106.13.37.253 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 22 05:30:07 itv-usvr-01 sshd[25343]: Invalid user xiaojie from 106.13.37.253 Aug 22 05:30:07 itv-usvr-01 sshd[25343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 Aug 22 05:30:07 itv-usvr-01 sshd[25343]: Invalid user xiaojie from 106.13.37.253 Aug 22 05:30:08 itv-usvr-01 sshd[25343]: Failed password for invalid user xiaojie from 106.13.37.253 port 45878 ssh2 Aug 22 05:37:11 itv-usvr-01 sshd[25582]: Invalid user tina from 106.13.37.253	2019-08-23 12:32:30
attackspambots	Aug 2 00:14:39 localhost sshd\[58228\]: Invalid user samba from 106.13.37.253 port 54770 Aug 2 00:14:39 localhost sshd\[58228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 Aug 2 00:14:41 localhost sshd\[58228\]: Failed password for invalid user samba from 106.13.37.253 port 54770 ssh2 Aug 2 00:19:34 localhost sshd\[58350\]: Invalid user xue from 106.13.37.253 port 35258 Aug 2 00:19:34 localhost sshd\[58350\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 ...	2019-08-02 08:26:27
attackspam	Jul 29 13:36:01 lcl-usvr-01 sshd[30224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 user=root Jul 29 13:39:45 lcl-usvr-01 sshd[31790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 user=root Jul 29 13:43:50 lcl-usvr-01 sshd[824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 user=root	2019-07-29 21:10:23
attackbots	Jul 16 06:17:27 core01 sshd\[7633\]: Invalid user h from 106.13.37.253 port 40148 Jul 16 06:17:27 core01 sshd\[7633\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 ...	2019-07-16 13:23:13
attackbots	Jul 15 20:24:00 core01 sshd\[24024\]: Invalid user test from 106.13.37.253 port 55462 Jul 15 20:24:00 core01 sshd\[24024\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 ...	2019-07-16 02:34:30
attackbotsspam	Invalid user m1 from 106.13.37.253 port 42430	2019-07-13 07:08:29
attackbotsspam	Unauthorized SSH login attempts	2019-07-07 16:44:51
attackbotsspam	Invalid user william from 106.13.37.253 port 38870	2019-06-27 13:08:33
attack	Jun 25 20:27:43 nextcloud sshd\[4607\]: Invalid user guest from 106.13.37.253 Jun 25 20:27:43 nextcloud sshd\[4607\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 Jun 25 20:27:45 nextcloud sshd\[4607\]: Failed password for invalid user guest from 106.13.37.253 port 37522 ssh2 ...	2019-06-26 08:34:00

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.37.213	attackbots	Oct 9 12:01:50 OPSO sshd\[29145\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Oct 9 12:01:52 OPSO sshd\[29145\]: Failed password for root from 106.13.37.213 port 49532 ssh2 Oct 9 12:04:26 OPSO sshd\[29704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Oct 9 12:04:28 OPSO sshd\[29704\]: Failed password for root from 106.13.37.213 port 58468 ssh2 Oct 9 12:07:00 OPSO sshd\[30424\]: Invalid user ubuntu from 106.13.37.213 port 39178 Oct 9 12:07:00 OPSO sshd\[30424\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213	2020-10-10 01:39:09
106.13.37.213	attackspam	Oct 9 11:12:45 OPSO sshd\[19377\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=admin Oct 9 11:12:47 OPSO sshd\[19377\]: Failed password for admin from 106.13.37.213 port 57980 ssh2 Oct 9 11:15:40 OPSO sshd\[19956\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Oct 9 11:15:42 OPSO sshd\[19956\]: Failed password for root from 106.13.37.213 port 38694 ssh2 Oct 9 11:18:25 OPSO sshd\[20395\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root	2020-10-09 17:23:46
106.13.37.213	attack	Invalid user object from 106.13.37.213 port 60420	2020-09-18 20:07:55
106.13.37.213	attack	Scanned 3 times in the last 24 hours on port 22	2020-09-18 12:26:11
106.13.37.213	attack	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-29 16:21:39
106.13.37.213	attackspam	Aug 27 23:04:42 vmd36147 sshd[19014]: Failed password for root from 106.13.37.213 port 38454 ssh2 Aug 27 23:09:05 vmd36147 sshd[28777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 ...	2020-08-28 05:19:31
