106.13.181.132

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-05 06:53:41
attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-04 22:59:30
attackbots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-10-04 14:45:06

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.181.242	attack	Oct 1 01:38:52 OPSO sshd\[17569\]: Invalid user test from 106.13.181.242 port 58518 Oct 1 01:38:52 OPSO sshd\[17569\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242 Oct 1 01:38:53 OPSO sshd\[17569\]: Failed password for invalid user test from 106.13.181.242 port 58518 ssh2 Oct 1 01:40:02 OPSO sshd\[17858\]: Invalid user lorenzo from 106.13.181.242 port 37770 Oct 1 01:40:02 OPSO sshd\[17858\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242	2020-10-01 08:17:21
106.13.181.242	attack	Sep 30 15:40:45 ns382633 sshd\[3367\]: Invalid user edu from 106.13.181.242 port 48262 Sep 30 15:40:45 ns382633 sshd\[3367\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242 Sep 30 15:40:48 ns382633 sshd\[3367\]: Failed password for invalid user edu from 106.13.181.242 port 48262 ssh2 Sep 30 16:29:27 ns382633 sshd\[13225\]: Invalid user testftp1 from 106.13.181.242 port 33436 Sep 30 16:29:27 ns382633 sshd\[13225\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242	2020-10-01 00:48:52
106.13.181.242	attackbotsspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-09-30 06:22:16
106.13.181.242	attackbots	DATE:2020-09-29 14:07:38,IP:106.13.181.242,MATCHES:10,PORT:ssh	2020-09-29 22:35:55
106.13.181.242	attackspam	Port scan denied	2020-09-29 14:53:23
106.13.181.242	attackspambots	$f2bV_matches	2020-08-29 13:38:04
106.13.181.242	attackspam	Time: Tue Aug 25 15:00:12 2020 +0000 IP: 106.13.181.242 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 25 14:55:23 vps1 sshd[13392]: Invalid user keshav from 106.13.181.242 port 47440 Aug 25 14:55:25 vps1 sshd[13392]: Failed password for invalid user keshav from 106.13.181.242 port 47440 ssh2 Aug 25 14:58:36 vps1 sshd[13497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242 user=root Aug 25 14:58:38 vps1 sshd[13497]: Failed password for root from 106.13.181.242 port 45876 ssh2 Aug 25 15:00:07 vps1 sshd[13580]: Invalid user cat from 106.13.181.242 port 60090	2020-08-26 01:15:04
106.13.181.242	attackbots	Aug 17 21:08:52 mockhub sshd[3371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242 Aug 17 21:08:54 mockhub sshd[3371]: Failed password for invalid user t from 106.13.181.242 port 48494 ssh2 ...	2020-08-18 12:22:12
106.13.181.242	attackbots	Aug 17 02:38:12 propaganda sshd[22347]: Connection from 106.13.181.242 port 51674 on 10.0.0.161 port 22 rdomain "" Aug 17 02:38:12 propaganda sshd[22347]: Connection closed by 106.13.181.242 port 51674 [preauth]	2020-08-17 19:14:38
106.13.181.242	attack	Aug 11 05:58:34 lnxweb61 sshd[23344]: Failed password for root from 106.13.181.242 port 57332 ssh2 Aug 11 05:58:34 lnxweb61 sshd[23344]: Failed password for root from 106.13.181.242 port 57332 ssh2	2020-08-11 12:01:51
106.13.181.242	attack	Aug 9 17:27:21 ny01 sshd[2545]: Failed password for root from 106.13.181.242 port 40306 ssh2 Aug 9 17:32:06 ny01 sshd[3229]: Failed password for root from 106.13.181.242 port 46586 ssh2	2020-08-10 06:30:27
106.13.181.242	attack	Aug 5 21:56:07 django-0 sshd[26683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242 user=root Aug 5 21:56:09 django-0 sshd[26683]: Failed password for root from 106.13.181.242 port 53216 ssh2 ...	2020-08-06 06:22:57
106.13.181.242	attack	Aug 1 05:52:35 rancher-0 sshd[698835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242 user=root Aug 1 05:52:37 rancher-0 sshd[698835]: Failed password for root from 106.13.181.242 port 48670 ssh2 ...	2020-08-01 16:07:51
106.13.181.170	attack	Jul 20 11:31:24 webhost01 sshd[30484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.170 Jul 20 11:31:26 webhost01 sshd[30484]: Failed password for invalid user git1 from 106.13.181.170 port 35352 ssh2 ...	2020-07-20 13:27:11
106.13.181.242	attackbotsspam	Jul 17 15:49:08 OPSO sshd\[16088\]: Invalid user cb from 106.13.181.242 port 40466 Jul 17 15:49:08 OPSO sshd\[16088\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242 Jul 17 15:49:09 OPSO sshd\[16088\]: Failed password for invalid user cb from 106.13.181.242 port 40466 ssh2 Jul 17 15:53:29 OPSO sshd\[17294\]: Invalid user antonio from 106.13.181.242 port 56746 Jul 17 15:53:29 OPSO sshd\[17294\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.242	2020-07-17 22:01:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.181.132
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46953
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.181.132.			IN	A

