106.13.106.27 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-08-18 08:22:30
attack	SSH / Telnet Brute Force Attempts on Honeypot	2020-06-25 08:22:58
attackbotsspam	Invalid user ts3bot3 from 106.13.106.27 port 48846	2020-06-11 03:06:56
attackbotsspam	Bruteforce detected by fail2ban	2020-05-31 16:22:38
attackspambots	May 22 06:52:58 srv-ubuntu-dev3 sshd[118326]: Invalid user xsh from 106.13.106.27 May 22 06:52:58 srv-ubuntu-dev3 sshd[118326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.27 May 22 06:52:58 srv-ubuntu-dev3 sshd[118326]: Invalid user xsh from 106.13.106.27 May 22 06:52:59 srv-ubuntu-dev3 sshd[118326]: Failed password for invalid user xsh from 106.13.106.27 port 52630 ssh2 May 22 06:55:37 srv-ubuntu-dev3 sshd[118837]: Invalid user ekp from 106.13.106.27 May 22 06:55:37 srv-ubuntu-dev3 sshd[118837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.27 May 22 06:55:37 srv-ubuntu-dev3 sshd[118837]: Invalid user ekp from 106.13.106.27 May 22 06:55:39 srv-ubuntu-dev3 sshd[118837]: Failed password for invalid user ekp from 106.13.106.27 port 58824 ssh2 May 22 06:58:20 srv-ubuntu-dev3 sshd[119331]: Invalid user frz from 106.13.106.27 ...	2020-05-22 16:59:45
attackbotsspam	Invalid user hadoop	2020-04-22 02:38:19
attackspambots	Invalid user ws from 106.13.106.27 port 51056	2020-04-20 21:45:49
attackspambots	Apr 17 02:10:34 mout sshd[9149]: Invalid user gr from 106.13.106.27 port 57220	2020-04-17 08:26:06
attack	$f2bV_matches	2020-04-08 09:15:56
attackspam	ssh intrusion attempt	2020-04-07 21:53:39
attack	2020-03-29T22:28:02.751021abusebot-7.cloudsearch.cf sshd[27061]: Invalid user dii from 106.13.106.27 port 44854 2020-03-29T22:28:02.755615abusebot-7.cloudsearch.cf sshd[27061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.27 2020-03-29T22:28:02.751021abusebot-7.cloudsearch.cf sshd[27061]: Invalid user dii from 106.13.106.27 port 44854 2020-03-29T22:28:05.026292abusebot-7.cloudsearch.cf sshd[27061]: Failed password for invalid user dii from 106.13.106.27 port 44854 ssh2 2020-03-29T22:35:48.079564abusebot-7.cloudsearch.cf sshd[27684]: Invalid user ias from 106.13.106.27 port 41992 2020-03-29T22:35:48.083201abusebot-7.cloudsearch.cf sshd[27684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.27 2020-03-29T22:35:48.079564abusebot-7.cloudsearch.cf sshd[27684]: Invalid user ias from 106.13.106.27 port 41992 2020-03-29T22:35:49.325381abusebot-7.cloudsearch.cf sshd[27684]: Failed password ...	2020-03-30 08:20:49

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.106.251	attack	$f2bV_matches	2020-03-24 00:57:53
106.13.106.46	attackbots	5x Failed Password	2020-03-19 19:37:07
106.13.106.46	attackbots	Mar 18 04:49:06 mout sshd[32451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 user=root Mar 18 04:49:09 mout sshd[32451]: Failed password for root from 106.13.106.46 port 52210 ssh2 Mar 18 04:52:38 mout sshd[32661]: Connection closed by 106.13.106.46 port 37206 [preauth]	2020-03-18 14:42:32
106.13.106.251	attackbotsspam	$f2bV_matches	2020-03-18 13:16:04
106.13.106.46	attackspam	Mar 13 22:15:49 ArkNodeAT sshd\[16464\]: Invalid user lrmagento from 106.13.106.46 Mar 13 22:15:49 ArkNodeAT sshd\[16464\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 Mar 13 22:15:50 ArkNodeAT sshd\[16464\]: Failed password for invalid user lrmagento from 106.13.106.46 port 54056 ssh2	2020-03-14 06:37:29
106.13.106.46	attackbotsspam	ssh brute force	2020-02-25 13:21:25
