106.13.23.149 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	20 attempts against mh-ssh on cloud.magehost.pro	2020-01-18 14:51:23
attack	Unauthorized connection attempt detected from IP address 106.13.23.149 to port 2220 [J]	2020-01-13 06:29:42
attackspambots	Automatic report - Banned IP Access	2020-01-11 20:46:51
attackbotsspam	$f2bV_matches	2019-12-26 14:03:42
attack	Nov 6 19:13:51 itv-usvr-01 sshd[15015]: Invalid user 123 from 106.13.23.149 Nov 6 19:13:51 itv-usvr-01 sshd[15015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.23.149 Nov 6 19:13:51 itv-usvr-01 sshd[15015]: Invalid user 123 from 106.13.23.149 Nov 6 19:13:53 itv-usvr-01 sshd[15015]: Failed password for invalid user 123 from 106.13.23.149 port 44678 ssh2 Nov 6 19:19:46 itv-usvr-01 sshd[15253]: Invalid user asdfasdfasdf from 106.13.23.149	2019-11-06 20:39:43
attack	$f2bV_matches	2019-10-29 14:12:09
attack	Invalid user whirlwind from 106.13.23.149 port 35056	2019-10-29 07:36:08
attackspam	firewall-block, port(s): 23/tcp	2019-07-31 16:50:59
attackspam	DLink DSL Remote OS Command Injection Vulnerability	2019-07-03 21:20:41

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.231.150	attackspam	Oct 13 17:13:23 lunarastro sshd[24773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.231.150 Oct 13 17:13:26 lunarastro sshd[24773]: Failed password for invalid user margarita from 106.13.231.150 port 49772 ssh2	2020-10-13 22:12:00
106.13.231.150	attackbotsspam	Oct 13 03:11:30 haigwepa sshd[32217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.231.150 Oct 13 03:11:32 haigwepa sshd[32217]: Failed password for invalid user vicky from 106.13.231.150 port 59356 ssh2 ...	2020-10-13 13:37:23
106.13.231.150	attackbotsspam	SSH bruteforce	2020-10-13 06:21:04
106.13.230.219	attack	2020-10-10T21:11:57.325857hostname sshd[607]: Failed password for root from 106.13.230.219 port 55018 ssh2 ...	2020-10-12 07:48:36
106.13.231.10	attack	Invalid user edu from 106.13.231.10 port 44588	2020-10-12 07:32:27
106.13.239.120	attackbotsspam	Oct 11 22:23:31 ns381471 sshd[5093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.239.120 Oct 11 22:23:33 ns381471 sshd[5093]: Failed password for invalid user takuya from 106.13.239.120 port 58732 ssh2	2020-10-12 04:52:28
106.13.232.193	attack	(sshd) Failed SSH login from 106.13.232.193 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 16:19:23 server2 sshd[10510]: Invalid user postgres from 106.13.232.193 port 56996 Oct 11 16:19:26 server2 sshd[10510]: Failed password for invalid user postgres from 106.13.232.193 port 56996 ssh2 Oct 11 17:01:11 server2 sshd[18073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.232.193 user=root Oct 11 17:01:13 server2 sshd[18073]: Failed password for root from 106.13.232.193 port 33714 ssh2 Oct 11 17:03:02 server2 sshd[18361]: Invalid user terry from 106.13.232.193 port 52814	2020-10-12 01:19:51
106.13.230.219	attack	(sshd) Failed SSH login from 106.13.230.219 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 11:39:00 optimus sshd[13324]: Invalid user abby from 106.13.230.219 Oct 11 11:39:00 optimus sshd[13324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.230.219 Oct 11 11:39:02 optimus sshd[13324]: Failed password for invalid user abby from 106.13.230.219 port 37148 ssh2 Oct 11 11:45:23 optimus sshd[15565]: Invalid user luis from 106.13.230.219 Oct 11 11:45:23 optimus sshd[15565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.230.219	2020-10-12 00:05:57
106.13.231.10	attackspambots	Fail2Ban	2020-10-11 23:47:39
106.13.239.120	attackspambots	SSH Brute Force (V)	2020-10-11 20:56:35
106.13.232.193	attackbotsspam	Automatic report - Banned IP Access	2020-10-11 17:11:20
