106.13.48.9 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Oct 8 21:59:31 hidden sshd[4418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.9 Oct 8 21:59:33 hidden sshd[4418]: Failed password for invalid user kevin from 106.13.48.9 port 40514 ssh2 Oct 8 22:16:27 hidden sshd[11400]: Invalid user info from 106.13.48.9 port 38028	2020-10-10 04:46:19
attack	SSH bruteforce	2020-10-09 20:45:22
attackspam	2020-10-09T04:48:40+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-10-09 12:31:36

类型

评论内容

时间

attackbotsspam

Oct 8 21:59:31 *hidden* sshd[4418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.9 Oct 8 21:59:33 *hidden* sshd[4418]: Failed password for invalid user kevin from 106.13.48.9 port 40514 ssh2 Oct 8 22:16:27 *hidden* sshd[11400]: Invalid user info from 106.13.48.9 port 38028

2020-10-10 04:46:19

attack

SSH bruteforce

2020-10-09 20:45:22

attackspam

2020-10-09T04:48:40+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)

2020-10-09 12:31:36

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.48.122	attack	firewall-block, port(s): 14602/tcp	2020-09-06 20:34:34
106.13.48.122	attackspam	TCP (SYN) 106.13.48.122:47133 -> port 27055, len 44	2020-09-06 12:14:05
106.13.48.122	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-06 04:36:40
106.13.48.122	attack	Aug 11 22:32:14 Ubuntu-1404-trusty-64-minimal sshd\[13632\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 user=root Aug 11 22:32:16 Ubuntu-1404-trusty-64-minimal sshd\[13632\]: Failed password for root from 106.13.48.122 port 42005 ssh2 Aug 11 22:35:19 Ubuntu-1404-trusty-64-minimal sshd\[14456\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 user=root Aug 11 22:35:21 Ubuntu-1404-trusty-64-minimal sshd\[14456\]: Failed password for root from 106.13.48.122 port 61109 ssh2 Aug 11 22:36:39 Ubuntu-1404-trusty-64-minimal sshd\[14851\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 user=root	2020-08-12 05:44:27
106.13.48.122	attack	Unauthorized connection attempt detected from IP address 106.13.48.122 to port 8812	2020-07-25 16:06:07
106.13.48.122	attack	Unauthorized connection attempt detected from IP address 106.13.48.122 to port 768 [T]	2020-07-08 02:06:02
106.13.48.122	attackbots	Jul 6 16:56:18 ift sshd\[32718\]: Invalid user zxc from 106.13.48.122Jul 6 16:56:19 ift sshd\[32718\]: Failed password for invalid user zxc from 106.13.48.122 port 29093 ssh2Jul 6 16:59:16 ift sshd\[33111\]: Failed password for invalid user admin from 106.13.48.122 port 50249 ssh2Jul 6 17:02:02 ift sshd\[34103\]: Invalid user zhangfeng from 106.13.48.122Jul 6 17:02:04 ift sshd\[34103\]: Failed password for invalid user zhangfeng from 106.13.48.122 port 14912 ssh2 ...	2020-07-07 01:17:17
