106.13.52.1 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	SSH login attempts with user root.	2019-11-30 06:52:12

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.52.107	attackbots	20 attempts against mh-ssh on echoip	2020-08-26 20:28:49
106.13.52.107	attackspam	Aug 25 05:08:10 serwer sshd\[21470\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.107 user=root Aug 25 05:08:13 serwer sshd\[21470\]: Failed password for root from 106.13.52.107 port 40932 ssh2 Aug 25 05:15:21 serwer sshd\[28095\]: Invalid user mc from 106.13.52.107 port 34882 Aug 25 05:15:21 serwer sshd\[28095\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.107 ...	2020-08-25 21:13:36
106.13.52.107	attackspambots	sshd jail - ssh hack attempt	2020-08-19 18:25:45
106.13.52.83	attackbots	B: Abusive ssh attack	2020-08-12 13:47:46
106.13.52.234	attackspam	prod11 ...	2020-08-08 01:35:43
106.13.52.234	attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-02 15:00:27
106.13.52.234	attack	Aug 1 05:48:59 root sshd[26761]: Failed password for root from 106.13.52.234 port 56080 ssh2 Aug 1 05:57:22 root sshd[27856]: Failed password for root from 106.13.52.234 port 34018 ssh2 ...	2020-08-01 18:59:39
106.13.52.234	attackbotsspam	Jul 31 16:31:28 plg sshd[8626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 user=root Jul 31 16:31:30 plg sshd[8626]: Failed password for invalid user root from 106.13.52.234 port 57108 ssh2 Jul 31 16:33:46 plg sshd[8660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 user=root Jul 31 16:33:48 plg sshd[8660]: Failed password for invalid user root from 106.13.52.234 port 57144 ssh2 Jul 31 16:36:10 plg sshd[8704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 user=root Jul 31 16:36:12 plg sshd[8704]: Failed password for invalid user root from 106.13.52.234 port 57172 ssh2 ...	2020-08-01 02:32:28
106.13.52.234	attackspambots	Jul 28 06:44:09 buvik sshd[1072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Jul 28 06:44:11 buvik sshd[1072]: Failed password for invalid user xuzx from 106.13.52.234 port 57502 ssh2 Jul 28 06:46:59 buvik sshd[1572]: Invalid user uap from 106.13.52.234 ...	2020-07-28 17:09:16
106.13.52.234	attack	Invalid user guest from 106.13.52.234 port 42628	2020-07-28 06:10:35
106.13.52.83	attack	Jul 24 07:17:41 debian-2gb-nbg1-2 kernel: \[17826382.914221\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=106.13.52.83 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=38581 PROTO=TCP SPT=51495 DPT=3752 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-24 17:25:31
106.13.52.234	attackbotsspam	Jul 23 23:09:22 OPSO sshd\[6221\]: Invalid user sistemas from 106.13.52.234 port 46484 Jul 23 23:09:22 OPSO sshd\[6221\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Jul 23 23:09:25 OPSO sshd\[6221\]: Failed password for invalid user sistemas from 106.13.52.234 port 46484 ssh2 Jul 23 23:13:42 OPSO sshd\[7121\]: Invalid user adrian from 106.13.52.234 port 48820 Jul 23 23:13:42 OPSO sshd\[7121\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234	2020-07-24 05:39:35
106.13.52.107	attack	Jul 23 09:06:28 l03 sshd[25736]: Invalid user jochen from 106.13.52.107 port 45506 ...	2020-07-23 17:06:36
106.13.52.107	attackbotsspam	Invalid user dva from 106.13.52.107 port 60112	2020-07-18 21:22:04
106.13.52.234	attack	Jul 11 20:42:34 tuxlinux sshd[10939]: Invalid user corine from 106.13.52.234 port 55690 Jul 11 20:42:34 tuxlinux sshd[10939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Jul 11 20:42:34 tuxlinux sshd[10939]: Invalid user corine from 106.13.52.234 port 55690 Jul 11 20:42:34 tuxlinux sshd[10939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Jul 11 20:42:34 tuxlinux sshd[10939]: Invalid user corine from 106.13.52.234 port 55690 Jul 11 20:42:34 tuxlinux sshd[10939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Jul 11 20:42:35 tuxlinux sshd[10939]: Failed password for invalid user corine from 106.13.52.234 port 55690 ssh2 ...	2020-07-13 04:16:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.52.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50644
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.52.1.			IN	A

;; AUTHORITY SECTION:
.			534	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112901 1800 900 604800 86400