106.13.230.219	attackbotsspam	Oct 11 13:57:04 itv-usvr-02 sshd[22020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.230.219 user=root Oct 11 13:57:06 itv-usvr-02 sshd[22020]: Failed password for root from 106.13.230.219 port 37394 ssh2 Oct 11 13:58:36 itv-usvr-02 sshd[22069]: Invalid user wwwdata from 106.13.230.219 port 54106 Oct 11 13:58:36 itv-usvr-02 sshd[22069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.230.219 Oct 11 13:58:36 itv-usvr-02 sshd[22069]: Invalid user wwwdata from 106.13.230.219 port 54106 Oct 11 13:58:38 itv-usvr-02 sshd[22069]: Failed password for invalid user wwwdata from 106.13.230.219 port 54106 ssh2	2020-10-11 16:04:36
106.13.231.10	attackspam	SSH Brute Force	2020-10-11 15:46:49
106.13.239.120	attackbotsspam	(sshd) Failed SSH login from 106.13.239.120 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 00:44:01 server4 sshd[14793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.239.120 user=root Oct 11 00:44:03 server4 sshd[14793]: Failed password for root from 106.13.239.120 port 39104 ssh2 Oct 11 00:50:06 server4 sshd[18423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.239.120 user=root Oct 11 00:50:09 server4 sshd[18423]: Failed password for root from 106.13.239.120 port 39770 ssh2 Oct 11 00:51:37 server4 sshd[19429]: Invalid user roman from 106.13.239.120	2020-10-11 12:53:02
106.13.230.219	attackspam	Oct 10 23:54:20 inter-technics sshd[27273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.230.219 user=root Oct 10 23:54:22 inter-technics sshd[27273]: Failed password for root from 106.13.230.219 port 59616 ssh2 Oct 11 00:01:05 inter-technics sshd[31103]: Invalid user usrlib from 106.13.230.219 port 34160 Oct 11 00:01:05 inter-technics sshd[31103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.230.219 Oct 11 00:01:05 inter-technics sshd[31103]: Invalid user usrlib from 106.13.230.219 port 34160 Oct 11 00:01:07 inter-technics sshd[31103]: Failed password for invalid user usrlib from 106.13.230.219 port 34160 ssh2 ...	2020-10-11 09:22:39

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.23.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34958
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.23.149.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070300 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 03 21:20:29 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 149.23.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 149.23.13.106.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
54.37.232.108	attack	Apr 24 07:21:13 prox sshd[28231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.232.108 Apr 24 07:21:15 prox sshd[28231]: Failed password for invalid user un from 54.37.232.108 port 46508 ssh2	2020-04-24 13:43:07
51.77.151.175	attackspam	2020-04-24T03:47:12.744207dmca.cloudsearch.cf sshd[9314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.ip-51-77-151.eu user=root 2020-04-24T03:47:15.033033dmca.cloudsearch.cf sshd[9314]: Failed password for root from 51.77.151.175 port 48832 ssh2 2020-04-24T03:51:12.667957dmca.cloudsearch.cf sshd[9604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.ip-51-77-151.eu user=root 2020-04-24T03:51:14.563769dmca.cloudsearch.cf sshd[9604]: Failed password for root from 51.77.151.175 port 33606 ssh2 2020-04-24T03:55:07.999476dmca.cloudsearch.cf sshd[9929]: Invalid user z from 51.77.151.175 port 46620 2020-04-24T03:55:08.004945dmca.cloudsearch.cf sshd[9929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.ip-51-77-151.eu 2020-04-24T03:55:07.999476dmca.cloudsearch.cf sshd[9929]: Invalid user z from 51.77.151.175 port 46620 2020-04-24T03:55:09.298598dmca.cloudse ...	2020-04-24 14:17:53
113.204.205.66	attackbotsspam	Apr 23 19:18:08 tdfoods sshd\[20856\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.204.205.66 user=root Apr 23 19:18:10 tdfoods sshd\[20856\]: Failed password for root from 113.204.205.66 port 3892 ssh2 Apr 23 19:21:00 tdfoods sshd\[21096\]: Invalid user testing from 113.204.205.66 Apr 23 19:21:00 tdfoods sshd\[21096\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.204.205.66 Apr 23 19:21:02 tdfoods sshd\[21096\]: Failed password for invalid user testing from 113.204.205.66 port 36447 ssh2	2020-04-24 13:40:21
