106.13.80.143 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Jun 30 18:20:53 localhost sshd\[33742\]: Invalid user applmgr from 106.13.80.143 port 38676 Jun 30 18:20:53 localhost sshd\[33742\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.143 ...	2019-07-01 01:56:05

类型

评论内容

时间

attackspam

Jun 30 18:20:53 localhost sshd\[33742\]: Invalid user applmgr from 106.13.80.143 port 38676
Jun 30 18:20:53 localhost sshd\[33742\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.143
...

2019-07-01 01:56:05

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.80.167	attack	$f2bV_matches	2020-10-14 09:10:03
106.13.80.167	attack	Oct 11 23:32:13 email sshd\[8095\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.167 user=root Oct 11 23:32:15 email sshd\[8095\]: Failed password for root from 106.13.80.167 port 37962 ssh2 Oct 11 23:36:15 email sshd\[8891\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.167 user=root Oct 11 23:36:16 email sshd\[8891\]: Failed password for root from 106.13.80.167 port 40086 ssh2 Oct 11 23:40:15 email sshd\[9682\]: Invalid user graham from 106.13.80.167 ...	2020-10-12 07:41:06
106.13.80.167	attackspambots	2020-10-11T08:19:27.040842kitsunetech sshd[10146]: Invalid user henrik from 106.13.80.167 port 38640	2020-10-11 23:57:17
106.13.80.167	attackbotsspam	Oct 11 04:05:30 h1745522 sshd[17400]: Invalid user test from 106.13.80.167 port 43424 Oct 11 04:05:30 h1745522 sshd[17400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.167 Oct 11 04:05:30 h1745522 sshd[17400]: Invalid user test from 106.13.80.167 port 43424 Oct 11 04:05:31 h1745522 sshd[17400]: Failed password for invalid user test from 106.13.80.167 port 43424 ssh2 Oct 11 04:09:54 h1745522 sshd[17613]: Invalid user majordomo from 106.13.80.167 port 45112 Oct 11 04:09:54 h1745522 sshd[17613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.167 Oct 11 04:09:54 h1745522 sshd[17613]: Invalid user majordomo from 106.13.80.167 port 45112 Oct 11 04:09:57 h1745522 sshd[17613]: Failed password for invalid user majordomo from 106.13.80.167 port 45112 ssh2 Oct 11 04:14:20 h1745522 sshd[17879]: Invalid user rr from 106.13.80.167 port 46808 ...	2020-10-11 15:56:25
106.13.80.167	attackspambots	Oct 11 02:39:48 h1745522 sshd[11354]: Invalid user wwwroot from 106.13.80.167 port 37656 Oct 11 02:39:48 h1745522 sshd[11354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.167 Oct 11 02:39:48 h1745522 sshd[11354]: Invalid user wwwroot from 106.13.80.167 port 37656 Oct 11 02:39:51 h1745522 sshd[11354]: Failed password for invalid user wwwroot from 106.13.80.167 port 37656 ssh2 Oct 11 02:44:24 h1745522 sshd[11527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.167 user=root Oct 11 02:44:25 h1745522 sshd[11527]: Failed password for root from 106.13.80.167 port 39360 ssh2 Oct 11 02:48:39 h1745522 sshd[11634]: Invalid user x from 106.13.80.167 port 41060 Oct 11 02:48:39 h1745522 sshd[11634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.167 Oct 11 02:48:39 h1745522 sshd[11634]: Invalid user x from 106.13.80.167 port 41060 Oct 11 02:48: ...	2020-10-11 09:13:55
106.13.80.167	attackspam	Sep 24 16:46:57 ws19vmsma01 sshd[182884]: Failed password for backup from 106.13.80.167 port 47832 ssh2 Sep 24 17:06:31 ws19vmsma01 sshd[180232]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.167 Sep 24 17:06:32 ws19vmsma01 sshd[180232]: Failed password for invalid user guest from 106.13.80.167 port 59310 ssh2 ...	2020-09-25 05:30:18
106.13.80.141	attackspambots	Invalid user gitlab from 106.13.80.141 port 59480	2020-08-27 07:49:51
106.13.80.186	attack	$f2bV_matches	2020-06-02 16:49:01
106.13.80.186	attackbotsspam	2020-05-21T09:26:13.035156abusebot-6.cloudsearch.cf sshd[11869]: Invalid user wuz from 106.13.80.186 port 46296 2020-05-21T09:26:13.044816abusebot-6.cloudsearch.cf sshd[11869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.186 2020-05-21T09:26:13.035156abusebot-6.cloudsearch.cf sshd[11869]: Invalid user wuz from 106.13.80.186 port 46296 2020-05-21T09:26:15.597532abusebot-6.cloudsearch.cf sshd[11869]: Failed password for invalid user wuz from 106.13.80.186 port 46296 ssh2 2020-05-21T09:30:36.481546abusebot-6.cloudsearch.cf sshd[12172]: Invalid user lql from 106.13.80.186 port 33286 2020-05-21T09:30:36.490699abusebot-6.cloudsearch.cf sshd[12172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.186 2020-05-21T09:30:36.481546abusebot-6.cloudsearch.cf sshd[12172]: Invalid user lql from 106.13.80.186 port 33286 2020-05-21T09:30:38.482153abusebot-6.cloudsearch.cf sshd[12172]: Failed password ...	2020-05-21 17:43:00
106.13.80.70	attackspam	May 7 06:20:56 legacy sshd[32674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.70 May 7 06:20:58 legacy sshd[32674]: Failed password for invalid user andreia from 106.13.80.70 port 46526 ssh2 May 7 06:22:54 legacy sshd[32715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.70 ...	2020-05-07 13:24:23
106.13.80.70	attackspambots	May 6 22:18:54 legacy sshd[11200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.70 May 6 22:18:56 legacy sshd[11200]: Failed password for invalid user perpetua from 106.13.80.70 port 42052 ssh2 May 6 22:23:22 legacy sshd[11433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.70 ...	2020-05-07 04:38:12
106.13.80.186	attack	May 1 12:42:05 tuxlinux sshd[16300]: Invalid user hong from 106.13.80.186 port 44196 May 1 12:42:05 tuxlinux sshd[16300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.186 May 1 12:42:05 tuxlinux sshd[16300]: Invalid user hong from 106.13.80.186 port 44196 May 1 12:42:05 tuxlinux sshd[16300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.186 May 1 12:42:05 tuxlinux sshd[16300]: Invalid user hong from 106.13.80.186 port 44196 May 1 12:42:05 tuxlinux sshd[16300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.186 May 1 12:42:07 tuxlinux sshd[16300]: Failed password for invalid user hong from 106.13.80.186 port 44196 ssh2 ...	2020-05-03 02:08:37
106.13.80.186	attackspambots	Invalid user steve from 106.13.80.186 port 33998	2020-05-02 16:31:32
106.13.80.186	attackbots	$f2bV_matches	2020-04-27 03:50:10
106.13.80.186	attack	(sshd) Failed SSH login from 106.13.80.186 (CN/China/-): 5 in the last 3600 secs	2020-04-23 15:00:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.80.143
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59868
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.80.143.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019063001 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 01 01:55:59 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 143.80.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 143.80.13.106.in-addr.arpa: SERVFAIL

