106.13.80.143 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Jun 30 18:20:53 localhost sshd\[33742\]: Invalid user applmgr from 106.13.80.143 port 38676 Jun 30 18:20:53 localhost sshd\[33742\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.143 ...	2019-07-01 01:56:05

类型

评论内容

时间

attackspam

Jun 30 18:20:53 localhost sshd\[33742\]: Invalid user applmgr from 106.13.80.143 port 38676
Jun 30 18:20:53 localhost sshd\[33742\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.143
...

2019-07-01 01:56:05

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.80.167	attack	$f2bV_matches	2020-10-14 09:10:03
106.13.80.167	attack	Oct 11 23:32:13 email sshd\[8095\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.167 user=root Oct 11 23:32:15 email sshd\[8095\]: Failed password for root from 106.13.80.167 port 37962 ssh2 Oct 11 23:36:15 email sshd\[8891\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.167 user=root Oct 11 23:36:16 email sshd\[8891\]: Failed password for root from 106.13.80.167 port 40086 ssh2 Oct 11 23:40:15 email sshd\[9682\]: Invalid user graham from 106.13.80.167 ...	2020-10-12 07:41:06
106.13.80.167	attackspambots	2020-10-11T08:19:27.040842kitsunetech sshd[10146]: Invalid user henrik from 106.13.80.167 port 38640	2020-10-11 23:57:17
106.13.80.167	attackbotsspam	Oct 11 04:05:30 h1745522 sshd[17400]: Invalid user test from 106.13.80.167 port 43424 Oct 11 04:05:30 h1745522 sshd[17400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.167 Oct 11 04:05:30 h1745522 sshd[17400]: Invalid user test from 106.13.80.167 port 43424 Oct 11 04:05:31 h1745522 sshd[17400]: Failed password for invalid user test from 106.13.80.167 port 43424 ssh2 Oct 11 04:09:54 h1745522 sshd[17613]: Invalid user majordomo from 106.13.80.167 port 45112 Oct 11 04:09:54 h1745522 sshd[17613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.167 Oct 11 04:09:54 h1745522 sshd[17613]: Invalid user majordomo from 106.13.80.167 port 45112 Oct 11 04:09:57 h1745522 sshd[17613]: Failed password for invalid user majordomo from 106.13.80.167 port 45112 ssh2 Oct 11 04:14:20 h1745522 sshd[17879]: Invalid user rr from 106.13.80.167 port 46808 ...	2020-10-11 15:56:25
106.13.80.167	attackspambots	Oct 11 02:39:48 h1745522 sshd[11354]: Invalid user wwwroot from 106.13.80.167 port 37656 Oct 11 02:39:48 h1745522 sshd[11354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.167 Oct 11 02:39:48 h1745522 sshd[11354]: Invalid user wwwroot from 106.13.80.167 port 37656 Oct 11 02:39:51 h1745522 sshd[11354]: Failed password for invalid user wwwroot from 106.13.80.167 port 37656 ssh2 Oct 11 02:44:24 h1745522 sshd[11527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.167 user=root Oct 11 02:44:25 h1745522 sshd[11527]: Failed password for root from 106.13.80.167 port 39360 ssh2 Oct 11 02:48:39 h1745522 sshd[11634]: Invalid user x from 106.13.80.167 port 41060 Oct 11 02:48:39 h1745522 sshd[11634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.167 Oct 11 02:48:39 h1745522 sshd[11634]: Invalid user x from 106.13.80.167 port 41060 Oct 11 02:48: ...	2020-10-11 09:13:55
106.13.80.167	attackspam	Sep 24 16:46:57 ws19vmsma01 sshd[182884]: Failed password for backup from 106.13.80.167 port 47832 ssh2 Sep 24 17:06:31 ws19vmsma01 sshd[180232]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.167 Sep 24 17:06:32 ws19vmsma01 sshd[180232]: Failed password for invalid user guest from 106.13.80.167 port 59310 ssh2 ...	2020-09-25 05:30:18
106.13.80.141	attackspambots	Invalid user gitlab from 106.13.80.141 port 59480	2020-08-27 07:49:51
106.13.80.186	attack	$f2bV_matches	2020-06-02 16:49:01