;; Query time: 141 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 30 06:52:09 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 1.52.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 1.52.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
95.173.169.23	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2019-10-23 04:57:54
45.252.249.240	attackbotsspam	Brute-Force attempts in wordpress websites	2019-10-23 04:50:35
111.231.54.33	attackbotsspam	Oct 22 22:57:19 lnxweb62 sshd[9566]: Failed password for root from 111.231.54.33 port 56256 ssh2 Oct 22 22:57:19 lnxweb62 sshd[9566]: Failed password for root from 111.231.54.33 port 56256 ssh2	2019-10-23 05:05:36
23.129.64.180	attack	Oct 22 22:11:27 vpn01 sshd[20743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.180 Oct 22 22:11:29 vpn01 sshd[20743]: Failed password for invalid user apc from 23.129.64.180 port 45007 ssh2 ...	2019-10-23 04:44:35
37.114.158.123	attackspambots	$f2bV_matches	2019-10-23 05:06:03
117.114.144.162	attackspam	1433/tcp 1433/tcp 1433/tcp [2019-10-12/22]3pkt	2019-10-23 04:42:31
200.123.190.39	attackbots	Spam Timestamp : 22-Oct-19 20:31 BlockList Provider combined abuse (723)	2019-10-23 04:34:36
77.122.17.211	attackbots	Spam Timestamp : 22-Oct-19 19:08 BlockList Provider combined abuse (716)	2019-10-23 04:40:54
155.4.32.16	attackspam	Oct 22 23:15:31 hosting sshd[12248]: Invalid user bush from 155.4.32.16 port 43525 Oct 22 23:15:31 hosting sshd[12248]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=h-32-16.a182.priv.bahnhof.se Oct 22 23:15:31 hosting sshd[12248]: Invalid user bush from 155.4.32.16 port 43525 Oct 22 23:15:33 hosting sshd[12248]: Failed password for invalid user bush from 155.4.32.16 port 43525 ssh2 Oct 22 23:31:20 hosting sshd[13114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=h-32-16.a182.priv.bahnhof.se user=root Oct 22 23:31:21 hosting sshd[13114]: Failed password for root from 155.4.32.16 port 38552 ssh2 ...	2019-10-23 04:48:13
179.232.1.254	attackspambots	Oct 22 10:24:35 php1 sshd\[18554\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.232.1.254 user=root Oct 22 10:24:38 php1 sshd\[18554\]: Failed password for root from 179.232.1.254 port 35593 ssh2 Oct 22 10:31:19 php1 sshd\[19422\]: Invalid user abc123 from 179.232.1.254 Oct 22 10:31:19 php1 sshd\[19422\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.232.1.254 Oct 22 10:31:20 php1 sshd\[19422\]: Failed password for invalid user abc123 from 179.232.1.254 port 55605 ssh2	2019-10-23 04:46:54
94.176.207.66	attack	Unauthorised access (Oct 22) SRC=94.176.207.66 LEN=52 TTL=115 ID=24956 DF TCP DPT=1433 WINDOW=8192 SYN Unauthorised access (Oct 22) SRC=94.176.207.66 LEN=52 TTL=115 ID=142 DF TCP DPT=1433 WINDOW=8192 SYN	2019-10-23 04:46:23
51.75.23.62	attack	Oct 22 22:26:41 SilenceServices sshd[20178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.23.62 Oct 22 22:26:43 SilenceServices sshd[20178]: Failed password for invalid user testtest from 51.75.23.62 port 58690 ssh2 Oct 22 22:30:28 SilenceServices sshd[21176]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.23.62	2019-10-23 04:36:27
119.29.162.17	attackbotsspam	Oct 22 20:38:44 game-panel sshd[3303]: Failed password for root from 119.29.162.17 port 37612 ssh2 Oct 22 20:42:38 game-panel sshd[3485]: Failed password for root from 119.29.162.17 port 55820 ssh2	2019-10-23 04:53:39
46.38.144.17	attackbotsspam	Oct 22 22:22:44 webserver postfix/smtpd\[6409\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 22 22:23:56 webserver postfix/smtpd\[6409\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 22 22:25:08 webserver postfix/smtpd\[6409\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 22 22:26:21 webserver postfix/smtpd\[6409\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 22 22:27:33 webserver postfix/smtpd\[6409\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-23 04:37:37
112.29.135.180	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/112.29.135.180/ CN - 1H : (414) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN9808 IP : 112.29.135.180 CIDR : 112.29.135.0/24 PREFIX COUNT : 3598 UNIQUE IP COUNT : 18819072 ATTACKS DETECTED ASN9808 : 1H - 1 3H - 2 6H - 2 12H - 4 24H - 7 DateTime : 2019-10-22 22:11:11 INFO : Server 403 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-10-23 04:53:59

最近上报的IP列表

81.169.246.201	111.253.205.156	103.73.183.1	68.15.246.4
103.70.61.1	233.119.2.28	218.205.203.114	117.72.208.42
103.66.16.1	119.157.144.162	31.1.63.187	176.31.131.255
158.214.139.170	227.59.11.146	120.132.27.181	103.58.248.1
103.56.113.6	103.27.238.2	103.229.83.1	103.206.102.1