106.13.130.146

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Nov 3 10:57:41 DAAP sshd[24130]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.130.146 user=root Nov 3 10:57:43 DAAP sshd[24130]: Failed password for root from 106.13.130.146 port 48136 ssh2 Nov 3 11:02:42 DAAP sshd[24193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.130.146 user=root Nov 3 11:02:44 DAAP sshd[24193]: Failed password for root from 106.13.130.146 port 56838 ssh2 Nov 3 11:07:33 DAAP sshd[24206]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.130.146 user=root Nov 3 11:07:36 DAAP sshd[24206]: Failed password for root from 106.13.130.146 port 37274 ssh2 ...	2019-11-03 18:51:59
attackspambots	Nov 2 04:40:48 mail sshd[24852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.130.146 user=root Nov 2 04:40:49 mail sshd[24852]: Failed password for root from 106.13.130.146 port 53332 ssh2 Nov 2 04:48:12 mail sshd[3797]: Invalid user 2897 from 106.13.130.146 Nov 2 04:48:12 mail sshd[3797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.130.146 Nov 2 04:48:12 mail sshd[3797]: Invalid user 2897 from 106.13.130.146 Nov 2 04:48:15 mail sshd[3797]: Failed password for invalid user 2897 from 106.13.130.146 port 44726 ssh2 ...	2019-11-02 16:30:37
attack	2019-11-01T13:00:16.650543abusebot-2.cloudsearch.cf sshd\[8729\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.130.146 user=root	2019-11-01 21:30:44
attackbotsspam	2019-10-30T16:31:37.891235abusebot-3.cloudsearch.cf sshd\[1153\]: Invalid user test from 106.13.130.146 port 46474	2019-10-31 00:46:14

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.130.166	attack	Automatic report - Banned IP Access	2020-10-04 08:51:20
106.13.130.166	attackspambots	Automatic report - Banned IP Access	2020-10-04 01:24:56
106.13.130.208	attackspam	May 14 12:23:16 vlre-nyc-1 sshd\[12889\]: Invalid user deploy from 106.13.130.208 May 14 12:23:16 vlre-nyc-1 sshd\[12889\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.130.208 May 14 12:23:18 vlre-nyc-1 sshd\[12889\]: Failed password for invalid user deploy from 106.13.130.208 port 53648 ssh2 May 14 12:26:54 vlre-nyc-1 sshd\[13014\]: Invalid user test3 from 106.13.130.208 May 14 12:26:54 vlre-nyc-1 sshd\[13014\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.130.208 ...	2020-05-14 22:35:19
106.13.130.208	attackspambots	2020-05-11T10:00:40.124954randservbullet-proofcloud-66.localdomain sshd[28565]: Invalid user yh from 106.13.130.208 port 56350 2020-05-11T10:00:40.130484randservbullet-proofcloud-66.localdomain sshd[28565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.130.208 2020-05-11T10:00:40.124954randservbullet-proofcloud-66.localdomain sshd[28565]: Invalid user yh from 106.13.130.208 port 56350 2020-05-11T10:00:42.297407randservbullet-proofcloud-66.localdomain sshd[28565]: Failed password for invalid user yh from 106.13.130.208 port 56350 ssh2 ...	2020-05-11 18:21:20
106.13.130.66	attackspambots	Apr 3 21:04:33 php1 sshd\[4529\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.130.66 user=root Apr 3 21:04:35 php1 sshd\[4529\]: Failed password for root from 106.13.130.66 port 40622 ssh2 Apr 3 21:09:37 php1 sshd\[5101\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.130.66 user=root Apr 3 21:09:39 php1 sshd\[5101\]: Failed password for root from 106.13.130.66 port 37576 ssh2 Apr 3 21:14:25 php1 sshd\[5483\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.130.66 user=root	2020-04-04 17:57:00
106.13.130.66	attack	Invalid user ws from 106.13.130.66 port 48216	2020-04-03 23:21:50
106.13.130.208	attack	SSH login attempts.	2020-03-30 13:58:54
106.13.130.208	attackbotsspam	Mar 27 06:49:06 mockhub sshd[22872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.130.208 Mar 27 06:49:08 mockhub sshd[22872]: Failed password for invalid user jkl from 106.13.130.208 port 33824 ssh2 ...	2020-03-28 01:29:28
106.13.130.66	attackbots	Mar 26 12:12:34 legacy sshd[6736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.130.66 Mar 26 12:12:37 legacy sshd[6736]: Failed password for invalid user jboss from 106.13.130.66 port 46144 ssh2 Mar 26 12:14:08 legacy sshd[6755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.130.66 ...	2020-03-26 20:18:09
106.13.130.66	attackbots	SSH Authentication Attempts Exceeded	2020-03-24 16:21:44
106.13.130.208	attackbotsspam	Mar 24 01:03:22 silence02 sshd[16057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.130.208 Mar 24 01:03:24 silence02 sshd[16057]: Failed password for invalid user cassy from 106.13.130.208 port 46516 ssh2 Mar 24 01:06:43 silence02 sshd[16198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.130.208	2020-03-24 10:07:25
106.13.130.80	attack	Invalid user ark from 106.13.130.80 port 47172	2020-03-20 18:18:53
106.13.130.66	attackbotsspam	Mar 3 07:10:46 lnxded63 sshd[3915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.130.66	2020-03-03 15:22:12
106.13.130.66	attackbots	$f2bV_matches	2020-02-13 16:04:35
106.13.130.66	attackspam	Unauthorized connection attempt detected from IP address 106.13.130.66 to port 2220 [J]	2020-01-29 15:28:15

