106.13.57.117 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	2020-05-26T07:26:20.053841abusebot.cloudsearch.cf sshd[15692]: Invalid user guest from 106.13.57.117 port 41798 2020-05-26T07:26:20.058064abusebot.cloudsearch.cf sshd[15692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.117 2020-05-26T07:26:20.053841abusebot.cloudsearch.cf sshd[15692]: Invalid user guest from 106.13.57.117 port 41798 2020-05-26T07:26:22.213200abusebot.cloudsearch.cf sshd[15692]: Failed password for invalid user guest from 106.13.57.117 port 41798 ssh2 2020-05-26T07:28:33.230466abusebot.cloudsearch.cf sshd[15810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.117 user=root 2020-05-26T07:28:35.977864abusebot.cloudsearch.cf sshd[15810]: Failed password for root from 106.13.57.117 port 42450 ssh2 2020-05-26T07:30:50.080164abusebot.cloudsearch.cf sshd[15936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.117 user=root ...	2020-05-26 19:12:46
attack	$f2bV_matches	2020-05-14 16:56:23
attack	2020-04-16T07:03:08.161647-07:00 suse-nuc sshd[24772]: Invalid user postgres from 106.13.57.117 port 52102 ...	2020-04-17 02:01:07
attackbotsspam	Apr 8 22:34:29 pixelmemory sshd[31345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.117 Apr 8 22:34:30 pixelmemory sshd[31345]: Failed password for invalid user postgres from 106.13.57.117 port 49406 ssh2 Apr 8 22:41:40 pixelmemory sshd[435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.117 ...	2020-04-09 15:17:38

