106.13.140.185

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Invalid user ftpuser from 106.13.140.185 port 56296	2020-04-21 22:23:34
attackbotsspam	$f2bV_matches	2020-04-06 21:28:33
attackbots	2020-04-03T01:51:13.253816ns386461 sshd\[28223\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.185 user=root 2020-04-03T01:51:15.562027ns386461 sshd\[28223\]: Failed password for root from 106.13.140.185 port 55754 ssh2 2020-04-03T01:59:42.609544ns386461 sshd\[3508\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.185 user=root 2020-04-03T01:59:44.459405ns386461 sshd\[3508\]: Failed password for root from 106.13.140.185 port 50818 ssh2 2020-04-03T02:04:53.332509ns386461 sshd\[8058\]: Invalid user lzs from 106.13.140.185 port 52058 2020-04-03T02:04:53.337130ns386461 sshd\[8058\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.185 ...	2020-04-03 08:41:37

类型

评论内容

时间

attackspam

Invalid user ftpuser from 106.13.140.185 port 56296

2020-04-21 22:23:34

attackbotsspam

$f2bV_matches

2020-04-06 21:28:33

attackbots

2020-04-03T01:51:13.253816ns386461 sshd\[28223\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.185  user=root
2020-04-03T01:51:15.562027ns386461 sshd\[28223\]: Failed password for root from 106.13.140.185 port 55754 ssh2
2020-04-03T01:59:42.609544ns386461 sshd\[3508\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.185  user=root
2020-04-03T01:59:44.459405ns386461 sshd\[3508\]: Failed password for root from 106.13.140.185 port 50818 ssh2
2020-04-03T02:04:53.332509ns386461 sshd\[8058\]: Invalid user lzs from 106.13.140.185 port 52058
2020-04-03T02:04:53.337130ns386461 sshd\[8058\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.185
...

2020-04-03 08:41:37

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.140.33	attackspam	Aug 26 11:16:22 abendstille sshd\[8819\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.33 user=root Aug 26 11:16:25 abendstille sshd\[8819\]: Failed password for root from 106.13.140.33 port 33908 ssh2 Aug 26 11:19:57 abendstille sshd\[12929\]: Invalid user trs from 106.13.140.33 Aug 26 11:19:57 abendstille sshd\[12929\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.33 Aug 26 11:19:58 abendstille sshd\[12929\]: Failed password for invalid user trs from 106.13.140.33 port 46722 ssh2 ...	2020-08-26 17:24:41
106.13.140.138	attack	Aug 13 13:20:31 gospond sshd[28698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.138 Aug 13 13:20:31 gospond sshd[28698]: Invalid user guest111 from 106.13.140.138 port 35214 Aug 13 13:20:33 gospond sshd[28698]: Failed password for invalid user guest111 from 106.13.140.138 port 35214 ssh2 ...	2020-08-13 20:49:54
106.13.140.33	attackspam	Aug 12 14:38:42 vmd36147 sshd[24804]: Failed password for root from 106.13.140.33 port 39560 ssh2 Aug 12 14:43:37 vmd36147 sshd[3305]: Failed password for root from 106.13.140.33 port 33568 ssh2 ...	2020-08-12 21:14:52
106.13.140.33	attackbotsspam	Aug 10 13:29:02 game-panel sshd[20582]: Failed password for root from 106.13.140.33 port 43066 ssh2 Aug 10 13:32:41 game-panel sshd[20718]: Failed password for root from 106.13.140.33 port 49052 ssh2	2020-08-10 23:06:53
106.13.140.200	attack	firewall-block, port(s): 1425/tcp	2020-07-31 04:06:32
106.13.140.33	attack	Jul 23 20:01:48 web1 sshd\[2060\]: Invalid user test from 106.13.140.33 Jul 23 20:01:48 web1 sshd\[2060\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.33 Jul 23 20:01:50 web1 sshd\[2060\]: Failed password for invalid user test from 106.13.140.33 port 38844 ssh2 Jul 23 20:05:57 web1 sshd\[2430\]: Invalid user ts3server from 106.13.140.33 Jul 23 20:05:57 web1 sshd\[2430\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.33	2020-07-24 16:23:54
106.13.140.33	attack	$f2bV_matches	2020-07-15 09:08:43
106.13.140.33	attack	Jul 12 00:11:14 server1 sshd\[7062\]: Invalid user policy from 106.13.140.33 Jul 12 00:11:14 server1 sshd\[7062\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.33 Jul 12 00:11:16 server1 sshd\[7062\]: Failed password for invalid user policy from 106.13.140.33 port 45038 ssh2 Jul 12 00:14:32 server1 sshd\[8009\]: Invalid user dan from 106.13.140.33 Jul 12 00:14:32 server1 sshd\[8009\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.33 ...	2020-07-12 14:25:38
106.13.140.200	attackspam	Unauthorized connection attempt detected from IP address 106.13.140.200 to port 3996	2020-07-09 05:01:15
106.13.140.200	attackbots	Jul 8 00:27:22 onepixel sshd[97234]: Invalid user mike from 106.13.140.200 port 49924 Jul 8 00:27:22 onepixel sshd[97234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.200 Jul 8 00:27:22 onepixel sshd[97234]: Invalid user mike from 106.13.140.200 port 49924 Jul 8 00:27:24 onepixel sshd[97234]: Failed password for invalid user mike from 106.13.140.200 port 49924 ssh2 Jul 8 00:33:13 onepixel sshd[100018]: Invalid user lcd from 106.13.140.200 port 56016	2020-07-08 11:28:50
106.13.140.83	attack	Failed password for invalid user montse from 106.13.140.83 port 53072 ssh2	2020-07-06 01:14:33
106.13.140.83	attackspam	Invalid user baum from 106.13.140.83 port 43214	2020-06-28 14:50:08
106.13.140.33	attack	Jun 13 22:42:26 askasleikir sshd[29906]: Failed password for invalid user Administrator from 106.13.140.33 port 40856 ssh2 Jun 13 22:26:27 askasleikir sshd[29873]: Failed password for invalid user oscar from 106.13.140.33 port 43878 ssh2 Jun 13 22:36:49 askasleikir sshd[29895]: Failed password for invalid user golf from 106.13.140.33 port 51232 ssh2	2020-06-14 20:52:13
106.13.140.200	attackspambots	Invalid user Administrator from 106.13.140.200 port 35714	2020-06-13 20:07:24
106.13.140.200	attackbots	Jun 9 20:15:52 django-0 sshd\[6369\]: Invalid user yjj from 106.13.140.200Jun 9 20:15:53 django-0 sshd\[6369\]: Failed password for invalid user yjj from 106.13.140.200 port 46486 ssh2Jun 9 20:25:11 django-0 sshd\[6572\]: Invalid user kshitiz from 106.13.140.200 ...	2020-06-10 06:37:43

