106.13.4.150 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Jan 1 00:02:29 srv-ubuntu-dev3 sshd[101129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150 user=root Jan 1 00:02:32 srv-ubuntu-dev3 sshd[101129]: Failed password for root from 106.13.4.150 port 33735 ssh2 Jan 1 00:05:40 srv-ubuntu-dev3 sshd[101331]: Invalid user kim from 106.13.4.150 Jan 1 00:05:40 srv-ubuntu-dev3 sshd[101331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150 Jan 1 00:05:40 srv-ubuntu-dev3 sshd[101331]: Invalid user kim from 106.13.4.150 Jan 1 00:05:42 srv-ubuntu-dev3 sshd[101331]: Failed password for invalid user kim from 106.13.4.150 port 55237 ssh2 Jan 1 00:08:52 srv-ubuntu-dev3 sshd[101630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150 user=uucp Jan 1 00:08:55 srv-ubuntu-dev3 sshd[101630]: Failed password for uucp from 106.13.4.150 port 20200 ssh2 Jan 1 00:12:05 srv-ubuntu-dev3 sshd[102063]: In ...	2020-01-01 09:12:47
attackspam	Dec 20 05:32:05 php1 sshd\[10623\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150 user=root Dec 20 05:32:07 php1 sshd\[10623\]: Failed password for root from 106.13.4.150 port 23936 ssh2 Dec 20 05:37:43 php1 sshd\[11283\]: Invalid user betje from 106.13.4.150 Dec 20 05:37:43 php1 sshd\[11283\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150 Dec 20 05:37:46 php1 sshd\[11283\]: Failed password for invalid user betje from 106.13.4.150 port 60752 ssh2	2019-12-21 04:27:06
attackspambots	SSH invalid-user multiple login try	2019-12-06 19:48:57
attackspam	Nov 28 12:24:16 ovpn sshd\[20781\]: Invalid user tomao from 106.13.4.150 Nov 28 12:24:16 ovpn sshd\[20781\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150 Nov 28 12:24:18 ovpn sshd\[20781\]: Failed password for invalid user tomao from 106.13.4.150 port 11822 ssh2 Nov 28 12:37:18 ovpn sshd\[23949\]: Invalid user smith from 106.13.4.150 Nov 28 12:37:18 ovpn sshd\[23949\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150	2019-11-28 20:08:55
attack	Triggered by Fail2Ban at Vostok web server	2019-11-12 22:17:23
attackspam	Nov 11 09:30:13 pornomens sshd\[31384\]: Invalid user aries from 106.13.4.150 port 47525 Nov 11 09:30:13 pornomens sshd\[31384\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150 Nov 11 09:30:15 pornomens sshd\[31384\]: Failed password for invalid user aries from 106.13.4.150 port 47525 ssh2 ...	2019-11-11 17:12:28
attackbotsspam	Oct 23 16:09:53 vps647732 sshd[2874]: Failed password for root from 106.13.4.150 port 47282 ssh2 ...	2019-10-23 23:54:26
attack	2019-10-13 17:33:50,287 fail2ban.actions [843]: NOTICE [sshd] Ban 106.13.4.150 2019-10-13 20:44:41,330 fail2ban.actions [843]: NOTICE [sshd] Ban 106.13.4.150 2019-10-13 23:53:58,553 fail2ban.actions [843]: NOTICE [sshd] Ban 106.13.4.150 ...	2019-10-14 15:02:51
attackbots	Oct 12 22:42:19 auw2 sshd\[18963\]: Invalid user abc!@ from 106.13.4.150 Oct 12 22:42:19 auw2 sshd\[18963\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150 Oct 12 22:42:21 auw2 sshd\[18963\]: Failed password for invalid user abc!@ from 106.13.4.150 port 15444 ssh2 Oct 12 22:47:17 auw2 sshd\[19453\]: Invalid user Hospital@2017 from 106.13.4.150 Oct 12 22:47:17 auw2 sshd\[19453\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150	2019-10-13 17:58:25