106.13.80.186	attackbotsspam	2020-05-21T09:26:13.035156abusebot-6.cloudsearch.cf sshd[11869]: Invalid user wuz from 106.13.80.186 port 46296 2020-05-21T09:26:13.044816abusebot-6.cloudsearch.cf sshd[11869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.186 2020-05-21T09:26:13.035156abusebot-6.cloudsearch.cf sshd[11869]: Invalid user wuz from 106.13.80.186 port 46296 2020-05-21T09:26:15.597532abusebot-6.cloudsearch.cf sshd[11869]: Failed password for invalid user wuz from 106.13.80.186 port 46296 ssh2 2020-05-21T09:30:36.481546abusebot-6.cloudsearch.cf sshd[12172]: Invalid user lql from 106.13.80.186 port 33286 2020-05-21T09:30:36.490699abusebot-6.cloudsearch.cf sshd[12172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.186 2020-05-21T09:30:36.481546abusebot-6.cloudsearch.cf sshd[12172]: Invalid user lql from 106.13.80.186 port 33286 2020-05-21T09:30:38.482153abusebot-6.cloudsearch.cf sshd[12172]: Failed password ...	2020-05-21 17:43:00
106.13.80.70	attackspam	May 7 06:20:56 legacy sshd[32674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.70 May 7 06:20:58 legacy sshd[32674]: Failed password for invalid user andreia from 106.13.80.70 port 46526 ssh2 May 7 06:22:54 legacy sshd[32715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.70 ...	2020-05-07 13:24:23
106.13.80.70	attackspambots	May 6 22:18:54 legacy sshd[11200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.70 May 6 22:18:56 legacy sshd[11200]: Failed password for invalid user perpetua from 106.13.80.70 port 42052 ssh2 May 6 22:23:22 legacy sshd[11433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.70 ...	2020-05-07 04:38:12
106.13.80.186	attack	May 1 12:42:05 tuxlinux sshd[16300]: Invalid user hong from 106.13.80.186 port 44196 May 1 12:42:05 tuxlinux sshd[16300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.186 May 1 12:42:05 tuxlinux sshd[16300]: Invalid user hong from 106.13.80.186 port 44196 May 1 12:42:05 tuxlinux sshd[16300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.186 May 1 12:42:05 tuxlinux sshd[16300]: Invalid user hong from 106.13.80.186 port 44196 May 1 12:42:05 tuxlinux sshd[16300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.80.186 May 1 12:42:07 tuxlinux sshd[16300]: Failed password for invalid user hong from 106.13.80.186 port 44196 ssh2 ...	2020-05-03 02:08:37
106.13.80.186	attackspambots	Invalid user steve from 106.13.80.186 port 33998	2020-05-02 16:31:32
106.13.80.186	attackbots	$f2bV_matches	2020-04-27 03:50:10
106.13.80.186	attack	(sshd) Failed SSH login from 106.13.80.186 (CN/China/-): 5 in the last 3600 secs	2020-04-23 15:00:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.80.143
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59868
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.80.143.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019063001 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 01 01:55:59 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 143.80.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 143.80.13.106.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
118.122.102.74	attack	SMB Server BruteForce Attack	2019-06-29 06:58:52
191.53.253.126	attackspam	SASL PLAIN auth failed: ruser=...	2019-06-29 06:55:09
104.248.56.37	attackbots	Jun 28 22:31:13 ns41 sshd[31395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.56.37 Jun 28 22:31:13 ns41 sshd[31395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.56.37	2019-06-29 07:23:42
181.211.244.253	attackspambots	Unauthorized connection attempt from IP address 181.211.244.253 on Port 445(SMB)	2019-06-29 07:28:50
51.75.126.28	attack	2019-06-25T03:30:31.212658game.arvenenaske.de sshd[110054]: Invalid user service from 51.75.126.28 port 33264 2019-06-25T03:30:31.215593game.arvenenaske.de sshd[110054]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.126.28 user=service 2019-06-25T03:30:31.216154game.arvenenaske.de sshd[110054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.126.28 2019-06-25T03:30:31.212658game.arvenenaske.de sshd[110054]: Invalid user service from 51.75.126.28 port 33264 2019-06-25T03:30:32.550888game.arvenenaske.de sshd[110054]: Failed password for invalid user service from 51.75.126.28 port 33264 ssh2 2019-06-25T03:33:11.476555game.arvenenaske.de sshd[110060]: Invalid user kris from 51.75.126.28 port 56972 2019-06-25T03:33:11.480646game.arvenenaske.de sshd[110060]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.126.28 user=kris 2019-06-25T03:33:11........ ------------------------------	2019-06-29 07:35:42
