106.13.23.149 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	20 attempts against mh-ssh on cloud.magehost.pro	2020-01-18 14:51:23
attack	Unauthorized connection attempt detected from IP address 106.13.23.149 to port 2220 [J]	2020-01-13 06:29:42
attackspambots	Automatic report - Banned IP Access	2020-01-11 20:46:51
attackbotsspam	$f2bV_matches	2019-12-26 14:03:42
attack	Nov 6 19:13:51 itv-usvr-01 sshd[15015]: Invalid user 123 from 106.13.23.149 Nov 6 19:13:51 itv-usvr-01 sshd[15015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.23.149 Nov 6 19:13:51 itv-usvr-01 sshd[15015]: Invalid user 123 from 106.13.23.149 Nov 6 19:13:53 itv-usvr-01 sshd[15015]: Failed password for invalid user 123 from 106.13.23.149 port 44678 ssh2 Nov 6 19:19:46 itv-usvr-01 sshd[15253]: Invalid user asdfasdfasdf from 106.13.23.149	2019-11-06 20:39:43
attack	$f2bV_matches	2019-10-29 14:12:09
attack	Invalid user whirlwind from 106.13.23.149 port 35056	2019-10-29 07:36:08
attackspam	firewall-block, port(s): 23/tcp	2019-07-31 16:50:59
attackspam	DLink DSL Remote OS Command Injection Vulnerability	2019-07-03 21:20:41

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.231.150	attackspam	Oct 13 17:13:23 lunarastro sshd[24773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.231.150 Oct 13 17:13:26 lunarastro sshd[24773]: Failed password for invalid user margarita from 106.13.231.150 port 49772 ssh2	2020-10-13 22:12:00
106.13.231.150	attackbotsspam	Oct 13 03:11:30 haigwepa sshd[32217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.231.150 Oct 13 03:11:32 haigwepa sshd[32217]: Failed password for invalid user vicky from 106.13.231.150 port 59356 ssh2 ...	2020-10-13 13:37:23
106.13.231.150	attackbotsspam	SSH bruteforce	2020-10-13 06:21:04
106.13.230.219	attack	2020-10-10T21:11:57.325857hostname sshd[607]: Failed password for root from 106.13.230.219 port 55018 ssh2 ...	2020-10-12 07:48:36
106.13.231.10	attack	Invalid user edu from 106.13.231.10 port 44588	2020-10-12 07:32:27
106.13.239.120	attackbotsspam	Oct 11 22:23:31 ns381471 sshd[5093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.239.120 Oct 11 22:23:33 ns381471 sshd[5093]: Failed password for invalid user takuya from 106.13.239.120 port 58732 ssh2	2020-10-12 04:52:28
106.13.232.193	attack	(sshd) Failed SSH login from 106.13.232.193 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 16:19:23 server2 sshd[10510]: Invalid user postgres from 106.13.232.193 port 56996 Oct 11 16:19:26 server2 sshd[10510]: Failed password for invalid user postgres from 106.13.232.193 port 56996 ssh2 Oct 11 17:01:11 server2 sshd[18073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.232.193 user=root Oct 11 17:01:13 server2 sshd[18073]: Failed password for root from 106.13.232.193 port 33714 ssh2 Oct 11 17:03:02 server2 sshd[18361]: Invalid user terry from 106.13.232.193 port 52814	2020-10-12 01:19:51
106.13.230.219	attack	(sshd) Failed SSH login from 106.13.230.219 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 11:39:00 optimus sshd[13324]: Invalid user abby from 106.13.230.219 Oct 11 11:39:00 optimus sshd[13324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.230.219 Oct 11 11:39:02 optimus sshd[13324]: Failed password for invalid user abby from 106.13.230.219 port 37148 ssh2 Oct 11 11:45:23 optimus sshd[15565]: Invalid user luis from 106.13.230.219 Oct 11 11:45:23 optimus sshd[15565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.230.219	2020-10-12 00:05:57
106.13.231.10	attackspambots	Fail2Ban	2020-10-11 23:47:39
106.13.239.120	attackspambots	SSH Brute Force (V)	2020-10-11 20:56:35
106.13.232.193	attackbotsspam	Automatic report - Banned IP Access	2020-10-11 17:11:20
