106.13.131.80 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	(sshd) Failed SSH login from 106.13.131.80 (CN/China/-): 5 in the last 3600 secs	2020-05-29 19:52:52
attackbots	May 21 23:17:09 srv-ubuntu-dev3 sshd[35226]: Invalid user panigrahi from 106.13.131.80 May 21 23:17:09 srv-ubuntu-dev3 sshd[35226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 May 21 23:17:09 srv-ubuntu-dev3 sshd[35226]: Invalid user panigrahi from 106.13.131.80 May 21 23:17:11 srv-ubuntu-dev3 sshd[35226]: Failed password for invalid user panigrahi from 106.13.131.80 port 35924 ssh2 May 21 23:21:12 srv-ubuntu-dev3 sshd[35851]: Invalid user ry from 106.13.131.80 May 21 23:21:12 srv-ubuntu-dev3 sshd[35851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 May 21 23:21:12 srv-ubuntu-dev3 sshd[35851]: Invalid user ry from 106.13.131.80 May 21 23:21:14 srv-ubuntu-dev3 sshd[35851]: Failed password for invalid user ry from 106.13.131.80 port 34936 ssh2 May 21 23:25:15 srv-ubuntu-dev3 sshd[36578]: Invalid user frh from 106.13.131.80 ...	2020-05-22 07:13:31
attackbotsspam	May 19 11:42:36 lnxded64 sshd[25478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80	2020-05-20 02:36:35
attack	May 8 22:35:08 web1 sshd\[445\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 user=root May 8 22:35:10 web1 sshd\[445\]: Failed password for root from 106.13.131.80 port 55912 ssh2 May 8 22:42:28 web1 sshd\[1093\]: Invalid user mcj from 106.13.131.80 May 8 22:42:28 web1 sshd\[1093\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 May 8 22:42:30 web1 sshd\[1093\]: Failed password for invalid user mcj from 106.13.131.80 port 50784 ssh2	2020-05-10 02:45:48
attackspambots	$f2bV_matches	2020-05-03 17:03:17
attackbots	Invalid user eg from 106.13.131.80 port 38876	2020-04-21 23:50:11
attackbots	DATE:2020-04-14 05:53:09,IP:106.13.131.80,MATCHES:10,PORT:ssh	2020-04-14 13:56:32
attackbots	Apr 8 13:44:58 rotator sshd\[23088\]: Invalid user cumulus from 106.13.131.80Apr 8 13:45:00 rotator sshd\[23088\]: Failed password for invalid user cumulus from 106.13.131.80 port 54630 ssh2Apr 8 13:48:18 rotator sshd\[23866\]: Invalid user test from 106.13.131.80Apr 8 13:48:19 rotator sshd\[23866\]: Failed password for invalid user test from 106.13.131.80 port 60072 ssh2Apr 8 13:49:41 rotator sshd\[23873\]: Failed password for backup from 106.13.131.80 port 47374 ssh2Apr 8 13:51:03 rotator sshd\[24625\]: Invalid user admin from 106.13.131.80 ...	2020-04-08 20:14:33
attackspambots	ssh brute force	2020-04-07 13:17:25
attackspambots	Apr 2 14:58:54 meumeu sshd[29271]: Failed password for root from 106.13.131.80 port 52304 ssh2 Apr 2 15:03:56 meumeu sshd[29939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 Apr 2 15:03:59 meumeu sshd[29939]: Failed password for invalid user ky from 106.13.131.80 port 53454 ssh2 ...	2020-04-02 23:36:24
attackbotsspam	Mar 30 03:28:43 srv-ubuntu-dev3 sshd[59757]: Invalid user vqf from 106.13.131.80 Mar 30 03:28:43 srv-ubuntu-dev3 sshd[59757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 Mar 30 03:28:43 srv-ubuntu-dev3 sshd[59757]: Invalid user vqf from 106.13.131.80 Mar 30 03:28:45 srv-ubuntu-dev3 sshd[59757]: Failed password for invalid user vqf from 106.13.131.80 port 53314 ssh2 Mar 30 03:31:26 srv-ubuntu-dev3 sshd[60275]: Invalid user valeska from 106.13.131.80 Mar 30 03:31:26 srv-ubuntu-dev3 sshd[60275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 Mar 30 03:31:26 srv-ubuntu-dev3 sshd[60275]: Invalid user valeska from 106.13.131.80 Mar 30 03:31:28 srv-ubuntu-dev3 sshd[60275]: Failed password for invalid user valeska from 106.13.131.80 port 35430 ssh2 Mar 30 03:34:14 srv-ubuntu-dev3 sshd[60716]: Invalid user yno from 106.13.131.80 ...	2020-03-30 09:41:57
attack	Mar 25 19:41:34 xxxxxxx0 sshd[24209]: Invalid user lexus from 106.13.131.80 port 42528 Mar 25 19:41:34 xxxxxxx0 sshd[24209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 Mar 25 19:41:36 xxxxxxx0 sshd[24209]: Failed password for invalid user lexus from 106.13.131.80 port 42528 ssh2 Mar 25 19:55:38 xxxxxxx0 sshd[27516]: Invalid user ghostname from 106.13.131.80 port 53882 Mar 25 19:55:38 xxxxxxx0 sshd[27516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.13.131.80	2020-03-28 08:20:13