attackbots	Oct 8 00:42:01 xtremcommunity sshd\[301285\]: Invalid user Asd!@\# from 106.13.4.150 port 10362 Oct 8 00:42:01 xtremcommunity sshd\[301285\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150 Oct 8 00:42:03 xtremcommunity sshd\[301285\]: Failed password for invalid user Asd!@\# from 106.13.4.150 port 10362 ssh2 Oct 8 00:46:07 xtremcommunity sshd\[301397\]: Invalid user Asd!@\# from 106.13.4.150 port 43862 Oct 8 00:46:07 xtremcommunity sshd\[301397\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150 ...	2019-10-08 16:51:51
attack	Fail2Ban Ban Triggered	2019-09-29 08:51:41
attack	Sep 23 18:40:51 anodpoucpklekan sshd[101002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150 user=root Sep 23 18:40:54 anodpoucpklekan sshd[101002]: Failed password for root from 106.13.4.150 port 62238 ssh2 ...	2019-09-24 04:21:21
attackbotsspam	Sep 3 03:16:10 ip-172-31-1-72 sshd\[30168\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150 user=root Sep 3 03:16:11 ip-172-31-1-72 sshd\[30168\]: Failed password for root from 106.13.4.150 port 12818 ssh2 Sep 3 03:19:24 ip-172-31-1-72 sshd\[30209\]: Invalid user billy from 106.13.4.150 Sep 3 03:19:24 ip-172-31-1-72 sshd\[30209\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150 Sep 3 03:19:25 ip-172-31-1-72 sshd\[30209\]: Failed password for invalid user billy from 106.13.4.150 port 36578 ssh2	2019-09-03 15:12:59
attackspam	Aug 15 14:20:23 localhost sshd\[14425\]: Invalid user dns from 106.13.4.150 port 42741 Aug 15 14:20:23 localhost sshd\[14425\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150 Aug 15 14:20:26 localhost sshd\[14425\]: Failed password for invalid user dns from 106.13.4.150 port 42741 ssh2 Aug 15 14:24:30 localhost sshd\[14565\]: Invalid user student05 from 106.13.4.150 port 12314 Aug 15 14:24:30 localhost sshd\[14565\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150 ...	2019-08-16 01:20:31
attackbots	Aug 13 13:14:40 mail sshd\[10869\]: Failed password for invalid user tweety from 106.13.4.150 port 29530 ssh2 Aug 13 13:31:38 mail sshd\[11359\]: Invalid user harold from 106.13.4.150 port 24722 Aug 13 13:31:38 mail sshd\[11359\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150 ...	2019-08-14 01:34:15
attackbotsspam	Automatic report - Banned IP Access	2019-08-02 07:18:30
attackbots	03.07.2019 13:15:21 SSH access blocked by firewall	2019-07-04 04:13:37
attack	Failed password for invalid user bitrix from 106.13.4.150 port 55871 ssh2 Invalid user jiong from 106.13.4.150 port 13784 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150 Failed password for invalid user jiong from 106.13.4.150 port 13784 ssh2 Invalid user deploy from 106.13.4.150 port 28194 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.4.150	2019-07-03 05:30:47

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.46.123	attackspam	Oct 12 17:40:14 buvik sshd[7813]: Failed password for invalid user velarde from 106.13.46.123 port 54450 ssh2 Oct 12 17:44:39 buvik sshd[8406]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.46.123 user=root Oct 12 17:44:41 buvik sshd[8406]: Failed password for root from 106.13.46.123 port 44970 ssh2 ...	2020-10-12 23:48:43
106.13.4.132	attackbots	2020-10-12T13:35:54+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-10-12 22:34:30
106.13.46.123	attack	Repeated brute force against a port	2020-10-12 15:13:26
106.13.4.132	attackbotsspam	$f2bV_matches	2020-10-12 14:01:58
