106.13.48.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Dec 28 07:24:04 MK-Soft-VM3 sshd[24743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 Dec 28 07:24:05 MK-Soft-VM3 sshd[24743]: Failed password for invalid user jazz_office from 106.13.48.20 port 37300 ssh2 ...	2019-12-28 18:56:16
attack	Dec 26 07:35:13 sd-53420 sshd\[17734\]: User mysql from 106.13.48.20 not allowed because none of user's groups are listed in AllowGroups Dec 26 07:35:13 sd-53420 sshd\[17734\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=mysql Dec 26 07:35:15 sd-53420 sshd\[17734\]: Failed password for invalid user mysql from 106.13.48.20 port 59046 ssh2 Dec 26 07:38:40 sd-53420 sshd\[19035\]: User www-data from 106.13.48.20 not allowed because none of user's groups are listed in AllowGroups Dec 26 07:38:40 sd-53420 sshd\[19035\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=www-data ...	2019-12-26 20:08:35
attackspam	Dec 26 07:19:05 sd-53420 sshd\[11508\]: User root from 106.13.48.20 not allowed because none of user's groups are listed in AllowGroups Dec 26 07:19:05 sd-53420 sshd\[11508\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root Dec 26 07:19:07 sd-53420 sshd\[11508\]: Failed password for invalid user root from 106.13.48.20 port 38392 ssh2 Dec 26 07:22:03 sd-53420 sshd\[12687\]: User root from 106.13.48.20 not allowed because none of user's groups are listed in AllowGroups Dec 26 07:22:03 sd-53420 sshd\[12687\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root ...	2019-12-26 14:25:50
attack	Dec 21 07:15:03 dev0-dcde-rnet sshd[28975]: Failed password for root from 106.13.48.20 port 39378 ssh2 Dec 21 07:21:30 dev0-dcde-rnet sshd[29047]: Failed password for root from 106.13.48.20 port 33194 ssh2	2019-12-21 16:42:10
attackspambots	Dec 19 00:32:01 meumeu sshd[16834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 Dec 19 00:32:03 meumeu sshd[16834]: Failed password for invalid user cyj from 106.13.48.20 port 43352 ssh2 Dec 19 00:37:30 meumeu sshd[17584]: Failed password for root from 106.13.48.20 port 41216 ssh2 ...	2019-12-19 07:42:46
attackbotsspam	Dec 18 10:29:16 ns3042688 sshd\[10873\]: Invalid user anh from 106.13.48.20 Dec 18 10:29:16 ns3042688 sshd\[10873\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 Dec 18 10:29:18 ns3042688 sshd\[10873\]: Failed password for invalid user anh from 106.13.48.20 port 58940 ssh2 Dec 18 10:35:56 ns3042688 sshd\[14619\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root Dec 18 10:35:58 ns3042688 sshd\[14619\]: Failed password for root from 106.13.48.20 port 56266 ssh2 ...	2019-12-18 17:41:50
attack	Dec 13 09:49:10 nextcloud sshd\[13760\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root Dec 13 09:49:13 nextcloud sshd\[13760\]: Failed password for root from 106.13.48.20 port 49548 ssh2 Dec 13 09:55:09 nextcloud sshd\[23535\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root ...	2019-12-13 17:52:57
attackspambots	Dec 4 05:51:17 legacy sshd[29863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 Dec 4 05:51:19 legacy sshd[29863]: Failed password for invalid user ssh from 106.13.48.20 port 34648 ssh2 Dec 4 05:58:05 legacy sshd[30229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 ...	2019-12-04 13:03:02
attack	Apr 17 00:19:27 meumeu sshd[20529]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 Apr 17 00:19:30 meumeu sshd[20529]: Failed password for invalid user pul from 106.13.48.20 port 40300 ssh2 Apr 17 00:23:51 meumeu sshd[21357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 ...	2019-11-30 21:00:31
