106.12.13.234 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	(mod_security) mod_security (id:218500) triggered by 106.12.13.234 (CN/China/-): 5 in the last 3600 secs	2020-07-02 05:10:10

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.132.224	attackspam	pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 Failed password for invalid user ekim from 106.12.132.224 port 52754 ssh2 Failed password for root from 106.12.132.224 port 36956 ssh2	2020-10-13 00:57:56
106.12.132.224	attackspam	Oct 12 10:14:25 abendstille sshd\[30630\]: Invalid user yoneyama from 106.12.132.224 Oct 12 10:14:25 abendstille sshd\[30630\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 Oct 12 10:14:27 abendstille sshd\[30630\]: Failed password for invalid user yoneyama from 106.12.132.224 port 39144 ssh2 Oct 12 10:18:24 abendstille sshd\[3001\]: Invalid user briacheslav from 106.12.132.224 Oct 12 10:18:24 abendstille sshd\[3001\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 ...	2020-10-12 16:21:33
106.12.130.44	attackspambots	Oct 12 03:55:17 santamaria sshd\[6269\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.130.44 user=root Oct 12 03:55:19 santamaria sshd\[6269\]: Failed password for root from 106.12.130.44 port 59464 ssh2 Oct 12 03:59:04 santamaria sshd\[6322\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.130.44 user=root ...	2020-10-12 12:10:58
106.12.133.225	attack	(sshd) Failed SSH login from 106.12.133.225 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 10 12:31:56 server5 sshd[22095]: Invalid user test from 106.12.133.225 Oct 10 12:31:56 server5 sshd[22095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 Oct 10 12:31:58 server5 sshd[22095]: Failed password for invalid user test from 106.12.133.225 port 58176 ssh2 Oct 10 12:47:16 server5 sshd[28926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 user=root Oct 10 12:47:18 server5 sshd[28926]: Failed password for root from 106.12.133.225 port 58396 ssh2	2020-10-11 01:23:34
106.12.133.225	attack	Oct 10 06:20:09 scw-gallant-ride sshd[27935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225	2020-10-10 17:16:20
106.12.138.72	attack	Sep 28 10:46:38 XXX sshd[60152]: Invalid user 51.254.2.202 from 106.12.138.72 port 52994	2020-09-30 05:02:21
106.12.138.72	attackspam	Sep 28 10:46:38 XXX sshd[60152]: Invalid user 51.254.2.202 from 106.12.138.72 port 52994	2020-09-29 21:10:51
106.12.138.72	attackspam	Sep 28 10:46:38 XXX sshd[60152]: Invalid user 51.254.2.202 from 106.12.138.72 port 52994	2020-09-29 13:24:31
106.12.133.225	attackspam	Sep 27 18:18:52 roki sshd[310]: Invalid user soporte from 106.12.133.225 Sep 27 18:18:52 roki sshd[310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 Sep 27 18:18:54 roki sshd[310]: Failed password for invalid user soporte from 106.12.133.225 port 37132 ssh2 Sep 27 18:28:04 roki sshd[1030]: Invalid user colin from 106.12.133.225 Sep 27 18:28:04 roki sshd[1030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 ...	2020-09-28 03:29:21
106.12.133.225	attackspambots	Sep 27 13:39:14 santamaria sshd\[27856\]: Invalid user shun from 106.12.133.225 Sep 27 13:39:14 santamaria sshd\[27856\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 Sep 27 13:39:16 santamaria sshd\[27856\]: Failed password for invalid user shun from 106.12.133.225 port 36374 ssh2 ...	2020-09-27 19:40:23
106.12.130.44	attackspambots	$f2bV_matches	2020-09-25 08:00:23
106.12.13.20	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 95 - port: 18475 proto: tcp cat: Misc Attackbytes: 60	2020-09-24 03:24:15
106.12.133.38	attack	Brute-force attempt banned	2020-09-22 03:39:36
106.12.133.38	attackbotsspam	SSH Bruteforce Attempt on Honeypot	2020-09-21 19:26:36
106.12.133.38	attackspambots	Sep 20 13:57:07 logopedia-1vcpu-1gb-nyc1-01 sshd[442802]: Failed password for root from 106.12.133.38 port 36926 ssh2 ...	2020-09-21 00:57:10

