106.12.13.200 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Apr 10 11:39:57 Tower sshd[30019]: Connection from 106.12.13.200 port 47260 on 192.168.10.220 port 22 rdomain "" Apr 10 11:40:00 Tower sshd[30019]: Invalid user deploy from 106.12.13.200 port 47260 Apr 10 11:40:00 Tower sshd[30019]: error: Could not get shadow information for NOUSER Apr 10 11:40:00 Tower sshd[30019]: Failed password for invalid user deploy from 106.12.13.200 port 47260 ssh2 Apr 10 11:40:00 Tower sshd[30019]: Received disconnect from 106.12.13.200 port 47260:11: Bye Bye [preauth] Apr 10 11:40:00 Tower sshd[30019]: Disconnected from invalid user deploy 106.12.13.200 port 47260 [preauth]	2020-04-11 00:39:30

类型

评论内容

时间

attackbots

Apr 10 11:39:57 Tower sshd[30019]: Connection from 106.12.13.200 port 47260 on 192.168.10.220 port 22 rdomain ""
Apr 10 11:40:00 Tower sshd[30019]: Invalid user deploy from 106.12.13.200 port 47260
Apr 10 11:40:00 Tower sshd[30019]: error: Could not get shadow information for NOUSER
Apr 10 11:40:00 Tower sshd[30019]: Failed password for invalid user deploy from 106.12.13.200 port 47260 ssh2
Apr 10 11:40:00 Tower sshd[30019]: Received disconnect from 106.12.13.200 port 47260:11: Bye Bye [preauth]
Apr 10 11:40:00 Tower sshd[30019]: Disconnected from invalid user deploy 106.12.13.200 port 47260 [preauth]

2020-04-11 00:39:30

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.132.224	attackspam	pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 Failed password for invalid user ekim from 106.12.132.224 port 52754 ssh2 Failed password for root from 106.12.132.224 port 36956 ssh2	2020-10-13 00:57:56
106.12.132.224	attackspam	Oct 12 10:14:25 abendstille sshd\[30630\]: Invalid user yoneyama from 106.12.132.224 Oct 12 10:14:25 abendstille sshd\[30630\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 Oct 12 10:14:27 abendstille sshd\[30630\]: Failed password for invalid user yoneyama from 106.12.132.224 port 39144 ssh2 Oct 12 10:18:24 abendstille sshd\[3001\]: Invalid user briacheslav from 106.12.132.224 Oct 12 10:18:24 abendstille sshd\[3001\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 ...	2020-10-12 16:21:33
106.12.130.44	attackspambots	Oct 12 03:55:17 santamaria sshd\[6269\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.130.44 user=root Oct 12 03:55:19 santamaria sshd\[6269\]: Failed password for root from 106.12.130.44 port 59464 ssh2 Oct 12 03:59:04 santamaria sshd\[6322\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.130.44 user=root ...	2020-10-12 12:10:58
106.12.133.225	attack	(sshd) Failed SSH login from 106.12.133.225 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 10 12:31:56 server5 sshd[22095]: Invalid user test from 106.12.133.225 Oct 10 12:31:56 server5 sshd[22095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 Oct 10 12:31:58 server5 sshd[22095]: Failed password for invalid user test from 106.12.133.225 port 58176 ssh2 Oct 10 12:47:16 server5 sshd[28926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 user=root Oct 10 12:47:18 server5 sshd[28926]: Failed password for root from 106.12.133.225 port 58396 ssh2	2020-10-11 01:23:34
106.12.133.225	attack	Oct 10 06:20:09 scw-gallant-ride sshd[27935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225	2020-10-10 17:16:20
106.12.138.72	attack	Sep 28 10:46:38 XXX sshd[60152]: Invalid user 51.254.2.202 from 106.12.138.72 port 52994	2020-09-30 05:02:21
106.12.138.72	attackspam	Sep 28 10:46:38 XXX sshd[60152]: Invalid user 51.254.2.202 from 106.12.138.72 port 52994	2020-09-29 21:10:51
106.12.138.72	attackspam	Sep 28 10:46:38 XXX sshd[60152]: Invalid user 51.254.2.202 from 106.12.138.72 port 52994	2020-09-29 13:24:31
106.12.133.225	attackspam	Sep 27 18:18:52 roki sshd[310]: Invalid user soporte from 106.12.133.225 Sep 27 18:18:52 roki sshd[310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 Sep 27 18:18:54 roki sshd[310]: Failed password for invalid user soporte from 106.12.133.225 port 37132 ssh2 Sep 27 18:28:04 roki sshd[1030]: Invalid user colin from 106.12.133.225 Sep 27 18:28:04 roki sshd[1030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 ...	2020-09-28 03:29:21
106.12.133.225	attackspambots	Sep 27 13:39:14 santamaria sshd\[27856\]: Invalid user shun from 106.12.133.225 Sep 27 13:39:14 santamaria sshd\[27856\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 Sep 27 13:39:16 santamaria sshd\[27856\]: Failed password for invalid user shun from 106.12.133.225 port 36374 ssh2 ...	2020-09-27 19:40:23
106.12.130.44	attackspambots	$f2bV_matches	2020-09-25 08:00:23
106.12.13.20	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 95 - port: 18475 proto: tcp cat: Misc Attackbytes: 60	2020-09-24 03:24:15
106.12.133.38	attack	Brute-force attempt banned	2020-09-22 03:39:36
106.12.133.38	attackbotsspam	SSH Bruteforce Attempt on Honeypot	2020-09-21 19:26:36
106.12.133.38	attackspambots	Sep 20 13:57:07 logopedia-1vcpu-1gb-nyc1-01 sshd[442802]: Failed password for root from 106.12.133.38 port 36926 ssh2 ...	2020-09-21 00:57:10

