106.13.128.189

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	SSH Brute Force, server-1 sshd[31995]: Failed password for invalid user passfeel from 106.13.128.189 port 36752 ssh2	2019-07-26 03:06:09
attackbotsspam	Jul 24 05:34:50 server sshd\[13267\]: Invalid user hang from 106.13.128.189 port 43168 Jul 24 05:34:50 server sshd\[13267\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.189 Jul 24 05:34:52 server sshd\[13267\]: Failed password for invalid user hang from 106.13.128.189 port 43168 ssh2 Jul 24 05:36:41 server sshd\[1461\]: Invalid user np from 106.13.128.189 port 59724 Jul 24 05:36:41 server sshd\[1461\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.189	2019-07-24 10:37:31
attack	Jul 23 21:05:23 server sshd\[17207\]: Invalid user zxc from 106.13.128.189 port 48556 Jul 23 21:05:23 server sshd\[17207\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.189 Jul 23 21:05:25 server sshd\[17207\]: Failed password for invalid user zxc from 106.13.128.189 port 48556 ssh2 Jul 23 21:07:11 server sshd\[28990\]: User root from 106.13.128.189 not allowed because listed in DenyUsers Jul 23 21:07:11 server sshd\[28990\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.189 user=root	2019-07-24 02:09:31
attack	Jul 15 12:47:53 shared09 sshd[20891]: Invalid user abc from 106.13.128.189 Jul 15 12:47:53 shared09 sshd[20891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.189 Jul 15 12:47:55 shared09 sshd[20891]: Failed password for invalid user abc from 106.13.128.189 port 56912 ssh2 Jul 15 12:47:55 shared09 sshd[20891]: Received disconnect from 106.13.128.189 port 56912:11: Bye Bye [preauth] Jul 15 12:47:55 shared09 sshd[20891]: Disconnected from 106.13.128.189 port 56912 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.13.128.189	2019-07-18 06:10:19

