106.13.52.83 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	B: Abusive ssh attack	2020-08-12 13:47:46
attack	Jul 24 07:17:41 debian-2gb-nbg1-2 kernel: \[17826382.914221\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=106.13.52.83 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=38581 PROTO=TCP SPT=51495 DPT=3752 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-24 17:25:31
attackspambots	Jul 9 22:28:18 scw-6657dc sshd[31104]: Failed password for mail from 106.13.52.83 port 49798 ssh2 Jul 9 22:28:18 scw-6657dc sshd[31104]: Failed password for mail from 106.13.52.83 port 49798 ssh2 Jul 9 22:34:05 scw-6657dc sshd[31307]: Invalid user xpp from 106.13.52.83 port 34766 ...	2020-07-10 07:18:21
attackspambots	May 26 00:19:01 santamaria sshd\[20269\]: Invalid user chaunte from 106.13.52.83 May 26 00:19:01 santamaria sshd\[20269\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.83 May 26 00:19:03 santamaria sshd\[20269\]: Failed password for invalid user chaunte from 106.13.52.83 port 42226 ssh2 ...	2020-05-26 07:02:50
attackbots	SSH Invalid Login	2020-05-23 06:34:35
attack	May 19 21:05:24 eventyay sshd[1302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.83 May 19 21:05:25 eventyay sshd[1302]: Failed password for invalid user epiconf from 106.13.52.83 port 55922 ssh2 May 19 21:07:06 eventyay sshd[1370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.83 ...	2020-05-20 03:14:59
attackspam	Apr 27 15:36:33 pkdns2 sshd\[27919\]: Invalid user oper from 106.13.52.83Apr 27 15:36:34 pkdns2 sshd\[27919\]: Failed password for invalid user oper from 106.13.52.83 port 37570 ssh2Apr 27 15:40:59 pkdns2 sshd\[28118\]: Invalid user uuu from 106.13.52.83Apr 27 15:41:01 pkdns2 sshd\[28118\]: Failed password for invalid user uuu from 106.13.52.83 port 37992 ssh2Apr 27 15:45:24 pkdns2 sshd\[28332\]: Invalid user pao from 106.13.52.83Apr 27 15:45:26 pkdns2 sshd\[28332\]: Failed password for invalid user pao from 106.13.52.83 port 38412 ssh2 ...	2020-04-28 00:10:53
attack	$lgm	2020-04-09 17:04:59
attack	Apr 3 03:33:11 gw1 sshd[10572]: Failed password for root from 106.13.52.83 port 48678 ssh2 ...	2020-04-03 07:14:20
attackbotsspam	Mar 20 08:51:01 gw1 sshd[18619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.83 Mar 20 08:51:03 gw1 sshd[18619]: Failed password for invalid user gopher from 106.13.52.83 port 56580 ssh2 ...	2020-03-20 19:45:57
attackbotsspam	Mar 7 23:07:44 vps691689 sshd[13059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.83 Mar 7 23:07:45 vps691689 sshd[13059]: Failed password for invalid user PASSW0RD@1234 from 106.13.52.83 port 53880 ssh2 Mar 7 23:08:41 vps691689 sshd[13083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.83 ...	2020-03-08 07:30:31

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.52.107	attackbots	20 attempts against mh-ssh on echoip	2020-08-26 20:28:49
106.13.52.107	attackspam	Aug 25 05:08:10 serwer sshd\[21470\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.107 user=root Aug 25 05:08:13 serwer sshd\[21470\]: Failed password for root from 106.13.52.107 port 40932 ssh2 Aug 25 05:15:21 serwer sshd\[28095\]: Invalid user mc from 106.13.52.107 port 34882 Aug 25 05:15:21 serwer sshd\[28095\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.107 ...	2020-08-25 21:13:36
106.13.52.107	attackspambots	sshd jail - ssh hack attempt	2020-08-19 18:25:45
106.13.52.234	attackspam	prod11 ...	2020-08-08 01:35:43
106.13.52.234	attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-02 15:00:27
106.13.52.234	attack	Aug 1 05:48:59 root sshd[26761]: Failed password for root from 106.13.52.234 port 56080 ssh2 Aug 1 05:57:22 root sshd[27856]: Failed password for root from 106.13.52.234 port 34018 ssh2 ...	2020-08-01 18:59:39
