106.13.98.128 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	SSH invalid-user multiple login attempts	2019-08-07 02:38:57

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.98.59	attack	Oct 8 19:17:23 sip sshd[9154]: Failed password for root from 106.13.98.59 port 46730 ssh2 Oct 8 19:32:44 sip sshd[13207]: Failed password for root from 106.13.98.59 port 52296 ssh2	2020-10-09 04:21:10
106.13.98.59	attackbots	Brute-force attempt banned	2020-10-08 20:29:22
106.13.98.59	attackspam	Oct 8 04:05:34 jumpserver sshd[570498]: Failed password for root from 106.13.98.59 port 52618 ssh2 Oct 8 04:09:35 jumpserver sshd[570548]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.98.59 user=root Oct 8 04:09:37 jumpserver sshd[570548]: Failed password for root from 106.13.98.59 port 54134 ssh2 ...	2020-10-08 12:26:24
106.13.98.59	attack	Oct 7 22:54:29 ip-172-31-61-156 sshd[2570]: Failed password for root from 106.13.98.59 port 43578 ssh2 Oct 7 22:57:07 ip-172-31-61-156 sshd[2748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.98.59 user=root Oct 7 22:57:08 ip-172-31-61-156 sshd[2748]: Failed password for root from 106.13.98.59 port 56908 ssh2 Oct 7 22:57:07 ip-172-31-61-156 sshd[2748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.98.59 user=root Oct 7 22:57:08 ip-172-31-61-156 sshd[2748]: Failed password for root from 106.13.98.59 port 56908 ssh2 ...	2020-10-08 07:46:43
106.13.98.132	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-30 01:41:53
106.13.98.132	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-29 17:41:32
106.13.98.132	attackspam	Sep 25 20:19:56 ns381471 sshd[5841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.98.132 Sep 25 20:19:59 ns381471 sshd[5841]: Failed password for invalid user upload from 106.13.98.132 port 41456 ssh2	2020-09-26 02:38:39
106.13.98.132	attack	Sep 25 11:43:42 vpn01 sshd[29882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.98.132 Sep 25 11:43:45 vpn01 sshd[29882]: Failed password for invalid user info from 106.13.98.132 port 49558 ssh2 ...	2020-09-25 18:23:55
106.13.98.132	attack	Jul 15 19:18:02 server sshd[27086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.98.132 Jul 15 19:18:04 server sshd[27086]: Failed password for invalid user ppp from 106.13.98.132 port 52012 ssh2 Jul 15 19:22:10 server sshd[27284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.98.132 Jul 15 19:22:11 server sshd[27284]: Failed password for invalid user opc from 106.13.98.132 port 35376 ssh2	2020-09-08 21:55:58
106.13.98.132	attackspam	Sep 7 17:44:48 ns308116 sshd[4553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.98.132 user=root Sep 7 17:44:50 ns308116 sshd[4553]: Failed password for root from 106.13.98.132 port 59402 ssh2 Sep 7 17:49:21 ns308116 sshd[6340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.98.132 user=root Sep 7 17:49:23 ns308116 sshd[6340]: Failed password for root from 106.13.98.132 port 44358 ssh2 Sep 7 17:53:39 ns308116 sshd[7975]: Invalid user zaq1xsw2 from 106.13.98.132 port 57550 ...	2020-09-08 06:19:52
106.13.98.132	attack	Sep 4 09:05:41 vps647732 sshd[20906]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.98.132 Sep 4 09:05:44 vps647732 sshd[20906]: Failed password for invalid user test5 from 106.13.98.132 port 59672 ssh2 ...	2020-09-04 20:41:45
106.13.98.132	attackbotsspam	Sep 4 00:33:24 dhoomketu sshd[2846084]: Failed password for root from 106.13.98.132 port 59148 ssh2 Sep 4 00:36:50 dhoomketu sshd[2846124]: Invalid user redmine from 106.13.98.132 port 51578 Sep 4 00:36:50 dhoomketu sshd[2846124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.98.132 Sep 4 00:36:50 dhoomketu sshd[2846124]: Invalid user redmine from 106.13.98.132 port 51578 Sep 4 00:36:52 dhoomketu sshd[2846124]: Failed password for invalid user redmine from 106.13.98.132 port 51578 ssh2 ...	2020-09-04 12:22:15
106.13.98.132	attackbotsspam	Sep 4 00:33:24 dhoomketu sshd[2846084]: Failed password for root from 106.13.98.132 port 59148 ssh2 Sep 4 00:36:50 dhoomketu sshd[2846124]: Invalid user redmine from 106.13.98.132 port 51578 Sep 4 00:36:50 dhoomketu sshd[2846124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.98.132 Sep 4 00:36:50 dhoomketu sshd[2846124]: Invalid user redmine from 106.13.98.132 port 51578 Sep 4 00:36:52 dhoomketu sshd[2846124]: Failed password for invalid user redmine from 106.13.98.132 port 51578 ssh2 ...	2020-09-04 04:53:31
106.13.98.226	attack	Aug 23 01:33:29 sso sshd[2767]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.98.226 Aug 23 01:33:31 sso sshd[2767]: Failed password for invalid user ftb from 106.13.98.226 port 51622 ssh2 ...	2020-08-23 08:23:34
106.13.98.132	attackspambots	Aug 18 23:20:22 ajax sshd[21142]: Failed password for root from 106.13.98.132 port 36648 ssh2 Aug 18 23:24:16 ajax sshd[22550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.98.132	2020-08-19 08:00:23