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.13.200
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51087
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.13.200.			IN	A

;; AUTHORITY SECTION:
.			247	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041000 1800 900 604800 86400

;; Query time: 167 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 11 00:39:15 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 200.13.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 200.13.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
156.96.56.146	attackbotsspam	2020-06-13T14:24:53+02:00 exim[2317]: fixed_login authenticator failed for (NGCtAc) [156.96.56.146]: 535 Incorrect authentication data (set_id=zsolt.makovsky@makovsky.hu)	2020-06-14 00:00:50
124.205.224.179	attack	Jun 13 15:23:23 vps647732 sshd[17411]: Failed password for root from 124.205.224.179 port 43754 ssh2 Jun 13 15:26:08 vps647732 sshd[17526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.205.224.179 ...	2020-06-13 23:17:11
130.61.118.231	attackspambots	Jun 13 17:27:20 rotator sshd\[13140\]: Invalid user snjuguna from 130.61.118.231Jun 13 17:27:21 rotator sshd\[13140\]: Failed password for invalid user snjuguna from 130.61.118.231 port 42256 ssh2Jun 13 17:30:28 rotator sshd\[13901\]: Invalid user oracle from 130.61.118.231Jun 13 17:30:31 rotator sshd\[13901\]: Failed password for invalid user oracle from 130.61.118.231 port 41712 ssh2Jun 13 17:33:44 rotator sshd\[13939\]: Invalid user pi from 130.61.118.231Jun 13 17:33:45 rotator sshd\[13939\]: Failed password for invalid user pi from 130.61.118.231 port 41174 ssh2 ...	2020-06-13 23:57:01
212.70.149.18	attackspambots	2020-06-13 18:09:01 auth_plain authenticator failed for (User) [212.70.149.18]: 535 Incorrect authentication data (set_id=poznan@lavrinenko.info) 2020-06-13 18:09:48 auth_plain authenticator failed for (User) [212.70.149.18]: 535 Incorrect authentication data (set_id=post2@lavrinenko.info) ...	2020-06-13 23:18:15
197.149.179.210	attack	06/13/2020-08:25:51.594560 197.149.179.210 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-06-13 23:23:46
157.230.150.102	attackbots	2020-06-13T16:35[Censored Hostname] sshd[18601]: Failed password for invalid user v from 157.230.150.102 port 50698 ssh2 2020-06-13T16:38[Censored Hostname] sshd[19629]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.150.102 user=root 2020-06-13T16:38[Censored Hostname] sshd[19629]: Failed password for root from 157.230.150.102 port 51886 ssh2[...]	2020-06-13 23:08:07
14.142.143.138	attackbotsspam	Jun 13 12:32:54 firewall sshd[10570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.142.143.138 Jun 13 12:32:54 firewall sshd[10570]: Invalid user um from 14.142.143.138 Jun 13 12:32:56 firewall sshd[10570]: Failed password for invalid user um from 14.142.143.138 port 22464 ssh2 ...	2020-06-13 23:41:17
183.234.11.43	attack	Jun 13 06:37:30 dignus sshd[12525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.234.11.43 Jun 13 06:37:32 dignus sshd[12525]: Failed password for invalid user 0192837465 from 183.234.11.43 port 52913 ssh2 Jun 13 06:39:06 dignus sshd[12651]: Invalid user 1234567890 from 183.234.11.43 port 35621 Jun 13 06:39:06 dignus sshd[12651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.234.11.43 Jun 13 06:39:08 dignus sshd[12651]: Failed password for invalid user 1234567890 from 183.234.11.43 port 35621 ssh2 ...	2020-06-13 23:09:38