106.13.48.122	attackspam	Jul 5 05:48:37 meumeu sshd[538171]: Invalid user wor from 106.13.48.122 port 40808 Jul 5 05:48:37 meumeu sshd[538171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 Jul 5 05:48:37 meumeu sshd[538171]: Invalid user wor from 106.13.48.122 port 40808 Jul 5 05:48:39 meumeu sshd[538171]: Failed password for invalid user wor from 106.13.48.122 port 40808 ssh2 Jul 5 05:54:07 meumeu sshd[538299]: Invalid user cloud from 106.13.48.122 port 25505 Jul 5 05:54:07 meumeu sshd[538299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 Jul 5 05:54:07 meumeu sshd[538299]: Invalid user cloud from 106.13.48.122 port 25505 Jul 5 05:54:09 meumeu sshd[538299]: Failed password for invalid user cloud from 106.13.48.122 port 25505 ssh2 Jul 5 05:55:56 meumeu sshd[538334]: Invalid user crb from 106.13.48.122 port 39249 ...	2020-07-05 12:46:16
106.13.48.122	attack	Jul 4 03:27:17 PorscheCustomer sshd[13634]: Failed password for root from 106.13.48.122 port 10034 ssh2 Jul 4 03:28:58 PorscheCustomer sshd[13646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 Jul 4 03:29:00 PorscheCustomer sshd[13646]: Failed password for invalid user vegeta from 106.13.48.122 port 24280 ssh2 ...	2020-07-04 10:26:34
106.13.48.122	attackbots	(sshd) Failed SSH login from 106.13.48.122 (CN/China/-): 5 in the last 3600 secs	2020-06-30 14:19:30
106.13.48.122	attackbotsspam	Unauthorized connection attempt detected from IP address 106.13.48.122 to port 1741	2020-06-29 03:37:13
106.13.48.122	attackspambots	TCP (SYN) 106.13.48.122:44166 -> port 9066, len 44	2020-06-25 19:55:48
106.13.48.122	attackspam	Invalid user foo from 106.13.48.122 port 21601	2020-06-20 06:32:26
106.13.48.122	attackbots	Jun 14 13:16:34 debian-2gb-nbg1-2 kernel: \[14392106.448999\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=106.13.48.122 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=44233 PROTO=TCP SPT=59760 DPT=15235 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-14 19:24:13
106.13.48.122	attackspam	May 29 18:43:45 web1 sshd\[5339\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 user=root May 29 18:43:47 web1 sshd\[5339\]: Failed password for root from 106.13.48.122 port 29128 ssh2 May 29 18:46:57 web1 sshd\[5675\]: Invalid user webmin from 106.13.48.122 May 29 18:46:57 web1 sshd\[5675\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 May 29 18:47:00 web1 sshd\[5675\]: Failed password for invalid user webmin from 106.13.48.122 port 56198 ssh2	2020-05-30 13:09:42

