106.13.131.80 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	(sshd) Failed SSH login from 106.13.131.80 (CN/China/-): 5 in the last 3600 secs	2020-05-29 19:52:52
attackbots	May 21 23:17:09 srv-ubuntu-dev3 sshd[35226]: Invalid user panigrahi from 106.13.131.80 May 21 23:17:09 srv-ubuntu-dev3 sshd[35226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 May 21 23:17:09 srv-ubuntu-dev3 sshd[35226]: Invalid user panigrahi from 106.13.131.80 May 21 23:17:11 srv-ubuntu-dev3 sshd[35226]: Failed password for invalid user panigrahi from 106.13.131.80 port 35924 ssh2 May 21 23:21:12 srv-ubuntu-dev3 sshd[35851]: Invalid user ry from 106.13.131.80 May 21 23:21:12 srv-ubuntu-dev3 sshd[35851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 May 21 23:21:12 srv-ubuntu-dev3 sshd[35851]: Invalid user ry from 106.13.131.80 May 21 23:21:14 srv-ubuntu-dev3 sshd[35851]: Failed password for invalid user ry from 106.13.131.80 port 34936 ssh2 May 21 23:25:15 srv-ubuntu-dev3 sshd[36578]: Invalid user frh from 106.13.131.80 ...	2020-05-22 07:13:31
attackbotsspam	May 19 11:42:36 lnxded64 sshd[25478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80	2020-05-20 02:36:35
attack	May 8 22:35:08 web1 sshd\[445\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 user=root May 8 22:35:10 web1 sshd\[445\]: Failed password for root from 106.13.131.80 port 55912 ssh2 May 8 22:42:28 web1 sshd\[1093\]: Invalid user mcj from 106.13.131.80 May 8 22:42:28 web1 sshd\[1093\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 May 8 22:42:30 web1 sshd\[1093\]: Failed password for invalid user mcj from 106.13.131.80 port 50784 ssh2	2020-05-10 02:45:48
attackspambots	$f2bV_matches	2020-05-03 17:03:17
attackbots	Invalid user eg from 106.13.131.80 port 38876	2020-04-21 23:50:11
attackbots	DATE:2020-04-14 05:53:09,IP:106.13.131.80,MATCHES:10,PORT:ssh	2020-04-14 13:56:32
attackbots	Apr 8 13:44:58 rotator sshd\[23088\]: Invalid user cumulus from 106.13.131.80Apr 8 13:45:00 rotator sshd\[23088\]: Failed password for invalid user cumulus from 106.13.131.80 port 54630 ssh2Apr 8 13:48:18 rotator sshd\[23866\]: Invalid user test from 106.13.131.80Apr 8 13:48:19 rotator sshd\[23866\]: Failed password for invalid user test from 106.13.131.80 port 60072 ssh2Apr 8 13:49:41 rotator sshd\[23873\]: Failed password for backup from 106.13.131.80 port 47374 ssh2Apr 8 13:51:03 rotator sshd\[24625\]: Invalid user admin from 106.13.131.80 ...	2020-04-08 20:14:33
attackspambots	ssh brute force	2020-04-07 13:17:25
attackspambots	Apr 2 14:58:54 meumeu sshd[29271]: Failed password for root from 106.13.131.80 port 52304 ssh2 Apr 2 15:03:56 meumeu sshd[29939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 Apr 2 15:03:59 meumeu sshd[29939]: Failed password for invalid user ky from 106.13.131.80 port 53454 ssh2 ...	2020-04-02 23:36:24
attackbotsspam	Mar 30 03:28:43 srv-ubuntu-dev3 sshd[59757]: Invalid user vqf from 106.13.131.80 Mar 30 03:28:43 srv-ubuntu-dev3 sshd[59757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 Mar 30 03:28:43 srv-ubuntu-dev3 sshd[59757]: Invalid user vqf from 106.13.131.80 Mar 30 03:28:45 srv-ubuntu-dev3 sshd[59757]: Failed password for invalid user vqf from 106.13.131.80 port 53314 ssh2 Mar 30 03:31:26 srv-ubuntu-dev3 sshd[60275]: Invalid user valeska from 106.13.131.80 Mar 30 03:31:26 srv-ubuntu-dev3 sshd[60275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 Mar 30 03:31:26 srv-ubuntu-dev3 sshd[60275]: Invalid user valeska from 106.13.131.80 Mar 30 03:31:28 srv-ubuntu-dev3 sshd[60275]: Failed password for invalid user valeska from 106.13.131.80 port 35430 ssh2 Mar 30 03:34:14 srv-ubuntu-dev3 sshd[60716]: Invalid user yno from 106.13.131.80 ...	2020-03-30 09:41:57
