106.12.13.234 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	(mod_security) mod_security (id:218500) triggered by 106.12.13.234 (CN/China/-): 5 in the last 3600 secs	2020-07-02 05:10:10

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.132.224	attackspam	pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 Failed password for invalid user ekim from 106.12.132.224 port 52754 ssh2 Failed password for root from 106.12.132.224 port 36956 ssh2	2020-10-13 00:57:56
106.12.132.224	attackspam	Oct 12 10:14:25 abendstille sshd\[30630\]: Invalid user yoneyama from 106.12.132.224 Oct 12 10:14:25 abendstille sshd\[30630\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 Oct 12 10:14:27 abendstille sshd\[30630\]: Failed password for invalid user yoneyama from 106.12.132.224 port 39144 ssh2 Oct 12 10:18:24 abendstille sshd\[3001\]: Invalid user briacheslav from 106.12.132.224 Oct 12 10:18:24 abendstille sshd\[3001\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 ...	2020-10-12 16:21:33
106.12.130.44	attackspambots	Oct 12 03:55:17 santamaria sshd\[6269\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.130.44 user=root Oct 12 03:55:19 santamaria sshd\[6269\]: Failed password for root from 106.12.130.44 port 59464 ssh2 Oct 12 03:59:04 santamaria sshd\[6322\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.130.44 user=root ...	2020-10-12 12:10:58
106.12.133.225	attack	(sshd) Failed SSH login from 106.12.133.225 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 10 12:31:56 server5 sshd[22095]: Invalid user test from 106.12.133.225 Oct 10 12:31:56 server5 sshd[22095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 Oct 10 12:31:58 server5 sshd[22095]: Failed password for invalid user test from 106.12.133.225 port 58176 ssh2 Oct 10 12:47:16 server5 sshd[28926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 user=root Oct 10 12:47:18 server5 sshd[28926]: Failed password for root from 106.12.133.225 port 58396 ssh2	2020-10-11 01:23:34
106.12.133.225	attack	Oct 10 06:20:09 scw-gallant-ride sshd[27935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225	2020-10-10 17:16:20
106.12.138.72	attack	Sep 28 10:46:38 XXX sshd[60152]: Invalid user 51.254.2.202 from 106.12.138.72 port 52994	2020-09-30 05:02:21
106.12.138.72	attackspam	Sep 28 10:46:38 XXX sshd[60152]: Invalid user 51.254.2.202 from 106.12.138.72 port 52994	2020-09-29 21:10:51
106.12.138.72	attackspam	Sep 28 10:46:38 XXX sshd[60152]: Invalid user 51.254.2.202 from 106.12.138.72 port 52994	2020-09-29 13:24:31
106.12.133.225	attackspam	Sep 27 18:18:52 roki sshd[310]: Invalid user soporte from 106.12.133.225 Sep 27 18:18:52 roki sshd[310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 Sep 27 18:18:54 roki sshd[310]: Failed password for invalid user soporte from 106.12.133.225 port 37132 ssh2 Sep 27 18:28:04 roki sshd[1030]: Invalid user colin from 106.12.133.225 Sep 27 18:28:04 roki sshd[1030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 ...	2020-09-28 03:29:21
106.12.133.225	attackspambots	Sep 27 13:39:14 santamaria sshd\[27856\]: Invalid user shun from 106.12.133.225 Sep 27 13:39:14 santamaria sshd\[27856\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 Sep 27 13:39:16 santamaria sshd\[27856\]: Failed password for invalid user shun from 106.12.133.225 port 36374 ssh2 ...	2020-09-27 19:40:23
106.12.130.44	attackspambots	$f2bV_matches	2020-09-25 08:00:23
106.12.13.20	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 95 - port: 18475 proto: tcp cat: Misc Attackbytes: 60	2020-09-24 03:24:15
106.12.133.38	attack	Brute-force attempt banned	2020-09-22 03:39:36
106.12.133.38	attackbotsspam	SSH Bruteforce Attempt on Honeypot	2020-09-21 19:26:36
106.12.133.38	attackspambots	Sep 20 13:57:07 logopedia-1vcpu-1gb-nyc1-01 sshd[442802]: Failed password for root from 106.12.133.38 port 36926 ssh2 ...	2020-09-21 00:57:10

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.13.234
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63360
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.13.234.			IN	A