77.40.62.182	attackspambots	Brute force attempt	2020-04-24 14:00:24
51.75.207.61	attack	Apr 23 19:10:56 eddieflores sshd\[29594\]: Invalid user go from 51.75.207.61 Apr 23 19:10:56 eddieflores sshd\[29594\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.ip-51-75-207.eu Apr 23 19:10:58 eddieflores sshd\[29594\]: Failed password for invalid user go from 51.75.207.61 port 59818 ssh2 Apr 23 19:14:54 eddieflores sshd\[29866\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.ip-51-75-207.eu user=root Apr 23 19:14:56 eddieflores sshd\[29866\]: Failed password for root from 51.75.207.61 port 44836 ssh2	2020-04-24 13:48:25
49.233.185.109	attack	Invalid user admin from 49.233.185.109 port 45180	2020-04-24 13:51:52
3.84.115.189	attack	Apr 23 19:22:50 hanapaa sshd\[13043\]: Invalid user admin01 from 3.84.115.189 Apr 23 19:22:50 hanapaa sshd\[13043\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-3-84-115-189.compute-1.amazonaws.com Apr 23 19:22:53 hanapaa sshd\[13043\]: Failed password for invalid user admin01 from 3.84.115.189 port 52570 ssh2 Apr 23 19:26:10 hanapaa sshd\[13281\]: Invalid user ftpuser from 3.84.115.189 Apr 23 19:26:10 hanapaa sshd\[13281\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-3-84-115-189.compute-1.amazonaws.com	2020-04-24 13:29:14
129.204.46.170	attackbotsspam	Invalid user Test from 129.204.46.170 port 59404	2020-04-24 14:20:11
222.186.15.62	attackbots	Apr 23 19:39:17 tdfoods sshd\[22431\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.62 user=root Apr 23 19:39:19 tdfoods sshd\[22431\]: Failed password for root from 222.186.15.62 port 63148 ssh2 Apr 23 19:39:25 tdfoods sshd\[22454\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.62 user=root Apr 23 19:39:27 tdfoods sshd\[22454\]: Failed password for root from 222.186.15.62 port 12142 ssh2 Apr 23 19:39:34 tdfoods sshd\[22457\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.62 user=root	2020-04-24 13:43:31
117.173.67.119	attack	Apr 24 05:55:11 pornomens sshd\[13690\]: Invalid user la from 117.173.67.119 port 2573 Apr 24 05:55:11 pornomens sshd\[13690\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.173.67.119 Apr 24 05:55:13 pornomens sshd\[13690\]: Failed password for invalid user la from 117.173.67.119 port 2573 ssh2 ...	2020-04-24 14:14:41
175.5.41.177	attackbotsspam	prod6 ...	2020-04-24 13:53:07
183.98.215.91	attackbotsspam	Apr 23 19:02:16 auw2 sshd\[19611\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.98.215.91 user=root Apr 23 19:02:18 auw2 sshd\[19611\]: Failed password for root from 183.98.215.91 port 33942 ssh2 Apr 23 19:07:03 auw2 sshd\[19965\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.98.215.91 user=root Apr 23 19:07:04 auw2 sshd\[19965\]: Failed password for root from 183.98.215.91 port 48758 ssh2 Apr 23 19:11:54 auw2 sshd\[20297\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.98.215.91 user=root	2020-04-24 13:29:46
157.245.12.36	attackbotsspam	Invalid user ng from 157.245.12.36 port 57622	2020-04-24 14:20:26
117.50.49.57	attackspambots	Apr 24 05:51:07 v22018086721571380 sshd[32754]: Failed password for invalid user postgres from 117.50.49.57 port 35834 ssh2	2020-04-24 13:50:44
175.123.253.105	attack	Invalid user ax from 175.123.253.105 port 59050	2020-04-24 13:46:33

最近上报的IP列表

6.25.130.3	98.231.78.216	51.158.181.213	195.159.205.88
214.145.96.142	118.72.108.115	5.62.41.148	198.108.66.69
192.119.65.179	173.95.150.192	171.97.249.124	183.179.121.46
178.212.89.128	52.53.171.233	179.110.75.102	188.225.225.227
66.70.173.61	66.249.79.47	103.81.238.12	209.85.222.195