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.130.146
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51114
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.130.146.			IN	A

;; AUTHORITY SECTION:
.			341	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019103000 1800 900 604800 86400

;; Query time: 92 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 31 00:46:04 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 146.130.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 146.130.13.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
51.79.29.55	spamattack	Website attack, scanning for username and passwd	2021-01-04 16:30:38
185.63.253.200	spambotsattackproxynormal	Kiki	2021-01-05 23:14:06
417A	proxy	Bahagia	2021-01-04 03:25:36
154.28.188.138	normal	try to attack QNAP NAS	2020-12-31 19:05:05
185.30.177.176	spambots	using SSL application, could be a monero miner	2020-12-30 13:56:34
185.63.253.200	spam	Bokep taxsi	2020-12-28 07:27:03
134.73.146.43	spamattack	Double-Sided Holster : Is this the perfect concealed holster?: from [134.73.146.43] (port=53859 helo=burke.healthief.best): Sat, 26 Dec 2020 19:12:01 +1100	2020-12-27 06:07:34
134.73.146.14	spamattack	PHISHING ATTACK Neck Relax - ElectronicPulseMassager@dealspost.icu : "Everyone at some point has suffered pain in their neck" : from [134.73.146.14] (port=60062 helo=chula.dealspost.icu) : Wed, 30 Dec 2020 22:29:47 +1100	2020-12-31 06:30:50
195.62.32.21	spamattack	PHISHING ATTACK Meet Ultrazoom : "Super Telephoto Zoom Monocular Telescope" : from [195.62.32.21] (port=49191 helo=yoke.bloodpressure.buzz) : Wed, 30 Dec 2020 22:04:26 +1100	2020-12-31 06:23:57
112.85.42.194	proxy	Bokep	2020-12-31 01:11:04
255.255.255.240	attackproxy	Hacker	2021-01-08 22:28:17
63.80.89.179	spamattack	PHISHING ATTACK : Heidi at Biden Small Business Assistance -isabelle@vulnessione.top : "Re: Supposed to follow up with you? $24.99/mo credit card processing (flat-fee)": from [63.80.89.179] (port=38548 helo=mail.vulnessione.top) : Sun, 27 Dec 2020 16:44:18 +1100	2020-12-27 18:09:52
185.63.253.200	spamattackproxynormal	Kiki	2021-01-05 23:14:18
63.80.89.143	spamattack	PHISHING ATTACK : Biden Small Business Help - eloise@chinte.top : "Re: Merchants 2020 - Flat-Fee Credit Card Processing $24.99/mo - Unlimited" : from [63.80.89.143] (port=55265 helo=mail.chinte.top) : Sun, 27 Dec 2020 19:39:49 +1100	2020-12-27 18:06:28
165.22.79.166	attack	NGINX Error log on xx.xx.xx.xx_portal_nginx_n1, upstream failed 2021/01/08 08:54:31 [error] 5969#0: *25997705 upstream sent no valid HTTP/1.0 header while reading response header from upstream, client: 165.22.79.169, server: xxx.xx, request: "GET /cgi-bin/weblogin.cgi?username=admin';echo $((1+1787568)) HTTP/1.1", upstream: "http://xx.xx.xx.xx:8000/cgi-bin/weblogin.cgi?username=admin';echo $((1+1787568))", host: "xxx.xx"	2021-01-08 11:06:40

最近上报的IP列表

176.94.104.160	232.16.191.68	190.131.85.153	20.46.199.31
59.94.169.38	243.250.178.197	89.219.234.86	3.55.167.231
129.50.195.228	201.131.82.139	159.252.191.108	222.189.10.54
0.111.208.19	1.144.231.79	13.209.19.23	228.15.25.13
11.63.101.211	184.15.250.92	176.221.38.40	217.104.235.218