106.13.173.12 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH invalid-user multiple login try	2020-05-12 00:39:50
attackbotsspam	2020-05-05T01:49:30.0602951495-001 sshd[8495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.173.12 2020-05-05T01:49:30.0571851495-001 sshd[8495]: Invalid user austin from 106.13.173.12 port 53122 2020-05-05T01:49:31.7510581495-001 sshd[8495]: Failed password for invalid user austin from 106.13.173.12 port 53122 ssh2 2020-05-05T01:51:45.5432491495-001 sshd[8569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.173.12 user=root 2020-05-05T01:51:48.1021661495-001 sshd[8569]: Failed password for root from 106.13.173.12 port 48844 ssh2 2020-05-05T01:54:00.1734421495-001 sshd[8627]: Invalid user postgres from 106.13.173.12 port 44568 ...	2020-05-05 14:50:25
attackbotsspam	$f2bV_matches	2020-04-29 17:41:36
attack	SSH brute-force: detected 10 distinct usernames within a 24-hour window.	2020-04-21 18:18:16
attack	Invalid user R00T from 106.13.173.12 port 59298	2020-04-16 07:05:58
attackbots	2020-04-07T06:58:21.036424abusebot-2.cloudsearch.cf sshd[16912]: Invalid user ethos from 106.13.173.12 port 60678 2020-04-07T06:58:21.049424abusebot-2.cloudsearch.cf sshd[16912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.173.12 2020-04-07T06:58:21.036424abusebot-2.cloudsearch.cf sshd[16912]: Invalid user ethos from 106.13.173.12 port 60678 2020-04-07T06:58:22.162950abusebot-2.cloudsearch.cf sshd[16912]: Failed password for invalid user ethos from 106.13.173.12 port 60678 ssh2 2020-04-07T07:05:19.678833abusebot-2.cloudsearch.cf sshd[17278]: Invalid user upload from 106.13.173.12 port 39444 2020-04-07T07:05:19.687084abusebot-2.cloudsearch.cf sshd[17278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.173.12 2020-04-07T07:05:19.678833abusebot-2.cloudsearch.cf sshd[17278]: Invalid user upload from 106.13.173.12 port 39444 2020-04-07T07:05:21.517957abusebot-2.cloudsearch.cf sshd[17278]: Fail ...	2020-04-07 18:33:54

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.173.137	attack	$f2bV_matches	2020-09-26 02:18:43
106.13.173.137	attack	2020-09-25T00:11:30.506764yoshi.linuxbox.ninja sshd[3422970]: Invalid user irene from 106.13.173.137 port 50112 2020-09-25T00:11:32.973136yoshi.linuxbox.ninja sshd[3422970]: Failed password for invalid user irene from 106.13.173.137 port 50112 ssh2 2020-09-25T00:15:43.000665yoshi.linuxbox.ninja sshd[3425871]: Invalid user upload from 106.13.173.137 port 44166 ...	2020-09-25 18:01:53
106.13.173.137	attack	Sep 23 13:40:13 XXX sshd[38096]: Invalid user drcomadmin from 106.13.173.137 port 36570	2020-09-23 23:49:05
106.13.173.137	attack	Invalid user daniel from 106.13.173.137 port 54250	2020-09-23 15:59:32
106.13.173.137	attackspambots	Invalid user boss from 106.13.173.137 port 40320	2020-09-23 07:55:15
106.13.173.137	attackbotsspam	invalid login attempt (pramod)	2020-09-22 04:02:20
106.13.173.73	attackbots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-15 03:04:04
106.13.173.73	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-14 18:56:12
106.13.173.187	attack	Sep 8 07:14:14 root sshd[3855]: Failed password for root from 106.13.173.187 port 41222 ssh2 ...	2020-09-09 02:15:54
106.13.173.187	attackbotsspam	Sep 8 07:14:14 root sshd[3855]: Failed password for root from 106.13.173.187 port 41222 ssh2 ...	2020-09-08 17:45:26
106.13.173.137	attackbotsspam	Invalid user deploy from 106.13.173.137 port 50056	2020-08-30 12:25:01
106.13.173.73	attack	Repeated brute force against a port	2020-08-25 21:03:52
106.13.173.187	attackspam	Aug 24 15:16:32 buvik sshd[25680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.173.187 Aug 24 15:16:35 buvik sshd[25680]: Failed password for invalid user felipe from 106.13.173.187 port 49852 ssh2 Aug 24 15:23:53 buvik sshd[26563]: Invalid user tmp from 106.13.173.187 ...	2020-08-25 03:46:45
106.13.173.137	attackspam	Aug 21 13:52:21 localhost sshd[2286567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.173.137 user=root Aug 21 13:52:23 localhost sshd[2286567]: Failed password for root from 106.13.173.137 port 39694 ssh2 ...	2020-08-21 17:45:28
106.13.173.137	attackspam	Aug 19 18:38:20 vps46666688 sshd[23212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.173.137 Aug 19 18:38:21 vps46666688 sshd[23212]: Failed password for invalid user xun from 106.13.173.137 port 48886 ssh2 ...	2020-08-20 05:42:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.173.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28224
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.173.12.			IN	A