attack	2019-11-13T18:03:29.077782hub.schaetter.us sshd\[23186\]: Invalid user dwmaintenance from 106.13.48.20 port 58542 2019-11-13T18:03:29.087431hub.schaetter.us sshd\[23186\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 2019-11-13T18:03:31.456034hub.schaetter.us sshd\[23186\]: Failed password for invalid user dwmaintenance from 106.13.48.20 port 58542 ssh2 2019-11-13T18:07:39.193278hub.schaetter.us sshd\[23206\]: Invalid user huchendorf from 106.13.48.20 port 34358 2019-11-13T18:07:39.201100hub.schaetter.us sshd\[23206\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 ...	2019-11-14 04:07:48
attack	2019-11-08T08:18:54.022826scmdmz1 sshd\[31878\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root 2019-11-08T08:18:56.243333scmdmz1 sshd\[31878\]: Failed password for root from 106.13.48.20 port 49202 ssh2 2019-11-08T08:23:44.149243scmdmz1 sshd\[32195\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root ...	2019-11-08 15:27:58
attack	Invalid user murai1 from 106.13.48.20 port 57416	2019-11-02 18:30:49
attackspam	Invalid user murai1 from 106.13.48.20 port 57416	2019-11-01 01:09:07
attackspam	Automatic report - Banned IP Access	2019-10-19 15:45:06
attack	Oct 16 13:09:35 ns341937 sshd[17038]: Failed password for root from 106.13.48.20 port 42888 ssh2 Oct 16 13:35:30 ns341937 sshd[24965]: Failed password for root from 106.13.48.20 port 37002 ssh2 Oct 16 13:41:21 ns341937 sshd[26427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 ...	2019-10-16 20:42:02
attackbots	$f2bV_matches	2019-10-15 23:00:29
attackspam	Oct 10 06:58:26 www sshd\[80509\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root Oct 10 06:58:28 www sshd\[80509\]: Failed password for root from 106.13.48.20 port 39618 ssh2 Oct 10 07:02:12 www sshd\[80556\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root ...	2019-10-10 16:48:03
attack	Oct 4 03:52:29 www_kotimaassa_fi sshd[17969]: Failed password for root from 106.13.48.20 port 37626 ssh2 ...	2019-10-04 13:22:50
attackbots	Sep 3 07:42:28 mail sshd\[14584\]: Invalid user weblogic from 106.13.48.20 port 46252 Sep 3 07:42:28 mail sshd\[14584\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 Sep 3 07:42:30 mail sshd\[14584\]: Failed password for invalid user weblogic from 106.13.48.20 port 46252 ssh2 Sep 3 07:45:35 mail sshd\[15006\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.20 user=root Sep 3 07:45:37 mail sshd\[15006\]: Failed password for root from 106.13.48.20 port 41816 ssh2	2019-09-03 14:55:03
attackspambots	Aug 19 11:44:11 dedicated sshd[26165]: Invalid user petru from 106.13.48.20 port 39274	2019-08-19 17:50:54
attack	$f2bV_matches	2019-08-14 16:38:35
attackspambots	Invalid user tan from 106.13.48.20 port 54064	2019-07-13 16:15:55

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.48.9	attackbotsspam	Oct 8 21:59:31 hidden sshd[4418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.9 Oct 8 21:59:33 hidden sshd[4418]: Failed password for invalid user kevin from 106.13.48.9 port 40514 ssh2 Oct 8 22:16:27 hidden sshd[11400]: Invalid user info from 106.13.48.9 port 38028	2020-10-10 04:46:19
106.13.48.9	attack	SSH bruteforce	2020-10-09 20:45:22
106.13.48.9	attackspam	2020-10-09T04:48:40+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-10-09 12:31:36
106.13.48.122	attack	firewall-block, port(s): 14602/tcp	2020-09-06 20:34:34
106.13.48.122	attackspam	TCP (SYN) 106.13.48.122:47133 -> port 27055, len 44	2020-09-06 12:14:05
106.13.48.122	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-06 04:36:40
106.13.48.122	attack	Aug 11 22:32:14 Ubuntu-1404-trusty-64-minimal sshd\[13632\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 user=root Aug 11 22:32:16 Ubuntu-1404-trusty-64-minimal sshd\[13632\]: Failed password for root from 106.13.48.122 port 42005 ssh2 Aug 11 22:35:19 Ubuntu-1404-trusty-64-minimal sshd\[14456\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 user=root Aug 11 22:35:21 Ubuntu-1404-trusty-64-minimal sshd\[14456\]: Failed password for root from 106.13.48.122 port 61109 ssh2 Aug 11 22:36:39 Ubuntu-1404-trusty-64-minimal sshd\[14851\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 user=root	2020-08-12 05:44:27