attack	Mar 25 19:41:34 xxxxxxx0 sshd[24209]: Invalid user lexus from 106.13.131.80 port 42528 Mar 25 19:41:34 xxxxxxx0 sshd[24209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 Mar 25 19:41:36 xxxxxxx0 sshd[24209]: Failed password for invalid user lexus from 106.13.131.80 port 42528 ssh2 Mar 25 19:55:38 xxxxxxx0 sshd[27516]: Invalid user ghostname from 106.13.131.80 port 53882 Mar 25 19:55:38 xxxxxxx0 sshd[27516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.13.131.80	2020-03-28 08:20:13

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.131.132	attackbots	Aug 24 07:58:52 prod4 sshd\[9180\]: Invalid user tecmint from 106.13.131.132 Aug 24 07:58:55 prod4 sshd\[9180\]: Failed password for invalid user tecmint from 106.13.131.132 port 33278 ssh2 Aug 24 08:07:32 prod4 sshd\[13463\]: Invalid user felix from 106.13.131.132 ...	2020-08-24 15:15:06
106.13.131.153	attack	CMS (WordPress or Joomla) login attempt.	2020-03-11 12:41:50
106.13.131.4	attackbotsspam	Jan 1 18:51:37 lnxweb61 sshd[24235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4	2020-01-02 03:14:05
106.13.131.4	attackspambots	SSH Brute Force, server-1 sshd[29691]: Failed password for invalid user buiron from 106.13.131.4 port 33620 ssh2	2019-12-19 05:39:16
106.13.131.4	attackbots	Dec 13 08:44:46 MK-Soft-Root1 sshd[29125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4 Dec 13 08:44:48 MK-Soft-Root1 sshd[29125]: Failed password for invalid user koson from 106.13.131.4 port 57852 ssh2 ...	2019-12-13 20:11:00
106.13.131.4	attackbots	SSH Brute-Force reported by Fail2Ban	2019-12-13 07:37:44
106.13.131.4	attackbotsspam	Dec 11 00:12:24 mail sshd\[2160\]: Invalid user otavio from 106.13.131.4 Dec 11 00:12:24 mail sshd\[2160\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4 Dec 11 00:12:26 mail sshd\[2160\]: Failed password for invalid user otavio from 106.13.131.4 port 60676 ssh2 ...	2019-12-11 08:42:53
106.13.131.4	attackspam	Nov 26 18:35:45 ns37 sshd[4240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4	2019-11-27 03:13:45
106.13.131.142	attack	Nov 23 00:56:21 ncomp sshd[2602]: Invalid user admin from 106.13.131.142 Nov 23 00:56:21 ncomp sshd[2602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.142 Nov 23 00:56:21 ncomp sshd[2602]: Invalid user admin from 106.13.131.142 Nov 23 00:56:23 ncomp sshd[2602]: Failed password for invalid user admin from 106.13.131.142 port 38000 ssh2	2019-11-23 07:07:44
106.13.131.4	attackspambots	Nov 21 16:55:18 MK-Soft-VM8 sshd[2263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4 Nov 21 16:55:19 MK-Soft-VM8 sshd[2263]: Failed password for invalid user admin from 106.13.131.4 port 50150 ssh2 ...	2019-11-22 04:13:29
106.13.131.4	attack	78 failed attempt(s) in the last 24h	2019-11-15 08:24:14