106.13.230.219	attackbotsspam	Oct 11 13:57:04 itv-usvr-02 sshd[22020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.230.219 user=root Oct 11 13:57:06 itv-usvr-02 sshd[22020]: Failed password for root from 106.13.230.219 port 37394 ssh2 Oct 11 13:58:36 itv-usvr-02 sshd[22069]: Invalid user wwwdata from 106.13.230.219 port 54106 Oct 11 13:58:36 itv-usvr-02 sshd[22069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.230.219 Oct 11 13:58:36 itv-usvr-02 sshd[22069]: Invalid user wwwdata from 106.13.230.219 port 54106 Oct 11 13:58:38 itv-usvr-02 sshd[22069]: Failed password for invalid user wwwdata from 106.13.230.219 port 54106 ssh2	2020-10-11 16:04:36
106.13.231.10	attackspam	SSH Brute Force	2020-10-11 15:46:49
106.13.239.120	attackbotsspam	(sshd) Failed SSH login from 106.13.239.120 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 00:44:01 server4 sshd[14793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.239.120 user=root Oct 11 00:44:03 server4 sshd[14793]: Failed password for root from 106.13.239.120 port 39104 ssh2 Oct 11 00:50:06 server4 sshd[18423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.239.120 user=root Oct 11 00:50:09 server4 sshd[18423]: Failed password for root from 106.13.239.120 port 39770 ssh2 Oct 11 00:51:37 server4 sshd[19429]: Invalid user roman from 106.13.239.120	2020-10-11 12:53:02
106.13.230.219	attackspam	Oct 10 23:54:20 inter-technics sshd[27273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.230.219 user=root Oct 10 23:54:22 inter-technics sshd[27273]: Failed password for root from 106.13.230.219 port 59616 ssh2 Oct 11 00:01:05 inter-technics sshd[31103]: Invalid user usrlib from 106.13.230.219 port 34160 Oct 11 00:01:05 inter-technics sshd[31103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.230.219 Oct 11 00:01:05 inter-technics sshd[31103]: Invalid user usrlib from 106.13.230.219 port 34160 Oct 11 00:01:07 inter-technics sshd[31103]: Failed password for invalid user usrlib from 106.13.230.219 port 34160 ssh2 ...	2020-10-11 09:22:39

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.23.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34958
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.23.149.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070300 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 03 21:20:29 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 149.23.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 149.23.13.106.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
95.54.90.129	attack	2020-05-2609:29:171jdU1U-0007rg-Ac\<=info@whatsup2013.chH=$localhost$[197.248.24.15]:58965P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2240id=D7D264373CE8C784585D14AC68744320@whatsup2013.chT="Ihopelateronweshallquiteoftenthinkabouteachother"forquinton.donald2002@yahoo.com2020-05-2609:27:041jdTzC-0007gP-UW\<=info@whatsup2013.chH=$localhost$[14.162.132.72]:42277P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2190id=9396207378AC83C01C1950E82C8131BC@whatsup2013.chT="Iamactuallyinterestedinamalewithaniceheart"forandy.cory82@gmail.com2020-05-2609:27:401jdTzw-0007jo-4Z\<=info@whatsup2013.chH=95-54-90-129.dynamic.novgorod.dslavangard.ru$localhost$[95.54.90.129]:33090P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2164id=898C3A6962B699DA06034AF236F31060@whatsup2013.chT="Iwouldlovetoobtainaguyforaseriousconnection"forlala123@yahoo.com2020-05-2609:29:041jdU1H-0007qI-1n\<=info@wh	2020-05-26 21:28:02
218.92.0.168	attack	2020-05-26T15:44:44.519986afi-git.jinr.ru sshd[5500]: Failed password for root from 218.92.0.168 port 41469 ssh2 2020-05-26T15:44:48.559038afi-git.jinr.ru sshd[5500]: Failed password for root from 218.92.0.168 port 41469 ssh2 2020-05-26T15:44:51.717343afi-git.jinr.ru sshd[5500]: Failed password for root from 218.92.0.168 port 41469 ssh2 2020-05-26T15:44:51.717490afi-git.jinr.ru sshd[5500]: error: maximum authentication attempts exceeded for root from 218.92.0.168 port 41469 ssh2 [preauth] 2020-05-26T15:44:51.717504afi-git.jinr.ru sshd[5500]: Disconnecting: Too many authentication failures [preauth] ...	2020-05-26 21:08:44