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.140.185
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14793
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.140.185.			IN	A

;; AUTHORITY SECTION:
.			596	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040202 1800 900 604800 86400

;; Query time: 43 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 03 08:41:32 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 185.140.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 185.140.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
151.80.83.249	attackbots	Apr 7 19:47:00 itv-usvr-01 sshd[12667]: Invalid user mailserver from 151.80.83.249 Apr 7 19:47:00 itv-usvr-01 sshd[12667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.83.249 Apr 7 19:47:00 itv-usvr-01 sshd[12667]: Invalid user mailserver from 151.80.83.249 Apr 7 19:47:01 itv-usvr-01 sshd[12667]: Failed password for invalid user mailserver from 151.80.83.249 port 52894 ssh2 Apr 7 19:50:20 itv-usvr-01 sshd[12828]: Invalid user testuser from 151.80.83.249	2020-04-07 22:23:13
71.127.181.2	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 07-04-2020 13:50:10.	2020-04-07 22:45:28
54.38.180.93	attack	$f2bV_matches	2020-04-07 22:28:48
162.243.129.109	attackspambots	Metasploit VxWorks WDB Agent Scanner Detection	2020-04-07 22:30:22
222.186.42.75	attack	Unauthorized connection attempt detected from IP address 222.186.42.75 to port 22 [T]	2020-04-07 22:06:36
167.99.231.118	attackspambots	Apr 7 15:53:27 legacy sshd[31291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.231.118 Apr 7 15:53:29 legacy sshd[31291]: Failed password for invalid user st from 167.99.231.118 port 34672 ssh2 Apr 7 15:53:48 legacy sshd[31297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.231.118 ...	2020-04-07 22:02:14
78.84.50.19	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 07-04-2020 13:50:10.	2020-04-07 22:43:49
104.140.188.34	attackbotsspam	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-04-07 22:56:36
94.102.56.215	attackspambots	94.102.56.215 was recorded 20 times by 10 hosts attempting to connect to the following ports: 41141,41123,41119,41143. Incident counter (4h, 24h, all-time): 20, 117, 10268	2020-04-07 22:58:08
188.166.21.197	attackbots	Apr 7 14:43:32 ns382633 sshd\[7846\]: Invalid user adminuser from 188.166.21.197 port 44998 Apr 7 14:43:32 ns382633 sshd\[7846\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.21.197 Apr 7 14:43:34 ns382633 sshd\[7846\]: Failed password for invalid user adminuser from 188.166.21.197 port 44998 ssh2 Apr 7 14:50:32 ns382633 sshd\[9567\]: Invalid user ftpusr from 188.166.21.197 port 45678 Apr 7 14:50:32 ns382633 sshd\[9567\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.21.197	2020-04-07 22:03:26
190.143.39.211	attackbots	(sshd) Failed SSH login from 190.143.39.211 (CO/Colombia/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 7 08:49:56 host sshd[35597]: Invalid user admin from 190.143.39.211 port 44334	2020-04-07 22:59:45
51.15.56.133	attack	Apr 7 16:26:37 vmd17057 sshd[8453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.56.133 Apr 7 16:26:39 vmd17057 sshd[8453]: Failed password for invalid user ubuntu from 51.15.56.133 port 44588 ssh2 ...	2020-04-07 22:36:37
218.166.95.82	attackspam	Honeypot attack, port: 5555, PTR: 218-166-95-82.dynamic-ip.hinet.net.	2020-04-07 22:15:51
67.207.81.225	attackbots	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-07 22:36:02
185.153.198.240	attackspam	04/07/2020-09:58:44.504868 185.153.198.240 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-07 22:24:35

最近上报的IP列表

191.101.165.116	148.228.17.194	45.77.200.77	149.129.121.162
180.76.151.65	185.234.217.95	193.183.187.252	222.235.220.206
200.40.31.46	172.73.203.128	86.208.40.231	83.36.48.61
140.182.172.163	194.14.85.127	151.248.3.99	115.202.94.66
5.133.198.207	193.183.102.168	139.36.159.77	159.92.31.92