106.13.131.80 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	(sshd) Failed SSH login from 106.13.131.80 (CN/China/-): 5 in the last 3600 secs	2020-05-29 19:52:52
attackbots	May 21 23:17:09 srv-ubuntu-dev3 sshd[35226]: Invalid user panigrahi from 106.13.131.80 May 21 23:17:09 srv-ubuntu-dev3 sshd[35226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 May 21 23:17:09 srv-ubuntu-dev3 sshd[35226]: Invalid user panigrahi from 106.13.131.80 May 21 23:17:11 srv-ubuntu-dev3 sshd[35226]: Failed password for invalid user panigrahi from 106.13.131.80 port 35924 ssh2 May 21 23:21:12 srv-ubuntu-dev3 sshd[35851]: Invalid user ry from 106.13.131.80 May 21 23:21:12 srv-ubuntu-dev3 sshd[35851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 May 21 23:21:12 srv-ubuntu-dev3 sshd[35851]: Invalid user ry from 106.13.131.80 May 21 23:21:14 srv-ubuntu-dev3 sshd[35851]: Failed password for invalid user ry from 106.13.131.80 port 34936 ssh2 May 21 23:25:15 srv-ubuntu-dev3 sshd[36578]: Invalid user frh from 106.13.131.80 ...	2020-05-22 07:13:31
attackbotsspam	May 19 11:42:36 lnxded64 sshd[25478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80	2020-05-20 02:36:35
attack	May 8 22:35:08 web1 sshd\[445\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 user=root May 8 22:35:10 web1 sshd\[445\]: Failed password for root from 106.13.131.80 port 55912 ssh2 May 8 22:42:28 web1 sshd\[1093\]: Invalid user mcj from 106.13.131.80 May 8 22:42:28 web1 sshd\[1093\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 May 8 22:42:30 web1 sshd\[1093\]: Failed password for invalid user mcj from 106.13.131.80 port 50784 ssh2	2020-05-10 02:45:48
attackspambots	$f2bV_matches	2020-05-03 17:03:17
attackbots	Invalid user eg from 106.13.131.80 port 38876	2020-04-21 23:50:11
attackbots	DATE:2020-04-14 05:53:09,IP:106.13.131.80,MATCHES:10,PORT:ssh	2020-04-14 13:56:32
attackbots	Apr 8 13:44:58 rotator sshd\[23088\]: Invalid user cumulus from 106.13.131.80Apr 8 13:45:00 rotator sshd\[23088\]: Failed password for invalid user cumulus from 106.13.131.80 port 54630 ssh2Apr 8 13:48:18 rotator sshd\[23866\]: Invalid user test from 106.13.131.80Apr 8 13:48:19 rotator sshd\[23866\]: Failed password for invalid user test from 106.13.131.80 port 60072 ssh2Apr 8 13:49:41 rotator sshd\[23873\]: Failed password for backup from 106.13.131.80 port 47374 ssh2Apr 8 13:51:03 rotator sshd\[24625\]: Invalid user admin from 106.13.131.80 ...	2020-04-08 20:14:33
attackspambots	ssh brute force	2020-04-07 13:17:25
attackspambots	Apr 2 14:58:54 meumeu sshd[29271]: Failed password for root from 106.13.131.80 port 52304 ssh2 Apr 2 15:03:56 meumeu sshd[29939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 Apr 2 15:03:59 meumeu sshd[29939]: Failed password for invalid user ky from 106.13.131.80 port 53454 ssh2 ...	2020-04-02 23:36:24
attackbotsspam	Mar 30 03:28:43 srv-ubuntu-dev3 sshd[59757]: Invalid user vqf from 106.13.131.80 Mar 30 03:28:43 srv-ubuntu-dev3 sshd[59757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 Mar 30 03:28:43 srv-ubuntu-dev3 sshd[59757]: Invalid user vqf from 106.13.131.80 Mar 30 03:28:45 srv-ubuntu-dev3 sshd[59757]: Failed password for invalid user vqf from 106.13.131.80 port 53314 ssh2 Mar 30 03:31:26 srv-ubuntu-dev3 sshd[60275]: Invalid user valeska from 106.13.131.80 Mar 30 03:31:26 srv-ubuntu-dev3 sshd[60275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 Mar 30 03:31:26 srv-ubuntu-dev3 sshd[60275]: Invalid user valeska from 106.13.131.80 Mar 30 03:31:28 srv-ubuntu-dev3 sshd[60275]: Failed password for invalid user valeska from 106.13.131.80 port 35430 ssh2 Mar 30 03:34:14 srv-ubuntu-dev3 sshd[60716]: Invalid user yno from 106.13.131.80 ...	2020-03-30 09:41:57
