106.13.106.27 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-08-18 08:22:30
attack	SSH / Telnet Brute Force Attempts on Honeypot	2020-06-25 08:22:58
attackbotsspam	Invalid user ts3bot3 from 106.13.106.27 port 48846	2020-06-11 03:06:56
attackbotsspam	Bruteforce detected by fail2ban	2020-05-31 16:22:38
attackspambots	May 22 06:52:58 srv-ubuntu-dev3 sshd[118326]: Invalid user xsh from 106.13.106.27 May 22 06:52:58 srv-ubuntu-dev3 sshd[118326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.27 May 22 06:52:58 srv-ubuntu-dev3 sshd[118326]: Invalid user xsh from 106.13.106.27 May 22 06:52:59 srv-ubuntu-dev3 sshd[118326]: Failed password for invalid user xsh from 106.13.106.27 port 52630 ssh2 May 22 06:55:37 srv-ubuntu-dev3 sshd[118837]: Invalid user ekp from 106.13.106.27 May 22 06:55:37 srv-ubuntu-dev3 sshd[118837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.27 May 22 06:55:37 srv-ubuntu-dev3 sshd[118837]: Invalid user ekp from 106.13.106.27 May 22 06:55:39 srv-ubuntu-dev3 sshd[118837]: Failed password for invalid user ekp from 106.13.106.27 port 58824 ssh2 May 22 06:58:20 srv-ubuntu-dev3 sshd[119331]: Invalid user frz from 106.13.106.27 ...	2020-05-22 16:59:45
attackbotsspam	Invalid user hadoop	2020-04-22 02:38:19
attackspambots	Invalid user ws from 106.13.106.27 port 51056	2020-04-20 21:45:49
attackspambots	Apr 17 02:10:34 mout sshd[9149]: Invalid user gr from 106.13.106.27 port 57220	2020-04-17 08:26:06
attack	$f2bV_matches	2020-04-08 09:15:56
attackspam	ssh intrusion attempt	2020-04-07 21:53:39
attack	2020-03-29T22:28:02.751021abusebot-7.cloudsearch.cf sshd[27061]: Invalid user dii from 106.13.106.27 port 44854 2020-03-29T22:28:02.755615abusebot-7.cloudsearch.cf sshd[27061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.27 2020-03-29T22:28:02.751021abusebot-7.cloudsearch.cf sshd[27061]: Invalid user dii from 106.13.106.27 port 44854 2020-03-29T22:28:05.026292abusebot-7.cloudsearch.cf sshd[27061]: Failed password for invalid user dii from 106.13.106.27 port 44854 ssh2 2020-03-29T22:35:48.079564abusebot-7.cloudsearch.cf sshd[27684]: Invalid user ias from 106.13.106.27 port 41992 2020-03-29T22:35:48.083201abusebot-7.cloudsearch.cf sshd[27684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.27 2020-03-29T22:35:48.079564abusebot-7.cloudsearch.cf sshd[27684]: Invalid user ias from 106.13.106.27 port 41992 2020-03-29T22:35:49.325381abusebot-7.cloudsearch.cf sshd[27684]: Failed password ...	2020-03-30 08:20:49

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.106.251	attack	$f2bV_matches	2020-03-24 00:57:53
106.13.106.46	attackbots	5x Failed Password	2020-03-19 19:37:07
106.13.106.46	attackbots	Mar 18 04:49:06 mout sshd[32451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 user=root Mar 18 04:49:09 mout sshd[32451]: Failed password for root from 106.13.106.46 port 52210 ssh2 Mar 18 04:52:38 mout sshd[32661]: Connection closed by 106.13.106.46 port 37206 [preauth]	2020-03-18 14:42:32
106.13.106.251	attackbotsspam	$f2bV_matches	2020-03-18 13:16:04
106.13.106.46	attackspam	Mar 13 22:15:49 ArkNodeAT sshd\[16464\]: Invalid user lrmagento from 106.13.106.46 Mar 13 22:15:49 ArkNodeAT sshd\[16464\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 Mar 13 22:15:50 ArkNodeAT sshd\[16464\]: Failed password for invalid user lrmagento from 106.13.106.46 port 54056 ssh2	2020-03-14 06:37:29
106.13.106.46	attackbotsspam	ssh brute force	2020-02-25 13:21:25
