106.13.14.142 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH login attempts.	2020-03-19 17:13:59

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.144.207	attack	Oct 11 17:56:59 firewall sshd[26023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.207 user=root Oct 11 17:57:01 firewall sshd[26023]: Failed password for root from 106.13.144.207 port 43918 ssh2 Oct 11 17:59:14 firewall sshd[26065]: Invalid user deployer from 106.13.144.207 ...	2020-10-12 05:58:47
106.13.144.207	attack	"fail2ban match"	2020-10-11 22:06:34
106.13.144.207	attackbotsspam	"fail2ban match"	2020-10-11 14:04:12
106.13.144.207	attackbots	detected by Fail2Ban	2020-10-11 07:26:02
106.13.147.89	attackspambots	sshd: Failed password for .... from 106.13.147.89 port 33094 ssh2	2020-10-08 00:24:45
106.13.147.89	attackspambots	ssh brute force	2020-10-07 16:32:24
106.13.141.110	attackspam	2 SSH login attempts.	2020-10-07 04:24:41
106.13.141.110	attack	Brute%20Force%20SSH	2020-10-06 20:28:50
106.13.141.110	attackspambots	Oct 6 04:21:19 ns382633 sshd\[2901\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.110 user=root Oct 6 04:21:21 ns382633 sshd\[2901\]: Failed password for root from 106.13.141.110 port 54932 ssh2 Oct 6 04:30:01 ns382633 sshd\[3929\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.110 user=root Oct 6 04:30:03 ns382633 sshd\[3929\]: Failed password for root from 106.13.141.110 port 57220 ssh2 Oct 6 04:34:07 ns382633 sshd\[4448\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.110 user=root	2020-10-06 12:08:48
106.13.142.93	attack	Oct 4 02:51:03 server sshd[11146]: Failed password for root from 106.13.142.93 port 32940 ssh2 Oct 4 02:53:52 server sshd[12520]: Failed password for root from 106.13.142.93 port 46996 ssh2 Oct 4 02:56:41 server sshd[14046]: Failed password for invalid user test from 106.13.142.93 port 32842 ssh2	2020-10-04 09:04:37
106.13.142.93	attack	3x Failed Password	2020-10-04 01:40:47
106.13.142.93	attack	Oct 2 23:03:18 OPSO sshd\[13574\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.142.93 user=root Oct 2 23:03:20 OPSO sshd\[13574\]: Failed password for root from 106.13.142.93 port 35102 ssh2 Oct 2 23:07:12 OPSO sshd\[14255\]: Invalid user oliver from 106.13.142.93 port 36792 Oct 2 23:07:12 OPSO sshd\[14255\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.142.93 Oct 2 23:07:14 OPSO sshd\[14255\]: Failed password for invalid user oliver from 106.13.142.93 port 36792 ssh2	2020-10-03 17:26:26
106.13.146.233	attack	SSH Invalid Login	2020-09-30 09:27:30
106.13.146.233	attackspam	frenzy	2020-09-29 18:20:53
106.13.147.89	attackspam	Sep 14 11:44:01 dev0-dcde-rnet sshd[11712]: Failed password for root from 106.13.147.89 port 34164 ssh2 Sep 14 11:44:29 dev0-dcde-rnet sshd[11718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.147.89 Sep 14 11:44:31 dev0-dcde-rnet sshd[11718]: Failed password for invalid user aclocal from 106.13.147.89 port 36372 ssh2	2020-09-14 19:21:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.14.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42921
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.14.142.			IN	A

;; AUTHORITY SECTION:
.			527	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031900 1800 900 604800 86400