120.92.89.30	attackbotsspam	Lines containing failures of 120.92.89.30 May 25 16:54:11 www sshd[15899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.89.30 user=r.r May 25 16:54:12 www sshd[15899]: Failed password for r.r from 120.92.89.30 port 48312 ssh2 May 25 16:54:13 www sshd[15899]: Received disconnect from 120.92.89.30 port 48312:11: Bye Bye [preauth] May 25 16:54:13 www sshd[15899]: Disconnected from authenticating user r.r 120.92.89.30 port 48312 [preauth] May 25 17:01:34 www sshd[17278]: Invalid user scanner from 120.92.89.30 port 47560 May 25 17:01:34 www sshd[17278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.89.30 May 25 17:01:36 www sshd[17278]: Failed password for invalid user scanner from 120.92.89.30 port 47560 ssh2 May 25 17:01:37 www sshd[17278]: Received disconnect from 120.92.89.30 port 47560:11: Bye Bye [preauth] May 25 17:01:37 www sshd[17278]: Disconnected from invalid user sc........ ------------------------------	2020-05-26 21:03:48
59.127.95.174	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-26 21:14:25
106.12.220.19	attackbots	May 26 16:04:12 hosting sshd[32197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.220.19 user=root May 26 16:04:14 hosting sshd[32197]: Failed password for root from 106.12.220.19 port 43900 ssh2 ...	2020-05-26 21:25:29
52.20.151.219	attackspam	May 25 22:29:49 web9 sshd\[17453\]: Invalid user admin from 52.20.151.219 May 25 22:29:49 web9 sshd\[17453\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.20.151.219 May 25 22:29:51 web9 sshd\[17453\]: Failed password for invalid user admin from 52.20.151.219 port 51687 ssh2 May 25 22:34:32 web9 sshd\[18092\]: Invalid user super from 52.20.151.219 May 25 22:34:32 web9 sshd\[18092\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.20.151.219	2020-05-26 21:32:02
51.159.52.209	attackspambots	May 26 12:18:52 * sshd[10791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.159.52.209 May 26 12:18:54 * sshd[10791]: Failed password for invalid user admin from 51.159.52.209 port 42860 ssh2	2020-05-26 21:11:52
212.95.137.164	attackspambots	2020-05-26T11:01:39.321289homeassistant sshd[9648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.95.137.164 user=root 2020-05-26T11:01:41.366134homeassistant sshd[9648]: Failed password for root from 212.95.137.164 port 57576 ssh2 ...	2020-05-26 21:22:12
86.57.242.134	attack	Unauthorized IMAP connection attempt	2020-05-26 21:31:24
119.28.144.9	attack	ICMP MH Probe, Scan /Distributed -	2020-05-26 21:33:39
175.139.202.201	attackbotsspam	May 26 11:59:59 ns381471 sshd[24954]: Failed password for root from 175.139.202.201 port 53652 ssh2	2020-05-26 21:00:14
201.48.192.60	attack	2020-05-26T21:28:28.140477vivaldi2.tree2.info sshd[32725]: Invalid user vijaya from 201.48.192.60 2020-05-26T21:28:28.159432vivaldi2.tree2.info sshd[32725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.192.60 2020-05-26T21:28:28.140477vivaldi2.tree2.info sshd[32725]: Invalid user vijaya from 201.48.192.60 2020-05-26T21:28:30.307503vivaldi2.tree2.info sshd[32725]: Failed password for invalid user vijaya from 201.48.192.60 port 49956 ssh2 2020-05-26T21:32:24.372823vivaldi2.tree2.info sshd[491]: Invalid user hxhtftp from 201.48.192.60 ...	2020-05-26 21:12:14
119.28.164.101	attackspam	ICMP MH Probe, Scan /Distributed -	2020-05-26 21:30:15
114.33.206.60	attack	Attempted connection to port 23.	2020-05-26 20:55:17
123.172.249.160	attackbots	ICMP MH Probe, Scan /Distributed -	2020-05-26 21:01:57

最近上报的IP列表

6.25.130.3	98.231.78.216	51.158.181.213	195.159.205.88
214.145.96.142	118.72.108.115	5.62.41.148	198.108.66.69
192.119.65.179	173.95.150.192	171.97.249.124	183.179.121.46
178.212.89.128	52.53.171.233	179.110.75.102	188.225.225.227
66.70.173.61	66.249.79.47	103.81.238.12	209.85.222.195