106.13.106.46	attack	Feb 21 17:15:12 lukav-desktop sshd\[25602\]: Invalid user user from 106.13.106.46 Feb 21 17:15:12 lukav-desktop sshd\[25602\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 Feb 21 17:15:14 lukav-desktop sshd\[25602\]: Failed password for invalid user user from 106.13.106.46 port 47528 ssh2 Feb 21 17:18:15 lukav-desktop sshd\[25615\]: Invalid user admin from 106.13.106.46 Feb 21 17:18:15 lukav-desktop sshd\[25615\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46	2020-02-22 05:10:21
106.13.106.46	attack	2020-02-15T13:49:25.671382homeassistant sshd[32614]: Invalid user amanda from 106.13.106.46 port 56310 2020-02-15T13:49:25.678329homeassistant sshd[32614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 ...	2020-02-16 03:34:17
106.13.106.46	attack	Feb 11 06:03:23 hpm sshd\[8187\]: Invalid user nfr from 106.13.106.46 Feb 11 06:03:23 hpm sshd\[8187\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 Feb 11 06:03:25 hpm sshd\[8187\]: Failed password for invalid user nfr from 106.13.106.46 port 49452 ssh2 Feb 11 06:07:59 hpm sshd\[8707\]: Invalid user hby from 106.13.106.46 Feb 11 06:07:59 hpm sshd\[8707\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46	2020-02-12 04:19:09
106.13.106.46	attack	Dec 18 02:10:46 vtv3 sshd[17318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 Dec 18 02:10:48 vtv3 sshd[17318]: Failed password for invalid user ts3 from 106.13.106.46 port 57042 ssh2 Dec 18 02:23:27 vtv3 sshd[23031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 Dec 18 02:23:29 vtv3 sshd[23031]: Failed password for invalid user ident from 106.13.106.46 port 34560 ssh2 Dec 18 02:30:19 vtv3 sshd[26788]: Failed password for root from 106.13.106.46 port 37732 ssh2 Dec 18 02:44:00 vtv3 sshd[835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 Dec 18 02:44:02 vtv3 sshd[835]: Failed password for invalid user valerie from 106.13.106.46 port 43310 ssh2 Dec 18 02:50:06 vtv3 sshd[3834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 Dec 18 03:03:20 vtv3 sshd[9982]: pam_unix(sshd:auth): authentic	2020-01-15 21:44:57
106.13.106.46	attack	SSH invalid-user multiple login attempts	2019-12-20 03:02:03
106.13.106.46	attack	Dec 17 20:22:18 php1 sshd\[12339\]: Invalid user amarilis from 106.13.106.46 Dec 17 20:22:18 php1 sshd\[12339\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 Dec 17 20:22:20 php1 sshd\[12339\]: Failed password for invalid user amarilis from 106.13.106.46 port 36702 ssh2 Dec 17 20:30:12 php1 sshd\[13472\]: Invalid user \~!@\#\$% from 106.13.106.46 Dec 17 20:30:12 php1 sshd\[13472\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46	2019-12-18 14:59:02
106.13.106.46	attackbotsspam	F2B jail: sshd. Time: 2019-12-10 19:37:20, Reported by: VKReport	2019-12-11 02:39:23
106.13.106.46	attackbotsspam	Dec 8 03:21:59 server sshd\[7531\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 user=root Dec 8 03:22:01 server sshd\[7531\]: Failed password for root from 106.13.106.46 port 54178 ssh2 Dec 8 03:38:25 server sshd\[12528\]: Invalid user blh from 106.13.106.46 Dec 8 03:38:25 server sshd\[12528\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 Dec 8 03:38:27 server sshd\[12528\]: Failed password for invalid user blh from 106.13.106.46 port 39044 ssh2 ...	2019-12-08 09:15:50
106.13.106.46	attack	Dec 7 07:37:13 jane sshd[30181]: Failed password for root from 106.13.106.46 port 57902 ssh2 ...	2019-12-07 14:49:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.106.27
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38306