106.13.52.234	attackbotsspam	Jul 31 16:31:28 plg sshd[8626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 user=root Jul 31 16:31:30 plg sshd[8626]: Failed password for invalid user root from 106.13.52.234 port 57108 ssh2 Jul 31 16:33:46 plg sshd[8660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 user=root Jul 31 16:33:48 plg sshd[8660]: Failed password for invalid user root from 106.13.52.234 port 57144 ssh2 Jul 31 16:36:10 plg sshd[8704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 user=root Jul 31 16:36:12 plg sshd[8704]: Failed password for invalid user root from 106.13.52.234 port 57172 ssh2 ...	2020-08-01 02:32:28
106.13.52.234	attackspambots	Jul 28 06:44:09 buvik sshd[1072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Jul 28 06:44:11 buvik sshd[1072]: Failed password for invalid user xuzx from 106.13.52.234 port 57502 ssh2 Jul 28 06:46:59 buvik sshd[1572]: Invalid user uap from 106.13.52.234 ...	2020-07-28 17:09:16
106.13.52.234	attack	Invalid user guest from 106.13.52.234 port 42628	2020-07-28 06:10:35
106.13.52.234	attackbotsspam	Jul 23 23:09:22 OPSO sshd\[6221\]: Invalid user sistemas from 106.13.52.234 port 46484 Jul 23 23:09:22 OPSO sshd\[6221\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Jul 23 23:09:25 OPSO sshd\[6221\]: Failed password for invalid user sistemas from 106.13.52.234 port 46484 ssh2 Jul 23 23:13:42 OPSO sshd\[7121\]: Invalid user adrian from 106.13.52.234 port 48820 Jul 23 23:13:42 OPSO sshd\[7121\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234	2020-07-24 05:39:35
106.13.52.107	attack	Jul 23 09:06:28 l03 sshd[25736]: Invalid user jochen from 106.13.52.107 port 45506 ...	2020-07-23 17:06:36
106.13.52.107	attackbotsspam	Invalid user dva from 106.13.52.107 port 60112	2020-07-18 21:22:04
106.13.52.234	attack	Jul 11 20:42:34 tuxlinux sshd[10939]: Invalid user corine from 106.13.52.234 port 55690 Jul 11 20:42:34 tuxlinux sshd[10939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Jul 11 20:42:34 tuxlinux sshd[10939]: Invalid user corine from 106.13.52.234 port 55690 Jul 11 20:42:34 tuxlinux sshd[10939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Jul 11 20:42:34 tuxlinux sshd[10939]: Invalid user corine from 106.13.52.234 port 55690 Jul 11 20:42:34 tuxlinux sshd[10939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Jul 11 20:42:35 tuxlinux sshd[10939]: Failed password for invalid user corine from 106.13.52.234 port 55690 ssh2 ...	2020-07-13 04:16:28
106.13.52.107	attackbots	Jul 10 15:16:46 lnxweb62 sshd[11400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.107	2020-07-10 23:10:16
106.13.52.234	attackspam	Jul 9 15:13:44 ajax sshd[21277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Jul 9 15:13:46 ajax sshd[21277]: Failed password for invalid user user from 106.13.52.234 port 49682 ssh2	2020-07-09 23:10:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.52.83
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.52.83.			IN	A

;; AUTHORITY SECTION:
.			306	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030701 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 08 07:30:28 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 83.52.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 83.52.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
128.199.107.252	attackspam	Sep 16 23:13:12 hpm sshd\[12949\]: Invalid user jennyfer from 128.199.107.252 Sep 16 23:13:12 hpm sshd\[12949\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.107.252 Sep 16 23:13:14 hpm sshd\[12949\]: Failed password for invalid user jennyfer from 128.199.107.252 port 51776 ssh2 Sep 16 23:18:41 hpm sshd\[13486\]: Invalid user user from 128.199.107.252 Sep 16 23:18:41 hpm sshd\[13486\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.107.252	2019-09-17 17:26:51
54.36.150.22	attack	Automatic report - Banned IP Access	2019-09-17 17:25:56
59.173.116.215	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/59.173.116.215/ CN - 1H : (305) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4134 IP : 59.173.116.215 CIDR : 59.173.0.0/17 PREFIX COUNT : 5430 UNIQUE IP COUNT : 106919680 WYKRYTE ATAKI Z ASN4134 : 1H - 6 3H - 15 6H - 33 12H - 54 24H - 93 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery	2019-09-17 17:36:07
