106.13.82.231 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH Brute Force	2020-10-13 03:50:22
attack	Oct 12 13:11:55 dignus sshd[29800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231 user=root Oct 12 13:11:57 dignus sshd[29800]: Failed password for root from 106.13.82.231 port 35120 ssh2 Oct 12 13:13:43 dignus sshd[29840]: Invalid user adalberto from 106.13.82.231 port 58826 Oct 12 13:13:43 dignus sshd[29840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231 Oct 12 13:13:45 dignus sshd[29840]: Failed password for invalid user adalberto from 106.13.82.231 port 58826 ssh2 ...	2020-10-12 19:24:38
attackbots	2020-10-01T15:03:51.299541afi-git.jinr.ru sshd[8008]: Failed password for admin from 106.13.82.231 port 45114 ssh2 2020-10-01T15:06:02.078118afi-git.jinr.ru sshd[8746]: Invalid user julio from 106.13.82.231 port 46298 2020-10-01T15:06:02.081445afi-git.jinr.ru sshd[8746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231 2020-10-01T15:06:02.078118afi-git.jinr.ru sshd[8746]: Invalid user julio from 106.13.82.231 port 46298 2020-10-01T15:06:03.993036afi-git.jinr.ru sshd[8746]: Failed password for invalid user julio from 106.13.82.231 port 46298 ssh2 ...	2020-10-02 04:24:11
attack	2020-10-01T15:03:51.299541afi-git.jinr.ru sshd[8008]: Failed password for admin from 106.13.82.231 port 45114 ssh2 2020-10-01T15:06:02.078118afi-git.jinr.ru sshd[8746]: Invalid user julio from 106.13.82.231 port 46298 2020-10-01T15:06:02.081445afi-git.jinr.ru sshd[8746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231 2020-10-01T15:06:02.078118afi-git.jinr.ru sshd[8746]: Invalid user julio from 106.13.82.231 port 46298 2020-10-01T15:06:03.993036afi-git.jinr.ru sshd[8746]: Failed password for invalid user julio from 106.13.82.231 port 46298 ssh2 ...	2020-10-01 20:38:53
attackbotsspam	(sshd) Failed SSH login from 106.13.82.231 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 1 00:17:44 server4 sshd[8322]: Invalid user cluster from 106.13.82.231 Oct 1 00:17:44 server4 sshd[8322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231 Oct 1 00:17:46 server4 sshd[8322]: Failed password for invalid user cluster from 106.13.82.231 port 55472 ssh2 Oct 1 00:21:40 server4 sshd[10396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231 user=root Oct 1 00:21:42 server4 sshd[10396]: Failed password for root from 106.13.82.231 port 59472 ssh2	2020-10-01 12:50:21
attack	Sep 29 00:29:37 itv-usvr-01 sshd[11989]: Invalid user usuario from 106.13.82.231 Sep 29 00:29:37 itv-usvr-01 sshd[11989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231 Sep 29 00:29:37 itv-usvr-01 sshd[11989]: Invalid user usuario from 106.13.82.231 Sep 29 00:29:39 itv-usvr-01 sshd[11989]: Failed password for invalid user usuario from 106.13.82.231 port 45596 ssh2 Sep 29 00:35:29 itv-usvr-01 sshd[12264]: Invalid user deploy from 106.13.82.231	2020-09-29 03:09:16
attackspambots	Sep 28 08:41:13 fhem-rasp sshd[13400]: Invalid user usuario from 106.13.82.231 port 43570 ...	2020-09-28 19:18:42
attackspam	sshd: Failed password for invalid user .... from 106.13.82.231 port 54392 ssh2 (6 attempts)	2020-09-09 18:57:13
attackspambots	Sep 8 18:41:32 ns382633 sshd\[11941\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231 user=root Sep 8 18:41:35 ns382633 sshd\[11941\]: Failed password for root from 106.13.82.231 port 41728 ssh2 Sep 8 18:53:48 ns382633 sshd\[13791\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231 user=root Sep 8 18:53:50 ns382633 sshd\[13791\]: Failed password for root from 106.13.82.231 port 38410 ssh2 Sep 8 18:57:14 ns382633 sshd\[14529\]: Invalid user speech-dispatcher from 106.13.82.231 port 50944 Sep 8 18:57:14 ns382633 sshd\[14529\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231	2020-09-09 05:08:10
