106.13.149.187

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Feb 28 11:59:48 minden010 sshd[32226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.149.187 Feb 28 11:59:50 minden010 sshd[32226]: Failed password for invalid user jira from 106.13.149.187 port 37560 ssh2 Feb 28 12:07:01 minden010 sshd[2447]: Failed password for root from 106.13.149.187 port 37880 ssh2 ...	2020-02-28 19:10:53

类型

评论内容

时间

attackspam

Feb 28 11:59:48 minden010 sshd[32226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.149.187
Feb 28 11:59:50 minden010 sshd[32226]: Failed password for invalid user jira from 106.13.149.187 port 37560 ssh2
Feb 28 12:07:01 minden010 sshd[2447]: Failed password for root from 106.13.149.187 port 37880 ssh2
...

2020-02-28 19:10:53

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.149.57	attackspambots	Aug 24 21:51:45 game-panel sshd[13385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.149.57 Aug 24 21:51:47 game-panel sshd[13385]: Failed password for invalid user blumberg from 106.13.149.57 port 58800 ssh2 Aug 24 21:56:00 game-panel sshd[13589]: Failed password for root from 106.13.149.57 port 34292 ssh2	2020-08-25 06:15:49
106.13.149.57	attackbotsspam	Aug 22 23:29:45 lukav-desktop sshd\[7527\]: Invalid user admin from 106.13.149.57 Aug 22 23:29:45 lukav-desktop sshd\[7527\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.149.57 Aug 22 23:29:47 lukav-desktop sshd\[7527\]: Failed password for invalid user admin from 106.13.149.57 port 58544 ssh2 Aug 22 23:33:59 lukav-desktop sshd\[7624\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.149.57 user=root Aug 22 23:34:01 lukav-desktop sshd\[7624\]: Failed password for root from 106.13.149.57 port 36082 ssh2	2020-08-23 04:45:10
106.13.149.227	attackbots	SSH Brute-force	2020-08-18 16:53:58
106.13.149.57	attack	2020-08-09T04:56:40.273646shield sshd\[27694\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.149.57 user=root 2020-08-09T04:56:41.771595shield sshd\[27694\]: Failed password for root from 106.13.149.57 port 55300 ssh2 2020-08-09T05:01:20.095696shield sshd\[28615\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.149.57 user=root 2020-08-09T05:01:22.366356shield sshd\[28615\]: Failed password for root from 106.13.149.57 port 55636 ssh2 2020-08-09T05:06:07.172147shield sshd\[29365\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.149.57 user=root	2020-08-09 13:47:56
106.13.149.227	attack	Port scan denied	2020-08-06 18:07:15
106.13.149.57	attackbots	Aug 5 22:34:36 buvik sshd[451]: Failed password for root from 106.13.149.57 port 48492 ssh2 Aug 5 22:38:29 buvik sshd[1069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.149.57 user=root Aug 5 22:38:31 buvik sshd[1069]: Failed password for root from 106.13.149.57 port 48508 ssh2 ...	2020-08-06 07:13:28
106.13.149.57	attackbotsspam	Jul 28 02:12:31 journals sshd\[58590\]: Invalid user baoyonglian from 106.13.149.57 Jul 28 02:12:31 journals sshd\[58590\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.149.57 Jul 28 02:12:33 journals sshd\[58590\]: Failed password for invalid user baoyonglian from 106.13.149.57 port 36688 ssh2 Jul 28 02:13:43 journals sshd\[58700\]: Invalid user mace from 106.13.149.57 Jul 28 02:13:43 journals sshd\[58700\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.149.57 ...	2020-07-28 07:22:08
106.13.149.57	attackbots	Jul 24 05:32:26 rush sshd[7755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.149.57 Jul 24 05:32:28 rush sshd[7755]: Failed password for invalid user java from 106.13.149.57 port 44870 ssh2 Jul 24 05:38:31 rush sshd[7962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.149.57 ...	2020-07-24 13:55:30
106.13.149.227	attackspam	Unauthorized connection attempt detected from IP address 106.13.149.227 to port 11659	2020-07-16 04:27:48
106.13.149.227	attack	11898/tcp 26264/tcp 10538/tcp... [2020-06-23/07-08]10pkt,10pt.(tcp)	2020-07-08 23:30:07
106.13.149.57	attackspam	Jul 8 09:58:19 dhoomketu sshd[1362956]: Invalid user tudor from 106.13.149.57 port 43958 Jul 8 09:58:19 dhoomketu sshd[1362956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.149.57 Jul 8 09:58:19 dhoomketu sshd[1362956]: Invalid user tudor from 106.13.149.57 port 43958 Jul 8 09:58:22 dhoomketu sshd[1362956]: Failed password for invalid user tudor from 106.13.149.57 port 43958 ssh2 Jul 8 10:01:42 dhoomketu sshd[1362992]: Invalid user yfbastion from 106.13.149.57 port 32846 ...	2020-07-08 13:45:32
106.13.149.57	attackbots	Jul 7 15:32:24 cp sshd[32005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.149.57	2020-07-08 01:02:35
106.13.149.227	attackbotsspam	Jul 5 17:02:58 dignus sshd[13103]: Invalid user postgres from 106.13.149.227 port 45614 Jul 5 17:02:58 dignus sshd[13103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.149.227 Jul 5 17:03:00 dignus sshd[13103]: Failed password for invalid user postgres from 106.13.149.227 port 45614 ssh2 Jul 5 17:08:41 dignus sshd[13589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.149.227 user=root Jul 5 17:08:42 dignus sshd[13589]: Failed password for root from 106.13.149.227 port 38358 ssh2 ...	2020-07-06 08:21:23
106.13.149.227	attackbotsspam	(sshd) Failed SSH login from 106.13.149.227 (CN/China/-): 5 in the last 3600 secs	2020-06-30 14:15:50
106.13.149.227	attack	sshd	2020-06-13 23:36:33