106.13.106.46	attack	Feb 21 17:15:12 lukav-desktop sshd\[25602\]: Invalid user user from 106.13.106.46 Feb 21 17:15:12 lukav-desktop sshd\[25602\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 Feb 21 17:15:14 lukav-desktop sshd\[25602\]: Failed password for invalid user user from 106.13.106.46 port 47528 ssh2 Feb 21 17:18:15 lukav-desktop sshd\[25615\]: Invalid user admin from 106.13.106.46 Feb 21 17:18:15 lukav-desktop sshd\[25615\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46	2020-02-22 05:10:21
106.13.106.46	attack	2020-02-15T13:49:25.671382homeassistant sshd[32614]: Invalid user amanda from 106.13.106.46 port 56310 2020-02-15T13:49:25.678329homeassistant sshd[32614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 ...	2020-02-16 03:34:17
106.13.106.46	attack	Feb 11 06:03:23 hpm sshd\[8187\]: Invalid user nfr from 106.13.106.46 Feb 11 06:03:23 hpm sshd\[8187\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 Feb 11 06:03:25 hpm sshd\[8187\]: Failed password for invalid user nfr from 106.13.106.46 port 49452 ssh2 Feb 11 06:07:59 hpm sshd\[8707\]: Invalid user hby from 106.13.106.46 Feb 11 06:07:59 hpm sshd\[8707\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46	2020-02-12 04:19:09
106.13.106.46	attack	Dec 18 02:10:46 vtv3 sshd[17318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 Dec 18 02:10:48 vtv3 sshd[17318]: Failed password for invalid user ts3 from 106.13.106.46 port 57042 ssh2 Dec 18 02:23:27 vtv3 sshd[23031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 Dec 18 02:23:29 vtv3 sshd[23031]: Failed password for invalid user ident from 106.13.106.46 port 34560 ssh2 Dec 18 02:30:19 vtv3 sshd[26788]: Failed password for root from 106.13.106.46 port 37732 ssh2 Dec 18 02:44:00 vtv3 sshd[835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 Dec 18 02:44:02 vtv3 sshd[835]: Failed password for invalid user valerie from 106.13.106.46 port 43310 ssh2 Dec 18 02:50:06 vtv3 sshd[3834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 Dec 18 03:03:20 vtv3 sshd[9982]: pam_unix(sshd:auth): authentic	2020-01-15 21:44:57
106.13.106.46	attack	SSH invalid-user multiple login attempts	2019-12-20 03:02:03
106.13.106.46	attack	Dec 17 20:22:18 php1 sshd\[12339\]: Invalid user amarilis from 106.13.106.46 Dec 17 20:22:18 php1 sshd\[12339\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 Dec 17 20:22:20 php1 sshd\[12339\]: Failed password for invalid user amarilis from 106.13.106.46 port 36702 ssh2 Dec 17 20:30:12 php1 sshd\[13472\]: Invalid user \~!@\#\$% from 106.13.106.46 Dec 17 20:30:12 php1 sshd\[13472\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46	2019-12-18 14:59:02
106.13.106.46	attackbotsspam	F2B jail: sshd. Time: 2019-12-10 19:37:20, Reported by: VKReport	2019-12-11 02:39:23
106.13.106.46	attackbotsspam	Dec 8 03:21:59 server sshd\[7531\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 user=root Dec 8 03:22:01 server sshd\[7531\]: Failed password for root from 106.13.106.46 port 54178 ssh2 Dec 8 03:38:25 server sshd\[12528\]: Invalid user blh from 106.13.106.46 Dec 8 03:38:25 server sshd\[12528\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.106.46 Dec 8 03:38:27 server sshd\[12528\]: Failed password for invalid user blh from 106.13.106.46 port 39044 ssh2 ...	2019-12-08 09:15:50
106.13.106.46	attack	Dec 7 07:37:13 jane sshd[30181]: Failed password for root from 106.13.106.46 port 57902 ssh2 ...	2019-12-07 14:49:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.106.27
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38306
