106.13.48.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Dec 28 07:24:04 MK-Soft-VM3 sshd[24743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 Dec 28 07:24:05 MK-Soft-VM3 sshd[24743]: Failed password for invalid user jazz_office from 106.13.48.20 port 37300 ssh2 ...	2019-12-28 18:56:16
attack	Dec 26 07:35:13 sd-53420 sshd\[17734\]: User mysql from 106.13.48.20 not allowed because none of user's groups are listed in AllowGroups Dec 26 07:35:13 sd-53420 sshd\[17734\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=mysql Dec 26 07:35:15 sd-53420 sshd\[17734\]: Failed password for invalid user mysql from 106.13.48.20 port 59046 ssh2 Dec 26 07:38:40 sd-53420 sshd\[19035\]: User www-data from 106.13.48.20 not allowed because none of user's groups are listed in AllowGroups Dec 26 07:38:40 sd-53420 sshd\[19035\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=www-data ...	2019-12-26 20:08:35
attackspam	Dec 26 07:19:05 sd-53420 sshd\[11508\]: User root from 106.13.48.20 not allowed because none of user's groups are listed in AllowGroups Dec 26 07:19:05 sd-53420 sshd\[11508\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root Dec 26 07:19:07 sd-53420 sshd\[11508\]: Failed password for invalid user root from 106.13.48.20 port 38392 ssh2 Dec 26 07:22:03 sd-53420 sshd\[12687\]: User root from 106.13.48.20 not allowed because none of user's groups are listed in AllowGroups Dec 26 07:22:03 sd-53420 sshd\[12687\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root ...	2019-12-26 14:25:50
attack	Dec 21 07:15:03 dev0-dcde-rnet sshd[28975]: Failed password for root from 106.13.48.20 port 39378 ssh2 Dec 21 07:21:30 dev0-dcde-rnet sshd[29047]: Failed password for root from 106.13.48.20 port 33194 ssh2	2019-12-21 16:42:10
attackspambots	Dec 19 00:32:01 meumeu sshd[16834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 Dec 19 00:32:03 meumeu sshd[16834]: Failed password for invalid user cyj from 106.13.48.20 port 43352 ssh2 Dec 19 00:37:30 meumeu sshd[17584]: Failed password for root from 106.13.48.20 port 41216 ssh2 ...	2019-12-19 07:42:46
attackbotsspam	Dec 18 10:29:16 ns3042688 sshd\[10873\]: Invalid user anh from 106.13.48.20 Dec 18 10:29:16 ns3042688 sshd\[10873\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 Dec 18 10:29:18 ns3042688 sshd\[10873\]: Failed password for invalid user anh from 106.13.48.20 port 58940 ssh2 Dec 18 10:35:56 ns3042688 sshd\[14619\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root Dec 18 10:35:58 ns3042688 sshd\[14619\]: Failed password for root from 106.13.48.20 port 56266 ssh2 ...	2019-12-18 17:41:50
attack	Dec 13 09:49:10 nextcloud sshd\[13760\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root Dec 13 09:49:13 nextcloud sshd\[13760\]: Failed password for root from 106.13.48.20 port 49548 ssh2 Dec 13 09:55:09 nextcloud sshd\[23535\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root ...	2019-12-13 17:52:57
attackspambots	Dec 4 05:51:17 legacy sshd[29863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 Dec 4 05:51:19 legacy sshd[29863]: Failed password for invalid user ssh from 106.13.48.20 port 34648 ssh2 Dec 4 05:58:05 legacy sshd[30229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 ...	2019-12-04 13:03:02
attack	Apr 17 00:19:27 meumeu sshd[20529]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 Apr 17 00:19:30 meumeu sshd[20529]: Failed password for invalid user pul from 106.13.48.20 port 40300 ssh2 Apr 17 00:23:51 meumeu sshd[21357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 ...	2019-11-30 21:00:31
attack	2019-11-13T18:03:29.077782hub.schaetter.us sshd\[23186\]: Invalid user dwmaintenance from 106.13.48.20 port 58542 2019-11-13T18:03:29.087431hub.schaetter.us sshd\[23186\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 2019-11-13T18:03:31.456034hub.schaetter.us sshd\[23186\]: Failed password for invalid user dwmaintenance from 106.13.48.20 port 58542 ssh2 2019-11-13T18:07:39.193278hub.schaetter.us sshd\[23206\]: Invalid user huchendorf from 106.13.48.20 port 34358 2019-11-13T18:07:39.201100hub.schaetter.us sshd\[23206\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 ...	2019-11-14 04:07:48
attack	2019-11-08T08:18:54.022826scmdmz1 sshd\[31878\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root 2019-11-08T08:18:56.243333scmdmz1 sshd\[31878\]: Failed password for root from 106.13.48.20 port 49202 ssh2 2019-11-08T08:23:44.149243scmdmz1 sshd\[32195\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root ...	2019-11-08 15:27:58
attack	Invalid user murai1 from 106.13.48.20 port 57416	2019-11-02 18:30:49
attackspam	Invalid user murai1 from 106.13.48.20 port 57416	2019-11-01 01:09:07
attackspam	Automatic report - Banned IP Access	2019-10-19 15:45:06
attack	Oct 16 13:09:35 ns341937 sshd[17038]: Failed password for root from 106.13.48.20 port 42888 ssh2 Oct 16 13:35:30 ns341937 sshd[24965]: Failed password for root from 106.13.48.20 port 37002 ssh2 Oct 16 13:41:21 ns341937 sshd[26427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 ...	2019-10-16 20:42:02
attackbots	$f2bV_matches	2019-10-15 23:00:29
attackspam	Oct 10 06:58:26 www sshd\[80509\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root Oct 10 06:58:28 www sshd\[80509\]: Failed password for root from 106.13.48.20 port 39618 ssh2 Oct 10 07:02:12 www sshd\[80556\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root ...	2019-10-10 16:48:03
attack	Oct 4 03:52:29 www_kotimaassa_fi sshd[17969]: Failed password for root from 106.13.48.20 port 37626 ssh2 ...	2019-10-04 13:22:50
attackbots	Sep 3 07:42:28 mail sshd\[14584\]: Invalid user weblogic from 106.13.48.20 port 46252 Sep 3 07:42:28 mail sshd\[14584\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 Sep 3 07:42:30 mail sshd\[14584\]: Failed password for invalid user weblogic from 106.13.48.20 port 46252 ssh2 Sep 3 07:45:35 mail sshd\[15006\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root Sep 3 07:45:37 mail sshd\[15006\]: Failed password for root from 106.13.48.20 port 41816 ssh2	2019-09-03 14:55:03
attackspambots	Aug 19 11:44:11 dedicated sshd[26165]: Invalid user petru from 106.13.48.20 port 39274	2019-08-19 17:50:54
attack	$f2bV_matches	2019-08-14 16:38:35
attackspambots	Invalid user tan from 106.13.48.20 port 54064	2019-07-13 16:15:55

