106.13.57.117 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	2020-05-26T07:26:20.053841abusebot.cloudsearch.cf sshd[15692]: Invalid user guest from 106.13.57.117 port 41798 2020-05-26T07:26:20.058064abusebot.cloudsearch.cf sshd[15692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.117 2020-05-26T07:26:20.053841abusebot.cloudsearch.cf sshd[15692]: Invalid user guest from 106.13.57.117 port 41798 2020-05-26T07:26:22.213200abusebot.cloudsearch.cf sshd[15692]: Failed password for invalid user guest from 106.13.57.117 port 41798 ssh2 2020-05-26T07:28:33.230466abusebot.cloudsearch.cf sshd[15810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.117 user=root 2020-05-26T07:28:35.977864abusebot.cloudsearch.cf sshd[15810]: Failed password for root from 106.13.57.117 port 42450 ssh2 2020-05-26T07:30:50.080164abusebot.cloudsearch.cf sshd[15936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.117 user=root ...	2020-05-26 19:12:46
attack	$f2bV_matches	2020-05-14 16:56:23
attack	2020-04-16T07:03:08.161647-07:00 suse-nuc sshd[24772]: Invalid user postgres from 106.13.57.117 port 52102 ...	2020-04-17 02:01:07
attackbotsspam	Apr 8 22:34:29 pixelmemory sshd[31345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.117 Apr 8 22:34:30 pixelmemory sshd[31345]: Failed password for invalid user postgres from 106.13.57.117 port 49406 ssh2 Apr 8 22:41:40 pixelmemory sshd[435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.117 ...	2020-04-09 15:17:38

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.57.178	attackspam	1596976400 - 08/09/2020 14:33:20 Host: 106.13.57.178/106.13.57.178 Port: 493 TCP Blocked ...	2020-08-09 21:01:07
106.13.57.178	attackspam	Jun 11 14:48:57 lnxmysql61 sshd[31356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.178 Jun 11 14:48:57 lnxmysql61 sshd[31356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.178	2020-06-12 01:35:28
106.13.57.178	attackspambots	Brute-Force,SSH	2020-06-03 02:20:15
106.13.57.178	attackbotsspam	2020-05-26T17:41:59.854818 sshd[24582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.178 2020-05-26T17:41:59.839931 sshd[24582]: Invalid user test4 from 106.13.57.178 port 38454 2020-05-26T17:42:01.991608 sshd[24582]: Failed password for invalid user test4 from 106.13.57.178 port 38454 ssh2 2020-05-26T19:43:38.438074 sshd[27588]: Invalid user guimond from 106.13.57.178 port 33032 ...	2020-05-27 03:01:57
106.13.57.178	attackbots	odoo8 ...	2020-05-11 06:35:02
106.13.57.55	attackbotsspam	Feb 17 19:05:46 odroid64 sshd\[18640\]: Invalid user test3 from 106.13.57.55 Feb 17 19:05:46 odroid64 sshd\[18640\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.55 ...	2020-02-18 04:16:33
106.13.57.55	attackspambots	5x Failed Password	2020-02-15 20:32:08
106.13.57.55	attack	Lines containing failures of 106.13.57.55 Feb 5 06:28:36 shared01 sshd[7604]: Invalid user ericmar from 106.13.57.55 port 41862 Feb 5 06:28:36 shared01 sshd[7604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.55 Feb 5 06:28:38 shared01 sshd[7604]: Failed password for invalid user ericmar from 106.13.57.55 port 41862 ssh2 Feb 5 06:28:38 shared01 sshd[7604]: Received disconnect from 106.13.57.55 port 41862:11: Bye Bye [preauth] Feb 5 06:28:38 shared01 sshd[7604]: Disconnected from invalid user ericmar 106.13.57.55 port 41862 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.13.57.55	2020-02-07 09:54:47
106.13.57.239	attack	Unauthorized connection attempt detected from IP address 106.13.57.239 to port 2220 [J]	2020-01-07 16:07:43
106.13.57.239	attackspambots	2019-12-20T01:21:56.731078ns547587 sshd\[7233\]: Invalid user versace from 106.13.57.239 port 38360 2019-12-20T01:21:56.736615ns547587 sshd\[7233\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.239 2019-12-20T01:21:58.762027ns547587 sshd\[7233\]: Failed password for invalid user versace from 106.13.57.239 port 38360 ssh2 2019-12-20T01:29:31.305687ns547587 sshd\[18810\]: Invalid user helen from 106.13.57.239 port 58390 ...	2019-12-20 15:44:15
106.13.57.216	attack	2019-12-11T08:30:07.126703abusebot-2.cloudsearch.cf sshd\[18727\]: Invalid user ignagni from 106.13.57.216 port 45680	2019-12-11 20:10:51
106.13.57.178	attackbots	Dec 4 23:26:33 tdfoods sshd\[21489\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.178 user=root Dec 4 23:26:34 tdfoods sshd\[21489\]: Failed password for root from 106.13.57.178 port 38500 ssh2 Dec 4 23:34:16 tdfoods sshd\[22215\]: Invalid user clegg from 106.13.57.178 Dec 4 23:34:16 tdfoods sshd\[22215\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.178 Dec 4 23:34:19 tdfoods sshd\[22215\]: Failed password for invalid user clegg from 106.13.57.178 port 39848 ssh2	2019-12-05 17:38:48
106.13.57.239	attackspambots	Dec 4 18:00:21 mail sshd\[8224\]: Invalid user lk from 106.13.57.239 Dec 4 18:00:21 mail sshd\[8224\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.239 Dec 4 18:00:23 mail sshd\[8224\]: Failed password for invalid user lk from 106.13.57.239 port 54988 ssh2 ...	2019-12-05 01:50:39
106.13.57.239	attackspambots	Nov 29 17:49:13 server sshd\[25958\]: Invalid user hihath from 106.13.57.239 port 44980 Nov 29 17:49:13 server sshd\[25958\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.239 Nov 29 17:49:15 server sshd\[25958\]: Failed password for invalid user hihath from 106.13.57.239 port 44980 ssh2 Nov 29 17:52:59 server sshd\[27158\]: Invalid user mesavage from 106.13.57.239 port 43146 Nov 29 17:52:59 server sshd\[27158\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.239	2019-11-29 23:59:44
106.13.57.239	attackbots	Nov 29 09:22:13 server sshd\[27021\]: Invalid user f090 from 106.13.57.239 Nov 29 09:22:13 server sshd\[27021\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.239 Nov 29 09:22:15 server sshd\[27021\]: Failed password for invalid user f090 from 106.13.57.239 port 52722 ssh2 Nov 29 09:29:20 server sshd\[28616\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.239 user=root Nov 29 09:29:22 server sshd\[28616\]: Failed password for root from 106.13.57.239 port 58108 ssh2 ...	2019-11-29 15:28:33

