106.13.37.253 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 22 05:30:07 itv-usvr-01 sshd[25343]: Invalid user xiaojie from 106.13.37.253 Aug 22 05:30:07 itv-usvr-01 sshd[25343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 Aug 22 05:30:07 itv-usvr-01 sshd[25343]: Invalid user xiaojie from 106.13.37.253 Aug 22 05:30:08 itv-usvr-01 sshd[25343]: Failed password for invalid user xiaojie from 106.13.37.253 port 45878 ssh2 Aug 22 05:37:11 itv-usvr-01 sshd[25582]: Invalid user tina from 106.13.37.253	2019-08-23 12:32:30
attackspambots	Aug 2 00:14:39 localhost sshd\[58228\]: Invalid user samba from 106.13.37.253 port 54770 Aug 2 00:14:39 localhost sshd\[58228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 Aug 2 00:14:41 localhost sshd\[58228\]: Failed password for invalid user samba from 106.13.37.253 port 54770 ssh2 Aug 2 00:19:34 localhost sshd\[58350\]: Invalid user xue from 106.13.37.253 port 35258 Aug 2 00:19:34 localhost sshd\[58350\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 ...	2019-08-02 08:26:27
attackspam	Jul 29 13:36:01 lcl-usvr-01 sshd[30224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 user=root Jul 29 13:39:45 lcl-usvr-01 sshd[31790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 user=root Jul 29 13:43:50 lcl-usvr-01 sshd[824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 user=root	2019-07-29 21:10:23
attackbots	Jul 16 06:17:27 core01 sshd\[7633\]: Invalid user h from 106.13.37.253 port 40148 Jul 16 06:17:27 core01 sshd\[7633\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 ...	2019-07-16 13:23:13
attackbots	Jul 15 20:24:00 core01 sshd\[24024\]: Invalid user test from 106.13.37.253 port 55462 Jul 15 20:24:00 core01 sshd\[24024\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 ...	2019-07-16 02:34:30
attackbotsspam	Invalid user m1 from 106.13.37.253 port 42430	2019-07-13 07:08:29
attackbotsspam	Unauthorized SSH login attempts	2019-07-07 16:44:51
attackbotsspam	Invalid user william from 106.13.37.253 port 38870	2019-06-27 13:08:33
attack	Jun 25 20:27:43 nextcloud sshd\[4607\]: Invalid user guest from 106.13.37.253 Jun 25 20:27:43 nextcloud sshd\[4607\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 Jun 25 20:27:45 nextcloud sshd\[4607\]: Failed password for invalid user guest from 106.13.37.253 port 37522 ssh2 ...	2019-06-26 08:34:00

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.37.213	attackbots	Oct 9 12:01:50 OPSO sshd\[29145\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Oct 9 12:01:52 OPSO sshd\[29145\]: Failed password for root from 106.13.37.213 port 49532 ssh2 Oct 9 12:04:26 OPSO sshd\[29704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Oct 9 12:04:28 OPSO sshd\[29704\]: Failed password for root from 106.13.37.213 port 58468 ssh2 Oct 9 12:07:00 OPSO sshd\[30424\]: Invalid user ubuntu from 106.13.37.213 port 39178 Oct 9 12:07:00 OPSO sshd\[30424\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213	2020-10-10 01:39:09
106.13.37.213	attackspam	Oct 9 11:12:45 OPSO sshd\[19377\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=admin Oct 9 11:12:47 OPSO sshd\[19377\]: Failed password for admin from 106.13.37.213 port 57980 ssh2 Oct 9 11:15:40 OPSO sshd\[19956\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Oct 9 11:15:42 OPSO sshd\[19956\]: Failed password for root from 106.13.37.213 port 38694 ssh2 Oct 9 11:18:25 OPSO sshd\[20395\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root	2020-10-09 17:23:46
106.13.37.213	attack	Invalid user object from 106.13.37.213 port 60420	2020-09-18 20:07:55
106.13.37.213	attack	Scanned 3 times in the last 24 hours on port 22	2020-09-18 12:26:11
106.13.37.213	attack	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-29 16:21:39
106.13.37.213	attackspam	Aug 27 23:04:42 vmd36147 sshd[19014]: Failed password for root from 106.13.37.213 port 38454 ssh2 Aug 27 23:09:05 vmd36147 sshd[28777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 ...	2020-08-28 05:19:31