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.98.128
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64860
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.98.128.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 07 02:38:48 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 128.98.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 128.98.13.106.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
138.128.29.204	attack	Fail2Ban Ban Triggered Wordpress Sniffing	2020-08-31 07:35:11
139.162.79.87	attack	port scan and connect, tcp 8080 (http-proxy)	2020-08-31 07:31:51
218.92.0.207	attackbotsspam	Aug 31 01:14:54 eventyay sshd[1621]: Failed password for root from 218.92.0.207 port 21158 ssh2 Aug 31 01:15:58 eventyay sshd[1648]: Failed password for root from 218.92.0.207 port 12529 ssh2 ...	2020-08-31 07:28:27
222.186.180.147	attack	Aug 31 01:18:53 nuernberg-4g-01 sshd[13569]: Failed password for root from 222.186.180.147 port 17804 ssh2 Aug 31 01:18:56 nuernberg-4g-01 sshd[13569]: Failed password for root from 222.186.180.147 port 17804 ssh2 Aug 31 01:19:01 nuernberg-4g-01 sshd[13569]: Failed password for root from 222.186.180.147 port 17804 ssh2 Aug 31 01:19:05 nuernberg-4g-01 sshd[13569]: Failed password for root from 222.186.180.147 port 17804 ssh2	2020-08-31 07:21:40
176.88.71.168	attackbots	176.88.71.168 - - [30/Aug/2020:14:33:51 -0600] "POST /xmlrpc.php HTTP/1.1" 301 445 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36 Mozilla/5.0 (iPad; U; CPU OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B334b Safari/531.21.10" ...	2020-08-31 07:53:46
134.209.155.213	attackbots	134.209.155.213 - - [31/Aug/2020:01:06:24 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.155.213 - - [31/Aug/2020:01:06:25 +0200] "POST /wp-login.php HTTP/1.1" 200 1811 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.155.213 - - [31/Aug/2020:01:06:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.155.213 - - [31/Aug/2020:01:06:26 +0200] "POST /wp-login.php HTTP/1.1" 200 1799 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.155.213 - - [31/Aug/2020:01:06:26 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.155.213 - - [31/Aug/2020:01:06:27 +0200] "POST /wp-login.php HTTP/1.1" 200 1798 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/ ...	2020-08-31 07:36:02
219.240.99.110	attackspam	Invalid user perez from 219.240.99.110 port 58720	2020-08-31 07:46:07
68.183.82.166	attackbots	Aug 31 02:24:11 ift sshd\[4059\]: Invalid user elastic from 68.183.82.166Aug 31 02:24:13 ift sshd\[4059\]: Failed password for invalid user elastic from 68.183.82.166 port 44068 ssh2Aug 31 02:27:00 ift sshd\[4609\]: Invalid user oracle from 68.183.82.166Aug 31 02:27:02 ift sshd\[4609\]: Failed password for invalid user oracle from 68.183.82.166 port 51722 ssh2Aug 31 02:29:57 ift sshd\[4920\]: Failed password for root from 68.183.82.166 port 59378 ssh2 ...	2020-08-31 07:50:30
194.26.29.95	attackbotsspam	Multiport scan : 65 ports scanned 3074 3076 3175 3202 3280 3315 3335 3460 3483 3506 3514 3538 3601 3630 3654 3681 3755 3767 3783 3798 3883 3890 3898 3918 3984 4065 4134 4137 4177 4187 4214 4220 4391 4469 4503 4518 4564 4610 4616 4624 4655 4713 4802 4837 4881 4897 4924 4993 5025 5078 5175 5239 5316 5343 5420 5498 5506 5516 5523 5586 5719 5860 5875 5944 5953	2020-08-31 07:35:41
64.250.210.44	attackspam	2020-08-30T22:33:47+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-08-31 07:55:28
189.46.62.88	attack	$f2bV_matches	2020-08-31 07:44:19
198.23.148.137	attackbots	various attack	2020-08-31 07:32:14
217.23.10.20	attack	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-08-30T21:18:23Z and 2020-08-30T22:04:54Z	2020-08-31 07:57:10
66.79.188.23	attack	Aug 30 19:18:29 NPSTNNYC01T sshd[19855]: Failed password for root from 66.79.188.23 port 50988 ssh2 Aug 30 19:22:16 NPSTNNYC01T sshd[20289]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.79.188.23 Aug 30 19:22:18 NPSTNNYC01T sshd[20289]: Failed password for invalid user edgar from 66.79.188.23 port 45410 ssh2 ...	2020-08-31 07:49:10
119.29.191.217	attackspambots	2020-08-30T23:38:29.374732cyberdyne sshd[2360434]: Invalid user admin from 119.29.191.217 port 36254 2020-08-30T23:38:29.377488cyberdyne sshd[2360434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.191.217 2020-08-30T23:38:29.374732cyberdyne sshd[2360434]: Invalid user admin from 119.29.191.217 port 36254 2020-08-30T23:38:31.649649cyberdyne sshd[2360434]: Failed password for invalid user admin from 119.29.191.217 port 36254 ssh2 ...	2020-08-31 07:30:53

最近上报的IP列表

82.46.110.137	103.239.232.205	58.221.147.108	66.115.241.255
134.2.37.44	149.226.175.245	176.225.252.97	137.87.156.133
66.151.242.207	85.96.169.244	8.46.205.11	211.0.190.181
164.42.57.54	148.62.245.221	106.41.158.237	80.73.82.135
217.112.128.140	148.196.10.125	35.103.88.74	4.13.124.23