106.81.231.213

基本信息:

城市(city): unknown

省份(region): Chongqing

国家(country): China

运营商(isp): ChinaNet Chongqing Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-28 03:41:04

相同子网IP讨论:

IP	类型	评论内容	时间
106.81.231.123	attack	Jun 23 05:52:34 pl2server sshd[2278]: Invalid user jboss from 106.81.231.123 port 33372 Jun 23 05:52:34 pl2server sshd[2278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.81.231.123 Jun 23 05:52:36 pl2server sshd[2278]: Failed password for invalid user jboss from 106.81.231.123 port 33372 ssh2 Jun 23 05:52:36 pl2server sshd[2278]: Received disconnect from 106.81.231.123 port 33372:11: Bye Bye [preauth] Jun 23 05:52:36 pl2server sshd[2278]: Disconnected from 106.81.231.123 port 33372 [preauth] Jun 23 05:55:48 pl2server sshd[3415]: Invalid user zhangx from 106.81.231.123 port 22039 Jun 23 05:55:48 pl2server sshd[3415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.81.231.123 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.81.231.123	2020-06-23 15:42:20

类型

评论内容

时间

106.81.231.123

attack

Jun 23 05:52:34 pl2server sshd[2278]: Invalid user jboss from 106.81.231.123 port 33372
Jun 23 05:52:34 pl2server sshd[2278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.81.231.123
Jun 23 05:52:36 pl2server sshd[2278]: Failed password for invalid user jboss from 106.81.231.123 port 33372 ssh2
Jun 23 05:52:36 pl2server sshd[2278]: Received disconnect from 106.81.231.123 port 33372:11: Bye Bye [preauth]
Jun 23 05:52:36 pl2server sshd[2278]: Disconnected from 106.81.231.123 port 33372 [preauth]
Jun 23 05:55:48 pl2server sshd[3415]: Invalid user zhangx from 106.81.231.123 port 22039
Jun 23 05:55:48 pl2server sshd[3415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.81.231.123


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=106.81.231.123

2020-06-23 15:42:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.81.231.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41060
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.81.231.213.			IN	A

;; AUTHORITY SECTION:
.			344	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122700 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 28 03:41:01 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 213.231.81.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 213.231.81.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
192.140.121.148	attackspam	Autoban 192.140.121.148 AUTH/CONNECT	2019-07-22 03:15:17
193.105.62.233	attackbotsspam	Autoban 193.105.62.233 AUTH/CONNECT	2019-07-22 03:01:54
197.25.227.40	attack	Sun, 21 Jul 2019 18:29:05 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:00:29
191.83.73.127	attackbots	Autoban 191.83.73.127 AUTH/CONNECT	2019-07-22 03:27:42
113.173.125.136	attack	Sun, 21 Jul 2019 18:29:03 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:07:22
180.178.93.146	attack	Sun, 21 Jul 2019 18:28:59 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:20:09
193.19.254.22	attackbotsspam	Autoban 193.19.254.22 AUTH/CONNECT	2019-07-22 02:54:15
191.89.86.102	attackspam	Autoban 191.89.86.102 AUTH/CONNECT	2019-07-22 03:24:09
192.145.122.39	attackspam	Autoban 192.145.122.39 AUTH/CONNECT	2019-07-22 03:11:23
180.241.44.208	attackbotsspam	Sun, 21 Jul 2019 18:28:57 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:25:12
27.145.136.34	attackbotsspam	Sun, 21 Jul 2019 18:28:58 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:23:48
92.119.160.143	attack	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-07-22 03:17:32
18.225.36.242	attackbotsspam	Jul 21 18:17:53 xb3 sshd[31590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-18-225-36-242.us-east-2.compute.amazonaws.com Jul 21 18:17:55 xb3 sshd[31590]: Failed password for invalid user techadmin from 18.225.36.242 port 50390 ssh2 Jul 21 18:17:55 xb3 sshd[31590]: Received disconnect from 18.225.36.242: 11: Bye Bye [preauth] Jul 21 18:29:02 xb3 sshd[32358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-18-225-36-242.us-east-2.compute.amazonaws.com Jul 21 18:29:04 xb3 sshd[32358]: Failed password for invalid user marimo from 18.225.36.242 port 43624 ssh2 Jul 21 18:29:04 xb3 sshd[32358]: Received disconnect from 18.225.36.242: 11: Bye Bye [preauth] Jul 21 18:33:28 xb3 sshd[29976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-18-225-36-242.us-east-2.compute.amazonaws.com Jul 21 18:33:30 xb3 sshd[29976]: Failed password for invalid u........ -------------------------------	2019-07-22 03:27:15
118.68.245.55	attackbots	Sun, 21 Jul 2019 18:28:58 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:22:34
193.192.115.86	attackspam	Autoban 193.192.115.86 AUTH/CONNECT	2019-07-22 02:53:42

最近上报的IP列表

181.226.246.169	190.60.109.222	222.161.41.235	118.225.71.5
190.60.109.220	196.206.6.84	51.38.35.2	114.111.139.251
190.60.109.221	220.23.159.198	52.63.1.73	85.130.181.65
193.175.94.76	188.69.122.233	65.192.223.52	166.193.2.28
125.40.107.2	118.68.203.7	120.146.173.217	24.70.126.26