106.13.37.253 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 22 05:30:07 itv-usvr-01 sshd[25343]: Invalid user xiaojie from 106.13.37.253 Aug 22 05:30:07 itv-usvr-01 sshd[25343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 Aug 22 05:30:07 itv-usvr-01 sshd[25343]: Invalid user xiaojie from 106.13.37.253 Aug 22 05:30:08 itv-usvr-01 sshd[25343]: Failed password for invalid user xiaojie from 106.13.37.253 port 45878 ssh2 Aug 22 05:37:11 itv-usvr-01 sshd[25582]: Invalid user tina from 106.13.37.253	2019-08-23 12:32:30
attackspambots	Aug 2 00:14:39 localhost sshd\[58228\]: Invalid user samba from 106.13.37.253 port 54770 Aug 2 00:14:39 localhost sshd\[58228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 Aug 2 00:14:41 localhost sshd\[58228\]: Failed password for invalid user samba from 106.13.37.253 port 54770 ssh2 Aug 2 00:19:34 localhost sshd\[58350\]: Invalid user xue from 106.13.37.253 port 35258 Aug 2 00:19:34 localhost sshd\[58350\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 ...	2019-08-02 08:26:27
attackspam	Jul 29 13:36:01 lcl-usvr-01 sshd[30224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 user=root Jul 29 13:39:45 lcl-usvr-01 sshd[31790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 user=root Jul 29 13:43:50 lcl-usvr-01 sshd[824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 user=root	2019-07-29 21:10:23
attackbots	Jul 16 06:17:27 core01 sshd\[7633\]: Invalid user h from 106.13.37.253 port 40148 Jul 16 06:17:27 core01 sshd\[7633\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 ...	2019-07-16 13:23:13
attackbots	Jul 15 20:24:00 core01 sshd\[24024\]: Invalid user test from 106.13.37.253 port 55462 Jul 15 20:24:00 core01 sshd\[24024\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 ...	2019-07-16 02:34:30
attackbotsspam	Invalid user m1 from 106.13.37.253 port 42430	2019-07-13 07:08:29
attackbotsspam	Unauthorized SSH login attempts	2019-07-07 16:44:51
attackbotsspam	Invalid user william from 106.13.37.253 port 38870	2019-06-27 13:08:33
attack	Jun 25 20:27:43 nextcloud sshd\[4607\]: Invalid user guest from 106.13.37.253 Jun 25 20:27:43 nextcloud sshd\[4607\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.253 Jun 25 20:27:45 nextcloud sshd\[4607\]: Failed password for invalid user guest from 106.13.37.253 port 37522 ssh2 ...	2019-06-26 08:34:00

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.37.213	attackbots	Oct 9 12:01:50 OPSO sshd\[29145\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Oct 9 12:01:52 OPSO sshd\[29145\]: Failed password for root from 106.13.37.213 port 49532 ssh2 Oct 9 12:04:26 OPSO sshd\[29704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Oct 9 12:04:28 OPSO sshd\[29704\]: Failed password for root from 106.13.37.213 port 58468 ssh2 Oct 9 12:07:00 OPSO sshd\[30424\]: Invalid user ubuntu from 106.13.37.213 port 39178 Oct 9 12:07:00 OPSO sshd\[30424\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213	2020-10-10 01:39:09
106.13.37.213	attackspam	Oct 9 11:12:45 OPSO sshd\[19377\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=admin Oct 9 11:12:47 OPSO sshd\[19377\]: Failed password for admin from 106.13.37.213 port 57980 ssh2 Oct 9 11:15:40 OPSO sshd\[19956\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Oct 9 11:15:42 OPSO sshd\[19956\]: Failed password for root from 106.13.37.213 port 38694 ssh2 Oct 9 11:18:25 OPSO sshd\[20395\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root	2020-10-09 17:23:46
106.13.37.213	attack	Invalid user object from 106.13.37.213 port 60420	2020-09-18 20:07:55
106.13.37.213	attack	Scanned 3 times in the last 24 hours on port 22	2020-09-18 12:26:11
106.13.37.213	attack	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-29 16:21:39
106.13.37.213	attackspam	Aug 27 23:04:42 vmd36147 sshd[19014]: Failed password for root from 106.13.37.213 port 38454 ssh2 Aug 27 23:09:05 vmd36147 sshd[28777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 ...	2020-08-28 05:19:31
106.13.37.164	attackbotsspam	Aug 18 17:43:51 h2646465 sshd[24870]: Invalid user odoo from 106.13.37.164 Aug 18 17:43:51 h2646465 sshd[24870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 Aug 18 17:43:51 h2646465 sshd[24870]: Invalid user odoo from 106.13.37.164 Aug 18 17:43:53 h2646465 sshd[24870]: Failed password for invalid user odoo from 106.13.37.164 port 47582 ssh2 Aug 18 17:51:15 h2646465 sshd[26040]: Invalid user ftp from 106.13.37.164 Aug 18 17:51:15 h2646465 sshd[26040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 Aug 18 17:51:15 h2646465 sshd[26040]: Invalid user ftp from 106.13.37.164 Aug 18 17:51:17 h2646465 sshd[26040]: Failed password for invalid user ftp from 106.13.37.164 port 48926 ssh2 Aug 18 17:55:13 h2646465 sshd[26545]: Invalid user fotos from 106.13.37.164 ...	2020-08-19 04:19:38
