106.13.64.192 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	2020-06-19T07:13:45.322146abusebot-8.cloudsearch.cf sshd[18503]: Invalid user oracle from 106.13.64.192 port 51134 2020-06-19T07:13:45.330165abusebot-8.cloudsearch.cf sshd[18503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.192 2020-06-19T07:13:45.322146abusebot-8.cloudsearch.cf sshd[18503]: Invalid user oracle from 106.13.64.192 port 51134 2020-06-19T07:13:47.336565abusebot-8.cloudsearch.cf sshd[18503]: Failed password for invalid user oracle from 106.13.64.192 port 51134 ssh2 2020-06-19T07:17:27.033011abusebot-8.cloudsearch.cf sshd[18733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.192 user=root 2020-06-19T07:17:29.516126abusebot-8.cloudsearch.cf sshd[18733]: Failed password for root from 106.13.64.192 port 41792 ssh2 2020-06-19T07:21:00.210415abusebot-8.cloudsearch.cf sshd[18919]: Invalid user rp from 106.13.64.192 port 60676 ...	2020-06-19 16:08:57
attackbots	Invalid user paras from 106.13.64.192 port 52408	2020-06-18 03:28:47
attackbotsspam	Jun 9 14:24:19 vps687878 sshd\[32531\]: Failed password for invalid user admin from 106.13.64.192 port 55532 ssh2 Jun 9 14:27:40 vps687878 sshd\[444\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.192 user=root Jun 9 14:27:42 vps687878 sshd\[444\]: Failed password for root from 106.13.64.192 port 48574 ssh2 Jun 9 14:31:09 vps687878 sshd\[825\]: Invalid user dongshihua from 106.13.64.192 port 41614 Jun 9 14:31:09 vps687878 sshd\[825\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.192 ...	2020-06-10 01:29:46
attackspambots	May 11 05:50:00 163-172-32-151 sshd[15196]: Invalid user admin from 106.13.64.192 port 59262 ...	2020-05-11 17:59:53