;; AUTHORITY SECTION:
.			125	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040400 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 04 20:49:11 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 12.173.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 12.173.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.75.254.172	attack	Jun 10 14:13:26 Ubuntu-1404-trusty-64-minimal sshd\[11314\]: Invalid user primana from 51.75.254.172 Jun 10 14:13:26 Ubuntu-1404-trusty-64-minimal sshd\[11314\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.254.172 Jun 10 14:13:28 Ubuntu-1404-trusty-64-minimal sshd\[11314\]: Failed password for invalid user primana from 51.75.254.172 port 56926 ssh2 Jun 10 14:19:58 Ubuntu-1404-trusty-64-minimal sshd\[27793\]: Invalid user ziyad from 51.75.254.172 Jun 10 14:19:58 Ubuntu-1404-trusty-64-minimal sshd\[27793\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.254.172	2020-06-10 21:53:26
212.64.88.97	attack	3x Failed Password	2020-06-10 22:08:48
178.175.241.242	attackspam	1591786864 - 06/10/2020 13:01:04 Host: 178.175.241.242/178.175.241.242 Port: 23 TCP Blocked	2020-06-10 21:51:58
41.39.225.78	attackbotsspam	Unauthorized connection attempt from IP address 41.39.225.78 on Port 445(SMB)	2020-06-10 22:27:34
222.186.173.142	attackspambots	Unauthorised connection attempt detected at AUO FR1 NODE2. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-10 21:49:28
54.223.114.32	attack	Jun 10 01:55:11 web9 sshd\[31907\]: Invalid user Multi from 54.223.114.32 Jun 10 01:55:11 web9 sshd\[31907\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.223.114.32 Jun 10 01:55:13 web9 sshd\[31907\]: Failed password for invalid user Multi from 54.223.114.32 port 45580 ssh2 Jun 10 01:59:18 web9 sshd\[32420\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.223.114.32 user=root Jun 10 01:59:20 web9 sshd\[32420\]: Failed password for root from 54.223.114.32 port 60708 ssh2	2020-06-10 22:17:08
37.49.224.14	attackbots	Jun 10 07:56:51 XXX sshd[28440]: Did not receive identification string from 37.49.224.14 Jun 10 07:57:06 XXX sshd[28587]: Invalid user admin from 37.49.224.14 Jun 10 07:57:06 XXX sshd[28587]: Received disconnect from 37.49.224.14: 11: Normal Shutdown, Thank you for playing [preauth] Jun 10 07:57:28 XXX sshd[28595]: Invalid user admin from 37.49.224.14 Jun 10 07:57:28 XXX sshd[28595]: Received disconnect from 37.49.224.14: 11: Normal Shutdown, Thank you for playing [preauth] Jun 10 07:57:50 XXX sshd[28597]: User r.r from 37.49.224.14 not allowed because none of user's groups are listed in AllowGroups Jun 10 07:57:50 XXX sshd[28597]: Received disconnect from 37.49.224.14: 11: Normal Shutdown, Thank you for playing [preauth] Jun 10 07:58:11 XXX sshd[28776]: Invalid user ansible from 37.49.224.14 Jun 10 07:58:11 XXX sshd[28776]: Received disconnect from 37.49.224.14: 11: Normal Shutdown, Thank you for playing [preauth] Jun 10 07:58:32 XXX sshd[28784]: Invalid user centos fr........ -------------------------------	2020-06-10 22:29:45
119.28.21.55	attackbotsspam	Failed password for invalid user monitor from 119.28.21.55 port 38044 ssh2	2020-06-10 22:09:58
103.131.71.58	attackspam	(mod_security) mod_security (id:210730) triggered by 103.131.71.58 (VN/Vietnam/bot-103-131-71-58.coccoc.com): 5 in the last 3600 secs	2020-06-10 22:19:22
222.186.175.215	attackspam	Jun 10 15:42:48 pve1 sshd[24862]: Failed password for root from 222.186.175.215 port 62810 ssh2 Jun 10 15:42:54 pve1 sshd[24862]: Failed password for root from 222.186.175.215 port 62810 ssh2 ...	2020-06-10 21:45:47
186.224.80.34	attackspambots	Spam	2020-06-10 22:18:26
197.44.157.248	attackbots	Unauthorized connection attempt from IP address 197.44.157.248 on Port 445(SMB)	2020-06-10 22:13:31
111.229.240.102	attackspambots	Jun 10 12:56:26 ns392434 sshd[31261]: Invalid user ios from 111.229.240.102 port 41552 Jun 10 12:56:26 ns392434 sshd[31261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.240.102 Jun 10 12:56:26 ns392434 sshd[31261]: Invalid user ios from 111.229.240.102 port 41552 Jun 10 12:56:29 ns392434 sshd[31261]: Failed password for invalid user ios from 111.229.240.102 port 41552 ssh2 Jun 10 12:59:05 ns392434 sshd[31367]: Invalid user unbound from 111.229.240.102 port 35736 Jun 10 12:59:05 ns392434 sshd[31367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.240.102 Jun 10 12:59:05 ns392434 sshd[31367]: Invalid user unbound from 111.229.240.102 port 35736 Jun 10 12:59:08 ns392434 sshd[31367]: Failed password for invalid user unbound from 111.229.240.102 port 35736 ssh2 Jun 10 13:01:11 ns392434 sshd[31381]: Invalid user zhengyifan from 111.229.240.102 port 54724	2020-06-10 21:42:23
66.181.169.70	attack	Unauthorized connection attempt from IP address 66.181.169.70 on Port 445(SMB)	2020-06-10 22:05:07
106.52.106.61	attack	Brute-force attempt banned	2020-06-10 21:59:41

最近上报的IP列表

111.241.193.49	46.185.214.92	122.114.88.206	68.183.228.99
23.108.50.55	195.24.67.186	7.202.89.235	82.125.248.222
196.68.35.36	30.224.244.70	207.253.193.218	156.248.207.230
100.228.135.129	159.189.194.165	215.145.128.145	105.62.250.26
31.255.131.149	23.108.50.22	117.220.253.17	31.156.22.183