attack	Mar 25 19:41:34 xxxxxxx0 sshd[24209]: Invalid user lexus from 106.13.131.80 port 42528 Mar 25 19:41:34 xxxxxxx0 sshd[24209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 Mar 25 19:41:36 xxxxxxx0 sshd[24209]: Failed password for invalid user lexus from 106.13.131.80 port 42528 ssh2 Mar 25 19:55:38 xxxxxxx0 sshd[27516]: Invalid user ghostname from 106.13.131.80 port 53882 Mar 25 19:55:38 xxxxxxx0 sshd[27516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.80 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.13.131.80	2020-03-28 08:20:13

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.131.132	attackbots	Aug 24 07:58:52 prod4 sshd\[9180\]: Invalid user tecmint from 106.13.131.132 Aug 24 07:58:55 prod4 sshd\[9180\]: Failed password for invalid user tecmint from 106.13.131.132 port 33278 ssh2 Aug 24 08:07:32 prod4 sshd\[13463\]: Invalid user felix from 106.13.131.132 ...	2020-08-24 15:15:06
106.13.131.153	attack	CMS (WordPress or Joomla) login attempt.	2020-03-11 12:41:50
106.13.131.4	attackbotsspam	Jan 1 18:51:37 lnxweb61 sshd[24235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4	2020-01-02 03:14:05
106.13.131.4	attackspambots	SSH Brute Force, server-1 sshd[29691]: Failed password for invalid user buiron from 106.13.131.4 port 33620 ssh2	2019-12-19 05:39:16
106.13.131.4	attackbots	Dec 13 08:44:46 MK-Soft-Root1 sshd[29125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4 Dec 13 08:44:48 MK-Soft-Root1 sshd[29125]: Failed password for invalid user koson from 106.13.131.4 port 57852 ssh2 ...	2019-12-13 20:11:00
106.13.131.4	attackbots	SSH Brute-Force reported by Fail2Ban	2019-12-13 07:37:44
106.13.131.4	attackbotsspam	Dec 11 00:12:24 mail sshd\[2160\]: Invalid user otavio from 106.13.131.4 Dec 11 00:12:24 mail sshd\[2160\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4 Dec 11 00:12:26 mail sshd\[2160\]: Failed password for invalid user otavio from 106.13.131.4 port 60676 ssh2 ...	2019-12-11 08:42:53
106.13.131.4	attackspam	Nov 26 18:35:45 ns37 sshd[4240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4	2019-11-27 03:13:45
106.13.131.142	attack	Nov 23 00:56:21 ncomp sshd[2602]: Invalid user admin from 106.13.131.142 Nov 23 00:56:21 ncomp sshd[2602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.142 Nov 23 00:56:21 ncomp sshd[2602]: Invalid user admin from 106.13.131.142 Nov 23 00:56:23 ncomp sshd[2602]: Failed password for invalid user admin from 106.13.131.142 port 38000 ssh2	2019-11-23 07:07:44
106.13.131.4	attackspambots	Nov 21 16:55:18 MK-Soft-VM8 sshd[2263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4 Nov 21 16:55:19 MK-Soft-VM8 sshd[2263]: Failed password for invalid user admin from 106.13.131.4 port 50150 ssh2 ...	2019-11-22 04:13:29
106.13.131.4	attack	78 failed attempt(s) in the last 24h	2019-11-15 08:24:14
106.13.131.4	attackbots	Nov 13 20:56:51 auw2 sshd\[11219\]: Invalid user apache from 106.13.131.4 Nov 13 20:56:51 auw2 sshd\[11219\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4 Nov 13 20:56:53 auw2 sshd\[11219\]: Failed password for invalid user apache from 106.13.131.4 port 39928 ssh2 Nov 13 21:02:17 auw2 sshd\[11633\]: Invalid user server from 106.13.131.4 Nov 13 21:02:17 auw2 sshd\[11633\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4	2019-11-14 15:29:22
106.13.131.142	attack	Automatic report - Banned IP Access	2019-08-22 01:03:48
106.13.131.142	attackbotsspam	Aug 13 22:03:47 server01 sshd\[1314\]: Invalid user sshuser from 106.13.131.142 Aug 13 22:03:47 server01 sshd\[1314\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.142 Aug 13 22:03:49 server01 sshd\[1314\]: Failed password for invalid user sshuser from 106.13.131.142 port 37678 ssh2 ...	2019-08-14 03:05:24