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.48.9
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18568
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.48.9.			IN	A

;; AUTHORITY SECTION:
.			490	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100802 1800 900 604800 86400

;; Query time: 257 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 09 12:31:31 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 9.48.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 9.48.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
194.26.29.52	attack	Jun 6 09:44:06 debian-2gb-nbg1-2 kernel: \[13688195.680097\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.26.29.52 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=42349 PROTO=TCP SPT=47593 DPT=2288 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-06 16:31:27
222.186.190.17	attack	Jun 6 10:20:16 * sshd[14395]: Failed password for root from 222.186.190.17 port 14215 ssh2	2020-06-06 16:34:10
206.189.225.85	attackbotsspam	Jun 5 19:01:34 sachi sshd\[7156\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.225.85 user=root Jun 5 19:01:36 sachi sshd\[7156\]: Failed password for root from 206.189.225.85 port 45964 ssh2 Jun 5 19:04:56 sachi sshd\[7453\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.225.85 user=root Jun 5 19:04:58 sachi sshd\[7453\]: Failed password for root from 206.189.225.85 port 48984 ssh2 Jun 5 19:08:29 sachi sshd\[7756\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.225.85 user=root	2020-06-06 16:27:41
78.199.19.89	attackspam	Jun 6 10:23:17 inter-technics sshd[25560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.199.19.89 user=root Jun 6 10:23:19 inter-technics sshd[25560]: Failed password for root from 78.199.19.89 port 47584 ssh2 Jun 6 10:26:51 inter-technics sshd[25740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.199.19.89 user=root Jun 6 10:26:54 inter-technics sshd[25740]: Failed password for root from 78.199.19.89 port 51086 ssh2 Jun 6 10:30:24 inter-technics sshd[25986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.199.19.89 user=root Jun 6 10:30:26 inter-technics sshd[25986]: Failed password for root from 78.199.19.89 port 54506 ssh2 ...	2020-06-06 16:43:54
103.28.157.51	attackspambots	Port probing on unauthorized port 8080	2020-06-06 17:03:24
202.51.74.180	attackbotsspam	Jun 6 14:53:31 itv-usvr-01 sshd[21072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.51.74.180 user=root Jun 6 14:53:33 itv-usvr-01 sshd[21072]: Failed password for root from 202.51.74.180 port 36718 ssh2 Jun 6 14:56:54 itv-usvr-01 sshd[21162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.51.74.180 user=root Jun 6 14:56:56 itv-usvr-01 sshd[21162]: Failed password for root from 202.51.74.180 port 57764 ssh2	2020-06-06 16:30:56
20.184.8.97	attackspambots	Jun 6 08:55:41 minden010 sshd[24190]: Failed password for root from 20.184.8.97 port 59104 ssh2 Jun 6 08:57:33 minden010 sshd[24409]: Failed password for root from 20.184.8.97 port 56564 ssh2 ...	2020-06-06 17:10:12
106.51.80.198	attackbots	Jun 6 08:40:27 ip-172-31-61-156 sshd[7578]: Failed password for root from 106.51.80.198 port 47328 ssh2 Jun 6 08:40:26 ip-172-31-61-156 sshd[7578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.80.198 user=root Jun 6 08:40:27 ip-172-31-61-156 sshd[7578]: Failed password for root from 106.51.80.198 port 47328 ssh2 Jun 6 08:44:15 ip-172-31-61-156 sshd[7790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.80.198 user=root Jun 6 08:44:17 ip-172-31-61-156 sshd[7790]: Failed password for root from 106.51.80.198 port 49222 ssh2 ...	2020-06-06 16:56:47
119.45.36.52	attack	IDS admin	2020-06-06 16:45:05
101.89.95.77	attackspam	2020-06-06T07:54:43.608723mail.standpoint.com.ua sshd[907]: Failed password for root from 101.89.95.77 port 51560 ssh2 2020-06-06T07:57:16.943226mail.standpoint.com.ua sshd[1235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.95.77 user=root 2020-06-06T07:57:18.611720mail.standpoint.com.ua sshd[1235]: Failed password for root from 101.89.95.77 port 55426 ssh2 2020-06-06T07:59:39.932807mail.standpoint.com.ua sshd[1522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.95.77 user=root 2020-06-06T07:59:42.233424mail.standpoint.com.ua sshd[1522]: Failed password for root from 101.89.95.77 port 59294 ssh2 ...	2020-06-06 16:44:36
186.146.1.122	attackspambots	frenzy	2020-06-06 16:34:37
128.199.73.213	attackspam	TCP (SYN) 128.199.73.213:54218 -> port 11836, len 44	2020-06-06 16:41:48
188.162.229.91	attackspambots	Unauthorized connection attempt from IP address 188.162.229.91 on Port 445(SMB)	2020-06-06 17:01:10
51.68.33.33	attackbots	(mod_security) mod_security (id:210492) triggered by 51.68.33.33 (FR/France/ns31015669.ip-51-68-33.eu): 5 in the last 3600 secs	2020-06-06 16:49:05
49.88.112.75	attack	Jun 6 15:26:39 webhost01 sshd[24376]: Failed password for root from 49.88.112.75 port 17430 ssh2 ...	2020-06-06 16:51:18

最近上报的IP列表

125.18.250.237	254.95.227.31	42.180.206.192	140.120.101.158
97.1.182.54	137.239.103.227	181.64.129.78	101.83.65.173
125.240.116.27	114.245.183.176	99.158.33.106	151.51.62.250
191.187.144.190	115.203.161.214	82.92.117.254	54.148.139.100
15.105.150.61	158.1.130.90	67.227.167.12	28.242.176.121