attackspambots	Jul 29 14:38:57 inter-technics sshd[29595]: Invalid user pranava from 106.13.82.231 port 44096 Jul 29 14:38:57 inter-technics sshd[29595]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231 Jul 29 14:38:57 inter-technics sshd[29595]: Invalid user pranava from 106.13.82.231 port 44096 Jul 29 14:38:59 inter-technics sshd[29595]: Failed password for invalid user pranava from 106.13.82.231 port 44096 ssh2 Jul 29 14:41:30 inter-technics sshd[29861]: Invalid user liudingbo from 106.13.82.231 port 43642 ...	2020-07-29 21:13:45
attackspambots	prod6 ...	2020-07-28 16:48:59
attackbots	Invalid user rancid from 106.13.82.231 port 44962	2020-07-16 18:19:32
attackbotsspam	Jun 28 05:50:26 h1745522 sshd[23426]: Invalid user repos from 106.13.82.231 port 39508 Jun 28 05:50:27 h1745522 sshd[23426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231 Jun 28 05:50:26 h1745522 sshd[23426]: Invalid user repos from 106.13.82.231 port 39508 Jun 28 05:50:28 h1745522 sshd[23426]: Failed password for invalid user repos from 106.13.82.231 port 39508 ssh2 Jun 28 05:53:33 h1745522 sshd[23527]: Invalid user tsbot from 106.13.82.231 port 59070 Jun 28 05:53:33 h1745522 sshd[23527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231 Jun 28 05:53:33 h1745522 sshd[23527]: Invalid user tsbot from 106.13.82.231 port 59070 Jun 28 05:53:35 h1745522 sshd[23527]: Failed password for invalid user tsbot from 106.13.82.231 port 59070 ssh2 Jun 28 05:56:43 h1745522 sshd[23757]: Invalid user workflow from 106.13.82.231 port 50428 ...	2020-06-28 12:32:28
attack	2020-06-27T15:59:07+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-06-28 03:57:56
attack	Jun 24 15:13:50 plex sshd[28480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231 user=root Jun 24 15:13:52 plex sshd[28480]: Failed password for root from 106.13.82.231 port 38742 ssh2	2020-06-25 02:01:13
attack	Jun 15 22:14:08 hostnameis sshd[15453]: Invalid user sonar from 106.13.82.231 Jun 15 22:14:08 hostnameis sshd[15453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231 Jun 15 22:14:10 hostnameis sshd[15453]: Failed password for invalid user sonar from 106.13.82.231 port 60488 ssh2 Jun 15 22:14:10 hostnameis sshd[15453]: Received disconnect from 106.13.82.231: 11: Bye Bye [preauth] Jun 15 22:31:42 hostnameis sshd[15514]: Invalid user bx from 106.13.82.231 Jun 15 22:31:42 hostnameis sshd[15514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231 Jun 15 22:31:44 hostnameis sshd[15514]: Failed password for invalid user bx from 106.13.82.231 port 41962 ssh2 Jun 15 22:31:45 hostnameis sshd[15514]: Received disconnect from 106.13.82.231: 11: Bye Bye [preauth] Jun 15 22:34:42 hostnameis sshd[15529]: Invalid user ewg from 106.13.82.231 Jun 15 22:34:42 hostnameis sshd[15529]: p........ ------------------------------	2020-06-16 06:37:46

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.82.49	attack	2020-10-07T15:38:53.454754devel sshd[20844]: Failed password for root from 106.13.82.49 port 42382 ssh2 2020-10-07T15:42:11.982056devel sshd[21716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.49 user=root 2020-10-07T15:42:13.587627devel sshd[21716]: Failed password for root from 106.13.82.49 port 60268 ssh2	2020-10-08 04:47:20
106.13.82.49	attack	SSH Brute-force	2020-10-07 21:09:14
106.13.82.49	attack	Oct 7 03:56:14 PorscheCustomer sshd[13773]: Failed password for root from 106.13.82.49 port 58220 ssh2 Oct 7 04:00:26 PorscheCustomer sshd[13863]: Failed password for root from 106.13.82.49 port 59802 ssh2 ...	2020-10-07 12:56:06
106.13.82.49	attackbots	Aug 13 22:42:44 sip sshd[1295870]: Failed password for root from 106.13.82.49 port 51912 ssh2 Aug 13 22:46:23 sip sshd[1295903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.49 user=root Aug 13 22:46:25 sip sshd[1295903]: Failed password for root from 106.13.82.49 port 46214 ssh2 ...	2020-08-14 04:57:45
106.13.82.54	attackbotsspam	2020-07-31T07:23:29.812926shield sshd\[18028\]: Invalid user nouri from 106.13.82.54 port 52990 2020-07-31T07:23:29.822047shield sshd\[18028\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.54 2020-07-31T07:23:32.041004shield sshd\[18028\]: Failed password for invalid user nouri from 106.13.82.54 port 52990 ssh2 2020-07-31T07:29:05.042198shield sshd\[19130\]: Invalid user adgjmptw1 from 106.13.82.54 port 60584 2020-07-31T07:29:05.050616shield sshd\[19130\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.54	2020-07-31 15:34:58