106.13.37.164	attackbotsspam	Aug 18 17:43:51 h2646465 sshd[24870]: Invalid user odoo from 106.13.37.164 Aug 18 17:43:51 h2646465 sshd[24870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 Aug 18 17:43:51 h2646465 sshd[24870]: Invalid user odoo from 106.13.37.164 Aug 18 17:43:53 h2646465 sshd[24870]: Failed password for invalid user odoo from 106.13.37.164 port 47582 ssh2 Aug 18 17:51:15 h2646465 sshd[26040]: Invalid user ftp from 106.13.37.164 Aug 18 17:51:15 h2646465 sshd[26040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 Aug 18 17:51:15 h2646465 sshd[26040]: Invalid user ftp from 106.13.37.164 Aug 18 17:51:17 h2646465 sshd[26040]: Failed password for invalid user ftp from 106.13.37.164 port 48926 ssh2 Aug 18 17:55:13 h2646465 sshd[26545]: Invalid user fotos from 106.13.37.164 ...	2020-08-19 04:19:38
106.13.37.33	attackspam	Aug 17 20:43:28 localhost sshd[90908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.33 user=root Aug 17 20:43:29 localhost sshd[90908]: Failed password for root from 106.13.37.33 port 48868 ssh2 Aug 17 20:49:26 localhost sshd[91616]: Invalid user paula from 106.13.37.33 port 59030 Aug 17 20:49:26 localhost sshd[91616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.33 Aug 17 20:49:26 localhost sshd[91616]: Invalid user paula from 106.13.37.33 port 59030 Aug 17 20:49:29 localhost sshd[91616]: Failed password for invalid user paula from 106.13.37.33 port 59030 ssh2 ...	2020-08-18 05:18:23
106.13.37.164	attackbotsspam	Aug 16 05:54:29 db sshd[21186]: User root from 106.13.37.164 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 15:02:56
106.13.37.170	attackbotsspam	Aug 14 07:54:39 * sshd[12558]: Failed password for root from 106.13.37.170 port 55092 ssh2	2020-08-14 16:44:35
106.13.37.213	attackbots	failed root login	2020-08-13 16:20:29
106.13.37.213	attackspam	Aug 11 14:44:09 mout sshd[13309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Aug 11 14:44:10 mout sshd[13309]: Failed password for root from 106.13.37.213 port 46348 ssh2 Aug 11 14:44:11 mout sshd[13309]: Disconnected from authenticating user root 106.13.37.213 port 46348 [preauth]	2020-08-12 02:29:28
106.13.37.164	attack	2020-08-09T20:17:47.028294shield sshd\[17331\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 user=root 2020-08-09T20:17:48.920564shield sshd\[17331\]: Failed password for root from 106.13.37.164 port 47396 ssh2 2020-08-09T20:22:10.903238shield sshd\[17721\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 user=root 2020-08-09T20:22:13.372388shield sshd\[17721\]: Failed password for root from 106.13.37.164 port 54034 ssh2 2020-08-09T20:26:34.208487shield sshd\[18095\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 user=root	2020-08-10 04:33:48
106.13.37.213	attackbotsspam	Aug 8 22:59:05 php1 sshd\[15356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Aug 8 22:59:07 php1 sshd\[15356\]: Failed password for root from 106.13.37.213 port 33894 ssh2 Aug 8 23:03:17 php1 sshd\[15709\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Aug 8 23:03:19 php1 sshd\[15709\]: Failed password for root from 106.13.37.213 port 50934 ssh2 Aug 8 23:07:20 php1 sshd\[16079\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root	2020-08-09 17:11:18
106.13.37.164	attackspam	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-08 08:10:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.37.253
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47572
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.37.253.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062502 1800 900 604800 86400

;; Query time: 8 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 26 08:33:54 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 253.37.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 253.37.13.106.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
66.42.43.150	attackspam	Mar 29 21:04:58 pkdns2 sshd\[21487\]: Invalid user ebd from 66.42.43.150Mar 29 21:05:00 pkdns2 sshd\[21487\]: Failed password for invalid user ebd from 66.42.43.150 port 36784 ssh2Mar 29 21:08:23 pkdns2 sshd\[21692\]: Invalid user fjseclib from 66.42.43.150Mar 29 21:08:25 pkdns2 sshd\[21692\]: Failed password for invalid user fjseclib from 66.42.43.150 port 33352 ssh2Mar 29 21:11:48 pkdns2 sshd\[21864\]: Invalid user postgres from 66.42.43.150Mar 29 21:11:50 pkdns2 sshd\[21864\]: Failed password for invalid user postgres from 66.42.43.150 port 58152 ssh2 ...	2020-03-30 02:21:17
94.199.198.137	attackspambots	SSH Brute-Forcing (server1)	2020-03-30 02:11:02
