106.13.181.132

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-05 06:53:41
attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-04 22:59:30
attackbots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-10-04 14:45:06

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.181.242	attack	Oct 1 01:38:52 OPSO sshd\[17569\]: Invalid user test from 106.13.181.242 port 58518 Oct 1 01:38:52 OPSO sshd\[17569\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242 Oct 1 01:38:53 OPSO sshd\[17569\]: Failed password for invalid user test from 106.13.181.242 port 58518 ssh2 Oct 1 01:40:02 OPSO sshd\[17858\]: Invalid user lorenzo from 106.13.181.242 port 37770 Oct 1 01:40:02 OPSO sshd\[17858\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242	2020-10-01 08:17:21
106.13.181.242	attack	Sep 30 15:40:45 ns382633 sshd\[3367\]: Invalid user edu from 106.13.181.242 port 48262 Sep 30 15:40:45 ns382633 sshd\[3367\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242 Sep 30 15:40:48 ns382633 sshd\[3367\]: Failed password for invalid user edu from 106.13.181.242 port 48262 ssh2 Sep 30 16:29:27 ns382633 sshd\[13225\]: Invalid user testftp1 from 106.13.181.242 port 33436 Sep 30 16:29:27 ns382633 sshd\[13225\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242	2020-10-01 00:48:52
106.13.181.242	attackbotsspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-09-30 06:22:16
106.13.181.242	attackbots	DATE:2020-09-29 14:07:38,IP:106.13.181.242,MATCHES:10,PORT:ssh	2020-09-29 22:35:55
106.13.181.242	attackspam	Port scan denied	2020-09-29 14:53:23
106.13.181.242	attackspambots	$f2bV_matches	2020-08-29 13:38:04
106.13.181.242	attackspam	Time: Tue Aug 25 15:00:12 2020 +0000 IP: 106.13.181.242 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 25 14:55:23 vps1 sshd[13392]: Invalid user keshav from 106.13.181.242 port 47440 Aug 25 14:55:25 vps1 sshd[13392]: Failed password for invalid user keshav from 106.13.181.242 port 47440 ssh2 Aug 25 14:58:36 vps1 sshd[13497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242 user=root Aug 25 14:58:38 vps1 sshd[13497]: Failed password for root from 106.13.181.242 port 45876 ssh2 Aug 25 15:00:07 vps1 sshd[13580]: Invalid user cat from 106.13.181.242 port 60090	2020-08-26 01:15:04
106.13.181.242	attackbots	Aug 17 21:08:52 mockhub sshd[3371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242 Aug 17 21:08:54 mockhub sshd[3371]: Failed password for invalid user t from 106.13.181.242 port 48494 ssh2 ...	2020-08-18 12:22:12
106.13.181.242	attackbots	Aug 17 02:38:12 propaganda sshd[22347]: Connection from 106.13.181.242 port 51674 on 10.0.0.161 port 22 rdomain "" Aug 17 02:38:12 propaganda sshd[22347]: Connection closed by 106.13.181.242 port 51674 [preauth]	2020-08-17 19:14:38
106.13.181.242	attack	Aug 11 05:58:34 lnxweb61 sshd[23344]: Failed password for root from 106.13.181.242 port 57332 ssh2 Aug 11 05:58:34 lnxweb61 sshd[23344]: Failed password for root from 106.13.181.242 port 57332 ssh2	2020-08-11 12:01:51
106.13.181.242	attack	Aug 9 17:27:21 ny01 sshd[2545]: Failed password for root from 106.13.181.242 port 40306 ssh2 Aug 9 17:32:06 ny01 sshd[3229]: Failed password for root from 106.13.181.242 port 46586 ssh2	2020-08-10 06:30:27
106.13.181.242	attack	Aug 5 21:56:07 django-0 sshd[26683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242 user=root Aug 5 21:56:09 django-0 sshd[26683]: Failed password for root from 106.13.181.242 port 53216 ssh2 ...	2020-08-06 06:22:57
106.13.181.242	attack	Aug 1 05:52:35 rancher-0 sshd[698835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242 user=root Aug 1 05:52:37 rancher-0 sshd[698835]: Failed password for root from 106.13.181.242 port 48670 ssh2 ...	2020-08-01 16:07:51
106.13.181.170	attack	Jul 20 11:31:24 webhost01 sshd[30484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.170 Jul 20 11:31:26 webhost01 sshd[30484]: Failed password for invalid user git1 from 106.13.181.170 port 35352 ssh2 ...	2020-07-20 13:27:11
106.13.181.242	attackbotsspam	Jul 17 15:49:08 OPSO sshd\[16088\]: Invalid user cb from 106.13.181.242 port 40466 Jul 17 15:49:08 OPSO sshd\[16088\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242 Jul 17 15:49:09 OPSO sshd\[16088\]: Failed password for invalid user cb from 106.13.181.242 port 40466 ssh2 Jul 17 15:53:29 OPSO sshd\[17294\]: Invalid user antonio from 106.13.181.242 port 56746 Jul 17 15:53:29 OPSO sshd\[17294\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242	2020-07-17 22:01:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.181.132
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46953
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.181.132.			IN	A