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.128.71	attack	" "	2020-09-02 04:59:04
106.13.128.71	attackspambots	Aug 8 12:03:25 localhost sshd\[5940\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 user=root Aug 8 12:03:27 localhost sshd\[5940\]: Failed password for root from 106.13.128.71 port 59472 ssh2 Aug 8 12:14:34 localhost sshd\[6085\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 user=root ...	2020-08-08 23:46:26
106.13.128.71	attackspam	Aug 3 12:36:38 plex-server sshd[1200929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 Aug 3 12:36:38 plex-server sshd[1200929]: Invalid user @ from 106.13.128.71 port 54346 Aug 3 12:36:41 plex-server sshd[1200929]: Failed password for invalid user @ from 106.13.128.71 port 54346 ssh2 Aug 3 12:39:38 plex-server sshd[1202881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 user=root Aug 3 12:39:39 plex-server sshd[1202881]: Failed password for root from 106.13.128.71 port 47514 ssh2 ...	2020-08-04 01:39:14
106.13.128.71	attackspambots	Jul 29 14:35:15 abendstille sshd\[14194\]: Invalid user user05 from 106.13.128.71 Jul 29 14:35:15 abendstille sshd\[14194\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 Jul 29 14:35:17 abendstille sshd\[14194\]: Failed password for invalid user user05 from 106.13.128.71 port 51012 ssh2 Jul 29 14:37:29 abendstille sshd\[16321\]: Invalid user xyp from 106.13.128.71 Jul 29 14:37:29 abendstille sshd\[16321\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 ...	2020-07-29 23:03:13
106.13.128.71	attackspam	SSH brute force attempt	2020-07-18 07:13:18
106.13.128.71	attackspambots	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-27 23:20:34
106.13.128.71	attackbots	Jun 23 04:58:29 onepixel sshd[1167696]: Failed password for invalid user tester from 106.13.128.71 port 51586 ssh2 Jun 23 05:02:43 onepixel sshd[1169686]: Invalid user cameras from 106.13.128.71 port 55330 Jun 23 05:02:43 onepixel sshd[1169686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 Jun 23 05:02:43 onepixel sshd[1169686]: Invalid user cameras from 106.13.128.71 port 55330 Jun 23 05:02:46 onepixel sshd[1169686]: Failed password for invalid user cameras from 106.13.128.71 port 55330 ssh2	2020-06-23 13:19:05
106.13.128.71	attack	Failed password for invalid user jody from 106.13.128.71 port 34346 ssh2	2020-06-13 03:54:51
106.13.128.71	attackspambots	Jun 6 00:11:25 vps sshd[76285]: Failed password for invalid user super@visor123\r from 106.13.128.71 port 59716 ssh2 Jun 6 00:14:31 vps sshd[88415]: Invalid user Gg123456\r from 106.13.128.71 port 36066 Jun 6 00:14:31 vps sshd[88415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 Jun 6 00:14:33 vps sshd[88415]: Failed password for invalid user Gg123456\r from 106.13.128.71 port 36066 ssh2 Jun 6 00:17:39 vps sshd[104170]: Invalid user china\r from 106.13.128.71 port 40610 ...	2020-06-06 06:20:56
106.13.128.71	attack	May 31 05:59:15 sip sshd[474613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 May 31 05:59:15 sip sshd[474613]: Invalid user weihu from 106.13.128.71 port 33612 May 31 05:59:17 sip sshd[474613]: Failed password for invalid user weihu from 106.13.128.71 port 33612 ssh2 ...	2020-05-31 12:02:52
106.13.128.71	attackbots	May 9 04:52:28 home sshd[31310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 May 9 04:52:30 home sshd[31310]: Failed password for invalid user tig from 106.13.128.71 port 53342 ssh2 May 9 04:54:27 home sshd[31582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 ...	2020-05-09 18:19:12
106.13.128.71	attack	May 8 18:02:24 PorscheCustomer sshd[28971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 May 8 18:02:26 PorscheCustomer sshd[28971]: Failed password for invalid user abc1234@ from 106.13.128.71 port 56638 ssh2 May 8 18:07:48 PorscheCustomer sshd[29123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 ...	2020-05-09 00:20:16
106.13.128.64	attackbotsspam	Apr 6 05:45:43 prox sshd[16608]: Failed password for root from 106.13.128.64 port 45722 ssh2	2020-04-06 14:10:00
106.13.128.234	attack	2020-04-04T00:45:20.378674vps773228.ovh.net sshd[2519]: Failed password for root from 106.13.128.234 port 44830 ssh2 2020-04-04T00:48:42.765360vps773228.ovh.net sshd[3759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.234 user=root 2020-04-04T00:48:44.341142vps773228.ovh.net sshd[3759]: Failed password for root from 106.13.128.234 port 36626 ssh2 2020-04-04T00:52:05.013752vps773228.ovh.net sshd[5008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.234 user=root 2020-04-04T00:52:07.457885vps773228.ovh.net sshd[5008]: Failed password for root from 106.13.128.234 port 56656 ssh2 ...	2020-04-04 07:47:09
106.13.128.64	attack	5x Failed Password	2020-04-04 04:55:38

