106.13.5.140 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	23679/tcp 436/tcp 24959/tcp... [2020-04-26/06-25]6pkt,6pt.(tcp)	2020-06-25 22:49:01
attack	Apr 20 21:52:55 srv01 sshd[8728]: Invalid user zxin10 from 106.13.5.140 port 21237 Apr 20 21:52:55 srv01 sshd[8728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.5.140 Apr 20 21:52:55 srv01 sshd[8728]: Invalid user zxin10 from 106.13.5.140 port 21237 Apr 20 21:52:57 srv01 sshd[8728]: Failed password for invalid user zxin10 from 106.13.5.140 port 21237 ssh2 Apr 20 21:57:07 srv01 sshd[8977]: Invalid user git from 106.13.5.140 port 17734 ...	2020-04-21 04:46:43
attackspambots	ssh brute force	2020-04-20 18:29:10
attack	Apr 15 09:36:19 debian sshd[32495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.5.140 Apr 15 09:36:21 debian sshd[32495]: Failed password for invalid user osboxes from 106.13.5.140 port 24916 ssh2 Apr 15 09:51:30 debian sshd[32563]: Failed password for root from 106.13.5.140 port 41308 ssh2	2020-04-16 03:48:51
attackbotsspam	SSH Invalid Login	2020-04-12 07:51:06
attack	fail2ban -- 106.13.5.140 ...	2020-04-01 22:49:48
attack	Invalid user no from 106.13.5.140 port 14763	2020-03-22 04:44:07

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.56.204	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-05 05:33:41
106.13.56.204	attack	" "	2020-10-04 21:28:25
106.13.56.204	attackspambots	24241/tcp 17910/tcp 7001/tcp... [2020-08-04/10-03]22pkt,22pt.(tcp)	2020-10-04 13:15:53
106.13.50.219	attackbotsspam	Sep 3 19:47:59 lnxweb61 sshd[30349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.219	2020-09-04 03:50:33
106.13.50.219	attackspam	(sshd) Failed SSH login from 106.13.50.219 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 3 01:43:25 server sshd[13990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.219 user=root Sep 3 01:43:27 server sshd[13990]: Failed password for root from 106.13.50.219 port 49370 ssh2 Sep 3 02:00:52 server sshd[18563]: Invalid user guest from 106.13.50.219 port 50700 Sep 3 02:00:54 server sshd[18563]: Failed password for invalid user guest from 106.13.50.219 port 50700 ssh2 Sep 3 02:03:49 server sshd[19321]: Invalid user postgres from 106.13.50.219 port 56616	2020-09-03 19:25:41
106.13.50.219	attack	Aug 30 16:04:11 vpn01 sshd[30284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.219 Aug 30 16:04:13 vpn01 sshd[30284]: Failed password for invalid user jordi from 106.13.50.219 port 59596 ssh2 ...	2020-08-30 23:54:36