106.13.37.33	attackspam	Aug 17 20:43:28 localhost sshd[90908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.33 user=root Aug 17 20:43:29 localhost sshd[90908]: Failed password for root from 106.13.37.33 port 48868 ssh2 Aug 17 20:49:26 localhost sshd[91616]: Invalid user paula from 106.13.37.33 port 59030 Aug 17 20:49:26 localhost sshd[91616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.33 Aug 17 20:49:26 localhost sshd[91616]: Invalid user paula from 106.13.37.33 port 59030 Aug 17 20:49:29 localhost sshd[91616]: Failed password for invalid user paula from 106.13.37.33 port 59030 ssh2 ...	2020-08-18 05:18:23
106.13.37.164	attackbotsspam	Aug 16 05:54:29 db sshd[21186]: User root from 106.13.37.164 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 15:02:56
106.13.37.170	attackbotsspam	Aug 14 07:54:39 * sshd[12558]: Failed password for root from 106.13.37.170 port 55092 ssh2	2020-08-14 16:44:35
106.13.37.213	attackbots	failed root login	2020-08-13 16:20:29
106.13.37.213	attackspam	Aug 11 14:44:09 mout sshd[13309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Aug 11 14:44:10 mout sshd[13309]: Failed password for root from 106.13.37.213 port 46348 ssh2 Aug 11 14:44:11 mout sshd[13309]: Disconnected from authenticating user root 106.13.37.213 port 46348 [preauth]	2020-08-12 02:29:28
106.13.37.164	attack	2020-08-09T20:17:47.028294shield sshd\[17331\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 user=root 2020-08-09T20:17:48.920564shield sshd\[17331\]: Failed password for root from 106.13.37.164 port 47396 ssh2 2020-08-09T20:22:10.903238shield sshd\[17721\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 user=root 2020-08-09T20:22:13.372388shield sshd\[17721\]: Failed password for root from 106.13.37.164 port 54034 ssh2 2020-08-09T20:26:34.208487shield sshd\[18095\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.164 user=root	2020-08-10 04:33:48
106.13.37.213	attackbotsspam	Aug 8 22:59:05 php1 sshd\[15356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Aug 8 22:59:07 php1 sshd\[15356\]: Failed password for root from 106.13.37.213 port 33894 ssh2 Aug 8 23:03:17 php1 sshd\[15709\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root Aug 8 23:03:19 php1 sshd\[15709\]: Failed password for root from 106.13.37.213 port 50934 ssh2 Aug 8 23:07:20 php1 sshd\[16079\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.213 user=root	2020-08-09 17:11:18
106.13.37.164	attackspam	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-08 08:10:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.37.253
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47572
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.37.253.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062502 1800 900 604800 86400

;; Query time: 8 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 26 08:33:54 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 253.37.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 253.37.13.106.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
112.85.42.122	attack	Oct 8 22:25:45 hidden sshd[13193]: Failed password for hidden from 112.85.42.122 port 55452 ssh2 Oct 8 22:25:50 hidden sshd[13193]: Failed password for hidden from 112.85.42.122 port 55452 ssh2 Oct 8 22:25:53 hidden sshd[13193]: Failed password for hidden from 112.85.42.122 port 55452 ssh2	2020-10-09 04:29:06
187.180.102.108	attackspam	2020-10-08T16:39:27.817208vps773228.ovh.net sshd[21371]: Failed password for root from 187.180.102.108 port 36246 ssh2 2020-10-08T16:45:24.281764vps773228.ovh.net sshd[21469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.180.102.108 user=root 2020-10-08T16:45:25.726440vps773228.ovh.net sshd[21469]: Failed password for root from 187.180.102.108 port 38428 ssh2 2020-10-08T16:52:06.125760vps773228.ovh.net sshd[21539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.180.102.108 user=root 2020-10-08T16:52:08.428248vps773228.ovh.net sshd[21539]: Failed password for root from 187.180.102.108 port 40610 ssh2 ...	2020-10-09 04:37:12
171.224.191.120	attackspam	Port Scan detected! ...	2020-10-09 04:16:48
27.77.200.241	attackbotsspam	TCP (SYN) 27.77.200.241:12600 -> port 23, len 40	2020-10-09 04:49:08