106.13.37.164	attackbotsspam	Aug 18 17:43:51 h2646465 sshd[24870]: Invalid user odoo from 106.13.37.164 Aug 18 17:43:51 h2646465 sshd[24870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 Aug 18 17:43:51 h2646465 sshd[24870]: Invalid user odoo from 106.13.37.164 Aug 18 17:43:53 h2646465 sshd[24870]: Failed password for invalid user odoo from 106.13.37.164 port 47582 ssh2 Aug 18 17:51:15 h2646465 sshd[26040]: Invalid user ftp from 106.13.37.164 Aug 18 17:51:15 h2646465 sshd[26040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 Aug 18 17:51:15 h2646465 sshd[26040]: Invalid user ftp from 106.13.37.164 Aug 18 17:51:17 h2646465 sshd[26040]: Failed password for invalid user ftp from 106.13.37.164 port 48926 ssh2 Aug 18 17:55:13 h2646465 sshd[26545]: Invalid user fotos from 106.13.37.164 ...	2020-08-19 04:19:38
106.13.37.33	attackspam	Aug 17 20:43:28 localhost sshd[90908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.33 user=root Aug 17 20:43:29 localhost sshd[90908]: Failed password for root from 106.13.37.33 port 48868 ssh2 Aug 17 20:49:26 localhost sshd[91616]: Invalid user paula from 106.13.37.33 port 59030 Aug 17 20:49:26 localhost sshd[91616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.33 Aug 17 20:49:26 localhost sshd[91616]: Invalid user paula from 106.13.37.33 port 59030 Aug 17 20:49:29 localhost sshd[91616]: Failed password for invalid user paula from 106.13.37.33 port 59030 ssh2 ...	2020-08-18 05:18:23
106.13.37.164	attackbotsspam	Aug 16 05:54:29 db sshd[21186]: User root from 106.13.37.164 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 15:02:56
106.13.37.170	attackbotsspam	Aug 14 07:54:39 * sshd[12558]: Failed password for root from 106.13.37.170 port 55092 ssh2	2020-08-14 16:44:35
106.13.37.213	attackbots	failed root login	2020-08-13 16:20:29
106.13.37.213	attackspam	Aug 11 14:44:09 mout sshd[13309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Aug 11 14:44:10 mout sshd[13309]: Failed password for root from 106.13.37.213 port 46348 ssh2 Aug 11 14:44:11 mout sshd[13309]: Disconnected from authenticating user root 106.13.37.213 port 46348 [preauth]	2020-08-12 02:29:28
106.13.37.164	attack	2020-08-09T20:17:47.028294shield sshd\[17331\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 user=root 2020-08-09T20:17:48.920564shield sshd\[17331\]: Failed password for root from 106.13.37.164 port 47396 ssh2 2020-08-09T20:22:10.903238shield sshd\[17721\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 user=root 2020-08-09T20:22:13.372388shield sshd\[17721\]: Failed password for root from 106.13.37.164 port 54034 ssh2 2020-08-09T20:26:34.208487shield sshd\[18095\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 user=root	2020-08-10 04:33:48
106.13.37.213	attackbotsspam	Aug 8 22:59:05 php1 sshd\[15356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Aug 8 22:59:07 php1 sshd\[15356\]: Failed password for root from 106.13.37.213 port 33894 ssh2 Aug 8 23:03:17 php1 sshd\[15709\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Aug 8 23:03:19 php1 sshd\[15709\]: Failed password for root from 106.13.37.213 port 50934 ssh2 Aug 8 23:07:20 php1 sshd\[16079\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root	2020-08-09 17:11:18
106.13.37.164	attackspam	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-08 08:10:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.37.253
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47572
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.37.253.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062502 1800 900 604800 86400

;; Query time: 8 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 26 08:33:54 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 253.37.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 253.37.13.106.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