106.13.50.145	attack	Aug 29 16:10:12 lukav-desktop sshd\[27316\]: Invalid user user from 106.13.50.145 Aug 29 16:10:12 lukav-desktop sshd\[27316\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 Aug 29 16:10:13 lukav-desktop sshd\[27316\]: Failed password for invalid user user from 106.13.50.145 port 50782 ssh2 Aug 29 16:15:05 lukav-desktop sshd\[24216\]: Invalid user smbguest from 106.13.50.145 Aug 29 16:15:05 lukav-desktop sshd\[24216\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145	2020-08-30 01:35:18
106.13.50.145	attackbotsspam	Aug 28 03:47:35 lanister sshd[1746]: Invalid user francis from 106.13.50.145 Aug 28 03:47:37 lanister sshd[1746]: Failed password for invalid user francis from 106.13.50.145 port 56854 ssh2 Aug 28 03:49:55 lanister sshd[1811]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 user=root Aug 28 03:49:57 lanister sshd[1811]: Failed password for root from 106.13.50.145 port 51058 ssh2	2020-08-28 17:07:51
106.13.50.219	attack	SSH BruteForce Attack	2020-08-27 22:14:32
106.13.52.107	attackbots	20 attempts against mh-ssh on echoip	2020-08-26 20:28:49
106.13.50.145	attackspam	Aug 26 10:28:43 dhoomketu sshd[2669964]: Invalid user relay from 106.13.50.145 port 45712 Aug 26 10:28:43 dhoomketu sshd[2669964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 Aug 26 10:28:43 dhoomketu sshd[2669964]: Invalid user relay from 106.13.50.145 port 45712 Aug 26 10:28:45 dhoomketu sshd[2669964]: Failed password for invalid user relay from 106.13.50.145 port 45712 ssh2 Aug 26 10:31:55 dhoomketu sshd[2670037]: Invalid user eswar from 106.13.50.145 port 56230 ...	2020-08-26 13:24:05
106.13.50.145	attackspambots	Aug 25 16:56:38 fhem-rasp sshd[8571]: Invalid user hugo from 106.13.50.145 port 59826 ...	2020-08-26 03:51:41
106.13.52.107	attackspam	Aug 25 05:08:10 serwer sshd\[21470\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.107 user=root Aug 25 05:08:13 serwer sshd\[21470\]: Failed password for root from 106.13.52.107 port 40932 ssh2 Aug 25 05:15:21 serwer sshd\[28095\]: Invalid user mc from 106.13.52.107 port 34882 Aug 25 05:15:21 serwer sshd\[28095\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.107 ...	2020-08-25 21:13:36
106.13.50.145	attack	Aug 25 13:25:59 itv-usvr-01 sshd[6902]: Invalid user superman from 106.13.50.145 Aug 25 13:25:59 itv-usvr-01 sshd[6902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 Aug 25 13:25:59 itv-usvr-01 sshd[6902]: Invalid user superman from 106.13.50.145 Aug 25 13:26:01 itv-usvr-01 sshd[6902]: Failed password for invalid user superman from 106.13.50.145 port 38080 ssh2 Aug 25 13:34:37 itv-usvr-01 sshd[7235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 user=root Aug 25 13:34:38 itv-usvr-01 sshd[7235]: Failed password for root from 106.13.50.145 port 59844 ssh2	2020-08-25 16:04:57
106.13.50.145	attack	Unauthorized SSH login attempts	2020-08-23 17:21:10