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.131.132	attackbots	Aug 24 07:58:52 prod4 sshd\[9180\]: Invalid user tecmint from 106.13.131.132 Aug 24 07:58:55 prod4 sshd\[9180\]: Failed password for invalid user tecmint from 106.13.131.132 port 33278 ssh2 Aug 24 08:07:32 prod4 sshd\[13463\]: Invalid user felix from 106.13.131.132 ...	2020-08-24 15:15:06
106.13.131.153	attack	CMS (WordPress or Joomla) login attempt.	2020-03-11 12:41:50
106.13.131.4	attackbotsspam	Jan 1 18:51:37 lnxweb61 sshd[24235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4	2020-01-02 03:14:05
106.13.131.4	attackspambots	SSH Brute Force, server-1 sshd[29691]: Failed password for invalid user buiron from 106.13.131.4 port 33620 ssh2	2019-12-19 05:39:16
106.13.131.4	attackbots	Dec 13 08:44:46 MK-Soft-Root1 sshd[29125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4 Dec 13 08:44:48 MK-Soft-Root1 sshd[29125]: Failed password for invalid user koson from 106.13.131.4 port 57852 ssh2 ...	2019-12-13 20:11:00
106.13.131.4	attackbots	SSH Brute-Force reported by Fail2Ban	2019-12-13 07:37:44
106.13.131.4	attackbotsspam	Dec 11 00:12:24 mail sshd\[2160\]: Invalid user otavio from 106.13.131.4 Dec 11 00:12:24 mail sshd\[2160\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4 Dec 11 00:12:26 mail sshd\[2160\]: Failed password for invalid user otavio from 106.13.131.4 port 60676 ssh2 ...	2019-12-11 08:42:53
106.13.131.4	attackspam	Nov 26 18:35:45 ns37 sshd[4240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4	2019-11-27 03:13:45
106.13.131.142	attack	Nov 23 00:56:21 ncomp sshd[2602]: Invalid user admin from 106.13.131.142 Nov 23 00:56:21 ncomp sshd[2602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.142 Nov 23 00:56:21 ncomp sshd[2602]: Invalid user admin from 106.13.131.142 Nov 23 00:56:23 ncomp sshd[2602]: Failed password for invalid user admin from 106.13.131.142 port 38000 ssh2	2019-11-23 07:07:44
106.13.131.4	attackspambots	Nov 21 16:55:18 MK-Soft-VM8 sshd[2263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4 Nov 21 16:55:19 MK-Soft-VM8 sshd[2263]: Failed password for invalid user admin from 106.13.131.4 port 50150 ssh2 ...	2019-11-22 04:13:29
106.13.131.4	attack	78 failed attempt(s) in the last 24h	2019-11-15 08:24:14
106.13.131.4	attackbots	Nov 13 20:56:51 auw2 sshd\[11219\]: Invalid user apache from 106.13.131.4 Nov 13 20:56:51 auw2 sshd\[11219\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4 Nov 13 20:56:53 auw2 sshd\[11219\]: Failed password for invalid user apache from 106.13.131.4 port 39928 ssh2 Nov 13 21:02:17 auw2 sshd\[11633\]: Invalid user server from 106.13.131.4 Nov 13 21:02:17 auw2 sshd\[11633\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4	2019-11-14 15:29:22
106.13.131.142	attack	Automatic report - Banned IP Access	2019-08-22 01:03:48
106.13.131.142	attackbotsspam	Aug 13 22:03:47 server01 sshd\[1314\]: Invalid user sshuser from 106.13.131.142 Aug 13 22:03:47 server01 sshd\[1314\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.142 Aug 13 22:03:49 server01 sshd\[1314\]: Failed password for invalid user sshuser from 106.13.131.142 port 37678 ssh2 ...	2019-08-14 03:05:24
106.13.131.142	attackbotsspam	Aug 13 12:56:22 tux-35-217 sshd\[15432\]: Invalid user developer from 106.13.131.142 port 53818 Aug 13 12:56:22 tux-35-217 sshd\[15432\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.142 Aug 13 12:56:23 tux-35-217 sshd\[15432\]: Failed password for invalid user developer from 106.13.131.142 port 53818 ssh2 Aug 13 13:03:08 tux-35-217 sshd\[15478\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.142 user=www-data ...	2019-08-13 19:09:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.131.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52944
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.131.80.			IN	A

;; AUTHORITY SECTION:
.			557	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032702 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 28 08:20:10 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 80.131.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 80.131.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
188.38.208.196	attackbots	1602189848 - 10/08/2020 22:44:08 Host: 188.38.208.196/188.38.208.196 Port: 445 TCP Blocked ...	2020-10-10 01:58:19