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.64.132	attack	Aug 30 13:54:26 root sshd[31080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.132 Aug 30 13:54:29 root sshd[31080]: Failed password for invalid user eng from 106.13.64.132 port 37378 ssh2 Aug 30 14:16:22 root sshd[1526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.132 ...	2020-08-30 20:34:51
106.13.64.132	attackbots	Aug 27 19:37:10 ns37 sshd[11604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.132	2020-08-28 02:39:25
106.13.64.132	attackspam	Automatic report BANNED IP	2020-08-21 04:56:29
106.13.64.132	attack	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-08-16 05:19:19
106.13.64.132	attackbots	2020-08-07T07:02:17.594927amanda2.illicoweb.com sshd\[17398\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.132 user=root 2020-08-07T07:02:19.925955amanda2.illicoweb.com sshd\[17398\]: Failed password for root from 106.13.64.132 port 49644 ssh2 2020-08-07T07:05:00.695465amanda2.illicoweb.com sshd\[17891\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.132 user=root 2020-08-07T07:05:02.404593amanda2.illicoweb.com sshd\[17891\]: Failed password for root from 106.13.64.132 port 35794 ssh2 2020-08-07T07:10:29.954185amanda2.illicoweb.com sshd\[18724\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.132 user=root ...	2020-08-07 17:34:47
106.13.64.132	attackspam	(sshd) Failed SSH login from 106.13.64.132 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 17 20:52:35 srv sshd[3756]: Invalid user b from 106.13.64.132 port 32996 Jul 17 20:52:37 srv sshd[3756]: Failed password for invalid user b from 106.13.64.132 port 32996 ssh2 Jul 17 21:01:01 srv sshd[3876]: Invalid user laureen from 106.13.64.132 port 60954 Jul 17 21:01:04 srv sshd[3876]: Failed password for invalid user laureen from 106.13.64.132 port 60954 ssh2 Jul 17 21:03:34 srv sshd[3921]: Invalid user giovanna from 106.13.64.132 port 33040	2020-07-18 02:59:07
106.13.64.132	attack	(sshd) Failed SSH login from 106.13.64.132 (CN/China/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD	2020-07-09 12:52:15
106.13.64.132	attackbots	Jun 25 17:03:30 vps639187 sshd\[4996\]: Invalid user test from 106.13.64.132 port 49528 Jun 25 17:03:30 vps639187 sshd\[4996\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.132 Jun 25 17:03:32 vps639187 sshd\[4996\]: Failed password for invalid user test from 106.13.64.132 port 49528 ssh2 ...	2020-06-26 04:03:49
106.13.64.132	attackbotsspam	DATE:2020-06-18 15:33:32, IP:106.13.64.132, PORT:ssh SSH brute force auth (docker-dc)	2020-06-19 04:20:08
106.13.64.132	attackbotsspam	Jun 12 14:08:40 ns382633 sshd\[17794\]: Invalid user jeni from 106.13.64.132 port 59422 Jun 12 14:08:40 ns382633 sshd\[17794\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.132 Jun 12 14:08:42 ns382633 sshd\[17794\]: Failed password for invalid user jeni from 106.13.64.132 port 59422 ssh2 Jun 12 14:09:07 ns382633 sshd\[17899\]: Invalid user jeni from 106.13.64.132 port 38302 Jun 12 14:09:07 ns382633 sshd\[17899\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.132	2020-06-12 20:43:52
106.13.64.54	attack	Failed password for invalid user catherine from 106.13.64.54 port 49126 ssh2 Invalid user olegganj from 106.13.64.54 port 36222 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.54 Failed password for invalid user olegganj from 106.13.64.54 port 36222 ssh2 Invalid user rheal from 106.13.64.54 port 51528	2020-02-05 17:25:53
106.13.64.54	attackspambots	Feb 2 00:08:41 plex sshd[16917]: Invalid user guest from 106.13.64.54 port 45640	2020-02-02 07:22:51
106.13.64.150	attack	Jan 9 23:32:16 MK-Soft-VM8 sshd[7313]: Failed password for root from 106.13.64.150 port 38051 ssh2 ...	2020-01-10 06:44:30
106.13.64.150	attackspam	Unauthorized connection attempt detected from IP address 106.13.64.150 to port 2220 [J]	2020-01-07 06:04:18
106.13.64.150	attackbotsspam	Jan 3 00:06:22 MK-Soft-Root1 sshd[19889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.150 Jan 3 00:06:24 MK-Soft-Root1 sshd[19889]: Failed password for invalid user bfo from 106.13.64.150 port 60596 ssh2 ...	2020-01-03 08:07:22

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.64.192
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60640
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.64.192.			IN	A

