106.13.144.207

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 11 17:56:59 firewall sshd[26023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.207 user=root Oct 11 17:57:01 firewall sshd[26023]: Failed password for root from 106.13.144.207 port 43918 ssh2 Oct 11 17:59:14 firewall sshd[26065]: Invalid user deployer from 106.13.144.207 ...	2020-10-12 05:58:47
attack	"fail2ban match"	2020-10-11 22:06:34
attackbotsspam	"fail2ban match"	2020-10-11 14:04:12
attackbots	detected by Fail2Ban	2020-10-11 07:26:02
attack	Sep 12 16:53:28 nuernberg-4g-01 sshd[21023]: Failed password for root from 106.13.144.207 port 54576 ssh2 Sep 12 16:58:06 nuernberg-4g-01 sshd[22590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.207 Sep 12 16:58:08 nuernberg-4g-01 sshd[22590]: Failed password for invalid user admin from 106.13.144.207 port 48522 ssh2	2020-09-12 23:23:44
attackspam	Sep 12 07:55:20 dhoomketu sshd[3026535]: Failed password for root from 106.13.144.207 port 52194 ssh2 Sep 12 07:56:28 dhoomketu sshd[3026551]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.207 user=root Sep 12 07:56:30 dhoomketu sshd[3026551]: Failed password for root from 106.13.144.207 port 38840 ssh2 Sep 12 07:57:35 dhoomketu sshd[3026589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.207 user=root Sep 12 07:57:37 dhoomketu sshd[3026589]: Failed password for root from 106.13.144.207 port 53720 ssh2 ...	2020-09-12 15:28:29
attackspam	Aug 19 05:22:19 rocket sshd[30396]: Failed password for root from 106.13.144.207 port 33564 ssh2 Aug 19 05:26:54 rocket sshd[31024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.207 ...	2020-08-19 12:36:58
attack	Bruteforce detected by fail2ban	2020-08-10 22:28:13
attackspambots	SSH brutforce	2020-07-16 19:44:58
attackbotsspam	$f2bV_matches	2020-07-12 15:56:11
attackbots	SSH login attempts.	2020-07-08 00:30:32
attack	Jul 5 21:21:26 php1 sshd\[17113\]: Invalid user uftp from 106.13.144.207 Jul 5 21:21:26 php1 sshd\[17113\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.207 Jul 5 21:21:27 php1 sshd\[17113\]: Failed password for invalid user uftp from 106.13.144.207 port 58730 ssh2 Jul 5 21:22:52 php1 sshd\[17197\]: Invalid user sarvesh from 106.13.144.207 Jul 5 21:22:52 php1 sshd\[17197\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.207	2020-07-06 15:23:35
attackspambots	SSH/22 MH Probe, BF, Hack -	2020-06-14 18:35:23
attackspam	SSH Invalid Login	2020-05-27 06:34:10
attackbotsspam	Brute force SMTP login attempted. ...	2020-05-25 00:12:03
attackspambots	May 19 20:06:29 server sshd[16578]: Failed password for invalid user lzjian from 106.13.144.207 port 52644 ssh2 May 19 20:08:29 server sshd[18834]: Failed password for invalid user bim from 106.13.144.207 port 46492 ssh2 May 19 20:09:11 server sshd[19497]: Failed password for invalid user gun from 106.13.144.207 port 54962 ssh2	2020-05-20 02:32:20
attackbotsspam	Invalid user bini from 106.13.144.207 port 39008	2020-05-01 18:20:41