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.13.234
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63360
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.13.234.			IN	A

;; AUTHORITY SECTION:
.			395	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062201 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 23 02:22:20 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 234.13.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 234.13.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
46.38.144.146	attackspam	Sep 22 23:53:04 webserver postfix/smtpd\[21877\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 22 23:54:21 webserver postfix/smtpd\[24586\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 22 23:55:38 webserver postfix/smtpd\[23829\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 22 23:56:55 webserver postfix/smtpd\[24586\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 22 23:58:11 webserver postfix/smtpd\[23829\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-09-23 06:00:54
203.195.246.58	attack	Sep 22 11:56:13 eddieflores sshd\[22385\]: Invalid user rudy from 203.195.246.58 Sep 22 11:56:13 eddieflores sshd\[22385\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.246.58 Sep 22 11:56:15 eddieflores sshd\[22385\]: Failed password for invalid user rudy from 203.195.246.58 port 58122 ssh2 Sep 22 12:01:01 eddieflores sshd\[22759\]: Invalid user dg from 203.195.246.58 Sep 22 12:01:01 eddieflores sshd\[22759\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.246.58	2019-09-23 06:02:18
222.188.29.91	attackbotsspam	Sep 22 23:03:29 eventyay sshd[525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.188.29.91 Sep 22 23:03:31 eventyay sshd[525]: Failed password for invalid user service from 222.188.29.91 port 60915 ssh2 Sep 22 23:03:35 eventyay sshd[525]: Failed password for invalid user service from 222.188.29.91 port 60915 ssh2 Sep 22 23:03:39 eventyay sshd[525]: Failed password for invalid user service from 222.188.29.91 port 60915 ssh2 ...	2019-09-23 06:30:09
185.200.118.35	attack	Port scan: Attack repeated for 24 hours	2019-09-23 06:28:59
46.38.144.17	attackbots	Sep 22 23:48:22 webserver postfix/smtpd\[21877\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 22 23:49:38 webserver postfix/smtpd\[24586\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 22 23:50:54 webserver postfix/smtpd\[24586\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 22 23:52:09 webserver postfix/smtpd\[23829\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 22 23:53:28 webserver postfix/smtpd\[24586\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-09-23 05:57:28
112.85.42.72	attackspambots	Sep 22 21:56:14 game-panel sshd[15302]: Failed password for root from 112.85.42.72 port 23057 ssh2 Sep 22 21:56:16 game-panel sshd[15302]: Failed password for root from 112.85.42.72 port 23057 ssh2 Sep 22 21:56:18 game-panel sshd[15302]: Failed password for root from 112.85.42.72 port 23057 ssh2	2019-09-23 06:21:49
115.159.216.187	attackspam	Sep 22 22:05:49 ip-172-31-1-72 sshd\[712\]: Invalid user ramu from 115.159.216.187 Sep 22 22:05:49 ip-172-31-1-72 sshd\[712\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.216.187 Sep 22 22:05:51 ip-172-31-1-72 sshd\[712\]: Failed password for invalid user ramu from 115.159.216.187 port 32871 ssh2 Sep 22 22:10:33 ip-172-31-1-72 sshd\[869\]: Invalid user logger from 115.159.216.187 Sep 22 22:10:33 ip-172-31-1-72 sshd\[869\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.216.187	2019-09-23 06:18:36
37.115.185.241	attackbotsspam	C2,WP GET //wp-includes/wlwmanifest.xml	2019-09-23 06:09:42