5.190.209.3	attack	Oct 9 20:06:18 host1 sshd[1707318]: Invalid user apache1 from 5.190.209.3 port 59040 Oct 9 20:06:18 host1 sshd[1707318]: Invalid user apache1 from 5.190.209.3 port 59040 Oct 9 20:06:18 host1 sshd[1707318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.190.209.3 Oct 9 20:06:18 host1 sshd[1707318]: Invalid user apache1 from 5.190.209.3 port 59040 Oct 9 20:06:20 host1 sshd[1707318]: Failed password for invalid user apache1 from 5.190.209.3 port 59040 ssh2 ...	2020-10-10 02:10:28
218.92.0.250	attackbots	2020-10-09T21:09:22.725618snf-827550 sshd[19369]: Failed password for root from 218.92.0.250 port 57071 ssh2 2020-10-09T21:09:26.090608snf-827550 sshd[19369]: Failed password for root from 218.92.0.250 port 57071 ssh2 2020-10-09T21:09:29.870494snf-827550 sshd[19369]: Failed password for root from 218.92.0.250 port 57071 ssh2 ...	2020-10-10 02:11:26
139.155.91.141	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-10 02:13:28
115.60.60.128	attackspambots	8511:Oct 8 15:10:19 kim5 sshd[11375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.60.60.128 user=r.r 8512:Oct 8 15:10:21 kim5 sshd[11375]: Failed password for r.r from 115.60.60.128 port 13016 ssh2 8513:Oct 8 15:10:22 kim5 sshd[11375]: Received disconnect from 115.60.60.128 port 13016:11: Bye Bye [preauth] 8514:Oct 8 15:10:22 kim5 sshd[11375]: Disconnected from authenticating user r.r 115.60.60.128 port 13016 [preauth] 8519:Oct 8 15:13:36 kim5 sshd[11411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.60.60.128 user=r.r 8520:Oct 8 15:13:38 kim5 sshd[11411]: Failed password for r.r from 115.60.60.128 port 12600 ssh2 8521:Oct 8 15:13:39 kim5 sshd[11411]: Received disconnect from 115.60.60.128 port 12600:11: Bye Bye [preauth] 8522:Oct 8 15:13:39 kim5 sshd[11411]: Disconnected from authenticating user r.r 115.60.60.128 port 12600 [preauth] 8523:Oct 8 15:15:01 kim5 sshd[11........ ------------------------------	2020-10-10 02:06:47
131.108.124.253	attack	Icarus honeypot on github	2020-10-10 02:00:23
93.117.21.129	attackbotsspam	DATE:2020-10-08 22:41:20, IP:93.117.21.129, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-10-10 01:53:45
114.67.110.240	attackbots	1677/tcp 13074/tcp 4747/tcp... [2020-09-16/10-09]22pkt,16pt.(tcp)	2020-10-10 01:40:55
202.154.180.51	attackspam	SSH BruteForce Attack	2020-10-10 01:54:59
104.224.187.120	attack	Automatic report - Banned IP Access	2020-10-10 01:37:06
54.38.18.211	attackbotsspam	Oct 9 16:30:51 email sshd\[18193\]: Invalid user test2000 from 54.38.18.211 Oct 9 16:30:51 email sshd\[18193\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.18.211 Oct 9 16:30:53 email sshd\[18193\]: Failed password for invalid user test2000 from 54.38.18.211 port 33642 ssh2 Oct 9 16:32:15 email sshd\[18417\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.18.211 user=root Oct 9 16:32:17 email sshd\[18417\]: Failed password for root from 54.38.18.211 port 54948 ssh2 ...	2020-10-10 01:52:11
119.29.85.64	attack	Oct 9 04:33:27 mail sshd[3341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.85.64 Oct 9 04:33:29 mail sshd[3341]: Failed password for invalid user listd from 119.29.85.64 port 56678 ssh2 ...	2020-10-10 01:38:52
160.153.147.141	attackspambots	xmlrpc attack	2020-10-10 01:44:47
195.54.160.180	attackbots	2020-10-09 13:00:16.840788-0500 localhost sshd[8287]: Failed password for invalid user video from 195.54.160.180 port 14076 ssh2	2020-10-10 02:12:15
130.162.64.72	attackbotsspam	Oct 9 14:04:01 OPSO sshd\[17726\]: Invalid user zam from 130.162.64.72 port 56889 Oct 9 14:04:01 OPSO sshd\[17726\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.162.64.72 Oct 9 14:04:04 OPSO sshd\[17726\]: Failed password for invalid user zam from 130.162.64.72 port 56889 ssh2 Oct 9 14:07:48 OPSO sshd\[18226\]: Invalid user bagabu from 130.162.64.72 port 30577 Oct 9 14:07:48 OPSO sshd\[18226\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.162.64.72	2020-10-10 02:13:43

最近上报的IP列表

80.89.77.139	106.148.160.37	203.231.99.126	33.167.215.194
242.56.223.100	211.82.159.161	5.45.68.15	77.119.137.87
199.136.77.102	178.184.64.180	159.233.113.58	185.86.210.78
196.193.0.16	18.122.147.130	104.88.112.82	245.146.140.238
236.244.232.232	123.20.127.34	149.166.62.44	124.20.133.119