106.13.128.189

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	SSH Brute Force, server-1 sshd[31995]: Failed password for invalid user passfeel from 106.13.128.189 port 36752 ssh2	2019-07-26 03:06:09
attackbotsspam	Jul 24 05:34:50 server sshd\[13267\]: Invalid user hang from 106.13.128.189 port 43168 Jul 24 05:34:50 server sshd\[13267\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.189 Jul 24 05:34:52 server sshd\[13267\]: Failed password for invalid user hang from 106.13.128.189 port 43168 ssh2 Jul 24 05:36:41 server sshd\[1461\]: Invalid user np from 106.13.128.189 port 59724 Jul 24 05:36:41 server sshd\[1461\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.189	2019-07-24 10:37:31
attack	Jul 23 21:05:23 server sshd\[17207\]: Invalid user zxc from 106.13.128.189 port 48556 Jul 23 21:05:23 server sshd\[17207\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.189 Jul 23 21:05:25 server sshd\[17207\]: Failed password for invalid user zxc from 106.13.128.189 port 48556 ssh2 Jul 23 21:07:11 server sshd\[28990\]: User root from 106.13.128.189 not allowed because listed in DenyUsers Jul 23 21:07:11 server sshd\[28990\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.189 user=root	2019-07-24 02:09:31
attack	Jul 15 12:47:53 shared09 sshd[20891]: Invalid user abc from 106.13.128.189 Jul 15 12:47:53 shared09 sshd[20891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.189 Jul 15 12:47:55 shared09 sshd[20891]: Failed password for invalid user abc from 106.13.128.189 port 56912 ssh2 Jul 15 12:47:55 shared09 sshd[20891]: Received disconnect from 106.13.128.189 port 56912:11: Bye Bye [preauth] Jul 15 12:47:55 shared09 sshd[20891]: Disconnected from 106.13.128.189 port 56912 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.13.128.189	2019-07-18 06:10:19

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.128.71	attack	" "	2020-09-02 04:59:04
106.13.128.71	attackspambots	Aug 8 12:03:25 localhost sshd\[5940\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 user=root Aug 8 12:03:27 localhost sshd\[5940\]: Failed password for root from 106.13.128.71 port 59472 ssh2 Aug 8 12:14:34 localhost sshd\[6085\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 user=root ...	2020-08-08 23:46:26
106.13.128.71	attackspam	Aug 3 12:36:38 plex-server sshd[1200929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 Aug 3 12:36:38 plex-server sshd[1200929]: Invalid user @ from 106.13.128.71 port 54346 Aug 3 12:36:41 plex-server sshd[1200929]: Failed password for invalid user @ from 106.13.128.71 port 54346 ssh2 Aug 3 12:39:38 plex-server sshd[1202881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 user=root Aug 3 12:39:39 plex-server sshd[1202881]: Failed password for root from 106.13.128.71 port 47514 ssh2 ...	2020-08-04 01:39:14
106.13.128.71	attackspambots	Jul 29 14:35:15 abendstille sshd\[14194\]: Invalid user user05 from 106.13.128.71 Jul 29 14:35:15 abendstille sshd\[14194\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 Jul 29 14:35:17 abendstille sshd\[14194\]: Failed password for invalid user user05 from 106.13.128.71 port 51012 ssh2 Jul 29 14:37:29 abendstille sshd\[16321\]: Invalid user xyp from 106.13.128.71 Jul 29 14:37:29 abendstille sshd\[16321\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 ...	2020-07-29 23:03:13
106.13.128.71	attackspam	SSH brute force attempt	2020-07-18 07:13:18
106.13.128.71	attackspambots	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-27 23:20:34
106.13.128.71	attackbots	Jun 23 04:58:29 onepixel sshd[1167696]: Failed password for invalid user tester from 106.13.128.71 port 51586 ssh2 Jun 23 05:02:43 onepixel sshd[1169686]: Invalid user cameras from 106.13.128.71 port 55330 Jun 23 05:02:43 onepixel sshd[1169686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 Jun 23 05:02:43 onepixel sshd[1169686]: Invalid user cameras from 106.13.128.71 port 55330 Jun 23 05:02:46 onepixel sshd[1169686]: Failed password for invalid user cameras from 106.13.128.71 port 55330 ssh2	2020-06-23 13:19:05
106.13.128.71	attack	Failed password for invalid user jody from 106.13.128.71 port 34346 ssh2	2020-06-13 03:54:51
106.13.128.71	attackspambots	Jun 6 00:11:25 vps sshd[76285]: Failed password for invalid user super@visor123\r from 106.13.128.71 port 59716 ssh2 Jun 6 00:14:31 vps sshd[88415]: Invalid user Gg123456\r from 106.13.128.71 port 36066 Jun 6 00:14:31 vps sshd[88415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 Jun 6 00:14:33 vps sshd[88415]: Failed password for invalid user Gg123456\r from 106.13.128.71 port 36066 ssh2 Jun 6 00:17:39 vps sshd[104170]: Invalid user china\r from 106.13.128.71 port 40610 ...	2020-06-06 06:20:56
106.13.128.71	attack	May 31 05:59:15 sip sshd[474613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 May 31 05:59:15 sip sshd[474613]: Invalid user weihu from 106.13.128.71 port 33612 May 31 05:59:17 sip sshd[474613]: Failed password for invalid user weihu from 106.13.128.71 port 33612 ssh2 ...	2020-05-31 12:02:52
106.13.128.71	attackbots	May 9 04:52:28 home sshd[31310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 May 9 04:52:30 home sshd[31310]: Failed password for invalid user tig from 106.13.128.71 port 53342 ssh2 May 9 04:54:27 home sshd[31582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 ...	2020-05-09 18:19:12
106.13.128.71	attack	May 8 18:02:24 PorscheCustomer sshd[28971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 May 8 18:02:26 PorscheCustomer sshd[28971]: Failed password for invalid user abc1234@ from 106.13.128.71 port 56638 ssh2 May 8 18:07:48 PorscheCustomer sshd[29123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 ...	2020-05-09 00:20:16
106.13.128.64	attackbotsspam	Apr 6 05:45:43 prox sshd[16608]: Failed password for root from 106.13.128.64 port 45722 ssh2	2020-04-06 14:10:00
106.13.128.234	attack	2020-04-04T00:45:20.378674vps773228.ovh.net sshd[2519]: Failed password for root from 106.13.128.234 port 44830 ssh2 2020-04-04T00:48:42.765360vps773228.ovh.net sshd[3759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.234 user=root 2020-04-04T00:48:44.341142vps773228.ovh.net sshd[3759]: Failed password for root from 106.13.128.234 port 36626 ssh2 2020-04-04T00:52:05.013752vps773228.ovh.net sshd[5008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.234 user=root 2020-04-04T00:52:07.457885vps773228.ovh.net sshd[5008]: Failed password for root from 106.13.128.234 port 56656 ssh2 ...	2020-04-04 07:47:09
106.13.128.64	attack	5x Failed Password	2020-04-04 04:55:38

