106.13.37.221 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 26 19:33:44 friendsofhawaii sshd\[32397\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.221 user=root Oct 26 19:33:46 friendsofhawaii sshd\[32397\]: Failed password for root from 106.13.37.221 port 48326 ssh2 Oct 26 19:38:35 friendsofhawaii sshd\[332\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.221 user=root Oct 26 19:38:38 friendsofhawaii sshd\[332\]: Failed password for root from 106.13.37.221 port 56148 ssh2 Oct 26 19:43:34 friendsofhawaii sshd\[922\]: Invalid user admin from 106.13.37.221 Oct 26 19:43:34 friendsofhawaii sshd\[922\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.221	2019-10-27 18:55:12
attack	Oct 25 05:42:33 apollo sshd\[4269\]: Invalid user pc from 106.13.37.221Oct 25 05:42:35 apollo sshd\[4269\]: Failed password for invalid user pc from 106.13.37.221 port 34414 ssh2Oct 25 05:53:24 apollo sshd\[4298\]: Failed password for root from 106.13.37.221 port 47652 ssh2 ...	2019-10-25 15:20:12

类型

评论内容

时间

attack

Oct 26 19:33:44 friendsofhawaii sshd\[32397\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.221  user=root
Oct 26 19:33:46 friendsofhawaii sshd\[32397\]: Failed password for root from 106.13.37.221 port 48326 ssh2
Oct 26 19:38:35 friendsofhawaii sshd\[332\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.221  user=root
Oct 26 19:38:38 friendsofhawaii sshd\[332\]: Failed password for root from 106.13.37.221 port 56148 ssh2
Oct 26 19:43:34 friendsofhawaii sshd\[922\]: Invalid user admin from 106.13.37.221
Oct 26 19:43:34 friendsofhawaii sshd\[922\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.221

2019-10-27 18:55:12

attack

Oct 25 05:42:33 apollo sshd\[4269\]: Invalid user pc from 106.13.37.221Oct 25 05:42:35 apollo sshd\[4269\]: Failed password for invalid user pc from 106.13.37.221 port 34414 ssh2Oct 25 05:53:24 apollo sshd\[4298\]: Failed password for root from 106.13.37.221 port 47652 ssh2
...

2019-10-25 15:20:12

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.37.213	attackbots	Oct 9 12:01:50 OPSO sshd\[29145\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Oct 9 12:01:52 OPSO sshd\[29145\]: Failed password for root from 106.13.37.213 port 49532 ssh2 Oct 9 12:04:26 OPSO sshd\[29704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Oct 9 12:04:28 OPSO sshd\[29704\]: Failed password for root from 106.13.37.213 port 58468 ssh2 Oct 9 12:07:00 OPSO sshd\[30424\]: Invalid user ubuntu from 106.13.37.213 port 39178 Oct 9 12:07:00 OPSO sshd\[30424\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213	2020-10-10 01:39:09
106.13.37.213	attackspam	Oct 9 11:12:45 OPSO sshd\[19377\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=admin Oct 9 11:12:47 OPSO sshd\[19377\]: Failed password for admin from 106.13.37.213 port 57980 ssh2 Oct 9 11:15:40 OPSO sshd\[19956\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Oct 9 11:15:42 OPSO sshd\[19956\]: Failed password for root from 106.13.37.213 port 38694 ssh2 Oct 9 11:18:25 OPSO sshd\[20395\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root	2020-10-09 17:23:46
106.13.37.213	attack	Invalid user object from 106.13.37.213 port 60420	2020-09-18 20:07:55
106.13.37.213	attack	Scanned 3 times in the last 24 hours on port 22	2020-09-18 12:26:11
106.13.37.213	attack	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-29 16:21:39
106.13.37.213	attackspam	Aug 27 23:04:42 vmd36147 sshd[19014]: Failed password for root from 106.13.37.213 port 38454 ssh2 Aug 27 23:09:05 vmd36147 sshd[28777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 ...	2020-08-28 05:19:31
106.13.37.164	attackbotsspam	Aug 18 17:43:51 h2646465 sshd[24870]: Invalid user odoo from 106.13.37.164 Aug 18 17:43:51 h2646465 sshd[24870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 Aug 18 17:43:51 h2646465 sshd[24870]: Invalid user odoo from 106.13.37.164 Aug 18 17:43:53 h2646465 sshd[24870]: Failed password for invalid user odoo from 106.13.37.164 port 47582 ssh2 Aug 18 17:51:15 h2646465 sshd[26040]: Invalid user ftp from 106.13.37.164 Aug 18 17:51:15 h2646465 sshd[26040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 Aug 18 17:51:15 h2646465 sshd[26040]: Invalid user ftp from 106.13.37.164 Aug 18 17:51:17 h2646465 sshd[26040]: Failed password for invalid user ftp from 106.13.37.164 port 48926 ssh2 Aug 18 17:55:13 h2646465 sshd[26545]: Invalid user fotos from 106.13.37.164 ...	2020-08-19 04:19:38
106.13.37.33	attackspam	Aug 17 20:43:28 localhost sshd[90908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.33 user=root Aug 17 20:43:29 localhost sshd[90908]: Failed password for root from 106.13.37.33 port 48868 ssh2 Aug 17 20:49:26 localhost sshd[91616]: Invalid user paula from 106.13.37.33 port 59030 Aug 17 20:49:26 localhost sshd[91616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.33 Aug 17 20:49:26 localhost sshd[91616]: Invalid user paula from 106.13.37.33 port 59030 Aug 17 20:49:29 localhost sshd[91616]: Failed password for invalid user paula from 106.13.37.33 port 59030 ssh2 ...	2020-08-18 05:18:23
106.13.37.164	attackbotsspam	Aug 16 05:54:29 db sshd[21186]: User root from 106.13.37.164 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 15:02:56
106.13.37.170	attackbotsspam	Aug 14 07:54:39 * sshd[12558]: Failed password for root from 106.13.37.170 port 55092 ssh2	2020-08-14 16:44:35
106.13.37.213	attackbots	failed root login	2020-08-13 16:20:29
106.13.37.213	attackspam	Aug 11 14:44:09 mout sshd[13309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Aug 11 14:44:10 mout sshd[13309]: Failed password for root from 106.13.37.213 port 46348 ssh2 Aug 11 14:44:11 mout sshd[13309]: Disconnected from authenticating user root 106.13.37.213 port 46348 [preauth]	2020-08-12 02:29:28
106.13.37.164	attack	2020-08-09T20:17:47.028294shield sshd\[17331\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 user=root 2020-08-09T20:17:48.920564shield sshd\[17331\]: Failed password for root from 106.13.37.164 port 47396 ssh2 2020-08-09T20:22:10.903238shield sshd\[17721\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 user=root 2020-08-09T20:22:13.372388shield sshd\[17721\]: Failed password for root from 106.13.37.164 port 54034 ssh2 2020-08-09T20:26:34.208487shield sshd\[18095\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 user=root	2020-08-10 04:33:48
106.13.37.213	attackbotsspam	Aug 8 22:59:05 php1 sshd\[15356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Aug 8 22:59:07 php1 sshd\[15356\]: Failed password for root from 106.13.37.213 port 33894 ssh2 Aug 8 23:03:17 php1 sshd\[15709\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Aug 8 23:03:19 php1 sshd\[15709\]: Failed password for root from 106.13.37.213 port 50934 ssh2 Aug 8 23:07:20 php1 sshd\[16079\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root	2020-08-09 17:11:18
106.13.37.164	attackspam	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-08 08:10:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.37.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49340
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.37.221.			IN	A