106.13.42.140	attack	Oct 11 22:12:43 ip-172-31-16-56 sshd\[26755\]: Invalid user ion from 106.13.42.140\ Oct 11 22:12:45 ip-172-31-16-56 sshd\[26755\]: Failed password for invalid user ion from 106.13.42.140 port 59816 ssh2\ Oct 11 22:15:55 ip-172-31-16-56 sshd\[26810\]: Invalid user oracle from 106.13.42.140\ Oct 11 22:15:57 ip-172-31-16-56 sshd\[26810\]: Failed password for invalid user oracle from 106.13.42.140 port 57116 ssh2\ Oct 11 22:19:12 ip-172-31-16-56 sshd\[26875\]: Invalid user jjonglee from 106.13.42.140\	2020-10-12 07:26:45
106.13.42.140	attack	Oct 11 15:24:05 serwer sshd\[24282\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.140 user=root Oct 11 15:24:08 serwer sshd\[24282\]: Failed password for root from 106.13.42.140 port 35530 ssh2 Oct 11 15:29:06 serwer sshd\[24929\]: Invalid user ellen from 106.13.42.140 port 58314 Oct 11 15:29:06 serwer sshd\[24929\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.140 ...	2020-10-11 23:41:38
106.13.42.140	attackbots	leo_www	2020-10-11 15:40:49
106.13.42.140	attack	5x Failed Password	2020-10-11 08:58:30
106.13.41.87	attack	2020-10-10T21:33:05.633586hostname sshd[29936]: Failed password for invalid user ark from 106.13.41.87 port 39526 ssh2 2020-10-10T21:36:13.475247hostname sshd[31217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.87 user=root 2020-10-10T21:36:15.718396hostname sshd[31217]: Failed password for root from 106.13.41.87 port 38682 ssh2 ...	2020-10-10 23:09:58
106.13.41.87	attackspam	$f2bV_matches	2020-10-10 15:00:24
106.13.48.9	attackbotsspam	Oct 8 21:59:31 hidden sshd[4418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.9 Oct 8 21:59:33 hidden sshd[4418]: Failed password for invalid user kevin from 106.13.48.9 port 40514 ssh2 Oct 8 22:16:27 hidden sshd[11400]: Invalid user info from 106.13.48.9 port 38028	2020-10-10 04:46:19
106.13.48.9	attack	SSH bruteforce	2020-10-09 20:45:22
106.13.48.9	attackspam	2020-10-09T04:48:40+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-10-09 12:31:36
106.13.47.78	attackbots	2020-10-07T18:58:06.178811abusebot-4.cloudsearch.cf sshd[29305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.47.78 user=root 2020-10-07T18:58:07.888553abusebot-4.cloudsearch.cf sshd[29305]: Failed password for root from 106.13.47.78 port 59938 ssh2 2020-10-07T19:00:56.752007abusebot-4.cloudsearch.cf sshd[29323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.47.78 user=root 2020-10-07T19:00:58.466828abusebot-4.cloudsearch.cf sshd[29323]: Failed password for root from 106.13.47.78 port 41708 ssh2 2020-10-07T19:03:53.790334abusebot-4.cloudsearch.cf sshd[29440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.47.78 user=root 2020-10-07T19:03:56.135880abusebot-4.cloudsearch.cf sshd[29440]: Failed password for root from 106.13.47.78 port 51712 ssh2 2020-10-07T19:06:14.010121abusebot-4.cloudsearch.cf sshd[29458]: pam_unix(sshd:auth): authenticat ...	2020-10-08 03:31:04
106.13.47.78	attackspambots	5x Failed Password	2020-10-07 19:46:55

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.4.150
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6274
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.4.150.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040501 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 06 11:39:19 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 150.4.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.3, trying next server
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 150.4.13.106.in-addr.arpa: SERVFAIL

IP	类型	评论内容	时间