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.128.189
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32847
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.128.189.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071701 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 18 06:10:13 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 189.128.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 189.128.13.106.in-addr.arpa: SERVFAIL

IP	类型	评论内容	时间
211.189.132.229	attack	$f2bV_matches	2020-02-27 02:18:17
222.186.180.142	attack	Feb 26 13:04:50 plusreed sshd[14327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.142 user=root Feb 26 13:04:51 plusreed sshd[14327]: Failed password for root from 222.186.180.142 port 24136 ssh2 Feb 26 13:04:53 plusreed sshd[14327]: Failed password for root from 222.186.180.142 port 24136 ssh2 Feb 26 13:04:50 plusreed sshd[14327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.142 user=root Feb 26 13:04:51 plusreed sshd[14327]: Failed password for root from 222.186.180.142 port 24136 ssh2 Feb 26 13:04:53 plusreed sshd[14327]: Failed password for root from 222.186.180.142 port 24136 ssh2 ...	2020-02-27 02:05:27
69.17.158.101	attackbotsspam	Brute-force attempt banned	2020-02-27 02:34:25
61.233.14.171	attack	02/26/2020-08:36:15.412707 61.233.14.171 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-02-27 02:03:07
189.179.233.61	attack	1582724148 - 02/26/2020 14:35:48 Host: 189.179.233.61/189.179.233.61 Port: 445 TCP Blocked	2020-02-27 02:33:01
200.233.230.194	attackbots	Telnetd brute force attack detected by fail2ban	2020-02-27 02:43:29
211.159.173.3	attackbotsspam	$f2bV_matches	2020-02-27 02:23:46
176.153.75.234	attackbotsspam	Automatic report - Port Scan Attack	2020-02-27 02:33:21
211.195.117.212	attackspam	$f2bV_matches	2020-02-27 02:13:42
185.16.37.135	attackspam	Feb 26 18:09:13 server sshd[1807060]: Failed password for invalid user pi from 185.16.37.135 port 36816 ssh2 Feb 26 18:18:13 server sshd[1809002]: Failed password for invalid user eisp from 185.16.37.135 port 52872 ssh2 Feb 26 18:27:03 server sshd[1810646]: Failed password for invalid user user from 185.16.37.135 port 40696 ssh2	2020-02-27 02:18:01
112.85.42.173	attackspam	Feb 26 19:21:40 sso sshd[22080]: Failed password for root from 112.85.42.173 port 14584 ssh2 Feb 26 19:21:44 sso sshd[22080]: Failed password for root from 112.85.42.173 port 14584 ssh2 ...	2020-02-27 02:28:25
106.13.175.210	attack	3x Failed Password	2020-02-27 02:09:42
212.92.120.208	attackspambots	RDPBruteCAu	2020-02-27 02:32:01
212.92.114.28	attackspam	RDPBruteCAu	2020-02-27 02:29:31
45.134.179.63	attackspam	scans 23 times in preceeding hours on the ports (in chronological order) 39999 63380 2041 8002 8585 50900 12345 33388 33666 33885 6890 7000 9960 8890 38000 53390 8840 48484 51015 33555 24000 7133 9991 resulting in total of 29 scans from 45.134.179.0/24 block.	2020-02-27 02:03:54

最近上报的IP列表

80.20.60.2	210.245.2.226	186.30.12.40	2.238.118.212
116.109.101.191	125.37.159.239	142.44.243.21	80.75.103.24
140.234.65.51	188.77.226.53	190.120.6.60	193.141.125.42
24.4.96.159	81.68.56.0	100.51.87.203	52.237.78.126
183.1.168.106	118.170.237.61	97.205.231.217	142.15.247.251