106.13.48.122	attack	Unauthorized connection attempt detected from IP address 106.13.48.122 to port 8812	2020-07-25 16:06:07
106.13.48.122	attack	Unauthorized connection attempt detected from IP address 106.13.48.122 to port 768 [T]	2020-07-08 02:06:02
106.13.48.122	attackbots	Jul 6 16:56:18 ift sshd\[32718\]: Invalid user zxc from 106.13.48.122Jul 6 16:56:19 ift sshd\[32718\]: Failed password for invalid user zxc from 106.13.48.122 port 29093 ssh2Jul 6 16:59:16 ift sshd\[33111\]: Failed password for invalid user admin from 106.13.48.122 port 50249 ssh2Jul 6 17:02:02 ift sshd\[34103\]: Invalid user zhangfeng from 106.13.48.122Jul 6 17:02:04 ift sshd\[34103\]: Failed password for invalid user zhangfeng from 106.13.48.122 port 14912 ssh2 ...	2020-07-07 01:17:17
106.13.48.122	attackspam	Jul 5 05:48:37 meumeu sshd[538171]: Invalid user wor from 106.13.48.122 port 40808 Jul 5 05:48:37 meumeu sshd[538171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 Jul 5 05:48:37 meumeu sshd[538171]: Invalid user wor from 106.13.48.122 port 40808 Jul 5 05:48:39 meumeu sshd[538171]: Failed password for invalid user wor from 106.13.48.122 port 40808 ssh2 Jul 5 05:54:07 meumeu sshd[538299]: Invalid user cloud from 106.13.48.122 port 25505 Jul 5 05:54:07 meumeu sshd[538299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 Jul 5 05:54:07 meumeu sshd[538299]: Invalid user cloud from 106.13.48.122 port 25505 Jul 5 05:54:09 meumeu sshd[538299]: Failed password for invalid user cloud from 106.13.48.122 port 25505 ssh2 Jul 5 05:55:56 meumeu sshd[538334]: Invalid user crb from 106.13.48.122 port 39249 ...	2020-07-05 12:46:16
106.13.48.122	attack	Jul 4 03:27:17 PorscheCustomer sshd[13634]: Failed password for root from 106.13.48.122 port 10034 ssh2 Jul 4 03:28:58 PorscheCustomer sshd[13646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 Jul 4 03:29:00 PorscheCustomer sshd[13646]: Failed password for invalid user vegeta from 106.13.48.122 port 24280 ssh2 ...	2020-07-04 10:26:34
106.13.48.122	attackbots	(sshd) Failed SSH login from 106.13.48.122 (CN/China/-): 5 in the last 3600 secs	2020-06-30 14:19:30
106.13.48.122	attackbotsspam	Unauthorized connection attempt detected from IP address 106.13.48.122 to port 1741	2020-06-29 03:37:13
106.13.48.122	attackspambots	TCP (SYN) 106.13.48.122:44166 -> port 9066, len 44	2020-06-25 19:55:48

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.48.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43647
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.48.20.			IN	A

;; AUTHORITY SECTION:
.			2458	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040903 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 10 12:36:44 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 20.48.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.3, trying next server
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 20.48.13.106.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
189.7.25.34	attack	Nov 10 18:23:07 amit sshd\[11311\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.7.25.34 user=root Nov 10 18:23:08 amit sshd\[11311\]: Failed password for root from 189.7.25.34 port 44522 ssh2 Nov 10 18:31:04 amit sshd\[5166\]: Invalid user lisa from 189.7.25.34 Nov 10 18:31:04 amit sshd\[5166\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.7.25.34 ...	2019-11-11 01:42:07
159.203.201.60	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 995 proto: TCP cat: Misc Attack	2019-11-11 01:58:07