;; AUTHORITY SECTION:
.			196	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100301 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 04 14:44:57 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 132.181.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 132.181.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
128.199.254.188	attackbots	Sep 8 20:30:08 jane sshd[20866]: Failed password for root from 128.199.254.188 port 49989 ssh2 ...	2020-09-09 06:38:17
172.73.12.149	attack	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root	2020-09-09 07:08:41
223.182.49.192	attackbots	Icarus honeypot on github	2020-09-09 06:38:50
85.185.238.216	attack	Sep 7 08:11:39 mx01 sshd[4877]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.185.238.216 user=r.r Sep 7 08:11:40 mx01 sshd[4877]: Failed password for r.r from 85.185.238.216 port 51538 ssh2 Sep 7 08:11:40 mx01 sshd[4877]: Received disconnect from 85.185.238.216: 11: Bye Bye [preauth] Sep 7 08:15:25 mx01 sshd[5502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.185.238.216 user=r.r Sep 7 08:15:27 mx01 sshd[5502]: Failed password for r.r from 85.185.238.216 port 60724 ssh2 Sep 7 08:15:27 mx01 sshd[5502]: Received disconnect from 85.185.238.216: 11: Bye Bye [preauth] Sep 7 08:16:51 mx01 sshd[5768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.185.238.216 user=r.r Sep 7 08:16:53 mx01 sshd[5768]: Failed password for r.r from 85.185.238.216 port 50806 ssh2 Sep 7 08:16:53 mx01 sshd[5768]: Received disconnect from 85.185.238.216: 1........ -------------------------------	2020-09-09 07:10:05
64.225.116.59	attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-08T17:05:47Z and 2020-09-08T17:13:20Z	2020-09-09 07:12:05
213.145.137.102	attack	SPAM	2020-09-09 06:41:34
140.143.30.191	attack	(sshd) Failed SSH login from 140.143.30.191 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 8 15:29:52 server4 sshd[25580]: Invalid user steve from 140.143.30.191 Sep 8 15:29:52 server4 sshd[25580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.30.191 Sep 8 15:29:55 server4 sshd[25580]: Failed password for invalid user steve from 140.143.30.191 port 42088 ssh2 Sep 8 15:48:22 server4 sshd[3954]: Invalid user admin from 140.143.30.191 Sep 8 15:48:22 server4 sshd[3954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.30.191	2020-09-09 07:04:51
181.48.18.130	attack	Sep 8 19:55:17 * sshd[25607]: Failed password for root from 181.48.18.130 port 44330 ssh2	2020-09-09 06:53:34
222.186.180.6	attackspam	Sep 9 08:40:32 localhost sshd[1998117]: Unable to negotiate with 222.186.180.6 port 13374: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] ...	2020-09-09 06:40:53
179.189.86.167	attack	1599584090 - 09/08/2020 18:54:50 Host: 179.189.86.167/179.189.86.167 Port: 445 TCP Blocked	2020-09-09 06:37:59
206.189.228.120	attackspambots	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-09-09 07:02:55
222.186.30.76	attackbotsspam	2020-09-08T22:58:08.618500abusebot-3.cloudsearch.cf sshd[9831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root 2020-09-08T22:58:10.899523abusebot-3.cloudsearch.cf sshd[9831]: Failed password for root from 222.186.30.76 port 33596 ssh2 2020-09-08T22:58:14.095125abusebot-3.cloudsearch.cf sshd[9831]: Failed password for root from 222.186.30.76 port 33596 ssh2 2020-09-08T22:58:08.618500abusebot-3.cloudsearch.cf sshd[9831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root 2020-09-08T22:58:10.899523abusebot-3.cloudsearch.cf sshd[9831]: Failed password for root from 222.186.30.76 port 33596 ssh2 2020-09-08T22:58:14.095125abusebot-3.cloudsearch.cf sshd[9831]: Failed password for root from 222.186.30.76 port 33596 ssh2 2020-09-08T22:58:08.618500abusebot-3.cloudsearch.cf sshd[9831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhos ...	2020-09-09 06:59:52
156.96.119.18	attackbots	Port Scan detected! ...	2020-09-09 07:12:30
157.245.126.36	attackspambots	Sep 8 15:29:21 Tower sshd[25694]: Connection from 157.245.126.36 port 56052 on 192.168.10.220 port 22 rdomain "" Sep 8 15:29:22 Tower sshd[25694]: Failed password for root from 157.245.126.36 port 56052 ssh2 Sep 8 15:29:22 Tower sshd[25694]: Received disconnect from 157.245.126.36 port 56052:11: Bye Bye [preauth] Sep 8 15:29:22 Tower sshd[25694]: Disconnected from authenticating user root 157.245.126.36 port 56052 [preauth]	2020-09-09 07:09:17
144.21.69.111	attackspam	port scan and connect, tcp 8443 (https-alt)	2020-09-09 07:00:49

最近上报的IP列表

171.220.23.225	122.18.50.68	216.34.39.204	109.166.191.26
157.149.35.127	33.87.30.151	139.4.104.82	235.90.155.127
204.5.63.71	42.200.211.79	139.162.170.48	217.160.25.39
154.57.193.2	112.85.42.117	41.242.138.30	169.120.248.217
200.236.208.143	175.151.231.250	45.7.255.134	45.7.255.131