104.41.42.132	attackspam	Jun 29 15:55:19 haigwepa sshd[25881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.41.42.132 Jun 29 15:55:20 haigwepa sshd[25881]: Failed password for invalid user liferay from 104.41.42.132 port 36870 ssh2 ...	2020-07-02 08:58:35
51.15.118.114	attackbotsspam	SSH Login Bruteforce	2020-07-02 09:12:02
20.42.108.88	attackspam	Automatic report - XMLRPC Attack	2020-07-02 09:02:32
37.49.230.133	attack	Jul 1 05:43:25 server sshd[10259]: Failed password for root from 37.49.230.133 port 41920 ssh2 Jul 1 05:43:52 server sshd[10610]: Failed password for root from 37.49.230.133 port 43526 ssh2 Jul 1 05:44:17 server sshd[11137]: Failed password for root from 37.49.230.133 port 44696 ssh2	2020-07-02 09:02:08
190.145.224.18	attack	Jun 30 20:53:46 vpn01 sshd[20053]: Failed password for root from 190.145.224.18 port 37308 ssh2 ...	2020-07-02 08:50:43
185.143.75.81	attack	IP 地址 [185.143.75.81] 在 90 分钟内尝试登录 XXXX 上运行的 AutoBlock 时失败 3 次。此 IP 地址已在 Thu Jul 2 16:11:34 2020 被封锁。	2020-07-02 16:22:42
200.143.184.150	attackproxy	Last failed login: Wed Jul 1 14:05:29 CEST 2020 from 200.143.184.150 on ssh:notty There were 3 failed login attempts since the last successful login.	2020-07-03 15:00:18
174.253.160.207	attack	Here's that wish they still had the 9	2020-07-03 09:32:05
61.148.90.118	attackbotsspam	Jul 1 01:07:19 nextcloud sshd\[10711\]: Invalid user tt from 61.148.90.118 Jul 1 01:07:19 nextcloud sshd\[10711\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.148.90.118 Jul 1 01:07:21 nextcloud sshd\[10711\]: Failed password for invalid user tt from 61.148.90.118 port 48725 ssh2	2020-07-02 09:19:46
186.216.64.173	attackbotsspam	Jun 27 13:16:58 mail.srvfarm.net postfix/smtpd[3357110]: warning: unknown[186.216.64.173]: SASL PLAIN authentication failed: Jun 27 13:16:58 mail.srvfarm.net postfix/smtpd[3357110]: lost connection after AUTH from unknown[186.216.64.173] Jun 27 13:19:01 mail.srvfarm.net postfix/smtps/smtpd[3357184]: warning: unknown[186.216.64.173]: SASL PLAIN authentication failed: Jun 27 13:19:01 mail.srvfarm.net postfix/smtps/smtpd[3357184]: lost connection after AUTH from unknown[186.216.64.173] Jun 27 13:21:30 mail.srvfarm.net postfix/smtpd[3357237]: warning: unknown[186.216.64.173]: SASL PLAIN authentication failed:	2020-07-02 09:21:59
185.39.11.32	attackbotsspam	06/30/2020-23:38:57.326158 185.39.11.32 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-07-02 09:12:30
92.223.89.6	attack	0,09-02/02 [bc03/m32] PostRequest-Spammer scoring: Durban01	2020-07-02 09:10:53
31.167.4.89	attackspambots	Port probing on unauthorized port 445	2020-07-02 08:54:18
185.143.72.25	attackbotsspam	2020-07-01T06:10:48.343454www postfix/smtpd[8889]: warning: unknown[185.143.72.25]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-07-01T06:11:45.307227www postfix/smtpd[8889]: warning: unknown[185.143.72.25]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-07-01T06:12:40.007966www postfix/smtpd[8912]: warning: unknown[185.143.72.25]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-02 09:22:13
159.203.102.122	attack	firewall-block, port(s): 11080/tcp	2020-07-02 09:08:37

最近上报的IP列表

128.199.209.6	128.199.147.106	60.11.113.164	222.128.93.67
118.126.104.151	198.27.69.219	14.145.38.196	183.203.215.34
89.35.39.78	203.186.85.210	107.170.238.245	184.105.139.108
149.129.99.116	74.82.47.62	37.49.225.236	84.91.128.47
41.208.222.165	125.47.98.159	178.47.214.65	154.216.245.67