106.13.137.67 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Apr 21 14:13:11 debian-2gb-nbg1-2 kernel: \[9730149.592650\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=106.13.137.67 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=236 ID=43467 PROTO=TCP SPT=57843 DPT=17010 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-21 22:23:47
attackbots	SSH Invalid Login	2020-04-16 07:08:38
attackspambots	Apr 10 15:38:25 mail sshd[14498]: Invalid user user from 106.13.137.67 Apr 10 15:38:25 mail sshd[14498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.137.67 Apr 10 15:38:25 mail sshd[14498]: Invalid user user from 106.13.137.67 Apr 10 15:38:27 mail sshd[14498]: Failed password for invalid user user from 106.13.137.67 port 58710 ssh2 Apr 10 15:48:53 mail sshd[15976]: Invalid user ubuntu from 106.13.137.67 ...	2020-04-11 02:34:03
attackspam	Unauthorised connection attempt detected at AUO NODE 1. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-08 16:24:35
attack	Apr 1 10:39:52 ws22vmsma01 sshd[175185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.137.67 Apr 1 10:39:52 ws22vmsma01 sshd[175185]: Failed password for invalid user wjwei from 106.13.137.67 port 48066 ssh2 ...	2020-04-01 23:44:32
attackspambots	Jan 11 14:45:03 server sshd\[20150\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.137.67 user=root Jan 11 14:45:05 server sshd\[20150\]: Failed password for root from 106.13.137.67 port 41544 ssh2 Jan 12 00:07:10 server sshd\[476\]: Invalid user giaou from 106.13.137.67 Jan 12 00:07:10 server sshd\[476\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.137.67 Jan 12 00:07:11 server sshd\[476\]: Failed password for invalid user giaou from 106.13.137.67 port 40390 ssh2 ...	2020-01-12 06:25:39
attackbots	Dec 22 07:31:04 MK-Soft-Root1 sshd[31896]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.137.67 Dec 22 07:31:06 MK-Soft-Root1 sshd[31896]: Failed password for invalid user mostar from 106.13.137.67 port 39826 ssh2 ...	2019-12-22 14:51:47
attackspam	$f2bV_matches	2019-12-18 18:31:54
attackspambots	Dec 18 05:48:13 hcbbdb sshd\[5612\]: Invalid user guynn from 106.13.137.67 Dec 18 05:48:13 hcbbdb sshd\[5612\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.137.67 Dec 18 05:48:15 hcbbdb sshd\[5612\]: Failed password for invalid user guynn from 106.13.137.67 port 47954 ssh2 Dec 18 05:53:46 hcbbdb sshd\[6288\]: Invalid user Senha-123 from 106.13.137.67 Dec 18 05:53:46 hcbbdb sshd\[6288\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.137.67	2019-12-18 14:09:33
attackspambots	2019-12-15T19:51:40.322817abusebot-2.cloudsearch.cf sshd\[24812\]: Invalid user titan from 106.13.137.67 port 33232 2019-12-15T19:51:40.328721abusebot-2.cloudsearch.cf sshd\[24812\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.137.67 2019-12-15T19:51:42.352384abusebot-2.cloudsearch.cf sshd\[24812\]: Failed password for invalid user titan from 106.13.137.67 port 33232 ssh2 2019-12-15T19:57:45.016702abusebot-2.cloudsearch.cf sshd\[24869\]: Invalid user mysql from 106.13.137.67 port 56018	2019-12-16 06:28:25
attackspam	Dec 14 13:06:15 php1 sshd\[18922\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.137.67 user=nobody Dec 14 13:06:17 php1 sshd\[18922\]: Failed password for nobody from 106.13.137.67 port 53612 ssh2 Dec 14 13:13:02 php1 sshd\[20004\]: Invalid user smmsp from 106.13.137.67 Dec 14 13:13:02 php1 sshd\[20004\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.137.67 Dec 14 13:13:04 php1 sshd\[20004\]: Failed password for invalid user smmsp from 106.13.137.67 port 53976 ssh2	2019-12-15 07:29:28
attackspam	Dec 14 10:07:37 localhost sshd\[20018\]: Invalid user coutinho from 106.13.137.67 port 56222 Dec 14 10:07:37 localhost sshd\[20018\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.137.67 Dec 14 10:07:40 localhost sshd\[20018\]: Failed password for invalid user coutinho from 106.13.137.67 port 56222 ssh2	2019-12-14 17:08:13