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.5.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44877
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.5.140.			IN	A

;; AUTHORITY SECTION:
.			296	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032102 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 22 04:44:04 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 140.5.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 140.5.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
129.213.38.54	attack	Jul 21 19:00:06 server1 sshd\[10898\]: Invalid user esg from 129.213.38.54 Jul 21 19:00:06 server1 sshd\[10898\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.38.54 Jul 21 19:00:08 server1 sshd\[10898\]: Failed password for invalid user esg from 129.213.38.54 port 50194 ssh2 Jul 21 19:03:58 server1 sshd\[11950\]: Invalid user yui from 129.213.38.54 Jul 21 19:03:58 server1 sshd\[11950\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.38.54 ...	2020-07-22 09:21:16
103.130.187.187	attackbotsspam	Jul 22 01:29:57 lukav-desktop sshd\[1143\]: Invalid user grace from 103.130.187.187 Jul 22 01:29:57 lukav-desktop sshd\[1143\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.130.187.187 Jul 22 01:29:58 lukav-desktop sshd\[1143\]: Failed password for invalid user grace from 103.130.187.187 port 50154 ssh2 Jul 22 01:34:14 lukav-desktop sshd\[1241\]: Invalid user tanya from 103.130.187.187 Jul 22 01:34:14 lukav-desktop sshd\[1241\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.130.187.187	2020-07-22 08:52:52
150.136.101.56	attackbots	Jun 30 23:15:11 server sshd[11209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.101.56 user=root Jun 30 23:15:14 server sshd[11209]: Failed password for invalid user root from 150.136.101.56 port 33888 ssh2 Jun 30 23:20:37 server sshd[11414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.101.56 Jun 30 23:20:38 server sshd[11414]: Failed password for invalid user tuan from 150.136.101.56 port 38668 ssh2	2020-07-22 08:47:18
142.44.161.132	attackspambots	Jul 9 18:19:54 server sshd[18896]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.161.132 Jul 9 18:19:56 server sshd[18896]: Failed password for invalid user sugarbroad from 142.44.161.132 port 47772 ssh2 Jul 9 18:32:39 server sshd[19436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.161.132 Jul 9 18:32:40 server sshd[19436]: Failed password for invalid user yoshimitsu from 142.44.161.132 port 52990 ssh2	2020-07-22 09:19:36
114.112.96.30	attackbots	Jun 25 08:57:50 server sshd[15058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.112.96.30 Jun 25 08:57:52 server sshd[15058]: Failed password for invalid user postgres from 114.112.96.30 port 52022 ssh2 Jun 25 09:06:15 server sshd[15822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.112.96.30 Jun 25 09:06:17 server sshd[15822]: Failed password for invalid user santiago from 114.112.96.30 port 33824 ssh2	2020-07-22 09:22:23
24.255.110.182	attackbots	Jul 22 06:45:44 itv-usvr-02 sshd[22592]: Invalid user wcp from 24.255.110.182 port 30206 Jul 22 06:45:44 itv-usvr-02 sshd[22592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.255.110.182 Jul 22 06:45:44 itv-usvr-02 sshd[22592]: Invalid user wcp from 24.255.110.182 port 30206 Jul 22 06:45:46 itv-usvr-02 sshd[22592]: Failed password for invalid user wcp from 24.255.110.182 port 30206 ssh2 Jul 22 06:50:17 itv-usvr-02 sshd[22769]: Invalid user gaowen from 24.255.110.182 port 44941	2020-07-22 09:14:09
202.21.123.185	attackbotsspam	Invalid user yhh from 202.21.123.185 port 49768	2020-07-22 09:00:11
114.27.190.149	attackbots	Honeypot attack, port: 81, PTR: 114-27-190-149.dynamic-ip.hinet.net.	2020-07-22 09:05:22
80.211.89.9	attack	$f2bV_matches	2020-07-22 08:54:31
111.74.11.86	attackbotsspam	SSH Invalid Login	2020-07-22 09:23:45
27.195.159.166	attackspam	Invalid user anonymous from 27.195.159.166 port 60287	2020-07-22 09:13:39
177.19.176.234	attack	Jun 29 07:40:30 server sshd[3084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.19.176.234 Jun 29 07:40:31 server sshd[3084]: Failed password for invalid user marcus from 177.19.176.234 port 59188 ssh2 Jun 29 07:54:58 server sshd[3586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.19.176.234 Jun 29 07:55:00 server sshd[3586]: Failed password for invalid user joanna from 177.19.176.234 port 44106 ssh2	2020-07-22 08:46:31
181.171.36.210	attack	Jul 22 00:27:45 *** sshd[20833]: Invalid user admin from 181.171.36.210	2020-07-22 09:17:15
112.5.141.233	attack	Invalid user apptest from 112.5.141.233 port 22807	2020-07-22 09:05:54
196.34.18.193	attack	Jul 22 02:41:24 hidden sshd[2145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.34.18.193 Jul 22 02:41:26 hidden sshd[2145]: Failed password for invalid user hung from 196.34.18.193 port 37738 ssh2 Jul 22 02:46:43 hidden sshd[2995]: Invalid user ts from 196.34.18.193 port 53126	2020-07-22 09:01:24

最近上报的IP列表

220.31.111.9	92.6.53.249	112.105.157.8	5.227.30.87
5.142.116.87	153.216.90.73	180.123.32.208	80.118.117.231
200.231.235.198	88.130.73.130	70.37.88.103	96.65.93.32
37.89.137.205	210.234.133.136	128.204.181.108	97.138.136.28
64.122.191.52	5.142.8.192	187.228.224.116	96.21.18.169