62.234.137.128	attackbotsspam	Mar 29 07:25:20 server1 sshd\[11639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.137.128 Mar 29 07:25:22 server1 sshd\[11639\]: Failed password for invalid user gih from 62.234.137.128 port 49752 ssh2 Mar 29 07:28:48 server1 sshd\[13783\]: Invalid user warlocks from 62.234.137.128 Mar 29 07:28:48 server1 sshd\[13783\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.137.128 Mar 29 07:28:50 server1 sshd\[13783\]: Failed password for invalid user warlocks from 62.234.137.128 port 33662 ssh2 ...	2020-03-30 02:05:21
134.209.160.91	attackbots	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-03-30 02:07:17
162.243.133.185	attackspambots	Port Scan detected from 162.243.133.185 (US/United States/California/San Francisco/zg-0312c-439.stretchoid.com). 4 hits in the last 245 seconds	2020-03-30 02:31:39
178.46.213.248	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-30 02:28:13
122.51.102.227	attackbots	Mar 29 14:44:12 mout sshd[12093]: Invalid user ouk from 122.51.102.227 port 55212	2020-03-30 02:30:50
49.234.47.124	attackspam	Mar 29 12:57:35 game-panel sshd[9707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.47.124 Mar 29 12:57:37 game-panel sshd[9707]: Failed password for invalid user vondra from 49.234.47.124 port 48832 ssh2 Mar 29 13:02:01 game-panel sshd[9907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.47.124	2020-03-30 02:13:00
129.211.55.6	attackbots	Mar 29 09:44:47 ws19vmsma01 sshd[106542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.55.6 Mar 29 09:44:49 ws19vmsma01 sshd[106542]: Failed password for invalid user dgm from 129.211.55.6 port 52466 ssh2 ...	2020-03-30 02:01:53
88.88.171.69	attackspam	Mar 28 14:19:57 thostnamean sshd[11987]: Invalid user user from 88.88.171.69 port 47415 Mar 28 14:19:57 thostnamean sshd[11987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.88.171.69 Mar 28 14:19:59 thostnamean sshd[11987]: Failed password for invalid user user from 88.88.171.69 port 47415 ssh2 Mar 28 14:19:59 thostnamean sshd[11987]: Received disconnect from 88.88.171.69 port 47415:11: Bye Bye [preauth] Mar 28 14:19:59 thostnamean sshd[11987]: Disconnected from invalid user user 88.88.171.69 port 47415 [preauth] Mar 28 14:33:16 thostnamean sshd[12514]: Invalid user pany from 88.88.171.69 port 57696 Mar 28 14:33:16 thostnamean sshd[12514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.88.171.69 Mar 28 14:33:17 thostnamean sshd[12514]: Failed password for invalid user pany from 88.88.171.69 port 57696 ssh2 Mar 28 14:33:18 thostnamean sshd[12514]: Received disconnect from 88.88.1........ -------------------------------	2020-03-30 02:07:51
45.55.63.183	attackspam	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-03-30 02:33:10
35.225.177.93	attack	2020-03-29T16:11:59.092191Z a924fd98062a New connection: 35.225.177.93:51384 (172.17.0.3:2222) [session: a924fd98062a] 2020-03-29T16:21:27.804934Z e24d67078b4b New connection: 35.225.177.93:52694 (172.17.0.3:2222) [session: e24d67078b4b]	2020-03-30 02:01:30
222.129.131.69	attackspam	Mar 28 13:12:27 myhostname sshd[8546]: Invalid user hedda from 222.129.131.69 Mar 28 13:12:27 myhostname sshd[8546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.129.131.69 Mar 28 13:12:30 myhostname sshd[8546]: Failed password for invalid user hedda from 222.129.131.69 port 52421 ssh2 Mar 28 13:12:30 myhostname sshd[8546]: Received disconnect from 222.129.131.69 port 52421:11: Bye Bye [preauth] Mar 28 13:12:30 myhostname sshd[8546]: Disconnected from 222.129.131.69 port 52421 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=222.129.131.69	2020-03-30 01:59:07
180.76.135.15	attack	Mar 29 15:27:59 host01 sshd[13454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.135.15 Mar 29 15:28:02 host01 sshd[13454]: Failed password for invalid user yakusa from 180.76.135.15 port 56770 ssh2 Mar 29 15:31:48 host01 sshd[14097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.135.15 ...	2020-03-30 02:03:19
198.50.177.42	attack	Mar 29 15:29:14 meumeu sshd[20189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.50.177.42 Mar 29 15:29:16 meumeu sshd[20189]: Failed password for invalid user hmr from 198.50.177.42 port 55460 ssh2 Mar 29 15:38:18 meumeu sshd[21471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.50.177.42 ...	2020-03-30 02:32:38

最近上报的IP列表

119.207.76.25	22.238.96.116	89.24.42.233	72.33.55.146
72.99.91.149	156.62.99.140	202.79.163.14	207.44.167.60
41.7.230.150	72.160.201.194	177.6.227.38	136.205.198.142
59.188.235.111	212.119.220.146	185.13.112.228	211.108.201.156
185.52.3.155	42.104.126.116	218.8.145.199	190.201.154.95