106.13.56.249 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	May 31 23:50:28 abendstille sshd\[20201\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.249 user=root May 31 23:50:30 abendstille sshd\[20201\]: Failed password for root from 106.13.56.249 port 58176 ssh2 May 31 23:54:07 abendstille sshd\[24255\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.249 user=root May 31 23:54:09 abendstille sshd\[24255\]: Failed password for root from 106.13.56.249 port 56448 ssh2 May 31 23:57:48 abendstille sshd\[28007\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.249 user=root ...	2020-06-01 06:14:08
attack	May 27 02:08:58 prox sshd[25720]: Failed password for root from 106.13.56.249 port 44818 ssh2	2020-05-27 17:45:49
attackspam	May 10 14:53:03 server1 sshd\[14116\]: Failed password for invalid user jc2 from 106.13.56.249 port 54906 ssh2 May 10 14:56:41 server1 sshd\[15451\]: Invalid user kd from 106.13.56.249 May 10 14:56:41 server1 sshd\[15451\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.249 May 10 14:56:43 server1 sshd\[15451\]: Failed password for invalid user kd from 106.13.56.249 port 52844 ssh2 May 10 15:00:15 server1 sshd\[16894\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.249 user=root ...	2020-05-11 06:58:46
attackspambots	SSH/22 MH Probe, BF, Hack -	2020-04-11 19:57:24
attack	Apr 7 23:57:23 ns382633 sshd\[22091\]: Invalid user yatri from 106.13.56.249 port 49400 Apr 7 23:57:23 ns382633 sshd\[22091\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.249 Apr 7 23:57:24 ns382633 sshd\[22091\]: Failed password for invalid user yatri from 106.13.56.249 port 49400 ssh2 Apr 8 00:17:36 ns382633 sshd\[25902\]: Invalid user ts3bot from 106.13.56.249 port 41418 Apr 8 00:17:36 ns382633 sshd\[25902\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.249	2020-04-08 08:10:55

