106.13.5.140 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	23679/tcp 436/tcp 24959/tcp... [2020-04-26/06-25]6pkt,6pt.(tcp)	2020-06-25 22:49:01
attack	Apr 20 21:52:55 srv01 sshd[8728]: Invalid user zxin10 from 106.13.5.140 port 21237 Apr 20 21:52:55 srv01 sshd[8728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.5.140 Apr 20 21:52:55 srv01 sshd[8728]: Invalid user zxin10 from 106.13.5.140 port 21237 Apr 20 21:52:57 srv01 sshd[8728]: Failed password for invalid user zxin10 from 106.13.5.140 port 21237 ssh2 Apr 20 21:57:07 srv01 sshd[8977]: Invalid user git from 106.13.5.140 port 17734 ...	2020-04-21 04:46:43
attackspambots	ssh brute force	2020-04-20 18:29:10
attack	Apr 15 09:36:19 debian sshd[32495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.5.140 Apr 15 09:36:21 debian sshd[32495]: Failed password for invalid user osboxes from 106.13.5.140 port 24916 ssh2 Apr 15 09:51:30 debian sshd[32563]: Failed password for root from 106.13.5.140 port 41308 ssh2	2020-04-16 03:48:51
attackbotsspam	SSH Invalid Login	2020-04-12 07:51:06
attack	fail2ban -- 106.13.5.140 ...	2020-04-01 22:49:48
attack	Invalid user no from 106.13.5.140 port 14763	2020-03-22 04:44:07

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.56.204	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-05 05:33:41
106.13.56.204	attack	" "	2020-10-04 21:28:25
106.13.56.204	attackspambots	24241/tcp 17910/tcp 7001/tcp... [2020-08-04/10-03]22pkt,22pt.(tcp)	2020-10-04 13:15:53
106.13.50.219	attackbotsspam	Sep 3 19:47:59 lnxweb61 sshd[30349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.219	2020-09-04 03:50:33
106.13.50.219	attackspam	(sshd) Failed SSH login from 106.13.50.219 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 3 01:43:25 server sshd[13990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.219 user=root Sep 3 01:43:27 server sshd[13990]: Failed password for root from 106.13.50.219 port 49370 ssh2 Sep 3 02:00:52 server sshd[18563]: Invalid user guest from 106.13.50.219 port 50700 Sep 3 02:00:54 server sshd[18563]: Failed password for invalid user guest from 106.13.50.219 port 50700 ssh2 Sep 3 02:03:49 server sshd[19321]: Invalid user postgres from 106.13.50.219 port 56616	2020-09-03 19:25:41
106.13.50.219	attack	Aug 30 16:04:11 vpn01 sshd[30284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.219 Aug 30 16:04:13 vpn01 sshd[30284]: Failed password for invalid user jordi from 106.13.50.219 port 59596 ssh2 ...	2020-08-30 23:54:36
106.13.50.145	attack	Aug 29 16:10:12 lukav-desktop sshd\[27316\]: Invalid user user from 106.13.50.145 Aug 29 16:10:12 lukav-desktop sshd\[27316\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 Aug 29 16:10:13 lukav-desktop sshd\[27316\]: Failed password for invalid user user from 106.13.50.145 port 50782 ssh2 Aug 29 16:15:05 lukav-desktop sshd\[24216\]: Invalid user smbguest from 106.13.50.145 Aug 29 16:15:05 lukav-desktop sshd\[24216\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145	2020-08-30 01:35:18
106.13.50.145	attackbotsspam	Aug 28 03:47:35 lanister sshd[1746]: Invalid user francis from 106.13.50.145 Aug 28 03:47:37 lanister sshd[1746]: Failed password for invalid user francis from 106.13.50.145 port 56854 ssh2 Aug 28 03:49:55 lanister sshd[1811]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 user=root Aug 28 03:49:57 lanister sshd[1811]: Failed password for root from 106.13.50.145 port 51058 ssh2	2020-08-28 17:07:51
106.13.50.219	attack	SSH BruteForce Attack	2020-08-27 22:14:32
106.13.52.107	attackbots	20 attempts against mh-ssh on echoip	2020-08-26 20:28:49
106.13.50.145	attackspam	Aug 26 10:28:43 dhoomketu sshd[2669964]: Invalid user relay from 106.13.50.145 port 45712 Aug 26 10:28:43 dhoomketu sshd[2669964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 Aug 26 10:28:43 dhoomketu sshd[2669964]: Invalid user relay from 106.13.50.145 port 45712 Aug 26 10:28:45 dhoomketu sshd[2669964]: Failed password for invalid user relay from 106.13.50.145 port 45712 ssh2 Aug 26 10:31:55 dhoomketu sshd[2670037]: Invalid user eswar from 106.13.50.145 port 56230 ...	2020-08-26 13:24:05
106.13.50.145	attackspambots	Aug 25 16:56:38 fhem-rasp sshd[8571]: Invalid user hugo from 106.13.50.145 port 59826 ...	2020-08-26 03:51:41
106.13.52.107	attackspam	Aug 25 05:08:10 serwer sshd\[21470\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.107 user=root Aug 25 05:08:13 serwer sshd\[21470\]: Failed password for root from 106.13.52.107 port 40932 ssh2 Aug 25 05:15:21 serwer sshd\[28095\]: Invalid user mc from 106.13.52.107 port 34882 Aug 25 05:15:21 serwer sshd\[28095\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.107 ...	2020-08-25 21:13:36
106.13.50.145	attack	Aug 25 13:25:59 itv-usvr-01 sshd[6902]: Invalid user superman from 106.13.50.145 Aug 25 13:25:59 itv-usvr-01 sshd[6902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 Aug 25 13:25:59 itv-usvr-01 sshd[6902]: Invalid user superman from 106.13.50.145 Aug 25 13:26:01 itv-usvr-01 sshd[6902]: Failed password for invalid user superman from 106.13.50.145 port 38080 ssh2 Aug 25 13:34:37 itv-usvr-01 sshd[7235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 user=root Aug 25 13:34:38 itv-usvr-01 sshd[7235]: Failed password for root from 106.13.50.145 port 59844 ssh2	2020-08-25 16:04:57
106.13.50.145	attack	Unauthorized SSH login attempts	2020-08-23 17:21:10