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.137.83	attackspam	Aug 10 10:40:50 vm0 sshd[11009]: Failed password for root from 106.13.137.83 port 48280 ssh2 ...	2020-08-10 17:37:20
106.13.137.83	attack	Aug 2 06:54:58 hosting sshd[28551]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.137.83 user=root Aug 2 06:55:00 hosting sshd[28551]: Failed password for root from 106.13.137.83 port 32792 ssh2 ...	2020-08-02 13:05:04
106.13.137.83	attackspam	Invalid user lilei from 106.13.137.83 port 40798	2020-07-31 16:40:25
106.13.137.83	attack	SSH invalid-user multiple login attempts	2020-07-15 00:49:56
106.13.137.83	attackbots	$f2bV_matches	2020-07-13 17:57:55
106.13.137.83	attackbots	Jul 12 23:57:12 vps687878 sshd\[23064\]: Failed password for invalid user kostya from 106.13.137.83 port 43794 ssh2 Jul 13 00:00:05 vps687878 sshd\[23402\]: Invalid user test from 106.13.137.83 port 58842 Jul 13 00:00:05 vps687878 sshd\[23402\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.137.83 Jul 13 00:00:06 vps687878 sshd\[23402\]: Failed password for invalid user test from 106.13.137.83 port 58842 ssh2 Jul 13 00:03:18 vps687878 sshd\[23808\]: Invalid user delphi from 106.13.137.83 port 45642 Jul 13 00:03:18 vps687878 sshd\[23808\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.137.83 ...	2020-07-13 06:43:43
106.13.137.83	attackspam	Jun 13 08:01:47 hosting sshd[28101]: Invalid user zxin10 from 106.13.137.83 port 33622 ...	2020-06-13 13:41:21
106.13.137.83	attackbotsspam	Jun 9 07:13:29 ns41 sshd[7222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.137.83	2020-06-09 13:54:54
106.13.137.83	attackbotsspam	Jun 8 05:41:56 game-panel sshd[26851]: Failed password for root from 106.13.137.83 port 44936 ssh2 Jun 8 05:43:41 game-panel sshd[26927]: Failed password for root from 106.13.137.83 port 38456 ssh2	2020-06-08 14:37:56
106.13.137.83	attackspam	Jun 1 05:27:49 prox sshd[19574]: Failed password for root from 106.13.137.83 port 56204 ssh2	2020-06-01 16:51:07
106.13.137.83	attackbots	Invalid user ify from 106.13.137.83 port 57734	2020-05-21 06:10:56
106.13.137.83	attack	Scanned 1 times in the last 24 hours on port 22	2020-05-13 08:48:43
106.13.137.241	attack	Apr 29 17:46:40 gw1 sshd[12250]: Failed password for nobody from 106.13.137.241 port 56078 ssh2 ...	2020-04-29 20:54:09
106.13.137.83	attack	Oct 2 21:27:42 fv15 sshd[5804]: Failed password for invalid user jeffchen from 106.13.137.83 port 33516 ssh2 Oct 2 21:27:42 fv15 sshd[5804]: Received disconnect from 106.13.137.83: 11: Bye Bye [preauth] Oct 2 21:44:18 fv15 sshd[21625]: Failed password for invalid user txxxxxxx from 106.13.137.83 port 55928 ssh2 Oct 2 21:44:18 fv15 sshd[21625]: Received disconnect from 106.13.137.83: 11: Bye Bye [preauth] Oct 2 21:47:34 fv15 sshd[2133]: Failed password for invalid user anca from 106.13.137.83 port 54698 ssh2 Oct 2 21:47:34 fv15 sshd[2133]: Received disconnect from 106.13.137.83: 11: Bye Bye [preauth] Oct 2 21:50:35 fv15 sshd[3066]: Failed password for invalid user reiner from 106.13.137.83 port 53468 ssh2 Oct 2 21:50:35 fv15 sshd[3066]: Received disconnect from 106.13.137.83: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.13.137.83	2019-10-03 18:34:57
106.13.137.83	attackspam	Sep 8 01:41:31 tuotantolaitos sshd[17035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.137.83 Sep 8 01:41:33 tuotantolaitos sshd[17035]: Failed password for invalid user redbot from 106.13.137.83 port 44708 ssh2 ...	2019-09-08 06:54:26

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.137.67
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50949
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.137.67.			IN	A

;; AUTHORITY SECTION:
.			334	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121400 1800 900 604800 86400