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.56.204	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-05 05:33:41
106.13.56.204	attack	" "	2020-10-04 21:28:25
106.13.56.204	attackspambots	24241/tcp 17910/tcp 7001/tcp... [2020-08-04/10-03]22pkt,22pt.(tcp)	2020-10-04 13:15:53
106.13.56.204	attackspambots	Aug 4 21:06:12 santamaria sshd\[764\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.204 user=root Aug 4 21:06:14 santamaria sshd\[764\]: Failed password for root from 106.13.56.204 port 50248 ssh2 Aug 4 21:09:51 santamaria sshd\[853\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.204 user=root ...	2020-08-05 04:50:57
106.13.56.204	attackspambots	Jul 21 07:39:32 pkdns2 sshd\[36133\]: Invalid user test from 106.13.56.204Jul 21 07:39:34 pkdns2 sshd\[36133\]: Failed password for invalid user test from 106.13.56.204 port 41556 ssh2Jul 21 07:44:17 pkdns2 sshd\[36340\]: Invalid user devuser from 106.13.56.204Jul 21 07:44:19 pkdns2 sshd\[36340\]: Failed password for invalid user devuser from 106.13.56.204 port 44634 ssh2Jul 21 07:48:49 pkdns2 sshd\[36533\]: Invalid user mirna from 106.13.56.204Jul 21 07:48:51 pkdns2 sshd\[36533\]: Failed password for invalid user mirna from 106.13.56.204 port 47720 ssh2 ...	2020-07-21 13:07:26
106.13.56.204	attackbots	Jun 8 07:48:16 zimbra sshd[7190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.204 user=r.r Jun 8 07:48:18 zimbra sshd[7190]: Failed password for r.r from 106.13.56.204 port 53976 ssh2 Jun 8 08:03:01 zimbra sshd[19915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.204 user=r.r Jun 8 08:03:02 zimbra sshd[19915]: Failed password for r.r from 106.13.56.204 port 47040 ssh2 Jun 8 08:03:02 zimbra sshd[19915]: Received disconnect from 106.13.56.204 port 47040:11: Bye Bye [preauth] Jun 8 08:03:02 zimbra sshd[19915]: Disconnected from 106.13.56.204 port 47040 [preauth] Jun 8 08:07:15 zimbra sshd[23624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.204 user=r.r Jun 8 08:07:18 zimbra sshd[23624]: Failed password for r.r from 106.13.56.204 port 38802 ssh2 Jun 8 08:07:18 zimbra sshd[23624]: Received disconnect from........ -------------------------------	2020-06-08 21:38:32
106.13.56.204	attackbotsspam	May 23 13:59:30 ws22vmsma01 sshd[220874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.204 May 23 13:59:32 ws22vmsma01 sshd[220874]: Failed password for invalid user uwt from 106.13.56.204 port 35952 ssh2 ...	2020-05-24 01:58:32
106.13.56.204	attack	2020-05-10T06:31:57.777667v22018076590370373 sshd[26964]: Invalid user atendimento from 106.13.56.204 port 43492 2020-05-10T06:31:57.784828v22018076590370373 sshd[26964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.204 2020-05-10T06:31:57.777667v22018076590370373 sshd[26964]: Invalid user atendimento from 106.13.56.204 port 43492 2020-05-10T06:32:00.110976v22018076590370373 sshd[26964]: Failed password for invalid user atendimento from 106.13.56.204 port 43492 ssh2 2020-05-10T06:36:30.897254v22018076590370373 sshd[5215]: Invalid user net from 106.13.56.204 port 40956 ...	2020-05-10 18:45:49
106.13.56.204	attack	May 2 05:12:26 cumulus sshd[3894]: Invalid user zym from 106.13.56.204 port 39782 May 2 05:12:26 cumulus sshd[3894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.204 May 2 05:12:28 cumulus sshd[3894]: Failed password for invalid user zym from 106.13.56.204 port 39782 ssh2 May 2 05:12:28 cumulus sshd[3894]: Received disconnect from 106.13.56.204 port 39782:11: Bye Bye [preauth] May 2 05:12:28 cumulus sshd[3894]: Disconnected from 106.13.56.204 port 39782 [preauth] May 2 05:30:17 cumulus sshd[5008]: Invalid user bcs from 106.13.56.204 port 50808 May 2 05:30:17 cumulus sshd[5008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.204 May 2 05:30:18 cumulus sshd[5008]: Failed password for invalid user bcs from 106.13.56.204 port 50808 ssh2 May 2 05:30:18 cumulus sshd[5008]: Received disconnect from 106.13.56.204 port 50808:11: Bye Bye [preauth] May 2 05:30:18 cumul........ -------------------------------	2020-05-04 02:46:23
106.13.56.17	attack	Invalid user sysadmin from 106.13.56.17 port 42630	2020-03-29 14:18:15
106.13.56.17	attackspam	Mar 20 22:00:47 combo sshd[25521]: Invalid user mysql2 from 106.13.56.17 port 52998 Mar 20 22:00:50 combo sshd[25521]: Failed password for invalid user mysql2 from 106.13.56.17 port 52998 ssh2 Mar 20 22:05:05 combo sshd[25859]: Invalid user zjcl from 106.13.56.17 port 60204 ...	2020-03-21 10:41:28
106.13.56.17	attack	no	2020-03-19 09:21:30
106.13.56.72	attack	Dec 25 16:14:20 plusreed sshd[18831]: Invalid user test from 106.13.56.72 ...	2019-12-26 05:38:45
106.13.56.12	attackspam	Dec 25 04:50:31 plusreed sshd[24415]: Invalid user yuehwern from 106.13.56.12 ...	2019-12-25 22:03:08
106.13.56.12	attackspambots	Dec 18 17:53:14 ArkNodeAT sshd\[1131\]: Invalid user guest from 106.13.56.12 Dec 18 17:53:14 ArkNodeAT sshd\[1131\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.12 Dec 18 17:53:15 ArkNodeAT sshd\[1131\]: Failed password for invalid user guest from 106.13.56.12 port 56476 ssh2	2019-12-19 05:14:15

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.56.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11470
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.56.249.			IN	A

;; AUTHORITY SECTION:
.			545	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040702 1800 900 604800 86400