183.107.101.117	attackspam	$f2bV_matches	2019-09-17 17:32:34
106.13.165.13	attackbotsspam	2019-09-17T05:24:32.227841abusebot-5.cloudsearch.cf sshd\[32446\]: Invalid user landscape from 106.13.165.13 port 60604	2019-09-17 17:25:01
183.146.209.68	attackspam	Sep 17 08:49:56 cvbnet sshd[1299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.146.209.68 Sep 17 08:49:58 cvbnet sshd[1299]: Failed password for invalid user hyu from 183.146.209.68 port 39521 ssh2	2019-09-17 17:12:35
182.253.186.10	attack	Sep 16 23:03:43 hanapaa sshd\[12971\]: Invalid user eddy from 182.253.186.10 Sep 16 23:03:43 hanapaa sshd\[12971\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.253.186.10 Sep 16 23:03:44 hanapaa sshd\[12971\]: Failed password for invalid user eddy from 182.253.186.10 port 35672 ssh2 Sep 16 23:08:43 hanapaa sshd\[13375\]: Invalid user ubnt from 182.253.186.10 Sep 16 23:08:43 hanapaa sshd\[13375\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.253.186.10	2019-09-17 17:11:35
129.204.141.5	attack	129.204.141.5 - - \[17/Sep/2019:05:34:34 +0200\] "POST /wp-login.php HTTP/1.1" 200 2113 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 129.204.141.5 - - \[17/Sep/2019:05:34:36 +0200\] "POST /wp-login.php HTTP/1.1" 200 2096 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-09-17 17:24:28
188.130.155.83	attack	Port Scan detected from 188.130.155.83 (RU/Russia/-). 4 hits in the last 105 seconds	2019-09-17 17:26:22
41.138.55.94	attackbotsspam	Sep 17 09:10:11 localhost sshd\[7792\]: Invalid user postgres from 41.138.55.94 port 46133 Sep 17 09:10:11 localhost sshd\[7792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.138.55.94 Sep 17 09:10:14 localhost sshd\[7792\]: Failed password for invalid user postgres from 41.138.55.94 port 46133 ssh2 Sep 17 09:15:43 localhost sshd\[7957\]: Invalid user deploy from 41.138.55.94 port 32848 Sep 17 09:15:43 localhost sshd\[7957\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.138.55.94 ...	2019-09-17 17:45:21
202.73.9.76	attackspambots	Sep 17 11:04:39 localhost sshd\[15795\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.73.9.76 user=backup Sep 17 11:04:41 localhost sshd\[15795\]: Failed password for backup from 202.73.9.76 port 36158 ssh2 Sep 17 11:09:12 localhost sshd\[16228\]: Invalid user zabbix from 202.73.9.76 port 47981	2019-09-17 17:28:56
103.203.145.133	attackbotsspam	Automatic report - Port Scan Attack	2019-09-17 17:10:33
222.186.31.144	attackspambots	2019-09-17T08:43:41.509785abusebot-3.cloudsearch.cf sshd\[1733\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.144 user=root	2019-09-17 17:06:39
49.235.88.104	attackbots	Sep 17 05:00:17 xtremcommunity sshd\[174388\]: Invalid user kave from 49.235.88.104 port 46488 Sep 17 05:00:17 xtremcommunity sshd\[174388\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.88.104 Sep 17 05:00:19 xtremcommunity sshd\[174388\]: Failed password for invalid user kave from 49.235.88.104 port 46488 ssh2 Sep 17 05:06:32 xtremcommunity sshd\[174520\]: Invalid user modest from 49.235.88.104 port 37120 Sep 17 05:06:32 xtremcommunity sshd\[174520\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.88.104 ...	2019-09-17 17:17:17
37.59.100.22	attackspambots	Sep 17 06:06:41 ws12vmsma01 sshd[22139]: Invalid user mongod from 37.59.100.22 Sep 17 06:06:43 ws12vmsma01 sshd[22139]: Failed password for invalid user mongod from 37.59.100.22 port 50865 ssh2 Sep 17 06:12:47 ws12vmsma01 sshd[23054]: Invalid user user from 37.59.100.22 ...	2019-09-17 17:21:09

最近上报的IP列表

197.211.61.145	103.242.118.183	106.12.88.95	14.233.32.54
111.236.244.109	61.247.86.121	178.33.148.10	86.206.56.208
49.234.91.122	106.13.39.127	172.106.3.200	156.96.148.73
197.44.186.226	51.159.0.133	84.60.146.130	193.34.69.224
116.102.93.135	92.118.234.234	139.162.192.166	113.140.80.174