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.106.27.			IN	A

;; AUTHORITY SECTION:
.			180	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022701 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 28 07:53:57 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 27.106.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 27.106.13.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
51.91.255.147	attackbots	Aug 24 01:35:06 [host] sshd[20685]: Invalid user e Aug 24 01:35:07 [host] sshd[20685]: pam_unix(sshd: Aug 24 01:35:09 [host] sshd[20685]: Failed passwor	2020-08-24 07:45:19
150.158.181.16	attack	Aug 24 01:22:56 ns3164893 sshd[22778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.158.181.16 Aug 24 01:22:58 ns3164893 sshd[22778]: Failed password for invalid user docker from 150.158.181.16 port 58166 ssh2 ...	2020-08-24 07:41:15
47.37.24.227	attack	Port 22 Scan, PTR: None	2020-08-24 08:15:22
85.209.0.38	attackspambots	Aug 23 22:32:31 ns1 sshd[91833]: Failed password for root from 85.209.0.38 port 52576 ssh2 Aug 23 22:32:32 ns1 sshd[91833]: Connection closed by authenticating user root 85.209.0.38 port 52576 [preauth] Aug 23 22:32:32 ns1 sshd[91834]: Failed password for root from 85.209.0.38 port 52540 ssh2 Aug 23 22:32:32 ns1 sshd[91834]: Failed password for root from 85.209.0.38 port 52540 ssh2 Aug 23 22:32:32 ns1 sshd[91834]: Connection closed by authenticating user root 85.209.0.38 port 52540 [preauth] ...	2020-08-24 08:00:21
195.201.1.183	attackspambots	Scanning for exploits - /vendor/phpunit/phpunit/LICENSE	2020-08-24 07:47:58
118.25.5.116	attackspam	ThinkPHP Remote Code Execution Vulnerability , PTR: PTR record not found	2020-08-24 07:56:46
93.178.48.52	attack	445/tcp [2020-08-23]1pkt	2020-08-24 07:38:14
193.27.229.86	attackspam	[H1.VM10] Blocked by UFW	2020-08-24 08:06:59
119.29.173.247	attackbotsspam	SSH Brute-Forcing (server1)	2020-08-24 07:32:47
137.116.128.105	attackbots	Ssh brute force	2020-08-24 08:11:14
222.186.173.215	attack	2020-08-24T02:46:00.917609snf-827550 sshd[31589]: Failed password for root from 222.186.173.215 port 38646 ssh2 2020-08-24T02:46:03.992805snf-827550 sshd[31589]: Failed password for root from 222.186.173.215 port 38646 ssh2 2020-08-24T02:46:07.484161snf-827550 sshd[31589]: Failed password for root from 222.186.173.215 port 38646 ssh2 ...	2020-08-24 07:51:18
49.235.153.220	attackbots	Aug 23 23:26:57 OPSO sshd\[18301\]: Invalid user drl from 49.235.153.220 port 56990 Aug 23 23:26:57 OPSO sshd\[18301\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.153.220 Aug 23 23:26:59 OPSO sshd\[18301\]: Failed password for invalid user drl from 49.235.153.220 port 56990 ssh2 Aug 23 23:30:21 OPSO sshd\[19116\]: Invalid user pamela from 49.235.153.220 port 38180 Aug 23 23:30:21 OPSO sshd\[19116\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.153.220	2020-08-24 07:39:59
70.169.55.123	attack	23/tcp [2020-08-23]1pkt	2020-08-24 08:02:09
192.64.119.211	attackbots	Received: from express24doktor.de (192.64.119.211) by ismtpd0006p1lon1.sendgrid.net (SG) with ESMTP id 84zk_u9CRA2HSU6HtN8kZA	2020-08-24 08:16:16
218.92.0.223	attack	Scanned 28 times in the last 24 hours on port 22	2020-08-24 08:10:54

最近上报的IP列表

91.92.156.110	223.97.194.55	51.77.144.37	46.29.163.22
223.97.185.15	167.86.124.67	116.49.95.198	223.97.184.178
223.97.177.41	124.253.171.77	18.218.119.183	177.128.74.213
181.171.43.234	223.8.192.196	223.79.77.53	101.86.165.36
187.63.60.105	181.214.165.207	71.172.58.76	37.187.21.81