106.12.139.138

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Invalid user admin from 106.12.139.138 port 43886	2020-04-18 07:50:28
attack	k+ssh-bruteforce	2020-04-07 06:38:19
attackspambots	SSH bruteforce (Triggered fail2ban)	2020-04-05 19:27:44

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.139.137	attackspambots	May 22 08:07:45 vps687878 sshd\[26039\]: Failed password for invalid user bjr from 106.12.139.137 port 46258 ssh2 May 22 08:09:38 vps687878 sshd\[26255\]: Invalid user vwc from 106.12.139.137 port 42516 May 22 08:09:38 vps687878 sshd\[26255\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.139.137 May 22 08:09:40 vps687878 sshd\[26255\]: Failed password for invalid user vwc from 106.12.139.137 port 42516 ssh2 May 22 08:11:35 vps687878 sshd\[26623\]: Invalid user lijingping from 106.12.139.137 port 38784 May 22 08:11:35 vps687878 sshd\[26623\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.139.137 ...	2020-05-22 17:12:36
106.12.139.149	attack	$f2bV_matches	2020-05-15 00:58:13
106.12.139.149	attack	2020-05-14T07:11:13.569671 sshd[4146]: Invalid user user2 from 106.12.139.149 port 35314 2020-05-14T07:11:13.585700 sshd[4146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.139.149 2020-05-14T07:11:13.569671 sshd[4146]: Invalid user user2 from 106.12.139.149 port 35314 2020-05-14T07:11:15.541463 sshd[4146]: Failed password for invalid user user2 from 106.12.139.149 port 35314 ssh2 ...	2020-05-14 14:24:41
106.12.139.149	attackspambots	$f2bV_matches	2020-05-11 17:35:45
106.12.139.137	attackspam	May 10 00:45:44 firewall sshd[13763]: Failed password for invalid user userftp from 106.12.139.137 port 42066 ssh2 May 10 00:47:16 firewall sshd[13800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.139.137 user=root May 10 00:47:18 firewall sshd[13800]: Failed password for root from 106.12.139.137 port 34058 ssh2 ...	2020-05-10 19:15:06
106.12.139.137	attackbotsspam	May 6 06:54:03 server sshd[27768]: Failed password for invalid user fgs from 106.12.139.137 port 58358 ssh2 May 6 06:57:01 server sshd[27935]: Failed password for invalid user root1 from 106.12.139.137 port 39836 ssh2 May 6 06:59:56 server sshd[28070]: Failed password for invalid user nagios from 106.12.139.137 port 49560 ssh2	2020-05-06 15:05:33
106.12.139.149	attack	Apr 28 05:38:59 v22018086721571380 sshd[12824]: Failed password for invalid user sridhar from 106.12.139.149 port 52636 ssh2	2020-04-28 12:03:00
106.12.139.137	attackspambots	Apr 21 15:11:37 pve1 sshd[12234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.139.137 Apr 21 15:11:39 pve1 sshd[12234]: Failed password for invalid user mysql from 106.12.139.137 port 34914 ssh2 ...	2020-04-21 22:24:46
106.12.139.149	attackbotsspam	Invalid user admin from 106.12.139.149 port 55384	2020-04-15 12:05:14
106.12.139.149	attack	Apr 10 16:23:40 webhost01 sshd[16562]: Failed password for root from 106.12.139.149 port 35014 ssh2 ...	2020-04-10 17:28:13
106.12.139.149	attack	$f2bV_matches	2020-04-08 08:41:58
106.12.139.137	attackspambots	Automatic report - SSH Brute-Force Attack	2020-04-03 16:35:24
106.12.139.137	attack	Invalid user liangbin from 106.12.139.137 port 33872	2020-04-03 06:25:00
106.12.139.149	attack	Apr 2 07:49:52 lukav-desktop sshd\[29814\]: Invalid user sc from 106.12.139.149 Apr 2 07:49:52 lukav-desktop sshd\[29814\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.139.149 Apr 2 07:49:54 lukav-desktop sshd\[29814\]: Failed password for invalid user sc from 106.12.139.149 port 43744 ssh2 Apr 2 07:53:23 lukav-desktop sshd\[30014\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.139.149 user=root Apr 2 07:53:25 lukav-desktop sshd\[30014\]: Failed password for root from 106.12.139.149 port 54526 ssh2	2020-04-02 18:54:35
106.12.139.149	attack	SSH bruteforce (Triggered fail2ban)	2020-03-28 03:43:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.139.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 526
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.139.138.			IN	A

;; AUTHORITY SECTION:
.			524	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040500 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 05 19:27:40 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 138.139.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.139.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
67.205.154.203	attack	Port scan denied	2020-06-01 03:46:28
141.98.81.138	attackbotsspam	ET SCAN Potential SSH Scan - port: 22 proto: TCP cat: Attempted Information Leak	2020-06-01 04:02:14
103.145.12.125	attackbots	[2020-05-31 15:50:24] NOTICE[1157] chan_sip.c: Registration from '"8012" ' failed for '103.145.12.125:5828' - Wrong password [2020-05-31 15:50:24] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-31T15:50:24.235-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="8012",SessionID="0x7f5f10678288",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.125/5828",Challenge="68b466f8",ReceivedChallenge="68b466f8",ReceivedHash="c5cdbd7f257e3975ef4596b5f483d23b" [2020-05-31 15:50:24] NOTICE[1157] chan_sip.c: Registration from '"8012" ' failed for '103.145.12.125:5828' - Wrong password [2020-05-31 15:50:24] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-31T15:50:24.465-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="8012",SessionID="0x7f5f10227d48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-06-01 04:04:25
92.53.65.40	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 88 - port: 3717 proto: TCP cat: Misc Attack	2020-06-01 03:40:34
87.251.74.137	attackspam	05/31/2020-15:26:24.986400 87.251.74.137 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-01 03:42:59
89.248.167.131	attack	Port Scan detected! ...	2020-06-01 04:10:29
80.82.65.74	attackbotsspam	05/31/2020-16:12:28.326129 80.82.65.74 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-06-01 04:17:10
87.251.74.134	attack	05/31/2020-15:35:21.812272 87.251.74.134 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-01 04:13:32
37.49.226.40	attackbotsspam	Port scanning [6 denied]	2020-06-01 03:50:47
94.102.51.31	attackbots	05/31/2020-15:44:47.289957 94.102.51.31 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-01 04:06:10
109.244.18.230	attack	TCP (SYN) 109.244.18.230:60317 -> port 1433, len 52	2020-06-01 04:03:29
92.119.160.145	attackbots	[Mon Jun 01 01:23:10 2020] - DDoS Attack From IP: 92.119.160.145 Port: 48630	2020-06-01 04:07:48
195.54.166.43	attack	ET DROP Dshield Block Listed Source group 1 - port: 37020 proto: TCP cat: Misc Attack	2020-06-01 03:55:13
195.54.167.120	attack	May 31 21:40:01 debian-2gb-nbg1-2 kernel: \[13212776.602551\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.167.120 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=59296 PROTO=TCP SPT=54099 DPT=6679 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-01 03:52:53
80.82.77.212	attack	Port scanning [6 denied]	2020-06-01 03:45:13

最近上报的IP列表

200.44.197.40	62.82.75.58	45.114.10.132	149.54.1.66
185.133.193.88	138.197.66.68	73.76.148.61	111.254.201.22
162.248.92.145	2a01:488:66:1000:5bfa:7184:0:1	27.78.105.228	177.185.93.89
110.44.124.141	122.51.194.23	219.146.73.5	172.69.68.220
45.249.92.62	87.195.244.111	192.144.230.158	185.238.160.30