106.12.186.130

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	SSH Brute Force	2020-09-21 20:33:43
attackspambots	TCP (SYN) 106.12.186.130:43930 -> port 12557, len 44	2020-09-21 12:24:31
attackspambots	Invalid user ubuntu from 106.12.186.130 port 48848	2020-09-21 04:16:11
attack	Sep 9 17:20:05 marvibiene sshd[14454]: Failed password for root from 106.12.186.130 port 45254 ssh2 Sep 9 17:33:19 marvibiene sshd[15212]: Failed password for root from 106.12.186.130 port 50224 ssh2	2020-09-10 00:30:46
attackbots	Sep 7 18:44:06 roadrisk sshd[11421]: Failed password for invalid user cvsuser from 106.12.186.130 port 46856 ssh2 Sep 7 18:44:07 roadrisk sshd[11421]: Received disconnect from 106.12.186.130: 11: Bye Bye [preauth] Sep 7 18:52:29 roadrisk sshd[11641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.186.130 user=r.r Sep 7 18:52:32 roadrisk sshd[11641]: Failed password for r.r from 106.12.186.130 port 51260 ssh2 Sep 7 18:52:33 roadrisk sshd[11641]: Received disconnect from 106.12.186.130: 11: Bye Bye [preauth] Sep 7 18:55:08 roadrisk sshd[11742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.186.130 user=r.r Sep 7 18:55:09 roadrisk sshd[11742]: Failed password for r.r from 106.12.186.130 port 43156 ssh2 Sep 7 18:55:10 roadrisk sshd[11742]: Received disconnect from 106.12.186.130: 11: Bye Bye [preauth] Sep 7 19:00:33 roadrisk sshd[11889]: Failed password for invalid us........ -------------------------------	2020-09-09 17:59:01
attackspam	Aug 26 08:33:36 NPSTNNYC01T sshd[21121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.186.130 Aug 26 08:33:37 NPSTNNYC01T sshd[21121]: Failed password for invalid user kafka from 106.12.186.130 port 57602 ssh2 Aug 26 08:38:15 NPSTNNYC01T sshd[21973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.186.130 ...	2020-08-26 20:41:59
attack	Aug 23 13:25:14 pixelmemory sshd[3279562]: Failed password for root from 106.12.186.130 port 40884 ssh2 Aug 23 13:28:11 pixelmemory sshd[3280570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.186.130 user=root Aug 23 13:28:13 pixelmemory sshd[3280570]: Failed password for root from 106.12.186.130 port 51190 ssh2 Aug 23 13:30:56 pixelmemory sshd[3281674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.186.130 user=root Aug 23 13:30:57 pixelmemory sshd[3281674]: Failed password for root from 106.12.186.130 port 33254 ssh2 ...	2020-08-24 09:30:42
attackbotsspam	Aug 16 13:23:33 ajax sshd[11686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.186.130 Aug 16 13:23:35 ajax sshd[11686]: Failed password for invalid user ben from 106.12.186.130 port 47858 ssh2	2020-08-16 23:45:38
attackbotsspam	fail2ban -- 106.12.186.130 ...	2020-08-09 07:40:48