;; AUTHORITY SECTION:
.			196	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100301 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 04 14:44:57 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 132.181.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 132.181.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
141.98.10.196	attackspam	TCP (SYN) 141.98.10.196:38091 -> port 22, len 60	2020-07-21 15:45:00
51.91.120.67	attack	(sshd) Failed SSH login from 51.91.120.67 (FR/France/67.ip-51-91-120.eu): 5 in the last 3600 secs	2020-07-21 16:06:36
51.15.171.31	attackspam	Jul 21 09:16:01 pve1 sshd[9532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.171.31 Jul 21 09:16:02 pve1 sshd[9532]: Failed password for invalid user tencent from 51.15.171.31 port 43996 ssh2 ...	2020-07-21 15:48:44
141.98.10.197	attack	2020-07-21T07:38:29.708036abusebot-7.cloudsearch.cf sshd[27211]: Invalid user admin from 141.98.10.197 port 40375 2020-07-21T07:38:29.714378abusebot-7.cloudsearch.cf sshd[27211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.10.197 2020-07-21T07:38:29.708036abusebot-7.cloudsearch.cf sshd[27211]: Invalid user admin from 141.98.10.197 port 40375 2020-07-21T07:38:31.667644abusebot-7.cloudsearch.cf sshd[27211]: Failed password for invalid user admin from 141.98.10.197 port 40375 ssh2 2020-07-21T07:38:58.629864abusebot-7.cloudsearch.cf sshd[27223]: Invalid user Admin from 141.98.10.197 port 35211 2020-07-21T07:38:58.634937abusebot-7.cloudsearch.cf sshd[27223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.10.197 2020-07-21T07:38:58.629864abusebot-7.cloudsearch.cf sshd[27223]: Invalid user Admin from 141.98.10.197 port 35211 2020-07-21T07:39:00.904221abusebot-7.cloudsearch.cf sshd[27223]: Failed ...	2020-07-21 15:42:34
128.31.0.13	attackspam	2020/07/21 06:17:00 [error] 20617#20617: 10469821 open() "/usr/share/nginx/html/cgi-bin/php" failed (2: No such file or directory), client: 128.31.0.13, server: _, request: "POST /cgi-bin/php?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69%6E%63%6C%75%64%65%3D%6F%6E+%2D%64+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66%66+%2D%64+%73%75%68%6F%73%69%6E%2E%73%69%6D%75%6C%61%74%69%6F%6E%3D%6F%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%75%6E%63%74%69%6F%6E%73%3D%22%22+%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%72%3D%6E%6F%6E%65+%2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69%6E%70%75%74+%2D%64+%63%67%69%2E%66%6F%72%63%65%5F%72%65%64%69%72%65%63%74%3D%30+%2D%64+%63%67%69%2E%72%65%64%69%72%65%63%74%5F%73%74%61%74%75%73%5F%65%6E%76%3D%30+%2D%6E HTTP/1.1", host: "waldatmen.com" 2020/07/21 06:17:00 [error] 20617#20617: 10469821 open() "/usr/share/nginx/html/cgi-bin/php4" failed (2: No such file or directory), client: 128.31.0.13, server: _, request: "POST /cgi-bin/php4?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5	2020-07-21 16:17:38