177.52.183.139	attackspam	Nov 20 05:43:56 areeb-Workstation sshd[31908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.52.183.139 Nov 20 05:43:58 areeb-Workstation sshd[31908]: Failed password for invalid user zurinabi from 177.52.183.139 port 34834 ssh2 ...	2019-11-20 08:14:30
221.204.11.106	attack	Nov 19 23:18:47 h2177944 sshd\[2995\]: Failed password for root from 221.204.11.106 port 53497 ssh2 Nov 20 00:19:17 h2177944 sshd\[5408\]: Invalid user xdg82329096 from 221.204.11.106 port 45411 Nov 20 00:19:17 h2177944 sshd\[5408\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.204.11.106 Nov 20 00:19:19 h2177944 sshd\[5408\]: Failed password for invalid user xdg82329096 from 221.204.11.106 port 45411 ssh2 ...	2019-11-20 08:17:01
14.172.173.220	attackbots	Automatic report - Port Scan Attack	2019-11-20 08:13:45
104.236.22.133	attackspam	Nov 20 00:23:56 markkoudstaal sshd[19031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.22.133 Nov 20 00:23:58 markkoudstaal sshd[19031]: Failed password for invalid user dbus from 104.236.22.133 port 59738 ssh2 Nov 20 00:27:41 markkoudstaal sshd[19359]: Failed password for root from 104.236.22.133 port 40164 ssh2	2019-11-20 08:02:32
184.154.74.68	attack	" "	2019-11-20 08:12:59
31.171.138.33	attackbots	IDS	2019-11-20 08:02:04
193.56.28.119	attack	Unauthorized connection attempt from IP address 193.56.28.119 on Port 25(SMTP)	2019-11-20 08:06:02
85.67.147.238	attack	Nov 19 11:27:41 : SSH login attempts with invalid user	2019-11-20 08:13:27
192.236.179.43	attack	2019-11-20T00:01:03.897685stark.klein-stark.info postfix/smtpd\[10825\]: NOQUEUE: reject: RCPT from hwsrv-566880.hostwindsdns.com\[192.236.179.43\]: 554 5.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\ 2019-11-20T00:22:59.415878stark.klein-stark.info postfix/smtpd\[12771\]: NOQUEUE: reject: RCPT from hwsrv-566880.hostwindsdns.com\[192.236.179.43\]: 554 5.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\ ...	2019-11-20 08:14:14
159.253.25.197	attackspam	389/udp 1900/udp 123/udp... [2019-09-20/11-19]33pkt,3pt.(udp)	2019-11-20 08:37:33
103.40.123.18	attack	1433/tcp 445/tcp... [2019-10-22/11-19]5pkt,2pt.(tcp)	2019-11-20 08:10:17
89.122.138.47	attackbotsspam	Automatic report - Port Scan Attack	2019-11-20 08:39:45
124.235.206.130	attackspam	2019-11-19T23:29:19.064001scmdmz1 sshd\[18930\]: Invalid user sv from 124.235.206.130 port 43557 2019-11-19T23:29:19.066970scmdmz1 sshd\[18930\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.235.206.130 2019-11-19T23:29:20.717465scmdmz1 sshd\[18930\]: Failed password for invalid user sv from 124.235.206.130 port 43557 ssh2 ...	2019-11-20 08:20:21
190.67.116.12	attackbots	Nov 20 00:03:50 vtv3 sshd[13644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.67.116.12 Nov 20 00:03:51 vtv3 sshd[13644]: Failed password for invalid user chuj from 190.67.116.12 port 46974 ssh2 Nov 20 00:10:50 vtv3 sshd[15345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.67.116.12 Nov 20 00:22:22 vtv3 sshd[17653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.67.116.12 Nov 20 00:22:24 vtv3 sshd[17653]: Failed password for invalid user vonderscher from 190.67.116.12 port 44160 ssh2 Nov 20 00:28:07 vtv3 sshd[18768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.67.116.12 Nov 20 00:40:55 vtv3 sshd[21648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.67.116.12 Nov 20 00:40:57 vtv3 sshd[21648]: Failed password for invalid user balabanian from 190.67.116.12 port 40960 ssh2 Nov 2	2019-11-20 08:17:24
79.157.217.179	attack	94 failed attempt(s) in the last 24h	2019-11-20 08:38:48

最近上报的IP列表

119.207.76.25	22.238.96.116	89.24.42.233	72.33.55.146
72.99.91.149	156.62.99.140	202.79.163.14	207.44.167.60
41.7.230.150	72.160.201.194	177.6.227.38	136.205.198.142
59.188.235.111	212.119.220.146	185.13.112.228	211.108.201.156
185.52.3.155	42.104.126.116	218.8.145.199	190.201.154.95