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.106.27.			IN	A

;; AUTHORITY SECTION:
.			180	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022701 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 28 07:53:57 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 27.106.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 27.106.13.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
150.109.203.239	attackbotsspam	32780/udp 179/tcp 540/tcp... [2019-09-06/10-24]13pkt,9pt.(tcp),3pt.(udp)	2019-10-24 12:32:31
198.108.67.54	attackspambots	2053/tcp 8878/tcp 90/tcp... [2019-08-24/10-23]106pkt,103pt.(tcp)	2019-10-24 12:15:59
112.171.248.197	attack	Oct 24 05:55:09 MK-Soft-VM6 sshd[3169]: Failed password for root from 112.171.248.197 port 43634 ssh2 Oct 24 05:55:12 MK-Soft-VM6 sshd[3169]: Failed password for root from 112.171.248.197 port 43634 ssh2 ...	2019-10-24 12:42:22
119.29.242.84	attack	Oct 24 06:15:57 localhost sshd\[1469\]: Invalid user ntadmin123 from 119.29.242.84 port 45218 Oct 24 06:15:57 localhost sshd\[1469\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.242.84 Oct 24 06:15:59 localhost sshd\[1469\]: Failed password for invalid user ntadmin123 from 119.29.242.84 port 45218 ssh2	2019-10-24 12:18:56
62.164.176.194	attack	WordPress XMLRPC scan :: 62.164.176.194 0.140 BYPASS [24/Oct/2019:14:55:47 1100] [censored_1] "POST /xmlrpc.php HTTP/1.1" 200 413 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-24 12:16:29
51.77.140.244	attack	Oct 24 03:55:40 sshgateway sshd\[8286\]: Invalid user ipcheck from 51.77.140.244 Oct 24 03:55:40 sshgateway sshd\[8286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.244 Oct 24 03:55:42 sshgateway sshd\[8286\]: Failed password for invalid user ipcheck from 51.77.140.244 port 49708 ssh2	2019-10-24 12:18:06
27.147.217.194	attackspambots	postfix (unknown user, SPF fail or relay access denied)	2019-10-24 12:34:04
163.172.61.214	attack	Oct 24 10:51:54 webhost01 sshd[2672]: Failed password for root from 163.172.61.214 port 51446 ssh2 ...	2019-10-24 12:27:51
196.219.188.195	attackspam	Unauthorised access (Oct 24) SRC=196.219.188.195 LEN=48 TOS=0x10 PREC=0x40 TTL=111 ID=9377 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-24 12:38:33
218.19.138.46	attack	Oct 24 06:26:58 mout sshd[21934]: Invalid user par0t from 218.19.138.46 port 28005	2019-10-24 12:40:54
210.212.69.226	attack	Chat Spam	2019-10-24 12:15:27
106.12.220.218	attackspambots	Oct 24 05:50:08 meumeu sshd[1143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.220.218 Oct 24 05:50:10 meumeu sshd[1143]: Failed password for invalid user apache from 106.12.220.218 port 60442 ssh2 Oct 24 05:55:39 meumeu sshd[1873]: Failed password for root from 106.12.220.218 port 40730 ssh2 ...	2019-10-24 12:24:19
169.197.112.102	attackspambots	Oct 24 03:55:42 thevastnessof sshd[3089]: Failed password for root from 169.197.112.102 port 60398 ssh2 ...	2019-10-24 12:22:00
185.176.27.118	attackspam	10/24/2019-00:46:19.481495 185.176.27.118 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-24 12:48:10
62.210.177.9	attackbotsspam	33560/udp 44560/udp 65476/udp... [2019-10-15/24]24pkt,8pt.(udp)	2019-10-24 12:28:56

最近上报的IP列表

91.92.156.110	223.97.194.55	51.77.144.37	46.29.163.22
223.97.185.15	167.86.124.67	116.49.95.198	223.97.184.178
223.97.177.41	124.253.171.77	18.218.119.183	177.128.74.213
181.171.43.234	223.8.192.196	223.79.77.53	101.86.165.36
187.63.60.105	181.214.165.207	71.172.58.76	37.187.21.81