103.145.13.124	attackbotsspam	UDP port : 5060	2020-10-09 04:44:22
112.85.42.112	attack	2020-10-08T23:32:45.855161lavrinenko.info sshd[13449]: Failed password for root from 112.85.42.112 port 10754 ssh2 2020-10-08T23:32:49.013249lavrinenko.info sshd[13449]: Failed password for root from 112.85.42.112 port 10754 ssh2 2020-10-08T23:32:52.713566lavrinenko.info sshd[13449]: Failed password for root from 112.85.42.112 port 10754 ssh2 2020-10-08T23:32:57.683620lavrinenko.info sshd[13449]: Failed password for root from 112.85.42.112 port 10754 ssh2 2020-10-08T23:32:57.747160lavrinenko.info sshd[13449]: error: maximum authentication attempts exceeded for root from 112.85.42.112 port 10754 ssh2 [preauth] ...	2020-10-09 04:34:58
5.183.255.44	attackbotsspam	C1,Magento Bruteforce Login Attack POST /index.php/admin/	2020-10-09 04:17:54
139.162.77.6	attackspambots	TCP (SYN) 139.162.77.6:38389 -> port 3389, len 44	2020-10-09 04:47:07
112.140.185.246	attackspam	2020-10-08T01:39:08.881982tthyp sshd[24909]: Connection from 112.140.185.246 port 57534 on 95.216.168.125 port 22 rdomain "" 2020-10-08T01:39:10.248240tthyp sshd[24909]: User root from 112.140.185.246 not allowed because none of user's groups are listed in AllowGroups 2020-10-08T01:39:08.881982tthyp sshd[24909]: Connection from 112.140.185.246 port 57534 on 95.216.168.125 port 22 rdomain "" 2020-10-08T01:39:10.248240tthyp sshd[24909]: User root from 112.140.185.246 not allowed because none of user's groups are listed in AllowGroups 2020-10-08T01:39:10.621455tthyp sshd[24909]: Connection closed by invalid user root 112.140.185.246 port 57534 [preauth] 2020-10-08T01:45:06.049626tthyp sshd[24913]: Connection from 112.140.185.246 port 56690 on 95.216.168.125 port 22 rdomain "" 2020-10-08T01:45:07.467821tthyp sshd[24913]: User root from 112.140.185.246 not allowed because none of user's groups are listed in AllowGroups 2020-10-08T01:45:06.049626tthyp sshd[24913]: Connection from 112.140.185 ...	2020-10-09 04:28:40
51.68.11.195	attackbots	Port Scan: TCP/443	2020-10-09 04:26:39
36.82.106.238	attackbots	Oct 9 06:12:13 localhost sshd[171885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.82.106.238 user=root Oct 9 06:12:15 localhost sshd[171885]: Failed password for root from 36.82.106.238 port 43490 ssh2 ...	2020-10-09 04:46:17
111.231.215.244	attack	Oct 8 19:34:57 ns382633 sshd\[22797\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.215.244 user=root Oct 8 19:34:58 ns382633 sshd\[22797\]: Failed password for root from 111.231.215.244 port 39183 ssh2 Oct 8 19:42:31 ns382633 sshd\[23699\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.215.244 user=root Oct 8 19:42:33 ns382633 sshd\[23699\]: Failed password for root from 111.231.215.244 port 37136 ssh2 Oct 8 19:47:49 ns382633 sshd\[24570\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.215.244 user=root	2020-10-09 04:48:25
18.162.109.62	attack	Lines containing failures of 18.162.109.62 Oct 5 11:51:47 www sshd[31558]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.162.109.62 user=r.r Oct 5 11:51:48 www sshd[31558]: Failed password for r.r from 18.162.109.62 port 53092 ssh2 Oct 5 11:51:49 www sshd[31558]: Received disconnect from 18.162.109.62 port 53092:11: Bye Bye [preauth] Oct 5 11:51:49 www sshd[31558]: Disconnected from authenticating user r.r 18.162.109.62 port 53092 [preauth] Oct 5 12:00:24 www sshd[1055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.162.109.62 user=r.r Oct 5 12:00:26 www sshd[1055]: Failed password for r.r from 18.162.109.62 port 51652 ssh2 Oct 5 12:00:26 www sshd[1055]: Received disconnect from 18.162.109.62 port 51652:11: Bye Bye [preauth] Oct 5 12:00:26 www sshd[1055]: Disconnected from authenticating user r.r 18.162.109.62 port 51652 [preauth] Oct 5 12:04:11 www sshd[1673]: pam_unix(s........ ------------------------------	2020-10-09 04:33:09
150.242.14.199	attackbots	GET /laravel/.env HTTP/1.1 GET /.env HTTP/1.1 GET /public/.env HTTP/1.1 GET HTTP/1.1 HTTP/1.1 GET /portal/.env HTTP/1.1	2020-10-09 04:41:54
203.56.24.180	attackbotsspam	Oct 8 20:35:17 prox sshd[5403]: Failed password for root from 203.56.24.180 port 38466 ssh2	2020-10-09 04:38:57

最近上报的IP列表

119.207.76.25	22.238.96.116	89.24.42.233	72.33.55.146
72.99.91.149	156.62.99.140	202.79.163.14	207.44.167.60
41.7.230.150	72.160.201.194	177.6.227.38	136.205.198.142
59.188.235.111	212.119.220.146	185.13.112.228	211.108.201.156
185.52.3.155	42.104.126.116	218.8.145.199	190.201.154.95