49.247.128.68	attackbots	Lines containing failures of 49.247.128.68 Jun 12 12:29:46 * sshd[83104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.247.128.68 user=r.r Jun 12 12:29:48 * sshd[83104]: Failed password for r.r from 49.247.128.68 port 55450 ssh2 Jun 12 12:29:48 * sshd[83104]: Received disconnect from 49.247.128.68 port 55450:11: Bye Bye [preauth] Jun 12 12:29:48 * sshd[83104]: Disconnected from authenticating user r.r 49.247.128.68 port 55450 [preauth] Jun 12 12:33:48 * sshd[83343]: Invalid user admin from 49.247.128.68 port 48890 Jun 12 12:33:48 * sshd[83343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.247.128.68 Jun 12 12:33:50 * sshd[83343]: Failed password for invalid user admin from 49.247.128.68 port 48890 ssh2 Jun 12 12:33:50 * sshd[83343]: Received disconnect from 49.247.128.68 port 48890:11: Bye Bye [preauth] Jun 12 12:33:50 *** sshd[83343]: Disconnected from invalid us........ ------------------------------	2020-06-13 23:47:12
203.54.221.218	attack	Lines containing failures of 203.54.221.218 Jun 12 12:51:44 shared04 sshd[10923]: Invalid user smmsp from 203.54.221.218 port 35390 Jun 12 12:51:44 shared04 sshd[10923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.54.221.218 Jun 12 12:51:46 shared04 sshd[10923]: Failed password for invalid user smmsp from 203.54.221.218 port 35390 ssh2 Jun 12 12:51:46 shared04 sshd[10923]: Received disconnect from 203.54.221.218 port 35390:11: Bye Bye [preauth] Jun 12 12:51:46 shared04 sshd[10923]: Disconnected from invalid user smmsp 203.54.221.218 port 35390 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=203.54.221.218	2020-06-13 23:50:39
46.38.145.249	attack	Jun 12 22:08:49 statusweb1.srvfarm.net postfix/smtpd[15429]: warning: unknown[46.38.145.249]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 12 22:10:28 statusweb1.srvfarm.net postfix/smtpd[15429]: warning: unknown[46.38.145.249]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 12 22:12:01 statusweb1.srvfarm.net postfix/smtpd[16074]: warning: unknown[46.38.145.249]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 12 22:13:34 statusweb1.srvfarm.net postfix/smtpd[15050]: warning: unknown[46.38.145.249]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 12 22:15:08 statusweb1.srvfarm.net postfix/smtpd[15050]: warning: unknown[46.38.145.249]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-06-13 23:09:19
62.209.192.242	attackbotsspam	pinterest spam	2020-06-13 23:26:57
222.186.42.7	attackspam	Unauthorized connection attempt detected from IP address 222.186.42.7 to port 22	2020-06-13 23:14:52
188.163.109.153	attackspambots	0,34-01/02 [bc01/m27] PostRequest-Spammer scoring: brussels	2020-06-13 23:28:28
165.22.69.147	attackspambots	Jun 13 09:24:45 ws19vmsma01 sshd[107679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.69.147 Jun 13 09:24:47 ws19vmsma01 sshd[107679]: Failed password for invalid user khalifa from 165.22.69.147 port 49870 ssh2 ...	2020-06-13 23:59:13

最近上报的IP列表

116.24.38.83	188.14.178.5	100.74.43.88	213.234.252.34
142.168.85.129	152.240.148.25	177.220.176.225	43.6.189.48
49.154.151.95	248.156.120.255	252.75.137.81	12.134.52.24
2.47.179.38	73.137.118.35	159.58.94.216	211.84.161.158
135.183.164.29	75.223.95.101	110.168.208.204	167.71.223.41