106.13.82.49	attackbotsspam	2020-07-21T03:42:33.740723SusPend.routelink.net.id sshd[92517]: Invalid user testmail from 106.13.82.49 port 42854 2020-07-21T03:42:35.805633SusPend.routelink.net.id sshd[92517]: Failed password for invalid user testmail from 106.13.82.49 port 42854 ssh2 2020-07-21T03:43:56.618711SusPend.routelink.net.id sshd[92631]: Invalid user baumann from 106.13.82.49 port 51344 ...	2020-07-21 04:46:52
106.13.82.54	attack	Invalid user wmg from 106.13.82.54 port 43802	2020-07-19 02:01:33
106.13.82.151	attack	Invalid user niharika from 106.13.82.151 port 44542	2020-07-17 16:47:17
106.13.82.151	attackspam	TCP (SYN) 106.13.82.151:43125 -> port 808, len 44	2020-07-01 12:29:18
106.13.82.49	attack	Jun 21 23:27:39 server sshd[37589]: Failed password for root from 106.13.82.49 port 40098 ssh2 Jun 21 23:30:51 server sshd[40031]: Failed password for invalid user wpa from 106.13.82.49 port 60508 ssh2 Jun 21 23:34:06 server sshd[42421]: Failed password for invalid user guest from 106.13.82.49 port 52680 ssh2	2020-06-22 05:35:17
106.13.82.49	attack	Jun 18 03:55:33 scw-6657dc sshd[22922]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.49 Jun 18 03:55:33 scw-6657dc sshd[22922]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.49 Jun 18 03:55:35 scw-6657dc sshd[22922]: Failed password for invalid user feng from 106.13.82.49 port 33320 ssh2 ...	2020-06-18 12:55:11
106.13.82.54	attackspam	Jun 11 19:14:13 vps sshd[722207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.54 user=root Jun 11 19:14:16 vps sshd[722207]: Failed password for root from 106.13.82.54 port 57910 ssh2 Jun 11 19:16:47 vps sshd[735860]: Invalid user digicel from 106.13.82.54 port 36052 Jun 11 19:16:47 vps sshd[735860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.54 Jun 11 19:16:49 vps sshd[735860]: Failed password for invalid user digicel from 106.13.82.54 port 36052 ssh2 ...	2020-06-12 01:32:22
106.13.82.49	attack	Jun 8 13:00:53 Host-KLAX-C sshd[6050]: Invalid user test from 106.13.82.49 port 46906 ...	2020-06-09 03:46:25
106.13.82.49	attack	Jun 6 17:31:57 vpn01 sshd[21272]: Failed password for root from 106.13.82.49 port 36782 ssh2 ...	2020-06-07 01:22:59
106.13.82.54	attackbotsspam	May 27 14:18:54 powerpi2 sshd[4181]: Failed password for invalid user test from 106.13.82.54 port 50092 ssh2 May 27 14:23:40 powerpi2 sshd[4404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.54 user=root May 27 14:23:41 powerpi2 sshd[4404]: Failed password for root from 106.13.82.54 port 44368 ssh2 ...	2020-05-28 00:28:14

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.82.231
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52093
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.82.231.			IN	A

;; AUTHORITY SECTION:
.			568	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061502 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 16 06:37:43 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 231.82.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 231.82.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
83.12.171.68	attackspam	Oct 4 23:09:28 pornomens sshd\[7344\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.12.171.68 user=root Oct 4 23:09:30 pornomens sshd\[7344\]: Failed password for root from 83.12.171.68 port 16271 ssh2 Oct 4 23:24:40 pornomens sshd\[7492\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.12.171.68 user=root ...	2020-10-05 05:53:42
45.142.120.183	attack	2020-10-04 22:32:04 auth_plain authenticator failed for (localhost) [45.142.120.183]: 535 Incorrect authentication data 2020-10-05 00:27:13 auth_plain authenticator failed for (localhost) [45.142.120.183]: 535 Incorrect authentication data (set_id=wbgl@lavrinenko.info) ...	2020-10-05 05:38:39
222.223.160.18	attackspambots	TCP (SYN) 222.223.160.18:2757 -> port 1433, len 44	2020-10-05 06:00:13