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.57.178	attackspam	1596976400 - 08/09/2020 14:33:20 Host: 106.13.57.178/106.13.57.178 Port: 493 TCP Blocked ...	2020-08-09 21:01:07
106.13.57.178	attackspam	Jun 11 14:48:57 lnxmysql61 sshd[31356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.178 Jun 11 14:48:57 lnxmysql61 sshd[31356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.178	2020-06-12 01:35:28
106.13.57.178	attackspambots	Brute-Force,SSH	2020-06-03 02:20:15
106.13.57.178	attackbotsspam	2020-05-26T17:41:59.854818 sshd[24582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.178 2020-05-26T17:41:59.839931 sshd[24582]: Invalid user test4 from 106.13.57.178 port 38454 2020-05-26T17:42:01.991608 sshd[24582]: Failed password for invalid user test4 from 106.13.57.178 port 38454 ssh2 2020-05-26T19:43:38.438074 sshd[27588]: Invalid user guimond from 106.13.57.178 port 33032 ...	2020-05-27 03:01:57
106.13.57.178	attackbots	odoo8 ...	2020-05-11 06:35:02
106.13.57.55	attackbotsspam	Feb 17 19:05:46 odroid64 sshd\[18640\]: Invalid user test3 from 106.13.57.55 Feb 17 19:05:46 odroid64 sshd\[18640\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.55 ...	2020-02-18 04:16:33
106.13.57.55	attackspambots	5x Failed Password	2020-02-15 20:32:08
106.13.57.55	attack	Lines containing failures of 106.13.57.55 Feb 5 06:28:36 shared01 sshd[7604]: Invalid user ericmar from 106.13.57.55 port 41862 Feb 5 06:28:36 shared01 sshd[7604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.55 Feb 5 06:28:38 shared01 sshd[7604]: Failed password for invalid user ericmar from 106.13.57.55 port 41862 ssh2 Feb 5 06:28:38 shared01 sshd[7604]: Received disconnect from 106.13.57.55 port 41862:11: Bye Bye [preauth] Feb 5 06:28:38 shared01 sshd[7604]: Disconnected from invalid user ericmar 106.13.57.55 port 41862 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.13.57.55	2020-02-07 09:54:47
106.13.57.239	attack	Unauthorized connection attempt detected from IP address 106.13.57.239 to port 2220 [J]	2020-01-07 16:07:43
106.13.57.239	attackspambots	2019-12-20T01:21:56.731078ns547587 sshd\[7233\]: Invalid user versace from 106.13.57.239 port 38360 2019-12-20T01:21:56.736615ns547587 sshd\[7233\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.239 2019-12-20T01:21:58.762027ns547587 sshd\[7233\]: Failed password for invalid user versace from 106.13.57.239 port 38360 ssh2 2019-12-20T01:29:31.305687ns547587 sshd\[18810\]: Invalid user helen from 106.13.57.239 port 58390 ...	2019-12-20 15:44:15
106.13.57.216	attack	2019-12-11T08:30:07.126703abusebot-2.cloudsearch.cf sshd\[18727\]: Invalid user ignagni from 106.13.57.216 port 45680	2019-12-11 20:10:51
106.13.57.178	attackbots	Dec 4 23:26:33 tdfoods sshd\[21489\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.178 user=root Dec 4 23:26:34 tdfoods sshd\[21489\]: Failed password for root from 106.13.57.178 port 38500 ssh2 Dec 4 23:34:16 tdfoods sshd\[22215\]: Invalid user clegg from 106.13.57.178 Dec 4 23:34:16 tdfoods sshd\[22215\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.178 Dec 4 23:34:19 tdfoods sshd\[22215\]: Failed password for invalid user clegg from 106.13.57.178 port 39848 ssh2	2019-12-05 17:38:48
106.13.57.239	attackspambots	Dec 4 18:00:21 mail sshd\[8224\]: Invalid user lk from 106.13.57.239 Dec 4 18:00:21 mail sshd\[8224\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.239 Dec 4 18:00:23 mail sshd\[8224\]: Failed password for invalid user lk from 106.13.57.239 port 54988 ssh2 ...	2019-12-05 01:50:39
106.13.57.239	attackspambots	Nov 29 17:49:13 server sshd\[25958\]: Invalid user hihath from 106.13.57.239 port 44980 Nov 29 17:49:13 server sshd\[25958\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.239 Nov 29 17:49:15 server sshd\[25958\]: Failed password for invalid user hihath from 106.13.57.239 port 44980 ssh2 Nov 29 17:52:59 server sshd\[27158\]: Invalid user mesavage from 106.13.57.239 port 43146 Nov 29 17:52:59 server sshd\[27158\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.239	2019-11-29 23:59:44
106.13.57.239	attackbots	Nov 29 09:22:13 server sshd\[27021\]: Invalid user f090 from 106.13.57.239 Nov 29 09:22:13 server sshd\[27021\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.239 Nov 29 09:22:15 server sshd\[27021\]: Failed password for invalid user f090 from 106.13.57.239 port 52722 ssh2 Nov 29 09:29:20 server sshd\[28616\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.239 user=root Nov 29 09:29:22 server sshd\[28616\]: Failed password for root from 106.13.57.239 port 58108 ssh2 ...	2019-11-29 15:28:33

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.57.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57418
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.57.117.			IN	A

;; AUTHORITY SECTION:
.			467	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040900 1800 900 604800 86400