185.234.219.175	attack	2019-09-20 00:36:22 -> 2019-09-22 22:55:03 : 1699 login attempts (185.234.219.175)	2019-09-23 06:04:08
46.101.170.142	attackbotsspam	Sep 22 12:04:27 auw2 sshd\[11657\]: Invalid user cniac from 46.101.170.142 Sep 22 12:04:27 auw2 sshd\[11657\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=thibaut.sh Sep 22 12:04:29 auw2 sshd\[11657\]: Failed password for invalid user cniac from 46.101.170.142 port 55188 ssh2 Sep 22 12:08:05 auw2 sshd\[12031\]: Invalid user temp from 46.101.170.142 Sep 22 12:08:05 auw2 sshd\[12031\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=thibaut.sh	2019-09-23 06:30:58
194.219.126.110	attackspambots	2019-09-22T17:39:55.7907671495-001 sshd\[58667\]: Failed password for invalid user modifications from 194.219.126.110 port 49189 ssh2 2019-09-22T17:51:17.1626331495-001 sshd\[59403\]: Invalid user public from 194.219.126.110 port 50865 2019-09-22T17:51:17.1675641495-001 sshd\[59403\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=com-tech.ath.forthnet.gr 2019-09-22T17:51:19.0568881495-001 sshd\[59403\]: Failed password for invalid user public from 194.219.126.110 port 50865 ssh2 2019-09-22T18:02:34.9538601495-001 sshd\[60253\]: Invalid user Administrator from 194.219.126.110 port 54157 2019-09-22T18:02:34.9576001495-001 sshd\[60253\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=com-tech.ath.forthnet.gr ...	2019-09-23 06:27:17
188.240.208.212	attack	Sep 22 07:41:13 newdogma sshd[13699]: Invalid user reginaldo from 188.240.208.212 port 36594 Sep 22 07:41:13 newdogma sshd[13699]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.240.208.212 Sep 22 07:41:15 newdogma sshd[13699]: Failed password for invalid user reginaldo from 188.240.208.212 port 36594 ssh2 Sep 22 07:41:15 newdogma sshd[13699]: Received disconnect from 188.240.208.212 port 36594:11: Bye Bye [preauth] Sep 22 07:41:15 newdogma sshd[13699]: Disconnected from 188.240.208.212 port 36594 [preauth] Sep 22 07:51:15 newdogma sshd[13818]: Invalid user qc from 188.240.208.212 port 48204 Sep 22 07:51:15 newdogma sshd[13818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.240.208.212 Sep 22 07:51:17 newdogma sshd[13818]: Failed password for invalid user qc from 188.240.208.212 port 48204 ssh2 Sep 22 07:51:18 newdogma sshd[13818]: Received disconnect from 188.240.208.212 port 482........ -------------------------------	2019-09-23 06:22:52
185.238.44.38	attackspam	Sent mail to target address hacked/leaked from abandonia in 2016	2019-09-23 06:13:23
106.75.174.233	attackbotsspam	Sep 22 12:26:35 web1 sshd\[26556\]: Invalid user jdoe from 106.75.174.233 Sep 22 12:26:35 web1 sshd\[26556\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.174.233 Sep 22 12:26:38 web1 sshd\[26556\]: Failed password for invalid user jdoe from 106.75.174.233 port 55900 ssh2 Sep 22 12:29:35 web1 sshd\[26855\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.174.233 user=root Sep 22 12:29:37 web1 sshd\[26855\]: Failed password for root from 106.75.174.233 port 52202 ssh2	2019-09-23 06:31:42
51.38.51.200	attackspam	Sep 23 00:15:51 SilenceServices sshd[12398]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.51.200 Sep 23 00:15:53 SilenceServices sshd[12398]: Failed password for invalid user qinbo from 51.38.51.200 port 59030 ssh2 Sep 23 00:19:50 SilenceServices sshd[13507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.51.200	2019-09-23 06:25:52

最近上报的IP列表

110.25.88.123	52.142.55.36	123.125.115.229	179.232.159.158
117.240.182.194	196.43.147.212	195.16.97.243	42.84.77.235
202.21.113.210	36.112.108.195	118.69.183.144	88.164.135.193
254.92.35.55	144.228.43.99	61.246.37.240	45.95.168.178
217.182.204.34	202.166.220.40	179.198.127.36	112.3.30.15