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.5.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44877
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.5.140.			IN	A

;; AUTHORITY SECTION:
.			296	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032102 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 22 04:44:04 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 140.5.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 140.5.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
172.83.43.132	attack	Chat Spam	2019-10-05 02:21:52
129.146.149.185	attackbotsspam	Oct 4 20:18:53 eventyay sshd[28068]: Failed password for root from 129.146.149.185 port 42160 ssh2 Oct 4 20:22:40 eventyay sshd[28141]: Failed password for root from 129.146.149.185 port 53506 ssh2 ...	2019-10-05 02:31:49
82.144.86.160	attack	Sent mail to target address hacked/leaked from abandonia in 2016	2019-10-05 02:11:22
119.96.159.156	attackbotsspam	Automatic report - Banned IP Access	2019-10-05 02:31:04
188.221.197.147	attack	Automatic report - Port Scan Attack	2019-10-05 02:29:31
165.227.46.222	attack	Oct 4 15:56:05 dedicated sshd[20924]: Invalid user Lyon1@3 from 165.227.46.222 port 51634	2019-10-05 02:24:54
183.110.242.169	attack	Oct 4 08:19:09 localhost kernel: [3929368.650031] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=183.110.242.169 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=67 ID=30267 DF PROTO=TCP SPT=62025 DPT=25 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 4 08:19:09 localhost kernel: [3929368.650059] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=183.110.242.169 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=67 ID=30267 DF PROTO=TCP SPT=62025 DPT=25 SEQ=723188520 ACK=0 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 4 08:22:28 localhost kernel: [3929567.367114] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=183.110.242.169 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=13435 DF PROTO=TCP SPT=52443 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 4 08:22:28 localhost kernel: [3929567.367122] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=183.110.242.169 DST=[mungedIP2] LEN=40 TOS	2019-10-05 02:27:11
92.63.194.115	attackbots	firewall-block, port(s): 32854/tcp	2019-10-05 02:10:07
45.55.231.94	attack	Oct 4 04:11:19 tdfoods sshd\[28220\]: Invalid user Pharmacy2017 from 45.55.231.94 Oct 4 04:11:19 tdfoods sshd\[28220\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.231.94 Oct 4 04:11:21 tdfoods sshd\[28220\]: Failed password for invalid user Pharmacy2017 from 45.55.231.94 port 48578 ssh2 Oct 4 04:15:23 tdfoods sshd\[28548\]: Invalid user Latino@123 from 45.55.231.94 Oct 4 04:15:23 tdfoods sshd\[28548\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.231.94	2019-10-05 02:12:09
54.36.215.201	attackspam	Received: from mail.lvtg.gr (mail.lvtg.gr [54.36.215.201]) Received: from webmail.lvtg.gr (localhost.localdomain [IPv6:::1]) by mail.lvtg.gr (Postfix) with ESMTPSA id CF6294607DA; Fri, 4 Oct 2019 15:11:56 +0300 (EEST) spf=pass (sender IP is ::1) smtp.mailfrom=urvi.joshi@dhl.com smtp.helo=webmail.lvtg.gr Received-SPF: pass (mail.lvtg.gr: connection is authenticated) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=_8f9ce31836d79467080a522edd778233" Date: Fri, 04 Oct 2019 13:11:56 +0100 From: "DHL Express.1" To: sales@canford.co.uk	2019-10-05 02:36:39
43.242.75.65	attackspambots	8911/tcp 33909/tcp 3320/tcp... [2019-09-14/10-03]200pkt,75pt.(tcp)	2019-10-05 02:23:01
94.131.241.63	attack	Postfix-smtpd	2019-10-05 02:13:17
2.57.76.111	attack	5.246.298,40-03/02 [bc18/m73] concatform PostRequest-Spammer scoring: maputo01_x2b	2019-10-05 02:39:06
222.186.15.110	attackbots	Oct 4 08:21:49 sachi sshd\[22324\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.110 user=root Oct 4 08:21:51 sachi sshd\[22324\]: Failed password for root from 222.186.15.110 port 49391 ssh2 Oct 4 08:24:23 sachi sshd\[22536\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.110 user=root Oct 4 08:24:24 sachi sshd\[22536\]: Failed password for root from 222.186.15.110 port 21391 ssh2 Oct 4 08:24:26 sachi sshd\[22536\]: Failed password for root from 222.186.15.110 port 21391 ssh2	2019-10-05 02:28:51
42.200.66.164	attackspam	Oct 4 17:46:37 SilenceServices sshd[1073]: Failed password for root from 42.200.66.164 port 51014 ssh2 Oct 4 17:51:07 SilenceServices sshd[2247]: Failed password for root from 42.200.66.164 port 33746 ssh2	2019-10-05 02:19:26

最近上报的IP列表

220.31.111.9	92.6.53.249	112.105.157.8	5.227.30.87
5.142.116.87	153.216.90.73	180.123.32.208	80.118.117.231
200.231.235.198	88.130.73.130	70.37.88.103	96.65.93.32
37.89.137.205	210.234.133.136	128.204.181.108	97.138.136.28
64.122.191.52	5.142.8.192	187.228.224.116	96.21.18.169