106.13.52.83 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	B: Abusive ssh attack	2020-08-12 13:47:46
attack	Jul 24 07:17:41 debian-2gb-nbg1-2 kernel: \[17826382.914221\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=106.13.52.83 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=38581 PROTO=TCP SPT=51495 DPT=3752 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-24 17:25:31
attackspambots	Jul 9 22:28:18 scw-6657dc sshd[31104]: Failed password for mail from 106.13.52.83 port 49798 ssh2 Jul 9 22:28:18 scw-6657dc sshd[31104]: Failed password for mail from 106.13.52.83 port 49798 ssh2 Jul 9 22:34:05 scw-6657dc sshd[31307]: Invalid user xpp from 106.13.52.83 port 34766 ...	2020-07-10 07:18:21
attackspambots	May 26 00:19:01 santamaria sshd\[20269\]: Invalid user chaunte from 106.13.52.83 May 26 00:19:01 santamaria sshd\[20269\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.83 May 26 00:19:03 santamaria sshd\[20269\]: Failed password for invalid user chaunte from 106.13.52.83 port 42226 ssh2 ...	2020-05-26 07:02:50
attackbots	SSH Invalid Login	2020-05-23 06:34:35
attack	May 19 21:05:24 eventyay sshd[1302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.83 May 19 21:05:25 eventyay sshd[1302]: Failed password for invalid user epiconf from 106.13.52.83 port 55922 ssh2 May 19 21:07:06 eventyay sshd[1370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.83 ...	2020-05-20 03:14:59
attackspam	Apr 27 15:36:33 pkdns2 sshd\[27919\]: Invalid user oper from 106.13.52.83Apr 27 15:36:34 pkdns2 sshd\[27919\]: Failed password for invalid user oper from 106.13.52.83 port 37570 ssh2Apr 27 15:40:59 pkdns2 sshd\[28118\]: Invalid user uuu from 106.13.52.83Apr 27 15:41:01 pkdns2 sshd\[28118\]: Failed password for invalid user uuu from 106.13.52.83 port 37992 ssh2Apr 27 15:45:24 pkdns2 sshd\[28332\]: Invalid user pao from 106.13.52.83Apr 27 15:45:26 pkdns2 sshd\[28332\]: Failed password for invalid user pao from 106.13.52.83 port 38412 ssh2 ...	2020-04-28 00:10:53
attack	$lgm	2020-04-09 17:04:59
attack	Apr 3 03:33:11 gw1 sshd[10572]: Failed password for root from 106.13.52.83 port 48678 ssh2 ...	2020-04-03 07:14:20
attackbotsspam	Mar 20 08:51:01 gw1 sshd[18619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.83 Mar 20 08:51:03 gw1 sshd[18619]: Failed password for invalid user gopher from 106.13.52.83 port 56580 ssh2 ...	2020-03-20 19:45:57
attackbotsspam	Mar 7 23:07:44 vps691689 sshd[13059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.83 Mar 7 23:07:45 vps691689 sshd[13059]: Failed password for invalid user PASSW0RD@1234 from 106.13.52.83 port 53880 ssh2 Mar 7 23:08:41 vps691689 sshd[13083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.83 ...	2020-03-08 07:30:31

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.52.107	attackbots	20 attempts against mh-ssh on echoip	2020-08-26 20:28:49
106.13.52.107	attackspam	Aug 25 05:08:10 serwer sshd\[21470\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.107 user=root Aug 25 05:08:13 serwer sshd\[21470\]: Failed password for root from 106.13.52.107 port 40932 ssh2 Aug 25 05:15:21 serwer sshd\[28095\]: Invalid user mc from 106.13.52.107 port 34882 Aug 25 05:15:21 serwer sshd\[28095\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.107 ...	2020-08-25 21:13:36
106.13.52.107	attackspambots	sshd jail - ssh hack attempt	2020-08-19 18:25:45
106.13.52.234	attackspam	prod11 ...	2020-08-08 01:35:43
106.13.52.234	attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-02 15:00:27
106.13.52.234	attack	Aug 1 05:48:59 root sshd[26761]: Failed password for root from 106.13.52.234 port 56080 ssh2 Aug 1 05:57:22 root sshd[27856]: Failed password for root from 106.13.52.234 port 34018 ssh2 ...	2020-08-01 18:59:39