223.27.234.253	attackbotsspam	Jun 29 00:23:53 vps647732 sshd[11578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.27.234.253 Jun 29 00:23:56 vps647732 sshd[11578]: Failed password for invalid user user from 223.27.234.253 port 60448 ssh2 ...	2019-06-29 07:24:03
193.169.252.140	attackspam	Jun 29 00:26:46 mail postfix/smtpd\[29122\]: warning: unknown\[193.169.252.140\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 29 00:42:19 mail postfix/smtpd\[29857\]: warning: unknown\[193.169.252.140\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 29 00:57:51 mail postfix/smtpd\[30201\]: warning: unknown\[193.169.252.140\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 29 01:28:28 mail postfix/smtpd\[30693\]: warning: unknown\[193.169.252.140\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-06-29 07:36:56
142.4.210.157	attackspambots	Automatic report generated by Wazuh	2019-06-29 07:34:06
84.186.19.246	attackspam	DATE:2019-06-28 16:53:36, IP:84.186.19.246, PORT:ssh SSH brute force auth (ermes)	2019-06-29 06:52:48
77.29.135.222	attack	Unauthorized connection attempt from IP address 77.29.135.222 on Port 445(SMB)	2019-06-29 07:03:37
185.232.67.53	attack	May 24 21:45:19 microserver sshd[19912]: Invalid user admin from 185.232.67.53 port 54444 May 24 21:45:19 microserver sshd[19912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.232.67.53 May 24 21:45:21 microserver sshd[19912]: Failed password for invalid user admin from 185.232.67.53 port 54444 ssh2 May 24 21:54:24 microserver sshd[22058]: Invalid user admin from 185.232.67.53 port 54474 May 24 21:54:24 microserver sshd[22058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.232.67.53 May 25 15:09:14 microserver sshd[43066]: Invalid user admin from 185.232.67.53 port 60668 May 25 15:09:14 microserver sshd[43066]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.232.67.53 May 25 15:09:16 microserver sshd[43066]: Failed password for invalid user admin from 185.232.67.53 port 60668 ssh2 May 25 15:16:15 microserver sshd[43929]: Invalid user admin from 185.232.67.53 port 39776 May 2	2019-06-29 07:16:40
43.247.180.234	attack	Jun 28 23:02:55 pornomens sshd\[23109\]: Invalid user yuanwd from 43.247.180.234 port 44418 Jun 28 23:02:55 pornomens sshd\[23109\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.247.180.234 Jun 28 23:02:58 pornomens sshd\[23109\]: Failed password for invalid user yuanwd from 43.247.180.234 port 44418 ssh2 ...	2019-06-29 07:13:21
45.230.169.14	attackbots	Jun 24 21:55:03 * sshd[31790]: Invalid user ecqadmin from 45.230.169.14 Jun 24 21:55:03 * sshd[31790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.230.169.14 Jun 24 21:55:06 * sshd[31790]: Failed password for invalid user ecqadmin from 45.230.169.14 port 26250 ssh2 Jun 24 21:55:06 * sshd[31790]: Received disconnect from 45.230.169.14: 11: Bye Bye [preauth] Jun 24 21:57:23 * sshd[31965]: Invalid user teamspeak3 from 45.230.169.14 Jun 24 21:57:23 * sshd[31965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.230.169.14 Jun 24 21:57:25 * sshd[31965]: Failed password for invalid user teamspeak3 from 45.230.169.14 port 22806 ssh2 Jun 24 21:57:26 * sshd[31965]: Received disconnect from 45.230.169.14: 11: Bye Bye [preauth] Jun 24 21:59:19 * sshd[32286]: Invalid user s from 45.230.169.14 Jun 24 21:59:19 * sshd[32286]: pam_unix(sshd:auth): authentication failure; logna........ -------------------------------	2019-06-29 07:20:21
60.172.230.184	attack	'IP reached maximum auth failures for a one day block'	2019-06-29 06:54:44
27.78.89.174	attackbotsspam	Unauthorized connection attempt from IP address 27.78.89.174 on Port 445(SMB)	2019-06-29 07:03:13

最近上报的IP列表

72.37.56.41	4.1.229.207	28.81.255.37	191.196.254.1
122.166.91.229	153.120.181.184	154.125.57.154	187.107.188.205
212.188.66.218	201.89.131.186	100.36.74.68	201.237.114.131
182.220.232.71	132.26.224.144	97.41.34.31	180.121.131.120
124.90.114.6	196.136.69.35	197.232.26.32	159.190.44.166