;; Query time: 128 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 09 15:17:31 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 117.57.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 117.57.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
143.215.172.81	attackbotsspam	Port scan on 1 port(s): 53	2019-07-11 18:06:28
102.165.35.92	attack	Lines containing failures of 102.165.35.92 Jul 10 21:08:05 hvs sshd[25757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.165.35.92 user=r.r Jul 10 21:08:08 hvs sshd[25757]: Failed password for r.r from 102.165.35.92 port 1104 ssh2 Jul 10 21:08:17 hvs sshd[25757]: Failed password for r.r from 102.165.35.92 port 1104 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=102.165.35.92	2019-07-11 18:37:33
83.15.183.138	attackbots	Jul 11 06:23:01 legacy sshd[28574]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.15.183.138 Jul 11 06:23:02 legacy sshd[28574]: Failed password for invalid user stack from 83.15.183.138 port 15557 ssh2 Jul 11 06:26:31 legacy sshd[28724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.15.183.138 ...	2019-07-11 18:16:38
206.189.197.48	attackspam	Jul 11 12:01:29 MK-Soft-Root1 sshd\[30645\]: Invalid user jboss from 206.189.197.48 port 40344 Jul 11 12:01:29 MK-Soft-Root1 sshd\[30645\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.197.48 Jul 11 12:01:31 MK-Soft-Root1 sshd\[30645\]: Failed password for invalid user jboss from 206.189.197.48 port 40344 ssh2 ...	2019-07-11 18:19:55
176.58.127.68	attackspam	Honeypot attack, port: 139, PTR: li559-68.members.linode.com.	2019-07-11 18:21:17
134.209.214.245	attackbotsspam	Jul 5 04:30:37 localhost postfix/smtpd[13391]: lost connection after eclipseT from unknown[134.209.214.245] Jul x@x Jul 5 04:30:37 localhost postfix/smtpd[13392]: lost connection after eclipseT from unknown[134.209.214.245] Jul 5 04:53:26 localhost postfix/smtpd[19374]: lost connection after eclipseT from unknown[134.209.214.245] Jul x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=134.209.214.245	2019-07-11 18:18:20
222.102.232.189	attack	Unauthorised access (Jul 11) SRC=222.102.232.189 LEN=40 TTL=51 ID=48583 TCP DPT=8080 WINDOW=58320 SYN Unauthorised access (Jul 10) SRC=222.102.232.189 LEN=40 TTL=48 ID=26614 TCP DPT=8080 WINDOW=65226 SYN Unauthorised access (Jul 10) SRC=222.102.232.189 LEN=40 TTL=48 ID=1945 TCP DPT=8080 WINDOW=65226 SYN Unauthorised access (Jul 9) SRC=222.102.232.189 LEN=40 TTL=51 ID=33222 TCP DPT=8080 WINDOW=65226 SYN Unauthorised access (Jul 8) SRC=222.102.232.189 LEN=40 TTL=51 ID=45403 TCP DPT=8080 WINDOW=65226 SYN	2019-07-11 18:34:02
74.220.209.254	attack	[dmarc report from google.com]	2019-07-11 17:58:12
175.161.59.56	attackbotsspam	Caught in portsentry honeypot	2019-07-11 18:28:19
172.69.33.117	attackbots	172.69.33.117 - - [11/Jul/2019:10:48:22 +0700] "GET /ads.txt HTTP/1.1" 404 2837 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"	2019-07-11 17:53:08
92.118.160.37	attackspambots	138/tcp 5907/tcp 2222/tcp... [2019-05-16/07-10]130pkt,63pt.(tcp),7pt.(udp)	2019-07-11 17:57:02
173.255.205.62	attack	Port scan: Attack repeated for 24 hours	2019-07-11 17:51:28
201.6.98.14	attack	Jul 9 21:52:50 server sshd[7582]: reveeclipse mapping checking getaddrinfo for c906620e.virtua.com.br [201.6.98.14] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 9 21:52:52 server sshd[7582]: Failed password for invalid user zb from 201.6.98.14 port 1629 ssh2 Jul 9 21:52:57 server sshd[7582]: Received disconnect from 201.6.98.14: 11: Bye Bye [preauth] Jul 9 21:56:34 server sshd[7800]: reveeclipse mapping checking getaddrinfo for c906620e.virtua.com.br [201.6.98.14] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 9 21:56:34 server sshd[7800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.6.98.14 user=r.r Jul 9 21:56:36 server sshd[7800]: Failed password for r.r from 201.6.98.14 port 6805 ssh2 Jul 9 21:56:36 server sshd[7800]: Received disconnect from 201.6.98.14: 11: Bye Bye [preauth] Jul 9 21:58:51 server sshd[7943]: reveeclipse mapping checking getaddrinfo for c906620e.virtua.com.br [201.6.98.14] failed - POSSIBLE BREAK-IN ATTEM........ -------------------------------	2019-07-11 18:01:16
34.87.119.20	attackbotsspam	Invalid user src from 34.87.119.20 port 42020	2019-07-11 18:36:33
77.247.110.203	attackbotsspam	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-07-11 18:08:23

最近上报的IP列表

88.136.248.117	168.109.119.112	152.247.171.24	81.59.218.151
115.76.32.57	14.18.53.156	162.209.246.125	23.108.48.155
23.104.184.173	207.244.119.5	103.76.201.118	173.234.48.67
193.112.102.52	111.229.102.53	188.163.104.88	121.159.252.232
117.68.197.143	85.209.0.246	13.91.64.21	39.154.10.87