106.13.131.4	attackbots	Nov 13 20:56:51 auw2 sshd\[11219\]: Invalid user apache from 106.13.131.4 Nov 13 20:56:51 auw2 sshd\[11219\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4 Nov 13 20:56:53 auw2 sshd\[11219\]: Failed password for invalid user apache from 106.13.131.4 port 39928 ssh2 Nov 13 21:02:17 auw2 sshd\[11633\]: Invalid user server from 106.13.131.4 Nov 13 21:02:17 auw2 sshd\[11633\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4	2019-11-14 15:29:22
106.13.131.142	attack	Automatic report - Banned IP Access	2019-08-22 01:03:48
106.13.131.142	attackbotsspam	Aug 13 22:03:47 server01 sshd\[1314\]: Invalid user sshuser from 106.13.131.142 Aug 13 22:03:47 server01 sshd\[1314\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.142 Aug 13 22:03:49 server01 sshd\[1314\]: Failed password for invalid user sshuser from 106.13.131.142 port 37678 ssh2 ...	2019-08-14 03:05:24
106.13.131.142	attackbotsspam	Aug 13 12:56:22 tux-35-217 sshd\[15432\]: Invalid user developer from 106.13.131.142 port 53818 Aug 13 12:56:22 tux-35-217 sshd\[15432\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.142 Aug 13 12:56:23 tux-35-217 sshd\[15432\]: Failed password for invalid user developer from 106.13.131.142 port 53818 ssh2 Aug 13 13:03:08 tux-35-217 sshd\[15478\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.142 user=www-data ...	2019-08-13 19:09:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.131.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52944
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.131.80.			IN	A

;; AUTHORITY SECTION:
.			557	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032702 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 28 08:20:10 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 80.131.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 80.131.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
177.220.172.145	attackbotsspam	2019-07-26T15:29:31.033516abusebot-5.cloudsearch.cf sshd\[18298\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.220.172.145 user=root	2019-07-27 01:58:15
45.40.198.41	attackbots	Jul 26 12:42:25 aat-srv002 sshd[28805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.40.198.41 Jul 26 12:42:27 aat-srv002 sshd[28805]: Failed password for invalid user flex from 45.40.198.41 port 47089 ssh2 Jul 26 12:48:37 aat-srv002 sshd[28959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.40.198.41 Jul 26 12:48:39 aat-srv002 sshd[28959]: Failed password for invalid user wb from 45.40.198.41 port 44380 ssh2 ...	2019-07-27 02:08:03
46.167.79.215	attack	Automatic report - Port Scan Attack	2019-07-27 01:17:14
80.82.65.105	attackspam	26.07.2019 17:25:45 Connection to port 953 blocked by firewall	2019-07-27 01:38:08
94.159.18.194	attackbots	Jul 26 19:39:39 eventyay sshd[8825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.159.18.194 Jul 26 19:39:41 eventyay sshd[8825]: Failed password for invalid user vpn from 94.159.18.194 port 48198 ssh2 Jul 26 19:44:10 eventyay sshd[10198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.159.18.194 ...	2019-07-27 01:54:46
138.94.193.36	attackspam	Jul 26 11:04:28 our-server-hostname postfix/smtpd[20997]: connect from unknown[138.94.193.36] Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul 26 11:04:33 our-server-hostname postfix/smtpd[20997]: lost connection after RCPT from unknown[138.94.193.36] Jul 26 11:04:33 our-server-hostname postfix/smtpd[20997]: disconnect from unknown[138.94.193.36] Jul 26 17:59:12 our-server-hostname postfix/smtpd[11780]: connect from unknown[138.94.193.36] Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=138.94.193.36	2019-07-27 01:31:33