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.149.187
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41438
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.149.187.			IN	A

;; AUTHORITY SECTION:
.			395	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022800 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 28 19:10:45 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 187.149.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 187.149.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
93.179.69.53	attackbotsspam	SPAM Delivery Attempt	2019-06-26 10:31:01
193.112.164.113	attackspambots	Jun 26 09:10:57 itv-usvr-02 sshd[32460]: Invalid user super from 193.112.164.113 port 58106 Jun 26 09:10:57 itv-usvr-02 sshd[32460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.164.113 Jun 26 09:10:57 itv-usvr-02 sshd[32460]: Invalid user super from 193.112.164.113 port 58106 Jun 26 09:10:59 itv-usvr-02 sshd[32460]: Failed password for invalid user super from 193.112.164.113 port 58106 ssh2 Jun 26 09:11:47 itv-usvr-02 sshd[32469]: Invalid user ejabberd from 193.112.164.113 port 36906	2019-06-26 10:19:50
184.105.247.204	attackbots	3389BruteforceFW23	2019-06-26 10:05:52
77.40.2.115	attack	IP: 77.40.2.115 ASN: AS12389 Rostelecom Port: Message Submission 587 Found in one or more Blacklists Date: 26/06/2019 2:11:35 AM UTC	2019-06-26 10:28:38
114.230.107.222	attackbots	2019-06-26T04:11:25.114186mail01 postfix/smtpd[29331]: warning: unknown[114.230.107.222]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-26T04:11:32.298472mail01 postfix/smtpd[29351]: warning: unknown[114.230.107.222]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-26T04:11:44.188508mail01 postfix/smtpd[29351]: warning: unknown[114.230.107.222]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-06-26 10:23:36
223.255.230.24	attack	LGS,WP GET /wp-login.php	2019-06-26 10:23:06
186.121.243.218	attackspam	vulcan	2019-06-26 09:44:18
201.150.88.65	attack	SMTP-sasl brute force ...	2019-06-26 10:08:01
136.144.132.253	attackspam	Jun 25 18:53:17 mxgate1 postfix/postscreen[813]: CONNECT from [136.144.132.253]:52690 to [176.31.12.44]:25 Jun 25 18:53:17 mxgate1 postfix/dnsblog[962]: addr 136.144.132.253 listed by domain cbl.abuseat.org as 127.0.0.2 Jun 25 18:53:17 mxgate1 postfix/dnsblog[960]: addr 136.144.132.253 listed by domain zen.spamhaus.org as 127.0.0.4 Jun 25 18:53:17 mxgate1 postfix/dnsblog[963]: addr 136.144.132.253 listed by domain bl.spamcop.net as 127.0.0.2 Jun 25 18:53:17 mxgate1 postfix/dnsblog[959]: addr 136.144.132.253 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Jun 25 18:53:23 mxgate1 postfix/postscreen[813]: DNSBL rank 5 for [136.144.132.253]:52690 Jun x@x Jun 25 18:53:23 mxgate1 postfix/postscreen[813]: HANGUP after 0.13 from [136.144.132.253]:52690 in tests after SMTP handshake Jun 25 18:53:23 mxgate1 postfix/postscreen[813]: DISCONNECT [136.144.132.253]:52690 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=136.144.132.253	2019-06-26 10:03:06