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.144.8	attackspam	Aug 1 21:31:21 game-panel sshd[22791]: Failed password for root from 106.13.144.8 port 60414 ssh2 Aug 1 21:34:00 game-panel sshd[22891]: Failed password for root from 106.13.144.8 port 41748 ssh2	2020-08-02 05:37:28
106.13.144.8	attackspam	(sshd) Failed SSH login from 106.13.144.8 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 28 09:41:09 s1 sshd[26890]: Invalid user zcx from 106.13.144.8 port 37296 Jul 28 09:41:11 s1 sshd[26890]: Failed password for invalid user zcx from 106.13.144.8 port 37296 ssh2 Jul 28 09:48:13 s1 sshd[27059]: Invalid user jzhang71 from 106.13.144.8 port 46252 Jul 28 09:48:15 s1 sshd[27059]: Failed password for invalid user jzhang71 from 106.13.144.8 port 46252 ssh2 Jul 28 09:51:06 s1 sshd[27223]: Invalid user icmsectest from 106.13.144.8 port 51158	2020-07-28 15:37:14
106.13.144.8	attackspambots	Invalid user mcftp from 106.13.144.8 port 56572	2020-07-19 01:18:16
106.13.144.8	attack	Jul 6 09:37:14 lnxded64 sshd[12943]: Failed password for root from 106.13.144.8 port 45766 ssh2 Jul 6 09:37:14 lnxded64 sshd[12943]: Failed password for root from 106.13.144.8 port 45766 ssh2	2020-07-06 15:39:34
106.13.144.8	attackbotsspam	Jun 27 12:43:17 mail sshd\[51804\]: Invalid user sftp from 106.13.144.8 Jun 27 12:43:17 mail sshd\[51804\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.8 ...	2020-06-28 04:18:29
106.13.144.8	attackbotsspam	Jun 20 21:04:51 home sshd[694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.8 Jun 20 21:04:53 home sshd[694]: Failed password for invalid user hadoop from 106.13.144.8 port 32772 ssh2 Jun 20 21:06:30 home sshd[885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.8 ...	2020-06-21 03:31:31
106.13.144.8	attackspam	Jun 4 22:04:05 mail sshd[17077]: Failed password for root from 106.13.144.8 port 43316 ssh2 ...	2020-06-05 06:54:55
106.13.144.8	attack	May 28 02:03:39 firewall sshd[8836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.8 user=root May 28 02:03:41 firewall sshd[8836]: Failed password for root from 106.13.144.8 port 41600 ssh2 May 28 02:07:54 firewall sshd[8961]: Invalid user test from 106.13.144.8 ...	2020-05-28 14:10:02
106.13.144.8	attackspambots	May 25 21:39:57 rotator sshd\[16128\]: Failed password for root from 106.13.144.8 port 33890 ssh2May 25 21:43:05 rotator sshd\[16893\]: Failed password for root from 106.13.144.8 port 50178 ssh2May 25 21:46:07 rotator sshd\[17663\]: Invalid user gz from 106.13.144.8May 25 21:46:09 rotator sshd\[17663\]: Failed password for invalid user gz from 106.13.144.8 port 38236 ssh2May 25 21:49:08 rotator sshd\[17690\]: Invalid user cristie from 106.13.144.8May 25 21:49:10 rotator sshd\[17690\]: Failed password for invalid user cristie from 106.13.144.8 port 54518 ssh2 ...	2020-05-26 04:15:30
106.13.144.8	attackspam	Apr 27 05:14:03 mockhub sshd[13537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.8 Apr 27 05:14:05 mockhub sshd[13537]: Failed password for invalid user janu from 106.13.144.8 port 39592 ssh2 ...	2020-04-27 20:25:00
106.13.144.78	attackspambots	Port 27164 scan denied	2020-04-19 17:43:41
106.13.144.78	attack	2020-04-12T04:04:56.9098531495-001 sshd[38374]: Invalid user nagios from 106.13.144.78 port 47590 2020-04-12T04:04:56.9168541495-001 sshd[38374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.78 2020-04-12T04:04:56.9098531495-001 sshd[38374]: Invalid user nagios from 106.13.144.78 port 47590 2020-04-12T04:04:58.8853791495-001 sshd[38374]: Failed password for invalid user nagios from 106.13.144.78 port 47590 ssh2 2020-04-12T04:08:16.2249561495-001 sshd[38489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.78 user=root 2020-04-12T04:08:18.6502351495-001 sshd[38489]: Failed password for root from 106.13.144.78 port 57176 ssh2 ...	2020-04-12 23:03:46
106.13.144.164	attackbots	IP blocked	2020-04-12 04:25:38
106.13.144.164	attackbots	$f2bV_matches	2020-04-07 14:58:02
106.13.144.78	attackspambots	Apr 5 00:45:28 ws24vmsma01 sshd[198342]: Failed password for root from 106.13.144.78 port 58352 ssh2 ...	2020-04-05 13:46:48