;; Query time: 411 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 14 17:08:08 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 67.137.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 67.137.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
123.20.59.43	attackbots	SSH Brute Force, server-1 sshd[21200]: Failed password for invalid user admin from 123.20.59.43 port 45143 ssh2	2019-11-20 07:07:17
222.186.175.155	attackbots	Nov 19 12:50:00 sachi sshd\[17246\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.155 user=root Nov 19 12:50:02 sachi sshd\[17246\]: Failed password for root from 222.186.175.155 port 49376 ssh2 Nov 19 12:50:18 sachi sshd\[17267\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.155 user=root Nov 19 12:50:20 sachi sshd\[17267\]: Failed password for root from 222.186.175.155 port 47084 ssh2 Nov 19 12:50:41 sachi sshd\[17288\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.155 user=root	2019-11-20 06:51:01
182.48.83.170	attackbotsspam	proto=tcp . spt=55053 . dpt=25 . (Found on Dark List de Nov 19) (654)	2019-11-20 06:36:30
47.75.172.46	attackbots	47.75.172.46 - - \[19/Nov/2019:22:12:48 +0100\] "POST /wp-login.php HTTP/1.0" 200 5707 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 47.75.172.46 - - \[19/Nov/2019:22:12:52 +0100\] "POST /wp-login.php HTTP/1.0" 200 5707 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 47.75.172.46 - - \[19/Nov/2019:22:12:54 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 802 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-20 06:44:10
69.70.65.118	attackspam	SSH Brute Force, server-1 sshd[22391]: Failed password for www-data from 69.70.65.118 port 11844 ssh2	2019-11-20 06:54:39
88.202.116.163	attackspambots	proto=tcp . spt=41943 . dpt=25 . (Found on Blocklist de Nov 19) (652)	2019-11-20 06:41:19
132.232.48.121	attack	Nov 19 22:46:15 ovpn sshd\[31962\]: Invalid user coutant from 132.232.48.121 Nov 19 22:46:15 ovpn sshd\[31962\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.48.121 Nov 19 22:46:17 ovpn sshd\[31962\]: Failed password for invalid user coutant from 132.232.48.121 port 57298 ssh2 Nov 19 22:52:58 ovpn sshd\[1195\]: Invalid user server from 132.232.48.121 Nov 19 22:52:58 ovpn sshd\[1195\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.48.121	2019-11-20 06:56:02
27.254.150.69	attackbots	SSH Brute Force, server-1 sshd[20383]: Failed password for invalid user smmsp from 27.254.150.69 port 50928 ssh2	2019-11-20 07:10:19
222.186.175.183	attackbotsspam	2019-11-19T23:36:24.605739scmdmz1 sshd\[19444\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.183 user=root 2019-11-19T23:36:26.602053scmdmz1 sshd\[19444\]: Failed password for root from 222.186.175.183 port 10490 ssh2 2019-11-19T23:36:29.614776scmdmz1 sshd\[19444\]: Failed password for root from 222.186.175.183 port 10490 ssh2 ...	2019-11-20 06:37:54
182.75.139.222	attackbotsspam	proto=tcp . spt=45151 . dpt=25 . (Found on Dark List de Nov 19) (648)	2019-11-20 06:49:26
188.166.42.50	attackspambots	Nov 19 23:20:07 relay postfix/smtpd\[18248\]: warning: unknown\[188.166.42.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 19 23:21:21 relay postfix/smtpd\[18247\]: warning: unknown\[188.166.42.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 19 23:21:54 relay postfix/smtpd\[15730\]: warning: unknown\[188.166.42.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 19 23:26:21 relay postfix/smtpd\[18247\]: warning: unknown\[188.166.42.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 19 23:35:33 relay postfix/smtpd\[18249\]: warning: unknown\[188.166.42.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-11-20 06:51:43
113.162.188.222	attackbotsspam	SSH login attempts	2019-11-20 06:59:25
222.186.190.92	attackbots	Nov 19 23:53:32 tux-35-217 sshd\[26844\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.92 user=root Nov 19 23:53:34 tux-35-217 sshd\[26844\]: Failed password for root from 222.186.190.92 port 20524 ssh2 Nov 19 23:53:37 tux-35-217 sshd\[26844\]: Failed password for root from 222.186.190.92 port 20524 ssh2 Nov 19 23:53:41 tux-35-217 sshd\[26844\]: Failed password for root from 222.186.190.92 port 20524 ssh2 ...	2019-11-20 07:02:34
92.222.78.178	attackspambots	Nov 19 23:06:39 markkoudstaal sshd[11799]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.78.178 Nov 19 23:06:41 markkoudstaal sshd[11799]: Failed password for invalid user anran from 92.222.78.178 port 51058 ssh2 Nov 19 23:10:20 markkoudstaal sshd[12225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.78.178	2019-11-20 06:55:20
106.54.95.232	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/106.54.95.232/ CN - 1H : (101) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN0 IP : 106.54.95.232 CIDR : 106.54.0.0/15 PREFIX COUNT : 50243 UNIQUE IP COUNT : 856105392 ATTACKS DETECTED ASN0 : 1H - 1 3H - 3 6H - 6 12H - 14 24H - 27 DateTime : 2019-11-19 22:40:18 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-11-20 06:56:19

最近上报的IP列表

96.49.229.165	189.52.77.150	81.28.107.43	192.222.234.118
47.106.213.104	113.172.111.186	101.196.198.23	197.57.116.246
14.190.62.90	14.166.30.178	122.180.87.201	36.82.96.190
27.75.223.34	182.61.57.103	52.196.177.91	60.120.166.153
125.83.105.208	176.53.175.29	14.186.59.175	14.232.155.113