106.13.52.234	attackbotsspam	Jul 31 16:31:28 plg sshd[8626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 user=root Jul 31 16:31:30 plg sshd[8626]: Failed password for invalid user root from 106.13.52.234 port 57108 ssh2 Jul 31 16:33:46 plg sshd[8660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 user=root Jul 31 16:33:48 plg sshd[8660]: Failed password for invalid user root from 106.13.52.234 port 57144 ssh2 Jul 31 16:36:10 plg sshd[8704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 user=root Jul 31 16:36:12 plg sshd[8704]: Failed password for invalid user root from 106.13.52.234 port 57172 ssh2 ...	2020-08-01 02:32:28
106.13.52.234	attackspambots	Jul 28 06:44:09 buvik sshd[1072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Jul 28 06:44:11 buvik sshd[1072]: Failed password for invalid user xuzx from 106.13.52.234 port 57502 ssh2 Jul 28 06:46:59 buvik sshd[1572]: Invalid user uap from 106.13.52.234 ...	2020-07-28 17:09:16
106.13.52.234	attack	Invalid user guest from 106.13.52.234 port 42628	2020-07-28 06:10:35
106.13.52.234	attackbotsspam	Jul 23 23:09:22 OPSO sshd\[6221\]: Invalid user sistemas from 106.13.52.234 port 46484 Jul 23 23:09:22 OPSO sshd\[6221\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Jul 23 23:09:25 OPSO sshd\[6221\]: Failed password for invalid user sistemas from 106.13.52.234 port 46484 ssh2 Jul 23 23:13:42 OPSO sshd\[7121\]: Invalid user adrian from 106.13.52.234 port 48820 Jul 23 23:13:42 OPSO sshd\[7121\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234	2020-07-24 05:39:35
106.13.52.107	attack	Jul 23 09:06:28 l03 sshd[25736]: Invalid user jochen from 106.13.52.107 port 45506 ...	2020-07-23 17:06:36
106.13.52.107	attackbotsspam	Invalid user dva from 106.13.52.107 port 60112	2020-07-18 21:22:04
106.13.52.234	attack	Jul 11 20:42:34 tuxlinux sshd[10939]: Invalid user corine from 106.13.52.234 port 55690 Jul 11 20:42:34 tuxlinux sshd[10939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Jul 11 20:42:34 tuxlinux sshd[10939]: Invalid user corine from 106.13.52.234 port 55690 Jul 11 20:42:34 tuxlinux sshd[10939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Jul 11 20:42:34 tuxlinux sshd[10939]: Invalid user corine from 106.13.52.234 port 55690 Jul 11 20:42:34 tuxlinux sshd[10939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Jul 11 20:42:35 tuxlinux sshd[10939]: Failed password for invalid user corine from 106.13.52.234 port 55690 ssh2 ...	2020-07-13 04:16:28
106.13.52.107	attackbots	Jul 10 15:16:46 lnxweb62 sshd[11400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.107	2020-07-10 23:10:16
106.13.52.234	attackspam	Jul 9 15:13:44 ajax sshd[21277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Jul 9 15:13:46 ajax sshd[21277]: Failed password for invalid user user from 106.13.52.234 port 49682 ssh2	2020-07-09 23:10:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.52.83
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.52.83.			IN	A

;; AUTHORITY SECTION:
.			306	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030701 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 08 07:30:28 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 83.52.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 83.52.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.143.73.250	attackbots	Jul 15 08:42:27 blackbee postfix/smtpd[11623]: warning: unknown[185.143.73.250]: SASL LOGIN authentication failed: authentication failure Jul 15 08:42:55 blackbee postfix/smtpd[11623]: warning: unknown[185.143.73.250]: SASL LOGIN authentication failed: authentication failure Jul 15 08:43:21 blackbee postfix/smtpd[11623]: warning: unknown[185.143.73.250]: SASL LOGIN authentication failed: authentication failure Jul 15 08:43:50 blackbee postfix/smtpd[11664]: warning: unknown[185.143.73.250]: SASL LOGIN authentication failed: authentication failure Jul 15 08:44:15 blackbee postfix/smtpd[11664]: warning: unknown[185.143.73.250]: SASL LOGIN authentication failed: authentication failure ...	2020-07-15 15:53:52