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.186.74	attackbots	Scanned 3 times in the last 24 hours on port 22	2020-10-14 08:21:22
106.12.186.74	attackspambots	Invalid user rbs from 106.12.186.74 port 48592	2020-08-28 06:07:22
106.12.186.74	attack	Aug 22 15:26:42 pkdns2 sshd\[12036\]: Invalid user wsk from 106.12.186.74Aug 22 15:26:45 pkdns2 sshd\[12036\]: Failed password for invalid user wsk from 106.12.186.74 port 54064 ssh2Aug 22 15:30:06 pkdns2 sshd\[12168\]: Invalid user jordan from 106.12.186.74Aug 22 15:30:08 pkdns2 sshd\[12168\]: Failed password for invalid user jordan from 106.12.186.74 port 34190 ssh2Aug 22 15:33:27 pkdns2 sshd\[12285\]: Invalid user test from 106.12.186.74Aug 22 15:33:28 pkdns2 sshd\[12285\]: Failed password for invalid user test from 106.12.186.74 port 42548 ssh2 ...	2020-08-22 20:44:20
106.12.186.74	attackspambots	Failed password for root from 106.12.186.74 port 40732 ssh2	2020-08-18 21:42:53
106.12.186.74	attackspam	Aug 12 08:39:13 NPSTNNYC01T sshd[12750]: Failed password for root from 106.12.186.74 port 45320 ssh2 Aug 12 08:41:30 NPSTNNYC01T sshd[12973]: Failed password for root from 106.12.186.74 port 43058 ssh2 ...	2020-08-12 21:12:42
106.12.186.74	attackbots	(sshd) Failed SSH login from 106.12.186.74 (CN/China/-): 5 in the last 3600 secs	2020-07-24 17:17:46
106.12.186.74	attackspam	Jul 17 01:08:44 root sshd[25329]: Invalid user shuang from 106.12.186.74 ...	2020-07-17 07:34:02
106.12.186.74	attack	Invalid user batch from 106.12.186.74 port 32848	2020-06-17 18:14:43
106.12.186.121	attackbotsspam	Jun 8 19:50:45 melroy-server sshd[11418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.186.121 Jun 8 19:50:47 melroy-server sshd[11418]: Failed password for invalid user admin from 106.12.186.121 port 22479 ssh2 ...	2020-06-09 01:56:18
106.12.186.121	attackspambots	Port scan denied	2020-06-01 14:32:54
106.12.186.74	attack	[ssh] SSH attack	2020-05-29 19:20:26
106.12.186.121	attack	TCP (SYN) 106.12.186.121:42584 -> port 5775, len 44	2020-05-26 12:37:08
106.12.186.74	attack	May 23 20:33:51 sip sshd[3262]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.186.74 May 23 20:33:53 sip sshd[3262]: Failed password for invalid user bas from 106.12.186.74 port 40518 ssh2 May 23 20:45:14 sip sshd[7458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.186.74	2020-05-24 03:24:41
106.12.186.74	attackbotsspam	2020-05-14T08:07:38.144609linuxbox-skyline sshd[166422]: Invalid user cdouglas from 106.12.186.74 port 45520 ...	2020-05-14 22:09:58
106.12.186.210	attackbotsspam	May 10 06:51:12 server sshd[24432]: Failed password for invalid user nagios from 106.12.186.210 port 59122 ssh2 May 10 06:54:16 server sshd[26726]: Failed password for invalid user ej from 106.12.186.210 port 36818 ssh2 May 10 06:57:19 server sshd[28951]: Failed password for invalid user usuario from 106.12.186.210 port 42742 ssh2	2020-05-10 17:43:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.186.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27995
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.186.130.			IN	A

;; AUTHORITY SECTION:
.			508	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080801 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Aug 09 07:40:45 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 130.186.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 130.186.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
51.83.106.0	attackspambots	Unauthorized connection attempt detected from IP address 51.83.106.0 to port 2220 [J]	2020-01-23 20:27:50
86.56.216.22	attack	"SSH brute force auth login attempt."	2020-01-23 20:39:46
37.187.120.96	attackbots	Unauthorized connection attempt detected from IP address 37.187.120.96 to port 2220 [J]	2020-01-23 20:44:54
115.236.170.78	attackspambots	"SSH brute force auth login attempt."	2020-01-23 20:41:51
73.74.189.214	attack	"SSH brute force auth login attempt."	2020-01-23 20:13:08
195.69.218.176	attack	firewall-block, port(s): 1433/tcp	2020-01-23 20:12:43
51.38.185.121	attackspambots	$f2bV_matches	2020-01-23 20:33:17
119.27.165.134	attackspambots	Unauthorized connection attempt detected from IP address 119.27.165.134 to port 2220 [J]	2020-01-23 20:41:31
80.82.77.139	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 5858 proto: TCP cat: Misc Attack	2020-01-23 20:32:23
190.239.109.195	attackspam	"Unrouteable address"	2020-01-23 20:50:32
118.24.121.240	attackbots	"SSH brute force auth login attempt."	2020-01-23 20:19:52
82.64.77.30	attack	"SSH brute force auth login attempt."	2020-01-23 20:23:15
5.132.115.161	attackbots	Unauthorized connection attempt detected from IP address 5.132.115.161 to port 2220 [J]	2020-01-23 20:53:16
218.92.0.173	attackbotsspam	SSH Brute Force, server-1 sshd[1092]: Failed password for root from 218.92.0.173 port 12205 ssh2	2020-01-23 20:20:59
124.6.8.227	attack	"SSH brute force auth login attempt."	2020-01-23 20:43:06

最近上报的IP列表

39.104.163.128	46.218.159.172	46.181.130.210	102.53.49.157
27.95.196.78	71.113.5.194	62.123.79.161	50.74.134.242
69.150.12.112	2.153.253.240	219.143.95.63	24.182.72.199
42.59.126.223	213.50.155.72	166.132.98.138	178.132.30.179
88.169.123.230	39.240.25.182	152.181.17.104	125.129.107.156