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.57.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57418
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.57.117.			IN	A

;; AUTHORITY SECTION:
.			467	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040900 1800 900 604800 86400

;; Query time: 128 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 09 15:17:31 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 117.57.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 117.57.13.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
183.89.215.70	attack	B: Magento admin pass test (wrong country)	2020-03-12 05:07:37
106.13.239.128	attackspam	suspicious action Wed, 11 Mar 2020 16:17:05 -0300	2020-03-12 05:13:12
189.223.214.13	attack	port scan and connect, tcp 81 (hosts2-ns)	2020-03-12 04:57:18
114.67.69.206	attackspam	Mar 11 20:53:08 vps647732 sshd[15665]: Failed password for root from 114.67.69.206 port 48930 ssh2 ...	2020-03-12 04:59:52
37.59.224.39	attackspambots	SSH Brute-Force Attack	2020-03-12 05:25:40
139.198.124.14	attackspam	Mar 11 20:09:48 mail sshd[24213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.124.14 user=root Mar 11 20:09:50 mail sshd[24213]: Failed password for root from 139.198.124.14 port 48230 ssh2 Mar 11 20:14:49 mail sshd[24901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.124.14 user=root Mar 11 20:14:52 mail sshd[24901]: Failed password for root from 139.198.124.14 port 45354 ssh2 Mar 11 20:16:47 mail sshd[25158]: Invalid user guest from 139.198.124.14 ...	2020-03-12 05:24:40
223.71.167.164	attack	11.03.2020 20:58:18 Connection to port 4500 blocked by firewall	2020-03-12 05:08:41
202.168.71.146	attack	Mar 11 19:36:16 *** sshd[25585]: User root from 202.168.71.146 not allowed because not listed in AllowUsers	2020-03-12 05:07:19
206.189.139.179	attackspam	Mar 11 21:34:53 ns381471 sshd[19768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.139.179 Mar 11 21:34:55 ns381471 sshd[19768]: Failed password for invalid user sysadmin from 206.189.139.179 port 56860 ssh2	2020-03-12 04:55:21
212.164.228.99	attackbots	suspicious action Wed, 11 Mar 2020 16:17:37 -0300	2020-03-12 04:53:35
92.63.194.104	attackbotsspam	Mar 11 18:12:18 firewall sshd[23032]: Invalid user admin from 92.63.194.104 Mar 11 18:12:20 firewall sshd[23032]: Failed password for invalid user admin from 92.63.194.104 port 36335 ssh2 Mar 11 18:12:43 firewall sshd[23050]: Invalid user test from 92.63.194.104 ...	2020-03-12 05:12:58
101.26.253.3	attackspam	$f2bV_matches	2020-03-12 05:13:35
158.46.185.155	attackbotsspam	Chat Spam	2020-03-12 05:29:15
149.255.118.187	attackbotsspam	Unauthorized connection attempt detected from IP address 149.255.118.187 to port 445	2020-03-12 05:24:07
203.212.25.152	attack	/setup.cgi%3Fnext_file=netgear.cfg%26todo=syscmd%26cmd=busybox%26curpath=/%26currentsetting.htm=1	2020-03-12 05:11:36

最近上报的IP列表

88.136.248.117	168.109.119.112	152.247.171.24	81.59.218.151
115.76.32.57	14.18.53.156	162.209.246.125	23.108.48.155
23.104.184.173	207.244.119.5	103.76.201.118	173.234.48.67
193.112.102.52	111.229.102.53	188.163.104.88	121.159.252.232
117.68.197.143	85.209.0.246	13.91.64.21	39.154.10.87