185.53.88.3	attack	185.53.88.3 was recorded 5 times by 2 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 5, 56, 126	2019-11-11 01:46:46
192.81.79.69	attackbotsspam	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2019-11-11 01:44:21
137.25.101.102	attackspambots	Nov 10 17:08:51 serwer sshd\[18730\]: Invalid user driggs from 137.25.101.102 port 43960 Nov 10 17:08:51 serwer sshd\[18730\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.25.101.102 Nov 10 17:08:54 serwer sshd\[18730\]: Failed password for invalid user driggs from 137.25.101.102 port 43960 ssh2 ...	2019-11-11 01:27:54
117.80.237.18	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2019-11-11 01:59:37
35.170.203.107	attackspambots	TCP Port Scanning	2019-11-11 01:27:01
185.209.0.17	attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 3390 proto: TCP cat: Misc Attack	2019-11-11 01:45:08
106.12.5.35	attackspambots	Nov 10 22:52:57 vibhu-HP-Z238-Microtower-Workstation sshd\[336\]: Invalid user 12345678a@ from 106.12.5.35 Nov 10 22:52:57 vibhu-HP-Z238-Microtower-Workstation sshd\[336\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.35 Nov 10 22:52:59 vibhu-HP-Z238-Microtower-Workstation sshd\[336\]: Failed password for invalid user 12345678a@ from 106.12.5.35 port 54596 ssh2 Nov 10 22:57:37 vibhu-HP-Z238-Microtower-Workstation sshd\[625\]: Invalid user rommel from 106.12.5.35 Nov 10 22:57:37 vibhu-HP-Z238-Microtower-Workstation sshd\[625\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.35 ...	2019-11-11 01:33:31
119.40.55.14	attackspambots	11/10/2019-12:06:25.533164 119.40.55.14 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-11 01:58:40
198.20.87.98	attack	Portscan or hack attempt detected by psad/fwsnort	2019-11-11 01:43:40
129.28.153.112	attackbotsspam	Nov 10 18:26:09 sticky sshd\[30804\]: Invalid user parts from 129.28.153.112 port 60786 Nov 10 18:26:09 sticky sshd\[30804\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.153.112 Nov 10 18:26:11 sticky sshd\[30804\]: Failed password for invalid user parts from 129.28.153.112 port 60786 ssh2 Nov 10 18:31:41 sticky sshd\[30929\]: Invalid user operator from 129.28.153.112 port 39594 Nov 10 18:31:41 sticky sshd\[30929\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.153.112 ...	2019-11-11 01:34:33
185.176.27.102	attackspam	Multiport scan : 7 ports scanned 5492 5494 5586 5587 5588 5680 5681	2019-11-11 01:55:28
185.53.88.92	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2019-11-11 01:35:04
193.32.160.154	attackspambots	Nov 10 18:34:39 relay postfix/smtpd\[7415\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.154\]: 554 5.7.1 \: Relay access denied\; from=\<8z6d31g9n351@ipc.ru\> to=\ proto=ESMTP helo=\<\[193.32.160.151\]\> Nov 10 18:34:39 relay postfix/smtpd\[7415\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.154\]: 554 5.7.1 \: Relay access denied\; from=\<8z6d31g9n351@ipc.ru\> to=\ proto=ESMTP helo=\<\[193.32.160.151\]\> Nov 10 18:34:39 relay postfix/smtpd\[7415\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.154\]: 554 5.7.1 \: Relay access denied\; from=\<8z6d31g9n351@ipc.ru\> to=\ proto=ESMTP helo=\<\[193.32.160.151\]\> Nov 10 18:34:39 relay postfix/smtpd\[7415\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.154\]: 554 5.7.1 \: Relay access denied\; from=\<8z6d31g9n351@ipc.ru\> to=\ proto=ESMTP he ...	2019-11-11 01:34:49

最近上报的IP列表

80.191.237.169	177.239.38.150	173.254.194.16	198.108.66.34
117.50.72.196	121.204.129.159	203.150.58.34	173.249.11.243
128.204.191.78	69.12.72.183	77.40.127.254	152.249.21.46
82.131.176.147	5.74.2.134	172.246.126.116	104.244.42.72
185.17.149.136	81.26.64.34	183.109.79.252	165.227.179.69