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.48.9	attackbotsspam	Oct 8 21:59:31 hidden sshd[4418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.9 Oct 8 21:59:33 hidden sshd[4418]: Failed password for invalid user kevin from 106.13.48.9 port 40514 ssh2 Oct 8 22:16:27 hidden sshd[11400]: Invalid user info from 106.13.48.9 port 38028	2020-10-10 04:46:19
106.13.48.9	attack	SSH bruteforce	2020-10-09 20:45:22
106.13.48.9	attackspam	2020-10-09T04:48:40+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-10-09 12:31:36
106.13.48.122	attack	firewall-block, port(s): 14602/tcp	2020-09-06 20:34:34
106.13.48.122	attackspam	TCP (SYN) 106.13.48.122:47133 -> port 27055, len 44	2020-09-06 12:14:05
106.13.48.122	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-06 04:36:40
106.13.48.122	attack	Aug 11 22:32:14 Ubuntu-1404-trusty-64-minimal sshd\[13632\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 user=root Aug 11 22:32:16 Ubuntu-1404-trusty-64-minimal sshd\[13632\]: Failed password for root from 106.13.48.122 port 42005 ssh2 Aug 11 22:35:19 Ubuntu-1404-trusty-64-minimal sshd\[14456\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 user=root Aug 11 22:35:21 Ubuntu-1404-trusty-64-minimal sshd\[14456\]: Failed password for root from 106.13.48.122 port 61109 ssh2 Aug 11 22:36:39 Ubuntu-1404-trusty-64-minimal sshd\[14851\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 user=root	2020-08-12 05:44:27
106.13.48.122	attack	Unauthorized connection attempt detected from IP address 106.13.48.122 to port 8812	2020-07-25 16:06:07
106.13.48.122	attack	Unauthorized connection attempt detected from IP address 106.13.48.122 to port 768 [T]	2020-07-08 02:06:02
106.13.48.122	attackbots	Jul 6 16:56:18 ift sshd\[32718\]: Invalid user zxc from 106.13.48.122Jul 6 16:56:19 ift sshd\[32718\]: Failed password for invalid user zxc from 106.13.48.122 port 29093 ssh2Jul 6 16:59:16 ift sshd\[33111\]: Failed password for invalid user admin from 106.13.48.122 port 50249 ssh2Jul 6 17:02:02 ift sshd\[34103\]: Invalid user zhangfeng from 106.13.48.122Jul 6 17:02:04 ift sshd\[34103\]: Failed password for invalid user zhangfeng from 106.13.48.122 port 14912 ssh2 ...	2020-07-07 01:17:17
106.13.48.122	attackspam	Jul 5 05:48:37 meumeu sshd[538171]: Invalid user wor from 106.13.48.122 port 40808 Jul 5 05:48:37 meumeu sshd[538171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 Jul 5 05:48:37 meumeu sshd[538171]: Invalid user wor from 106.13.48.122 port 40808 Jul 5 05:48:39 meumeu sshd[538171]: Failed password for invalid user wor from 106.13.48.122 port 40808 ssh2 Jul 5 05:54:07 meumeu sshd[538299]: Invalid user cloud from 106.13.48.122 port 25505 Jul 5 05:54:07 meumeu sshd[538299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 Jul 5 05:54:07 meumeu sshd[538299]: Invalid user cloud from 106.13.48.122 port 25505 Jul 5 05:54:09 meumeu sshd[538299]: Failed password for invalid user cloud from 106.13.48.122 port 25505 ssh2 Jul 5 05:55:56 meumeu sshd[538334]: Invalid user crb from 106.13.48.122 port 39249 ...	2020-07-05 12:46:16
106.13.48.122	attack	Jul 4 03:27:17 PorscheCustomer sshd[13634]: Failed password for root from 106.13.48.122 port 10034 ssh2 Jul 4 03:28:58 PorscheCustomer sshd[13646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 Jul 4 03:29:00 PorscheCustomer sshd[13646]: Failed password for invalid user vegeta from 106.13.48.122 port 24280 ssh2 ...	2020-07-04 10:26:34
106.13.48.122	attackbots	(sshd) Failed SSH login from 106.13.48.122 (CN/China/-): 5 in the last 3600 secs	2020-06-30 14:19:30
106.13.48.122	attackbotsspam	Unauthorized connection attempt detected from IP address 106.13.48.122 to port 1741	2020-06-29 03:37:13
106.13.48.122	attackspambots	TCP (SYN) 106.13.48.122:44166 -> port 9066, len 44	2020-06-25 19:55:48