82.177.52.48	attackspam	Oct 3 22:20:25 mail.srvfarm.net postfix/smtps/smtpd[661644]: warning: unknown[82.177.52.48]: SASL PLAIN authentication failed: Oct 3 22:20:25 mail.srvfarm.net postfix/smtps/smtpd[661644]: lost connection after AUTH from unknown[82.177.52.48] Oct 3 22:22:36 mail.srvfarm.net postfix/smtps/smtpd[659335]: warning: unknown[82.177.52.48]: SASL PLAIN authentication failed: Oct 3 22:22:36 mail.srvfarm.net postfix/smtps/smtpd[659335]: lost connection after AUTH from unknown[82.177.52.48] Oct 3 22:26:19 mail.srvfarm.net postfix/smtpd[660372]: warning: unknown[82.177.52.48]: SASL PLAIN authentication failed:	2020-10-05 05:35:41
52.187.105.28	attackspambots	Oct 3 22:12:33 mail.srvfarm.net postfix/smtpd[661688]: NOQUEUE: reject: RCPT from unknown[52.187.105.28]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:14:21 mail.srvfarm.net postfix/smtpd[660369]: NOQUEUE: reject: RCPT from unknown[52.187.105.28]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:15:21 mail.srvfarm.net postfix/smtpd[660373]: NOQUEUE: reject: RCPT from unknown[52.187.105.28]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:16:36 mail.srvfarm.net postfix/smtpd[661689]: NOQUEUE: reject: RCPT from unknown[52.187.105.28]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo=	2020-10-05 05:36:39
51.91.136.28	attack	C2,WP GET /wp-login.php	2020-10-05 06:03:41
92.204.164.42	attackspam	1601805098 - 10/04/2020 11:51:38 Host: 92.204.164.42/92.204.164.42 Port: 22 TCP Blocked	2020-10-05 05:46:31
139.59.161.78	attackbotsspam	$f2bV_matches	2020-10-05 05:57:30
51.68.189.69	attackspambots	Automatic report - Banned IP Access	2020-10-05 05:55:50
162.142.125.18	attackbotsspam	Multiport scan 48 ports : 2 21 23 53 81(x2) 83(x2) 88(x3) 110(x2) 123 143(x2) 161 222(x3) 445 465(x2) 591(x2) 623(x2) 631 990(x3) 993(x2) 995 1194(x2) 1311 1883 2082 2222 2323 3306(x2) 5432 5632(x2) 5672(x2) 5683(x3) 5684 5900(x2) 5901 5902(x2) 5903(x2) 6443 8080 8081 8088(x2) 8089(x2) 8443 8888 9090(x2) 9200 16992 16993 20000(x3)	2020-10-05 05:44:48
120.34.24.172	attack	Automatic report - Port Scan Attack	2020-10-05 05:58:01
103.18.242.37	attackspambots	Oct 4 03:01:05 mail.srvfarm.net postfix/smtpd[696518]: warning: unknown[103.18.242.37]: SASL PLAIN authentication failed: Oct 4 03:01:05 mail.srvfarm.net postfix/smtpd[696518]: lost connection after AUTH from unknown[103.18.242.37] Oct 4 03:07:34 mail.srvfarm.net postfix/smtpd[700724]: warning: unknown[103.18.242.37]: SASL PLAIN authentication failed: Oct 4 03:07:34 mail.srvfarm.net postfix/smtpd[700724]: lost connection after AUTH from unknown[103.18.242.37] Oct 4 03:07:46 mail.srvfarm.net postfix/smtps/smtpd[697233]: warning: unknown[103.18.242.37]: SASL PLAIN authentication failed:	2020-10-05 05:34:17
36.74.42.10	attackspambots	SP-Scan 44459:445 detected 2020.10.03 07:54:28 blocked until 2020.11.21 23:57:15	2020-10-05 05:45:43
45.142.120.121	attack	Oct 4 22:24:49 mail.srvfarm.net postfix/smtpd[1160735]: warning: unknown[45.142.120.121]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:24:57 mail.srvfarm.net postfix/smtpd[1161506]: warning: unknown[45.142.120.121]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:24:57 mail.srvfarm.net postfix/smtpd[1159848]: warning: unknown[45.142.120.121]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:25:00 mail.srvfarm.net postfix/smtpd[1161503]: warning: unknown[45.142.120.121]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 22:25:07 mail.srvfarm.net postfix/smtpd[1159849]: warning: unknown[45.142.120.121]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-10-05 05:39:05
118.97.38.170	attackspam	Port probing on unauthorized port 8080	2020-10-05 05:47:57

最近上报的IP列表

203.109.132.103	189.235.17.231	176.158.91.88	217.130.10.62
72.229.139.137	159.171.4.150	35.194.70.139	87.141.16.31
67.180.126.138	49.167.6.186	18.223.77.198	142.120.202.229
123.20.7.150	41.232.107.223	68.1.76.43	67.232.232.63
69.212.158.58	62.10.50.254	136.26.174.144	164.107.54.59