;; AUTHORITY SECTION:
.			516	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051100 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 11 17:59:50 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 192.64.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 192.64.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.19.201.106	attack	Aug 5 05:25:22 mail.srvfarm.net postfix/smtpd[1872467]: warning: unknown[103.19.201.106]: SASL PLAIN authentication failed: Aug 5 05:25:23 mail.srvfarm.net postfix/smtpd[1872467]: lost connection after AUTH from unknown[103.19.201.106] Aug 5 05:32:46 mail.srvfarm.net postfix/smtpd[1876488]: warning: unknown[103.19.201.106]: SASL PLAIN authentication failed: Aug 5 05:32:46 mail.srvfarm.net postfix/smtpd[1876488]: lost connection after AUTH from unknown[103.19.201.106] Aug 5 05:34:55 mail.srvfarm.net postfix/smtpd[1872473]: warning: unknown[103.19.201.106]: SASL PLAIN authentication failed:	2020-08-05 14:06:30
187.73.21.180	attackspambots	$f2bV_matches	2020-08-05 13:21:41
116.247.81.99	attackspambots	Aug 5 06:09:44 vm0 sshd[31853]: Failed password for root from 116.247.81.99 port 55878 ssh2 ...	2020-08-05 14:09:46
177.21.213.148	attackbotsspam	Aug 5 05:16:31 mail.srvfarm.net postfix/smtps/smtpd[1874404]: warning: unknown[177.21.213.148]: SASL PLAIN authentication failed: Aug 5 05:18:00 mail.srvfarm.net postfix/smtpd[1872467]: warning: unknown[177.21.213.148]: SASL PLAIN authentication failed: Aug 5 05:18:00 mail.srvfarm.net postfix/smtpd[1872467]: lost connection after AUTH from unknown[177.21.213.148] Aug 5 05:20:57 mail.srvfarm.net postfix/smtpd[1872473]: warning: unknown[177.21.213.148]: SASL PLAIN authentication failed: Aug 5 05:20:58 mail.srvfarm.net postfix/smtpd[1872473]: lost connection after AUTH from unknown[177.21.213.148]	2020-08-05 14:01:59
106.124.131.70	attackbots	detected by Fail2Ban	2020-08-05 14:04:34
45.55.222.162	attackbotsspam	Aug 5 05:01:48 game-panel sshd[12345]: Failed password for root from 45.55.222.162 port 33802 ssh2 Aug 5 05:05:15 game-panel sshd[12565]: Failed password for root from 45.55.222.162 port 39954 ssh2	2020-08-05 13:19:38
68.183.229.91	attackbots	Port Scan detected from 68.183.229.91 (SG/Singapore/-/Singapore (Pioneer)/-). 4 hits in the last 285 seconds	2020-08-05 13:27:59
107.182.177.38	attackbotsspam	Brute-force attempt banned	2020-08-05 13:46:51
42.62.114.98	attackbotsspam	Aug 5 07:12:03 PorscheCustomer sshd[1542]: Failed password for root from 42.62.114.98 port 36728 ssh2 Aug 5 07:14:40 PorscheCustomer sshd[1620]: Failed password for root from 42.62.114.98 port 60196 ssh2 ...	2020-08-05 13:53:22
51.77.202.154	attackspam	(smtpauth) Failed SMTP AUTH login from 51.77.202.154 (FR/France/vps-eb8cf374.vps.ovh.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-05 10:15:18 login authenticator failed for vps-eb8cf374.vps.ovh.net (USER) [51.77.202.154]: 535 Incorrect authentication data (set_id=administrator@maradental.com)	2020-08-05 14:07:35
212.70.149.67	attackspam	2020-08-05 07:52:02 dovecot_login authenticator failed for $User$ \[212.70.149.67\]: 535 Incorrect authentication data $set_id=demo2@no-server.de$ 2020-08-05 07:52:02 dovecot_login authenticator failed for $User$ \[212.70.149.67\]: 535 Incorrect authentication data $set_id=demo2@no-server.de$ 2020-08-05 07:53:48 dovecot_login authenticator failed for $User$ \[212.70.149.67\]: 535 Incorrect authentication data $set_id=denis@no-server.de$ 2020-08-05 07:53:48 dovecot_login authenticator failed for $User$ \[212.70.149.67\]: 535 Incorrect authentication data $set_id=denis@no-server.de$ 2020-08-05 07:55:35 dovecot_login authenticator failed for $User$ \[212.70.149.67\]: 535 Incorrect authentication data $set_id=denise@no-server.de$ 2020-08-05 07:55:35 dovecot_login authenticator failed for $User$ \[212.70.149.67\]: 535 Incorrect authentication data $set_id=denise@no-server.de$ ...	2020-08-05 13:58:59
115.98.241.216	attackbotsspam	Port Scan detected from 115.98.241.216 (IN/India/Maharashtra/Mumbai/-). 4 hits in the last 15 seconds	2020-08-05 13:44:55
193.35.48.18	attackspambots	2020-08-04 12:02:00 SMTP:25 IP autobanned - 51 attempts a day	2020-08-05 14:00:01
106.13.234.36	attackbots	sshd jail - ssh hack attempt	2020-08-05 14:05:01
51.68.121.235	attackspambots	Aug 5 05:47:16 minden010 sshd[21156]: Failed password for root from 51.68.121.235 port 54178 ssh2 Aug 5 05:51:10 minden010 sshd[22292]: Failed password for root from 51.68.121.235 port 36798 ssh2 ...	2020-08-05 13:50:18

最近上报的IP列表

111.229.63.223	68.43.94.81	123.214.87.108	120.231.83.62
40.36.58.136	102.250.180.195	162.153.208.99	241.17.81.141
0.7.82.164	158.219.35.109	118.172.227.209	196.77.206.131
12.171.4.3	177.157.112.242	154.246.114.59	224.89.219.140
74.194.221.83	133.166.217.105	45.153.248.107	77.55.209.34