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.144.207
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62726
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.144.207.			IN	A

;; AUTHORITY SECTION:
.			572	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050101 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 01 18:20:34 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 207.144.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 207.144.13.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
184.105.139.68	attack	21/tcp 11211/tcp 3389/tcp... [2019-05-19/07-20]22pkt,13pt.(tcp),1pt.(udp)	2019-07-20 20:18:20
121.78.129.147	attackspambots	Jul 20 12:43:14 localhost sshd\[58591\]: Invalid user boom from 121.78.129.147 port 40582 Jul 20 12:43:14 localhost sshd\[58591\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.78.129.147 ...	2019-07-20 20:16:17
210.205.202.221	attack	23/tcp 81/tcp [2019-05-23/07-20]2pkt	2019-07-20 19:58:29
113.172.169.234	attack	Jul 20 14:43:50 srv-4 sshd\[18071\]: Invalid user admin from 113.172.169.234 Jul 20 14:43:50 srv-4 sshd\[18071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.172.169.234 Jul 20 14:43:53 srv-4 sshd\[18071\]: Failed password for invalid user admin from 113.172.169.234 port 47802 ssh2 ...	2019-07-20 19:49:12
206.189.73.71	attackspam	Reported by AbuseIPDB proxy server.	2019-07-20 19:44:07
193.70.0.42	attackspambots	Jul 20 14:03:42 SilenceServices sshd[32138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.0.42 Jul 20 14:03:44 SilenceServices sshd[32138]: Failed password for invalid user kumar from 193.70.0.42 port 32880 ssh2 Jul 20 14:10:36 SilenceServices sshd[3329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.0.42	2019-07-20 20:19:26
34.237.52.227	attackspam	Jul 20 11:43:25 TCP Attack: SRC=34.237.52.227 DST=[Masked] LEN=250 TOS=0x00 PREC=0x00 TTL=236 DF PROTO=TCP SPT=55430 DPT=80 WINDOW=913 RES=0x00 ACK PSH URGP=0	2019-07-20 20:08:53
184.105.109.200	attackspambots	20.07.2019 12:25:51 Connection to port 1900 blocked by firewall	2019-07-20 20:30:05
78.108.177.51	attackspam	scan z	2019-07-20 19:43:05
183.103.61.243	attack	Jul 20 12:59:16 mail sshd\[29926\]: Failed password for invalid user testuser from 183.103.61.243 port 46246 ssh2 Jul 20 13:15:28 mail sshd\[30163\]: Invalid user sympa from 183.103.61.243 port 33720 Jul 20 13:15:28 mail sshd\[30163\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.103.61.243 ...	2019-07-20 20:30:29
77.42.72.86	attackspam	Automatic report - Port Scan Attack	2019-07-20 20:07:57
196.52.43.111	attack	5353/udp 5985/tcp 8531/tcp... [2019-05-21/07-19]43pkt,31pt.(tcp),4pt.(udp)	2019-07-20 20:26:54
62.220.172.32	attackspam	8080/tcp 2323/tcp 23/tcp... [2019-06-12/07-20]4pkt,3pt.(tcp)	2019-07-20 20:06:27
124.158.5.112	attack	SSH authentication failure x 6 reported by Fail2Ban ...	2019-07-20 19:57:55
200.23.227.14	attackspambots	Jul 20 07:43:56 web1 postfix/smtpd[5169]: warning: unknown[200.23.227.14]: SASL PLAIN authentication failed: authentication failure ...	2019-07-20 19:46:29

最近上报的IP列表

91.121.65.15	150.154.6.4	29.233.225.195	215.80.50.40
119.235.176.222	38.193.200.216	127.139.12.77	219.245.150.7
137.121.95.24	59.26.188.156	80.253.21.122	91.73.7.205
198.42.18.165	20.86.161.196	139.167.141.49	61.134.255.74
42.147.230.163	108.50.144.228	9.73.176.228	112.25.106.179