222.186.175.212	attackspam	2020-07-21T03:47:35.492230vps2034 sshd[12499]: Failed password for root from 222.186.175.212 port 25494 ssh2 2020-07-21T03:47:38.440853vps2034 sshd[12499]: Failed password for root from 222.186.175.212 port 25494 ssh2 2020-07-21T03:47:41.801208vps2034 sshd[12499]: Failed password for root from 222.186.175.212 port 25494 ssh2 2020-07-21T03:47:41.801502vps2034 sshd[12499]: error: maximum authentication attempts exceeded for root from 222.186.175.212 port 25494 ssh2 [preauth] 2020-07-21T03:47:41.801516vps2034 sshd[12499]: Disconnecting: Too many authentication failures [preauth] ...	2020-07-21 15:52:05
221.234.216.89	attack	Brute force SMTP login attempted. ...	2020-07-21 16:13:03
122.144.10.241	attack	07/20/2020-23:54:55.396208 122.144.10.241 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-07-21 15:35:57
24.37.113.22	attack	2020-07-21 06:00:34,035 fail2ban.actions: WARNING [wp-login] Ban 24.37.113.22	2020-07-21 15:37:48
51.83.45.65	attackspam	Jul 21 14:22:57 itv-usvr-01 sshd[29399]: Invalid user cba from 51.83.45.65 Jul 21 14:22:57 itv-usvr-01 sshd[29399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.45.65 Jul 21 14:22:57 itv-usvr-01 sshd[29399]: Invalid user cba from 51.83.45.65 Jul 21 14:22:59 itv-usvr-01 sshd[29399]: Failed password for invalid user cba from 51.83.45.65 port 43398 ssh2	2020-07-21 15:45:44
49.65.245.164	attackbotsspam	Jul 21 08:28:23 server sshd[15079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.65.245.164 Jul 21 08:28:25 server sshd[15079]: Failed password for invalid user yamamoto from 49.65.245.164 port 9415 ssh2 Jul 21 08:35:15 server sshd[15623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.65.245.164 ...	2020-07-21 15:44:09
162.247.74.200	attackbots	SSH brute-force attempt	2020-07-21 15:43:21
58.213.198.74	attackspam	Jul 21 06:33:45 plex-server sshd[207644]: Invalid user smiley from 58.213.198.74 port 8372 Jul 21 06:33:45 plex-server sshd[207644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.213.198.74 Jul 21 06:33:45 plex-server sshd[207644]: Invalid user smiley from 58.213.198.74 port 8372 Jul 21 06:33:47 plex-server sshd[207644]: Failed password for invalid user smiley from 58.213.198.74 port 8372 ssh2 Jul 21 06:37:05 plex-server sshd[207985]: Invalid user reporting from 58.213.198.74 port 8373 ...	2020-07-21 15:55:42
176.31.102.37	attackspambots	Jul 21 07:47:40 havingfunrightnow sshd[9421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.102.37 Jul 21 07:47:42 havingfunrightnow sshd[9421]: Failed password for invalid user event from 176.31.102.37 port 40687 ssh2 Jul 21 07:52:26 havingfunrightnow sshd[9587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.102.37 ...	2020-07-21 16:12:33
54.197.204.196	attackbots	Attempts to probe web pages for vulnerable PHP or other applications	2020-07-21 15:53:03

最近上报的IP列表

171.220.23.225	122.18.50.68	216.34.39.204	109.166.191.26
157.149.35.127	33.87.30.151	139.4.104.82	235.90.155.127
204.5.63.71	42.200.211.79	139.162.170.48	217.160.25.39
154.57.193.2	112.85.42.117	41.242.138.30	169.120.248.217
200.236.208.143	175.151.231.250	45.7.255.134	45.7.255.131