;; AUTHORITY SECTION:
.			395	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062201 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 23 02:22:20 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 234.13.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 234.13.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
148.70.23.131	attackspam	Jan 9 20:05:37 eddieflores sshd\[5036\]: Invalid user katrin from 148.70.23.131 Jan 9 20:05:37 eddieflores sshd\[5036\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.23.131 Jan 9 20:05:39 eddieflores sshd\[5036\]: Failed password for invalid user katrin from 148.70.23.131 port 45698 ssh2 Jan 9 20:09:13 eddieflores sshd\[5456\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.23.131 user=root Jan 9 20:09:15 eddieflores sshd\[5456\]: Failed password for root from 148.70.23.131 port 60627 ssh2	2020-01-10 19:22:32
186.18.210.119	attackbots	2019-07-08 11:39:03 1hkQ6w-00036c-Hc SMTP connection from $cpe-186-18-210-119.telecentro-reversos.com.ar$ \[186.18.210.119\]:12868 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-08 11:39:10 1hkQ73-00036s-9n SMTP connection from $cpe-186-18-210-119.telecentro-reversos.com.ar$ \[186.18.210.119\]:12939 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-08 11:39:15 1hkQ78-000374-VU SMTP connection from $cpe-186-18-210-119.telecentro-reversos.com.ar$ \[186.18.210.119\]:12978 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-01-10 19:30:44
188.165.198.162	attack	Invalid user anna from 188.165.198.162 port 43706 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.165.198.162 Failed password for invalid user anna from 188.165.198.162 port 43706 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.165.198.162 user=root Failed password for root from 188.165.198.162 port 50040 ssh2	2020-01-10 19:08:46
149.56.15.98	attackbotsspam	Jan 10 04:49:10 *** sshd[24219]: Invalid user bj from 149.56.15.98	2020-01-10 19:05:19
119.40.33.22	attack	Jan 10 07:28:20 marvibiene sshd[32452]: Invalid user elw from 119.40.33.22 port 56737 Jan 10 07:28:20 marvibiene sshd[32452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.40.33.22 Jan 10 07:28:20 marvibiene sshd[32452]: Invalid user elw from 119.40.33.22 port 56737 Jan 10 07:28:22 marvibiene sshd[32452]: Failed password for invalid user elw from 119.40.33.22 port 56737 ssh2 ...	2020-01-10 19:42:06
180.166.10.19	attackbots	1433/tcp 1433/tcp 1433/tcp... [2019-11-10/2020-01-10]4pkt,1pt.(tcp)	2020-01-10 19:19:10
160.20.52.22	attack	445/tcp 445/tcp 445/tcp... [2019-11-15/2020-01-10]4pkt,1pt.(tcp)	2020-01-10 19:10:31
81.22.45.117	attackspambots	Jan 10 07:08:02 debian-2gb-nbg1-2 kernel: \[895793.230586\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.117 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=28057 PROTO=TCP SPT=42896 DPT=3388 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-10 19:38:35
165.227.225.195	attackbots	Jan 10 06:34:05 legacy sshd[25329]: Failed password for root from 165.227.225.195 port 57960 ssh2 Jan 10 06:39:53 legacy sshd[25619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.225.195 Jan 10 06:39:55 legacy sshd[25619]: Failed password for invalid user nxl from 165.227.225.195 port 60896 ssh2 ...	2020-01-10 19:23:55
217.19.154.218	attackspambots	Jan 10 01:04:48 hanapaa sshd\[29773\]: Invalid user beg from 217.19.154.218 Jan 10 01:04:48 hanapaa sshd\[29773\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host-217-19-154-218.ip.retelit.it Jan 10 01:04:50 hanapaa sshd\[29773\]: Failed password for invalid user beg from 217.19.154.218 port 16729 ssh2 Jan 10 01:07:19 hanapaa sshd\[30051\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host-217-19-154-218.ip.retelit.it user=root Jan 10 01:07:21 hanapaa sshd\[30051\]: Failed password for root from 217.19.154.218 port 35634 ssh2	2020-01-10 19:17:57
36.153.0.229	attackspam	SSH/22 MH Probe, BF, Hack -	2020-01-10 19:26:44
110.138.150.152	attack	20/1/9@23:48:40: FAIL: Alarm-Network address from=110.138.150.152 ...	2020-01-10 19:36:10
202.163.116.138	attackspam	Jan 10 09:02:54 grey postfix/smtpd\[24410\]: NOQUEUE: reject: RCPT from unknown\[202.163.116.138\]: 554 5.7.1 Service unavailable\; Client host \[202.163.116.138\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?202.163.116.138\; from=\ to=\ proto=ESMTP helo=\<\[202.163.116.138\]\> ...	2020-01-10 19:09:35
27.56.150.190	attackspambots	Jan 10 12:15:07 grey postfix/smtpd\[24906\]: NOQUEUE: reject: RCPT from unknown\[27.56.150.190\]: 554 5.7.1 Service unavailable\; Client host \[27.56.150.190\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[27.56.150.190\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-10 19:24:14
83.97.20.221	attackbotsspam	unauthorized access on port 443 [https] FO	2020-01-10 19:13:34

最近上报的IP列表

110.25.88.123	52.142.55.36	123.125.115.229	179.232.159.158
117.240.182.194	196.43.147.212	195.16.97.243	42.84.77.235
202.21.113.210	36.112.108.195	118.69.183.144	88.164.135.193
254.92.35.55	144.228.43.99	61.246.37.240	45.95.168.178
217.182.204.34	202.166.220.40	179.198.127.36	112.3.30.15