;; Query time: 88 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 08 08:10:50 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 249.56.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 249.56.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
37.49.226.64	attack	web-1 [ssh] SSH Attack	2020-05-21 21:25:24
140.249.30.203	attackbots	May 21 14:56:16 buvik sshd[12770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.30.203 May 21 14:56:17 buvik sshd[12770]: Failed password for invalid user bzo from 140.249.30.203 port 51088 ssh2 May 21 15:00:54 buvik sshd[13836]: Invalid user lcr from 140.249.30.203 ...	2020-05-21 21:15:37
222.186.173.142	attackbots	May 21 13:55:46 localhost sshd[65439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root May 21 13:55:48 localhost sshd[65439]: Failed password for root from 222.186.173.142 port 21660 ssh2 May 21 13:55:51 localhost sshd[65439]: Failed password for root from 222.186.173.142 port 21660 ssh2 May 21 13:55:46 localhost sshd[65439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root May 21 13:55:48 localhost sshd[65439]: Failed password for root from 222.186.173.142 port 21660 ssh2 May 21 13:55:51 localhost sshd[65439]: Failed password for root from 222.186.173.142 port 21660 ssh2 May 21 13:55:46 localhost sshd[65439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root May 21 13:55:48 localhost sshd[65439]: Failed password for root from 222.186.173.142 port 21660 ssh2 May 21 13:55:51 localhost sshd[65 ...	2020-05-21 21:58:38
51.75.144.43	attack	SSH brutforce	2020-05-21 21:55:23
42.110.201.148	attack	BURG,WP GET /wp-login.php	2020-05-21 21:49:09
197.48.121.204	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-05-21 21:59:45
58.49.76.100	attackspambots	May 21 14:55:44 nextcloud sshd\[1840\]: Invalid user ajm from 58.49.76.100 May 21 14:55:44 nextcloud sshd\[1840\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.49.76.100 May 21 14:55:47 nextcloud sshd\[1840\]: Failed password for invalid user ajm from 58.49.76.100 port 38443 ssh2	2020-05-21 21:18:51
162.243.137.228	attack	Unauthorized SSH login attempts	2020-05-21 21:28:45
51.68.127.137	attackbots	May 21 14:02:52 haigwepa sshd[12561]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.127.137 May 21 14:02:54 haigwepa sshd[12561]: Failed password for invalid user iae from 51.68.127.137 port 54903 ssh2 ...	2020-05-21 21:39:52
92.46.24.183	attackbots	2020-05-21 06:58:45.837282-0500 localhost smtpd[75565]: NOQUEUE: reject: RCPT from unknown[92.46.24.183]: 554 5.7.1 Service unavailable; Client host [92.46.24.183] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/92.46.24.183 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[92.46.24.183]>	2020-05-21 21:26:52
171.251.14.123	attack	Automatic report - Banned IP Access	2020-05-21 21:57:52
62.210.125.25	attackspam	May 21 16:10:16 ift sshd\[30174\]: Invalid user uto from 62.210.125.25May 21 16:10:18 ift sshd\[30174\]: Failed password for invalid user uto from 62.210.125.25 port 16072 ssh2May 21 16:13:35 ift sshd\[30551\]: Invalid user imk from 62.210.125.25May 21 16:13:37 ift sshd\[30551\]: Failed password for invalid user imk from 62.210.125.25 port 15134 ssh2May 21 16:16:59 ift sshd\[31132\]: Invalid user ome from 62.210.125.25 ...	2020-05-21 21:20:10
87.251.74.197	attack	May 21 15:16:40 debian-2gb-nbg1-2 kernel: \[12325821.569768\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=87.251.74.197 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=9272 PROTO=TCP SPT=57829 DPT=16656 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-21 21:17:19
112.133.248.8	attackspam	20/5/21@08:03:03: FAIL: Alarm-Intrusion address from=112.133.248.8 ...	2020-05-21 21:31:15
54.92.138.3	attack	21.05.2020 12:03:00 Recursive DNS scan	2020-05-21 21:32:08

最近上报的IP列表

200.219.162.117	196.246.200.140	171.100.209.114	167.71.12.95
159.203.175.195	123.21.163.219	113.172.186.225	123.207.97.250
210.18.159.82	50.205.172.120	220.239.210.253	206.189.155.132
114.44.154.112	14.177.167.137	182.52.112.84	49.80.195.91
178.205.142.17	185.220.101.198	89.38.174.138	41.139.159.223