106.13.128.189

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	SSH Brute Force, server-1 sshd[31995]: Failed password for invalid user passfeel from 106.13.128.189 port 36752 ssh2	2019-07-26 03:06:09
attackbotsspam	Jul 24 05:34:50 server sshd\[13267\]: Invalid user hang from 106.13.128.189 port 43168 Jul 24 05:34:50 server sshd\[13267\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.189 Jul 24 05:34:52 server sshd\[13267\]: Failed password for invalid user hang from 106.13.128.189 port 43168 ssh2 Jul 24 05:36:41 server sshd\[1461\]: Invalid user np from 106.13.128.189 port 59724 Jul 24 05:36:41 server sshd\[1461\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.189	2019-07-24 10:37:31
attack	Jul 23 21:05:23 server sshd\[17207\]: Invalid user zxc from 106.13.128.189 port 48556 Jul 23 21:05:23 server sshd\[17207\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.189 Jul 23 21:05:25 server sshd\[17207\]: Failed password for invalid user zxc from 106.13.128.189 port 48556 ssh2 Jul 23 21:07:11 server sshd\[28990\]: User root from 106.13.128.189 not allowed because listed in DenyUsers Jul 23 21:07:11 server sshd\[28990\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.189 user=root	2019-07-24 02:09:31
attack	Jul 15 12:47:53 shared09 sshd[20891]: Invalid user abc from 106.13.128.189 Jul 15 12:47:53 shared09 sshd[20891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.189 Jul 15 12:47:55 shared09 sshd[20891]: Failed password for invalid user abc from 106.13.128.189 port 56912 ssh2 Jul 15 12:47:55 shared09 sshd[20891]: Received disconnect from 106.13.128.189 port 56912:11: Bye Bye [preauth] Jul 15 12:47:55 shared09 sshd[20891]: Disconnected from 106.13.128.189 port 56912 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.13.128.189	2019-07-18 06:10:19

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.128.71	attack	" "	2020-09-02 04:59:04
106.13.128.71	attackspambots	Aug 8 12:03:25 localhost sshd\[5940\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 user=root Aug 8 12:03:27 localhost sshd\[5940\]: Failed password for root from 106.13.128.71 port 59472 ssh2 Aug 8 12:14:34 localhost sshd\[6085\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 user=root ...	2020-08-08 23:46:26
106.13.128.71	attackspam	Aug 3 12:36:38 plex-server sshd[1200929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 Aug 3 12:36:38 plex-server sshd[1200929]: Invalid user @ from 106.13.128.71 port 54346 Aug 3 12:36:41 plex-server sshd[1200929]: Failed password for invalid user @ from 106.13.128.71 port 54346 ssh2 Aug 3 12:39:38 plex-server sshd[1202881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 user=root Aug 3 12:39:39 plex-server sshd[1202881]: Failed password for root from 106.13.128.71 port 47514 ssh2 ...	2020-08-04 01:39:14
106.13.128.71	attackspambots	Jul 29 14:35:15 abendstille sshd\[14194\]: Invalid user user05 from 106.13.128.71 Jul 29 14:35:15 abendstille sshd\[14194\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 Jul 29 14:35:17 abendstille sshd\[14194\]: Failed password for invalid user user05 from 106.13.128.71 port 51012 ssh2 Jul 29 14:37:29 abendstille sshd\[16321\]: Invalid user xyp from 106.13.128.71 Jul 29 14:37:29 abendstille sshd\[16321\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 ...	2020-07-29 23:03:13
106.13.128.71	attackspam	SSH brute force attempt	2020-07-18 07:13:18
106.13.128.71	attackspambots	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-27 23:20:34
106.13.128.71	attackbots	Jun 23 04:58:29 onepixel sshd[1167696]: Failed password for invalid user tester from 106.13.128.71 port 51586 ssh2 Jun 23 05:02:43 onepixel sshd[1169686]: Invalid user cameras from 106.13.128.71 port 55330 Jun 23 05:02:43 onepixel sshd[1169686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 Jun 23 05:02:43 onepixel sshd[1169686]: Invalid user cameras from 106.13.128.71 port 55330 Jun 23 05:02:46 onepixel sshd[1169686]: Failed password for invalid user cameras from 106.13.128.71 port 55330 ssh2	2020-06-23 13:19:05
106.13.128.71	attack	Failed password for invalid user jody from 106.13.128.71 port 34346 ssh2	2020-06-13 03:54:51
106.13.128.71	attackspambots	Jun 6 00:11:25 vps sshd[76285]: Failed password for invalid user super@visor123\r from 106.13.128.71 port 59716 ssh2 Jun 6 00:14:31 vps sshd[88415]: Invalid user Gg123456\r from 106.13.128.71 port 36066 Jun 6 00:14:31 vps sshd[88415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 Jun 6 00:14:33 vps sshd[88415]: Failed password for invalid user Gg123456\r from 106.13.128.71 port 36066 ssh2 Jun 6 00:17:39 vps sshd[104170]: Invalid user china\r from 106.13.128.71 port 40610 ...	2020-06-06 06:20:56
106.13.128.71	attack	May 31 05:59:15 sip sshd[474613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 May 31 05:59:15 sip sshd[474613]: Invalid user weihu from 106.13.128.71 port 33612 May 31 05:59:17 sip sshd[474613]: Failed password for invalid user weihu from 106.13.128.71 port 33612 ssh2 ...	2020-05-31 12:02:52
106.13.128.71	attackbots	May 9 04:52:28 home sshd[31310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 May 9 04:52:30 home sshd[31310]: Failed password for invalid user tig from 106.13.128.71 port 53342 ssh2 May 9 04:54:27 home sshd[31582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 ...	2020-05-09 18:19:12
106.13.128.71	attack	May 8 18:02:24 PorscheCustomer sshd[28971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 May 8 18:02:26 PorscheCustomer sshd[28971]: Failed password for invalid user abc1234@ from 106.13.128.71 port 56638 ssh2 May 8 18:07:48 PorscheCustomer sshd[29123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 ...	2020-05-09 00:20:16
106.13.128.64	attackbotsspam	Apr 6 05:45:43 prox sshd[16608]: Failed password for root from 106.13.128.64 port 45722 ssh2	2020-04-06 14:10:00
106.13.128.234	attack	2020-04-04T00:45:20.378674vps773228.ovh.net sshd[2519]: Failed password for root from 106.13.128.234 port 44830 ssh2 2020-04-04T00:48:42.765360vps773228.ovh.net sshd[3759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.234 user=root 2020-04-04T00:48:44.341142vps773228.ovh.net sshd[3759]: Failed password for root from 106.13.128.234 port 36626 ssh2 2020-04-04T00:52:05.013752vps773228.ovh.net sshd[5008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.234 user=root 2020-04-04T00:52:07.457885vps773228.ovh.net sshd[5008]: Failed password for root from 106.13.128.234 port 56656 ssh2 ...	2020-04-04 07:47:09
106.13.128.64	attack	5x Failed Password	2020-04-04 04:55:38