106.13.131.142	attackbotsspam	Aug 13 12:56:22 tux-35-217 sshd\[15432\]: Invalid user developer from 106.13.131.142 port 53818 Aug 13 12:56:22 tux-35-217 sshd\[15432\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.142 Aug 13 12:56:23 tux-35-217 sshd\[15432\]: Failed password for invalid user developer from 106.13.131.142 port 53818 ssh2 Aug 13 13:03:08 tux-35-217 sshd\[15478\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.142 user=www-data ...	2019-08-13 19:09:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.131.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52944
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.131.80.			IN	A

;; AUTHORITY SECTION:
.			557	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032702 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 28 08:20:10 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 80.131.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 80.131.13.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
51.83.73.127	attackspam	Bruteforce detected by fail2ban	2020-07-10 14:38:59
118.172.159.154	attackspambots	20/7/9@23:54:59: FAIL: Alarm-Network address from=118.172.159.154 ...	2020-07-10 14:27:19
119.86.22.231	attack	Jul 10 07:40:54 ns3 sshd[3457]: Invalid user horikawa from 119.86.22.231 port 14109 Jul 10 07:40:56 ns3 sshd[3457]: Failed password for invalid user horikawa from 119.86.22.231 port 14109 ssh2 Jul 10 07:50:30 ns3 sshd[4127]: Invalid user d from 119.86.22.231 port 15101 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=119.86.22.231	2020-07-10 14:26:44
73.41.104.30	attackspam	2020-07-10T06:10:04.545628upcloud.m0sh1x2.com sshd[3090]: Invalid user test2 from 73.41.104.30 port 55498	2020-07-10 14:28:18
110.74.219.37	attack	Automatic report - XMLRPC Attack	2020-07-10 14:46:00
113.190.36.2	attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-07-10 14:51:05
148.72.207.250	attackspam	148.72.207.250 - - [10/Jul/2020:04:54:50 +0100] "POST /wp-login.php HTTP/1.1" 200 1968 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.207.250 - - [10/Jul/2020:04:54:52 +0100] "POST /wp-login.php HTTP/1.1" 200 1952 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.207.250 - - [10/Jul/2020:04:54:53 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-10 14:29:23
141.98.81.208	attackspambots	5x Failed Password	2020-07-10 14:39:27
162.247.74.74	attackspam	Jul 10 03:55:05 IngegnereFirenze sshd[7656]: User root from 162.247.74.74 not allowed because not listed in AllowUsers ...	2020-07-10 14:19:15
51.89.68.141	attackbots	Jul 10 08:41:12 piServer sshd[14475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.89.68.141 Jul 10 08:41:13 piServer sshd[14475]: Failed password for invalid user web from 51.89.68.141 port 39634 ssh2 Jul 10 08:44:02 piServer sshd[14772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.89.68.141 ...	2020-07-10 14:47:22
106.54.112.173	attack	Jul 10 07:09:06 ajax sshd[10213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.112.173 Jul 10 07:09:07 ajax sshd[10213]: Failed password for invalid user orlando from 106.54.112.173 port 49942 ssh2	2020-07-10 14:24:46
35.196.8.137	attack	Jul 10 00:35:28 Host-KLAX-C sshd[7188]: Invalid user gyd from 35.196.8.137 port 33480 ...	2020-07-10 14:41:02
51.38.186.244	attackbotsspam	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-07-10 14:44:19
212.182.124.88	attackbotsspam	SSH invalid-user multiple login try	2020-07-10 14:20:05
64.53.14.211	attack	Jul 10 07:41:55 rocket sshd[24465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.53.14.211 Jul 10 07:41:57 rocket sshd[24465]: Failed password for invalid user a from 64.53.14.211 port 43929 ssh2 Jul 10 07:45:04 rocket sshd[24982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.53.14.211 ...	2020-07-10 14:46:55

最近上报的IP列表

80.89.77.139	106.148.160.37	203.231.99.126	33.167.215.194
242.56.223.100	211.82.159.161	5.45.68.15	77.119.137.87
199.136.77.102	178.184.64.180	159.233.113.58	185.86.210.78
196.193.0.16	18.122.147.130	104.88.112.82	245.146.140.238
236.244.232.232	123.20.127.34	149.166.62.44	124.20.133.119