104.41.41.24	attackbotsspam	Jul 15 10:11:43 vpn01 sshd[6483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.41.41.24 Jul 15 10:11:44 vpn01 sshd[6483]: Failed password for invalid user admin from 104.41.41.24 port 1472 ssh2 ...	2020-07-15 16:18:09
138.197.5.191	attack	2020-07-15T02:14:19.767491shield sshd\[7697\]: Invalid user jit from 138.197.5.191 port 60680 2020-07-15T02:14:19.778066shield sshd\[7697\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.5.191 2020-07-15T02:14:21.627131shield sshd\[7697\]: Failed password for invalid user jit from 138.197.5.191 port 60680 ssh2 2020-07-15T02:17:42.629631shield sshd\[8295\]: Invalid user cw from 138.197.5.191 port 58874 2020-07-15T02:17:42.642448shield sshd\[8295\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.5.191	2020-07-15 15:51:49
52.172.212.171	attackbots	<6 unauthorized SSH connections	2020-07-15 16:28:53
113.172.195.225	attackspambots	Unauthorized connection attempt from IP address 113.172.195.225 on Port 445(SMB)	2020-07-15 16:25:34
51.255.173.70	attack	Jul 15 06:09:17 ip-172-31-62-245 sshd\[27427\]: Invalid user karianne from 51.255.173.70\ Jul 15 06:09:19 ip-172-31-62-245 sshd\[27427\]: Failed password for invalid user karianne from 51.255.173.70 port 58950 ssh2\ Jul 15 06:12:29 ip-172-31-62-245 sshd\[27452\]: Invalid user karola from 51.255.173.70\ Jul 15 06:12:32 ip-172-31-62-245 sshd\[27452\]: Failed password for invalid user karola from 51.255.173.70 port 55582 ssh2\ Jul 15 06:15:36 ip-172-31-62-245 sshd\[27471\]: Invalid user tamara from 51.255.173.70\	2020-07-15 16:16:18
94.102.56.231	attack	TCP (SYN) 94.102.56.231:40950 -> port 8132, len 44	2020-07-15 16:04:45
192.210.192.165	attackspambots	Jul 15 10:00:55 hidden sshd[47702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.210.192.165 Jul 15 10:00:57 hidden sshd[47702]: Failed password for invalid user remnux from 192.210.192.165 port 41372 ssh2	2020-07-15 16:27:37
109.197.192.90	attack	Unauthorized connection attempt from IP address 109.197.192.90 on Port 445(SMB)	2020-07-15 16:21:57
201.212.0.189	attackspambots	Brute forcing RDP port 3389	2020-07-15 16:21:15
210.12.168.79	attackspam	2020-07-15T05:05:43.954751abusebot-4.cloudsearch.cf sshd[17949]: Invalid user dancer from 210.12.168.79 port 59354 2020-07-15T05:05:43.961997abusebot-4.cloudsearch.cf sshd[17949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.12.168.79 2020-07-15T05:05:43.954751abusebot-4.cloudsearch.cf sshd[17949]: Invalid user dancer from 210.12.168.79 port 59354 2020-07-15T05:05:45.623861abusebot-4.cloudsearch.cf sshd[17949]: Failed password for invalid user dancer from 210.12.168.79 port 59354 ssh2 2020-07-15T05:09:43.376492abusebot-4.cloudsearch.cf sshd[17965]: Invalid user postgres from 210.12.168.79 port 24005 2020-07-15T05:09:43.382164abusebot-4.cloudsearch.cf sshd[17965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.12.168.79 2020-07-15T05:09:43.376492abusebot-4.cloudsearch.cf sshd[17965]: Invalid user postgres from 210.12.168.79 port 24005 2020-07-15T05:09:44.657747abusebot-4.cloudsearch.cf sshd[17965 ...	2020-07-15 15:58:14
37.252.72.189	attackspam	Dovecot Invalid User Login Attempt.	2020-07-15 15:59:07
51.103.131.225	attackbotsspam	SSH Brute-Force reported by Fail2Ban	2020-07-15 15:58:40
52.187.151.76	attackspambots	$f2bV_matches	2020-07-15 16:26:20
51.132.11.195	attackspambots	Jul 15 08:56:44 icinga sshd[55507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.132.11.195 Jul 15 08:56:46 icinga sshd[55507]: Failed password for invalid user admin from 51.132.11.195 port 48010 ssh2 Jul 15 09:51:03 icinga sshd[15160]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.132.11.195 ...	2020-07-15 16:12:14

最近上报的IP列表

197.211.61.145	103.242.118.183	106.12.88.95	14.233.32.54
111.236.244.109	61.247.86.121	178.33.148.10	86.206.56.208
49.234.91.122	106.13.39.127	172.106.3.200	156.96.148.73
197.44.186.226	51.159.0.133	84.60.146.130	193.34.69.224
116.102.93.135	92.118.234.234	139.162.192.166	113.140.80.174