187.92.195.74	attackbots	Unauthorised access (Jun 26) SRC=187.92.195.74 LEN=52 TTL=113 ID=6079 DF TCP DPT=445 WINDOW=8192 SYN	2019-06-26 10:24:16
68.183.219.43	attackbotsspam	Jun 24 22:18:54 sanyalnet-awsem3-1 sshd[1013]: Connection from 68.183.219.43 port 47232 on 172.30.0.184 port 22 Jun 24 22:18:55 sanyalnet-awsem3-1 sshd[1013]: Invalid user vserver from 68.183.219.43 Jun 24 22:18:55 sanyalnet-awsem3-1 sshd[1013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.219.43 Jun 24 22:18:57 sanyalnet-awsem3-1 sshd[1013]: Failed password for invalid user vserver from 68.183.219.43 port 47232 ssh2 Jun 24 22:18:57 sanyalnet-awsem3-1 sshd[1013]: Received disconnect from 68.183.219.43: 11: Bye Bye [preauth] Jun 24 22:21:56 sanyalnet-awsem3-1 sshd[1094]: Connection from 68.183.219.43 port 57852 on 172.30.0.184 port 22 Jun 24 22:21:57 sanyalnet-awsem3-1 sshd[1094]: Invalid user bugs from 68.183.219.43 Jun 24 22:21:57 sanyalnet-awsem3-1 sshd[1094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.219.43 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?	2019-06-26 10:20:29
170.244.195.11	attackspam	Jun 25 18:52:52 v22015092888327978 sshd[6571]: Invalid user admin from 170.244.195.11 Jun 25 18:53:00 v22015092888327978 sshd[6573]: Invalid user admin from 170.244.195.11 Jun 25 18:53:06 v22015092888327978 sshd[6575]: Invalid user admin from 170.244.195.11 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=170.244.195.11	2019-06-26 09:56:42
159.65.128.166	attackspambots	Automatic report - Web App Attack	2019-06-26 10:05:19
200.140.194.109	attack	Jun 26 04:11:46 [host] sshd[4205]: Invalid user zookeeper from 200.140.194.109 Jun 26 04:11:46 [host] sshd[4205]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.140.194.109 Jun 26 04:11:48 [host] sshd[4205]: Failed password for invalid user zookeeper from 200.140.194.109 port 58996 ssh2	2019-06-26 10:19:33
61.161.209.134	attackbots	Brute force attempt	2019-06-26 09:42:03

最近上报的IP列表

117.3.80.4	122.155.27.1	110.138.211.102	116.111.185.78
103.216.218.52	202.179.188.66	180.145.24.44	125.167.114.219
178.219.123.76	66.249.65.110	173.208.184.28	106.51.64.90
87.197.137.176	180.140.126.212	103.212.211.140	36.92.10.97
91.220.81.146	180.110.40.186	77.232.100.192	110.77.238.48