203.195.241.45	attackspam	2019-07-26T17:02:41.221192abusebot-4.cloudsearch.cf sshd\[14643\]: Invalid user webmaster from 203.195.241.45 port 39418	2019-07-27 01:23:13
81.12.13.169	attackbots	Jul 26 13:54:18 debian sshd\[21698\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.12.13.169 user=root Jul 26 13:54:20 debian sshd\[21698\]: Failed password for root from 81.12.13.169 port 39816 ssh2 Jul 26 13:58:30 debian sshd\[21709\]: Invalid user test from 81.12.13.169 port 53248 ...	2019-07-27 02:03:20
185.176.26.100	attackbots	Splunk® : port scan detected: Jul 26 11:28:55 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:64:c3:d6:0b:ef:f0:08:00 SRC=185.176.26.100 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=43723 PROTO=TCP SPT=41515 DPT=6480 WINDOW=1024 RES=0x00 SYN URGP=0	2019-07-27 01:26:30
192.74.254.164	attack	Jul 26 10:40:17 toyboy sshd[13498]: Did not receive identification string from 192.74.254.164 Jul 26 10:40:18 toyboy sshd[13499]: Did not receive identification string from 192.74.254.164 Jul 26 10:40:18 toyboy sshd[13500]: Did not receive identification string from 192.74.254.164 Jul 26 10:40:34 toyboy sshd[13505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.74.254.164 user=r.r Jul 26 10:40:34 toyboy sshd[13501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.74.254.164 user=r.r Jul 26 10:40:35 toyboy sshd[13503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.74.254.164 user=r.r Jul 26 10:40:36 toyboy sshd[13503]: Failed password for r.r from 192.74.254.164 port 36013 ssh2 Jul 26 10:40:36 toyboy sshd[13503]: error: Received disconnect from 192.74.254.164: 3: com.jcraft.jsch.JSchException: Auth fail [preauth] Jul 26 10:40:37 toybo........ -------------------------------	2019-07-27 02:10:08
212.118.1.206	attackspambots	Jul 26 18:41:51 mail sshd\[30730\]: Failed password for invalid user ajay from 212.118.1.206 port 57716 ssh2 Jul 26 18:58:02 mail sshd\[31111\]: Invalid user julia from 212.118.1.206 port 49184 Jul 26 18:58:02 mail sshd\[31111\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.118.1.206 ...	2019-07-27 02:06:12
5.55.142.53	attack	Telnet Server BruteForce Attack	2019-07-27 02:08:29
220.157.174.22	attackbotsspam	2019-07-26T17:50:18.570792abusebot-8.cloudsearch.cf sshd\[19129\]: Invalid user ey from 220.157.174.22 port 40602	2019-07-27 02:01:41
51.77.231.213	attackbotsspam	Jul 26 17:15:48 MK-Soft-VM5 sshd\[24169\]: Invalid user hoster from 51.77.231.213 port 47732 Jul 26 17:15:48 MK-Soft-VM5 sshd\[24169\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.231.213 Jul 26 17:15:50 MK-Soft-VM5 sshd\[24169\]: Failed password for invalid user hoster from 51.77.231.213 port 47732 ssh2 ...	2019-07-27 01:24:35
14.29.241.146	attackbotsspam	Jul 26 13:30:10 plusreed sshd[6299]: Invalid user flame from 14.29.241.146 ...	2019-07-27 01:30:39

最近上报的IP列表

80.89.77.139	106.148.160.37	203.231.99.126	33.167.215.194
242.56.223.100	211.82.159.161	5.45.68.15	77.119.137.87
199.136.77.102	178.184.64.180	159.233.113.58	185.86.210.78
196.193.0.16	18.122.147.130	104.88.112.82	245.146.140.238
236.244.232.232	123.20.127.34	149.166.62.44	124.20.133.119