IP	类型	评论内容	时间
190.207.252.156	attack	Scanning random ports - tries to find possible vulnerable services	2019-09-01 15:29:27
189.125.76.60	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2019-09-01 15:35:38
188.19.163.56	attack	Scanning random ports - tries to find possible vulnerable services	2019-09-01 15:39:33
2.139.215.255	attackbotsspam	Automatic report	2019-09-01 16:00:34
197.25.200.146	attack	Scanning random ports - tries to find possible vulnerable services	2019-09-01 15:21:06
200.98.162.85	attackspam	Scanning random ports - tries to find possible vulnerable services	2019-09-01 15:12:57
190.37.223.206	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2019-09-01 15:34:30
184.105.247.210	attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-09-01 15:58:03
200.175.83.95	attack	Scanning random ports - tries to find possible vulnerable services	2019-09-01 15:11:31
195.24.207.252	attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-09-01 15:24:54
190.72.61.62	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2019-09-01 15:33:40
197.51.3.31	attack	Scanning random ports - tries to find possible vulnerable services	2019-09-01 15:20:33
187.33.82.34	attack	Scanning random ports - tries to find possible vulnerable services	2019-09-01 15:47:31
185.143.221.215	attack	[Aegis] @ 2019-09-01 08:35:12 0100 -> SSH insecure connection attempt (scan).	2019-09-01 15:56:13
188.159.253.95	attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-09-01 15:38:41

最近上报的IP列表

72.37.56.41	4.1.229.207	28.81.255.37	191.196.254.1
122.166.91.229	153.120.181.184	154.125.57.154	187.107.188.205
212.188.66.218	201.89.131.186	100.36.74.68	201.237.114.131
182.220.232.71	132.26.224.144	97.41.34.31	180.121.131.120
124.90.114.6	196.136.69.35	197.232.26.32	159.190.44.166