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.128.189
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32847
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.128.189.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071701 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 18 06:10:13 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 189.128.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 189.128.13.106.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
58.213.198.77	attackbotsspam	Nov 24 08:42:01 server sshd\[1449\]: Invalid user test from 58.213.198.77 port 44500 Nov 24 08:42:01 server sshd\[1449\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.213.198.77 Nov 24 08:42:03 server sshd\[1449\]: Failed password for invalid user test from 58.213.198.77 port 44500 ssh2 Nov 24 08:45:55 server sshd\[15903\]: Invalid user uftp from 58.213.198.77 port 51660 Nov 24 08:45:55 server sshd\[15903\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.213.198.77	2019-11-24 17:01:52
36.73.32.164	attackbotsspam	Unauthorised access (Nov 24) SRC=36.73.32.164 LEN=52 TTL=248 ID=24471 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-24 16:44:26
222.186.180.147	attackbotsspam	Nov 24 03:53:09 TORMINT sshd\[25576\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.147 user=root Nov 24 03:53:12 TORMINT sshd\[25576\]: Failed password for root from 222.186.180.147 port 4186 ssh2 Nov 24 03:53:21 TORMINT sshd\[25576\]: Failed password for root from 222.186.180.147 port 4186 ssh2 ...	2019-11-24 16:57:41
63.88.23.225	attackspam	63.88.23.225 was recorded 11 times by 6 hosts attempting to connect to the following ports: 80,110. Incident counter (4h, 24h, all-time): 11, 44, 616	2019-11-24 17:13:41
41.202.168.249	attackbots	Nov 24 07:26:01 MK-Soft-VM4 sshd[6011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.202.168.249 Nov 24 07:26:03 MK-Soft-VM4 sshd[6011]: Failed password for invalid user admin from 41.202.168.249 port 46574 ssh2 ...	2019-11-24 17:08:57
87.251.252.22	attack	Automatic report - Banned IP Access	2019-11-24 16:36:14
240e:e8:f28a:c8e3:697f:7aea:cf23:bf06	attackbots	badbot	2019-11-24 17:14:23
114.67.102.54	attack	Nov 24 08:32:55 vpn01 sshd[9838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.102.54 Nov 24 08:32:57 vpn01 sshd[9838]: Failed password for invalid user kalafski from 114.67.102.54 port 45544 ssh2 ...	2019-11-24 16:50:06
86.190.249.226	attackspambots	Microsoft-Windows-Security-Auditing	2019-11-24 17:04:28
159.203.81.129	attackspam	159.203.81.129 was recorded 177 times by 14 hosts attempting to connect to the following ports: 8088. Incident counter (4h, 24h, all-time): 177, 769, 19839	2019-11-24 16:36:59
185.100.87.247	attack	DATE:2019-11-24 07:25:58, IP:185.100.87.247, PORT:6379 REDIS brute force auth on honeypot server (honey-neo-dc)	2019-11-24 17:12:49
182.61.33.137	attack	Nov 24 09:13:19 nextcloud sshd\[12280\]: Invalid user lansupport from 182.61.33.137 Nov 24 09:13:19 nextcloud sshd\[12280\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.33.137 Nov 24 09:13:21 nextcloud sshd\[12280\]: Failed password for invalid user lansupport from 182.61.33.137 port 56984 ssh2 ...	2019-11-24 16:44:48
107.180.121.3	attack	Automatic report - XMLRPC Attack	2019-11-24 17:04:06
218.92.0.134	attack	$f2bV_matches	2019-11-24 17:09:51
117.6.125.102	attackspam	Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=117.6.125.102	2019-11-24 16:55:20

最近上报的IP列表

80.20.60.2	210.245.2.226	186.30.12.40	2.238.118.212
116.109.101.191	125.37.159.239	142.44.243.21	80.75.103.24
140.234.65.51	188.77.226.53	190.120.6.60	193.141.125.42
24.4.96.159	81.68.56.0	100.51.87.203	52.237.78.126
183.1.168.106	118.170.237.61	97.205.231.217	142.15.247.251