27.13.98.80 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Chongqing Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Jun 16 05:53:01 debian-2gb-nbg1-2 kernel: \[14538285.875998\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=27.13.98.80 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=42 ID=36740 PROTO=TCP SPT=14402 DPT=23 WINDOW=3698 RES=0x00 SYN URGP=0	2020-06-16 13:55:21

类型

评论内容

时间

attackspam

Jun 16 05:53:01 debian-2gb-nbg1-2 kernel: \[14538285.875998\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=27.13.98.80 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=42 ID=36740 PROTO=TCP SPT=14402 DPT=23 WINDOW=3698 RES=0x00 SYN URGP=0

2020-06-16 13:55:21

相同子网IP讨论:

IP	类型	评论内容	时间
27.13.98.195	attackbotsspam	unauthorized connection attempt	2020-01-09 14:26:19

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.13.98.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16585
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;27.13.98.80.			IN	A

;; AUTHORITY SECTION:
.			320	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061503 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 16 13:55:16 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 80.98.13.27.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 80.98.13.27.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
220.118.173.182	attackbots	Nov 19 05:53:22 itv-usvr-01 sshd[27407]: Invalid user ubnt from 220.118.173.182 Nov 19 05:53:22 itv-usvr-01 sshd[27407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.118.173.182 Nov 19 05:53:22 itv-usvr-01 sshd[27407]: Invalid user ubnt from 220.118.173.182 Nov 19 05:53:24 itv-usvr-01 sshd[27407]: Failed password for invalid user ubnt from 220.118.173.182 port 37456 ssh2 Nov 19 05:53:24 itv-usvr-01 sshd[27409]: Invalid user support from 220.118.173.182	2019-11-19 07:57:50
60.167.82.35	attackspambots	[Aegis] @ 2019-11-18 22:52:39 0000 -> Attempt to use mail server as relay (550: Requested action not taken).	2019-11-19 08:26:58
95.168.186.211	attackbotsspam	[munged]::443 95.168.186.211 - - [18/Nov/2019:23:53:24 +0100] "POST /[munged]: HTTP/1.1" 200 9082 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 95.168.186.211 - - [18/Nov/2019:23:53:24 +0100] "POST /[munged]: HTTP/1.1" 200 9082 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 95.168.186.211 - - [18/Nov/2019:23:53:24 +0100] "POST /[munged]: HTTP/1.1" 200 9082 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 95.168.186.211 - - [18/Nov/2019:23:53:25 +0100] "POST /[munged]: HTTP/1.1" 200 9082 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 95.168.186.211 - - [18/Nov/2019:23:53:25 +0100] "POST /[munged]: HTTP/1.1" 200 9082 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 95.168.186.211 - - [18/Nov/2019:23:53:25 +0100] "POST /[munged]: HTTP/1.1" 200 9082 "-" "Mozilla/5.0 (X11	2019-11-19 07:56:13
165.22.78.222	attack	Nov 18 18:39:49 linuxvps sshd\[33888\]: Invalid user admin from 165.22.78.222 Nov 18 18:39:49 linuxvps sshd\[33888\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.78.222 Nov 18 18:39:51 linuxvps sshd\[33888\]: Failed password for invalid user admin from 165.22.78.222 port 41092 ssh2 Nov 18 18:43:25 linuxvps sshd\[36096\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.78.222 user=bin Nov 18 18:43:28 linuxvps sshd\[36096\]: Failed password for bin from 165.22.78.222 port 49140 ssh2	2019-11-19 07:55:28
35.224.155.4	attack	Automatic report - XMLRPC Attack	2019-11-19 07:56:59
139.59.90.40	attackbots	2019-11-18T23:08:27.731606hub.schaetter.us sshd\[12721\]: Invalid user jamie from 139.59.90.40 port 64726 2019-11-18T23:08:27.740932hub.schaetter.us sshd\[12721\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.90.40 2019-11-18T23:08:29.848721hub.schaetter.us sshd\[12721\]: Failed password for invalid user jamie from 139.59.90.40 port 64726 ssh2 2019-11-18T23:12:25.032704hub.schaetter.us sshd\[12765\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.90.40 user=root 2019-11-18T23:12:27.009987hub.schaetter.us sshd\[12765\]: Failed password for root from 139.59.90.40 port 38241 ssh2 ...	2019-11-19 08:06:37
183.89.233.125	attackbotsspam	port scan and connect, tcp 23 (telnet)	2019-11-19 07:52:32
116.89.12.18	attackspam	Invalid user pi from 116.89.12.18 port 48900 Invalid user pi from 116.89.12.18 port 48904 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.89.12.18 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.89.12.18 Failed password for invalid user pi from 116.89.12.18 port 48900 ssh2	2019-11-19 07:54:25
24.169.87.178	attackbots	Shenzhen TV vulnerability scan, accessed by IP not domain: 24.169.87.178 - - [18/Nov/2019:16:47:08 +0000] "POST /editBlackAndWhiteList HTTP/1.1" 404 260 "-" "ApiTool"	2019-11-19 08:08:29
107.181.174.74	attackbots	2019-11-18T22:48:53.506930hub.schaetter.us sshd\[12605\]: Invalid user guillory from 107.181.174.74 port 49872 2019-11-18T22:48:53.518102hub.schaetter.us sshd\[12605\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.181.174.74 2019-11-18T22:48:55.791359hub.schaetter.us sshd\[12605\]: Failed password for invalid user guillory from 107.181.174.74 port 49872 ssh2 2019-11-18T22:53:17.986969hub.schaetter.us sshd\[12629\]: Invalid user drweb from 107.181.174.74 port 58264 2019-11-18T22:53:18.001819hub.schaetter.us sshd\[12629\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.181.174.74 ...	2019-11-19 08:05:05
35.221.51.49	attack	Attempting to gain administrator access to CMS.	2019-11-19 07:59:11
27.197.103.126	attackbots	Automatic report - Port Scan Attack	2019-11-19 08:23:22
71.177.42.130	attack	Shenzhen TV vulnerability scan, accessed by IP not domain: 71.177.42.130 - - [18/Nov/2019:07:47:43 +0000] "POST /editBlackAndWhiteList HTTP/1.1" 404 260 "-" "ApiTool"	2019-11-19 08:22:37
178.128.213.91	attackspam	Invalid user adrc from 178.128.213.91 port 41688	2019-11-19 08:09:00
106.13.67.54	attackbotsspam	2019-11-18T23:39:29.147269shield sshd\[23352\]: Invalid user cloudtest from 106.13.67.54 port 53662 2019-11-18T23:39:29.151925shield sshd\[23352\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54 2019-11-18T23:39:31.213975shield sshd\[23352\]: Failed password for invalid user cloudtest from 106.13.67.54 port 53662 ssh2 2019-11-18T23:43:47.126688shield sshd\[23810\]: Invalid user scofield from 106.13.67.54 port 60992 2019-11-18T23:43:47.131065shield sshd\[23810\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54	2019-11-19 07:58:14

最近上报的IP列表

188.225.73.238	66.165.74.42	126.212.182.100	145.68.2.236
211.138.29.58	31.21.75.99	185.244.96.95	114.236.230.82
187.214.234.228	116.212.139.203	199.187.211.213	119.191.26.118
137.59.163.226	179.95.241.91	192.35.168.144	41.233.88.114
185.195.24.120	14.231.86.176	122.117.51.86	218.20.7.10