;; Query time: 45 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 19 17:13:53 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 142.14.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.14.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
113.193.243.35	attackspam	May 27 20:18:09 abendstille sshd\[13349\]: Invalid user production from 113.193.243.35 May 27 20:18:09 abendstille sshd\[13349\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.193.243.35 May 27 20:18:11 abendstille sshd\[13349\]: Failed password for invalid user production from 113.193.243.35 port 49362 ssh2 May 27 20:22:13 abendstille sshd\[17573\]: Invalid user sex from 113.193.243.35 May 27 20:22:13 abendstille sshd\[17573\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.193.243.35 ...	2020-05-28 02:38:05
75.144.73.148	attackbotsspam	May 27 18:19:05 nbi10206 sshd[1296]: User r.r from 75.144.73.148 not allowed because not listed in AllowUsers May 27 18:19:05 nbi10206 sshd[1296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.144.73.148 user=r.r May 27 18:19:07 nbi10206 sshd[1296]: Failed password for invalid user r.r from 75.144.73.148 port 36252 ssh2 May 27 18:19:07 nbi10206 sshd[1296]: Received disconnect from 75.144.73.148 port 36252:11: Bye Bye [preauth] May 27 18:19:07 nbi10206 sshd[1296]: Disconnected from 75.144.73.148 port 36252 [preauth] May 27 18:23:01 nbi10206 sshd[2385]: User r.r from 75.144.73.148 not allowed because not listed in AllowUsers May 27 18:23:01 nbi10206 sshd[2385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.144.73.148 user=r.r May 27 18:23:03 nbi10206 sshd[2385]: Failed password for invalid user r.r from 75.144.73.148 port 54982 ssh2 May 27 18:23:03 nbi10206 sshd[2385]: Received dis........ -------------------------------	2020-05-28 02:37:48
223.247.218.112	attack	2020-05-27T18:15:31.318484abusebot-5.cloudsearch.cf sshd[16446]: Invalid user edu from 223.247.218.112 port 34390 2020-05-27T18:15:31.324200abusebot-5.cloudsearch.cf sshd[16446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.247.218.112 2020-05-27T18:15:31.318484abusebot-5.cloudsearch.cf sshd[16446]: Invalid user edu from 223.247.218.112 port 34390 2020-05-27T18:15:33.322840abusebot-5.cloudsearch.cf sshd[16446]: Failed password for invalid user edu from 223.247.218.112 port 34390 ssh2 2020-05-27T18:19:09.318273abusebot-5.cloudsearch.cf sshd[16467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.247.218.112 user=root 2020-05-27T18:19:11.578300abusebot-5.cloudsearch.cf sshd[16467]: Failed password for root from 223.247.218.112 port 60304 ssh2 2020-05-27T18:22:23.836591abusebot-5.cloudsearch.cf sshd[16485]: Invalid user ralp from 223.247.218.112 port 57778 ...	2020-05-28 02:38:39
120.132.14.42	attackbots	May 27 19:22:13 cdc sshd[2100]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.14.42 May 27 19:22:15 cdc sshd[2100]: Failed password for invalid user ftpuser from 120.132.14.42 port 40750 ssh2	2020-05-28 02:45:12
76.169.171.13	attackbots	DATE:2020-05-27 19:14:32, IP:76.169.171.13, PORT:ssh SSH brute force auth (docker-dc)	2020-05-28 02:19:18
61.151.130.20	attackbots	May 27 20:22:31 vps647732 sshd[1944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.151.130.20 May 27 20:22:34 vps647732 sshd[1944]: Failed password for invalid user support from 61.151.130.20 port 11128 ssh2 ...	2020-05-28 02:29:54
77.123.20.173	attackspam	May 27 20:37:30 debian-2gb-nbg1-2 kernel: \[12863443.872658\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=77.123.20.173 DST=195.201.40.59 LEN=40 TOS=0x08 PREC=0x20 TTL=240 ID=49363 PROTO=TCP SPT=44807 DPT=4093 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-28 02:41:29
106.75.87.152	attackbotsspam	Invalid user profile from 106.75.87.152 port 51912	2020-05-28 02:11:15
77.38.131.237	attack	Fail2Ban - HTTP Auth Bruteforce Attempt	2020-05-28 02:51:22
132.232.31.157	attackbotsspam	ssh intrusion attempt	2020-05-28 02:44:53
185.176.27.26	attack	May 27 20:22:18 debian-2gb-nbg1-2 kernel: \[12862532.126847\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.26 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=6333 PROTO=TCP SPT=42764 DPT=12096 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-28 02:39:17
182.180.128.134	attack	May 27 20:22:13 nextcloud sshd\[653\]: Invalid user ajay from 182.180.128.134 May 27 20:22:13 nextcloud sshd\[653\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.180.128.134 May 27 20:22:15 nextcloud sshd\[653\]: Failed password for invalid user ajay from 182.180.128.134 port 40824 ssh2	2020-05-28 02:46:48
114.67.72.164	attackspam	$f2bV_matches	2020-05-28 02:26:29
188.163.109.153	attack	0,25-01/02 [bc01/m18] PostRequest-Spammer scoring: maputo01_x2b	2020-05-28 02:34:11
223.71.167.164	attackbotsspam	[MK-Root1] Blocked by UFW	2020-05-28 02:46:30

最近上报的IP列表

87.198.232.238	80.194.226.174	253.184.196.84	87.251.74.12
14.124.112.39	41.37.83.110	45.148.10.95	45.14.227.230
178.171.122.237	36.92.172.242	132.232.44.27	218.205.57.148
156.202.13.214	157.245.231.122	84.254.56.56	235.146.57.220
77.42.127.24	45.222.154.33	51.188.236.221	32.130.177.119