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.48.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43647
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.48.20.			IN	A

;; AUTHORITY SECTION:
.			2458	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040903 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 10 12:36:44 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 20.48.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.3, trying next server
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 20.48.13.106.in-addr.arpa: SERVFAIL

IP	类型	评论内容	时间
27.70.153.187	attackspam	Invalid user admin from 27.70.153.187 port 36924	2019-11-22 21:03:01
222.160.18.76	attackspambots	badbot	2019-11-22 21:00:11
182.108.168.104	attackbotsspam	badbot	2019-11-22 21:21:46
157.245.243.4	attackspambots	2019-11-22 02:31:21,790 fail2ban.actions [1798]: NOTICE [sshd] Ban 157.245.243.4	2019-11-22 21:33:47
112.113.156.8	attackspambots	badbot	2019-11-22 21:24:23
183.20.117.250	attackspambots	badbot	2019-11-22 21:09:23
45.40.198.41	attackspam	Invalid user noack from 45.40.198.41 port 47838	2019-11-22 21:19:06
104.238.116.212	attackbots	Invalid user bayu from 104.238.116.212 port 42761	2019-11-22 21:26:50
109.248.236.91	attackbotsspam	Unauthorised access (Nov 22) SRC=109.248.236.91 LEN=52 TTL=117 ID=21082 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 22) SRC=109.248.236.91 LEN=52 TTL=117 ID=8236 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-22 21:23:41
106.54.142.84	attackbots	$f2bV_matches	2019-11-22 21:04:09
175.100.185.202	attack	Automatic report - Banned IP Access	2019-11-22 21:25:55
119.110.237.130	attackbotsspam	Unauthorised access (Nov 22) SRC=119.110.237.130 LEN=52 TTL=111 ID=5598 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 22) SRC=119.110.237.130 LEN=52 TTL=111 ID=12589 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 22) SRC=119.110.237.130 LEN=52 TTL=110 ID=23989 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-22 21:32:26
45.115.178.195	attack	Nov 22 10:49:31 ncomp sshd[19099]: Invalid user pcap from 45.115.178.195 Nov 22 10:49:31 ncomp sshd[19099]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.115.178.195 Nov 22 10:49:31 ncomp sshd[19099]: Invalid user pcap from 45.115.178.195 Nov 22 10:49:33 ncomp sshd[19099]: Failed password for invalid user pcap from 45.115.178.195 port 39183 ssh2	2019-11-22 20:58:18
41.160.85.162	attackbotsspam	spam FO	2019-11-22 21:05:11
158.181.230.74	attack	Hits on port : 445	2019-11-22 21:39:29

最近上报的IP列表

80.191.237.169	177.239.38.150	173.254.194.16	198.108.66.34
117.50.72.196	121.204.129.159	203.150.58.34	173.249.11.243
128.204.191.78	69.12.72.183	77.40.127.254	152.249.21.46
82.131.176.147	5.74.2.134	172.246.126.116	104.244.42.72
185.17.149.136	81.26.64.34	183.109.79.252	165.227.179.69