Aug 6 17:42:51 microserver sshd[36753]: Invalid user bis from 202.83.127.157 port 37206 Aug 6 17:42:51 microserver sshd[36753]: pam_unix(sshd:auth): authentication failure;	2019-08-07 00:25:18
179.72.251.208	attack	SSH/22 MH Probe, BF, Hack -	2019-08-07 01:19:35
115.193.21.128	attackbots	Aug 6 11:17:43 DDOS Attack: SRC=115.193.21.128 DST=[Masked] LEN=40 TOS=0x00 PREC=0x00 TTL=51 DF PROTO=TCP SPT=29540 DPT=80 WINDOW=0 RES=0x00 RST URGP=0	2019-08-07 00:44:46
106.51.151.181	attackspam	wget call in url	2019-08-07 01:25:55
91.134.170.118	attackbotsspam	Aug 6 18:34:01 vps01 sshd[17602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.170.118 Aug 6 18:34:02 vps01 sshd[17602]: Failed password for invalid user cashier from 91.134.170.118 port 53672 ssh2	2019-08-07 00:40:25
187.177.76.173	attackbots	Automatic report - Port Scan Attack	2019-08-07 00:34:33
168.227.99.10	attackspambots	Aug 6 13:17:05 nextcloud sshd\[10247\]: Invalid user toni from 168.227.99.10 Aug 6 13:17:05 nextcloud sshd\[10247\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.227.99.10 Aug 6 13:17:08 nextcloud sshd\[10247\]: Failed password for invalid user toni from 168.227.99.10 port 35182 ssh2 ...	2019-08-07 01:21:04

最近上报的IP列表

106.13.140.33	60.167.82.122	233.115.243.48	195.189.96.213
96.79.162.105	60.167.113.19	47.109.254.129	245.114.231.151
61.90.29.72	18.234.80.215	95.138.190.64	96.95.165.2
92.114.115.23	183.15.178.98	111.67.204.192	104.248.46.226
34.92.4.141	112.114.231.61	218.205.219.182	148.251.115.140