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.128.189
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32847
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.128.189.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071701 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 18 06:10:13 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 189.128.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 189.128.13.106.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
106.245.255.19	attackspambots	Dec 13 22:40:32 gw1 sshd[11695]: Failed password for root from 106.245.255.19 port 56193 ssh2 ...	2019-12-14 01:48:03
190.181.41.235	attack	Dec 13 17:10:55 localhost sshd\[26071\]: Invalid user briere from 190.181.41.235 port 58094 Dec 13 17:10:55 localhost sshd\[26071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.181.41.235 Dec 13 17:10:57 localhost sshd\[26071\]: Failed password for invalid user briere from 190.181.41.235 port 58094 ssh2 Dec 13 17:17:36 localhost sshd\[26691\]: Invalid user ikushima from 190.181.41.235 port 38600 Dec 13 17:17:36 localhost sshd\[26691\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.181.41.235 ...	2019-12-14 01:38:06
80.211.35.16	attack	Dec 13 17:49:18 web8 sshd\[8483\]: Invalid user gdm from 80.211.35.16 Dec 13 17:49:18 web8 sshd\[8483\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.35.16 Dec 13 17:49:20 web8 sshd\[8483\]: Failed password for invalid user gdm from 80.211.35.16 port 51870 ssh2 Dec 13 17:55:17 web8 sshd\[11310\]: Invalid user aihara from 80.211.35.16 Dec 13 17:55:17 web8 sshd\[11310\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.35.16	2019-12-14 02:04:54
45.224.105.207	attackbotsspam	Dec 13 16:58:47 [munged] sshd[17372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.224.105.207	2019-12-14 01:53:02
112.16.120.2	attackspam	65529/tcp 1433/tcp... [2019-12-13]6pkt,2pt.(tcp)	2019-12-14 01:33:47
89.248.167.133	attackbots	Unauthorized SSH login attempts	2019-12-14 01:32:13
124.122.156.68	attack	IP: 124.122.156.68 ASN: AS17552 True Internet Co. Ltd. Port: Message Submission 587 Found in one or more Blacklists Date: 13/12/2019 5:29:05 PM UTC	2019-12-14 01:29:55
180.168.156.211	attackspambots	Dec 13 20:50:12 hosting sshd[27172]: Invalid user ericms1 from 180.168.156.211 port 9526 ...	2019-12-14 01:54:36
41.38.97.25	attackspam	Dec 13 16:58:40 [munged] sshd[17361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.38.97.25	2019-12-14 01:58:24
188.166.7.108	attackspambots	Dec 13 18:15:35 lnxweb62 sshd[10693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.7.108	2019-12-14 01:39:10
114.26.49.139	attack	Unauthorized connection attempt detected from IP address 114.26.49.139 to port 445	2019-12-14 02:01:17
132.232.132.103	attackbotsspam	Dec 13 17:07:59 localhost sshd\[25945\]: Invalid user rj from 132.232.132.103 port 34924 Dec 13 17:07:59 localhost sshd\[25945\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.132.103 Dec 13 17:08:01 localhost sshd\[25945\]: Failed password for invalid user rj from 132.232.132.103 port 34924 ssh2 Dec 13 17:16:04 localhost sshd\[26268\]: Invalid user matusko from 132.232.132.103 port 40786 Dec 13 17:16:04 localhost sshd\[26268\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.132.103 ...	2019-12-14 01:26:52
193.148.69.157	attackbotsspam	Dec 13 17:46:54 icinga sshd[5085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.148.69.157 Dec 13 17:46:56 icinga sshd[5085]: Failed password for invalid user phuket from 193.148.69.157 port 43948 ssh2 ...	2019-12-14 01:46:28
49.255.179.216	attack	Dec 13 07:19:27 eddieflores sshd\[852\]: Invalid user passwd12346 from 49.255.179.216 Dec 13 07:19:28 eddieflores sshd\[852\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.255.179.216 Dec 13 07:19:30 eddieflores sshd\[852\]: Failed password for invalid user passwd12346 from 49.255.179.216 port 41628 ssh2 Dec 13 07:26:39 eddieflores sshd\[1588\]: Invalid user 123456 from 49.255.179.216 Dec 13 07:26:39 eddieflores sshd\[1588\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.255.179.216	2019-12-14 01:47:38
109.237.84.155	attackproxy	Used together with a subnet 109.237.80.0/20 to DDOS attack other computers.	2019-12-14 01:51:49

最近上报的IP列表

80.20.60.2	210.245.2.226	186.30.12.40	2.238.118.212
116.109.101.191	125.37.159.239	142.44.243.21	80.75.103.24
140.234.65.51	188.77.226.53	190.120.6.60	193.141.125.42
24.4.96.159	81.68.56.0	100.51.87.203	52.237.78.126
183.1.168.106	118.170.237.61	97.205.231.217	142.15.247.251