;; AUTHORITY SECTION:
.			118	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102500 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 25 15:20:09 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 221.37.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 221.37.13.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
178.46.128.103	attackspambots	Dovecot Invalid User Login Attempt.	2020-04-28 00:51:50
185.200.118.69	attack	tried openvpn connection	2020-04-28 00:52:05
106.12.13.247	attackbots	21 attempts against mh-ssh on echoip	2020-04-28 00:44:00
51.91.212.81	attack	Unauthorized connection attempt detected from IP address 51.91.212.81 to port 8088	2020-04-28 00:26:12
211.215.194.98	attackbots	Apr 27 17:44:12 mail sshd[29608]: Invalid user ftpuser from 211.215.194.98 Apr 27 17:44:12 mail sshd[29608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.215.194.98 Apr 27 17:44:12 mail sshd[29608]: Invalid user ftpuser from 211.215.194.98 Apr 27 17:44:14 mail sshd[29608]: Failed password for invalid user ftpuser from 211.215.194.98 port 52040 ssh2 Apr 27 17:49:46 mail sshd[30206]: Invalid user git from 211.215.194.98 ...	2020-04-28 00:25:26
142.93.216.68	attackspam	Apr 27 17:09:51 vmd26974 sshd[27794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.68 Apr 27 17:09:53 vmd26974 sshd[27794]: Failed password for invalid user sean from 142.93.216.68 port 38080 ssh2 ...	2020-04-28 01:05:39
178.62.0.138	attackspambots	$f2bV_matches	2020-04-28 00:29:53
104.192.6.17	attack	SSH brutforce	2020-04-28 01:04:15
113.52.139.131	attackspam	Time: Mon Apr 27 09:52:02 2020 -0300 IP: 113.52.139.131 (KR/South Korea/-) Failures: 15 (ftpd) Interval: 3600 seconds Blocked: Permanent Block	2020-04-28 00:52:32
2.81.27.170	attackbotsspam	Automatic report - Port Scan Attack	2020-04-28 00:45:02
196.196.39.76	attackspambots	Unauthorized access detected from black listed ip!	2020-04-28 00:57:07
14.169.212.238	attack	20/4/27@07:52:53: FAIL: Alarm-Network address from=14.169.212.238 ...	2020-04-28 01:01:38
178.128.72.80	attackspam	2020-04-27T14:55:53.976125Z 4585832fdd64 New connection: 178.128.72.80:36374 (172.17.0.5:2222) [session: 4585832fdd64] 2020-04-27T15:00:47.399866Z a9828583f45b New connection: 178.128.72.80:58272 (172.17.0.5:2222) [session: a9828583f45b]	2020-04-28 00:50:27
183.88.234.110	attackbotsspam	Dovecot Invalid User Login Attempt.	2020-04-28 00:52:20
47.43.26.138	spam	DEAR VALUED MEMBER, Your account is currently under security review, you won't be able to use your account until you complete Your access verification process. This is part of our security measure to keep our customers safe and secure Continue your verification process by following below	2020-04-28 00:28:13

最近上报的IP列表

88.210.29.9	36.79.240.115	220.202.74.217	122.136.136.31
132.196.69.0	250.129.153.33	58.152.44.139	108.19.254.109
3.213.147.50	70.26.122.164	232.229.97.206	167.150.57.134
117.126.116.161	197.108.204.207	192.170.26.35	116.119.94.187
212.198.137.138	118.69.54.7	191.151.223.84	105.247.230.220