202.106.149.130

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Strong Shangdi Tech Co.Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	scan z	2020-02-19 23:50:01
attackspambots	Feb 16 05:06:16 gw1 sshd[22503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.106.149.130 Feb 16 05:06:18 gw1 sshd[22503]: Failed password for invalid user admin from 202.106.149.130 port 63913 ssh2 ...	2020-02-16 10:27:05
attack	Jan 8 20:54:16 icinga sshd[27739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.106.149.130 Jan 8 20:54:17 icinga sshd[27739]: Failed password for invalid user admin from 202.106.149.130 port 52730 ssh2 ...	2020-01-09 04:31:03

类型

评论内容

时间

attack

scan z

2020-02-19 23:50:01

attackspambots

Feb 16 05:06:16 gw1 sshd[22503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.106.149.130
Feb 16 05:06:18 gw1 sshd[22503]: Failed password for invalid user admin from 202.106.149.130 port 63913 ssh2
...

2020-02-16 10:27:05

attack

Jan  8 20:54:16 icinga sshd[27739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.106.149.130
Jan  8 20:54:17 icinga sshd[27739]: Failed password for invalid user admin from 202.106.149.130 port 52730 ssh2
...

2020-01-09 04:31:03

相同子网IP讨论:

IP	类型	评论内容	时间
202.106.149.215	attack	SSH/22 MH Probe, BF, Hack -	2020-02-18 19:58:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.106.149.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43307
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.106.149.130.		IN	A

;; AUTHORITY SECTION:
.			372	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010801 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 09 04:31:00 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 130.149.106.202.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 130.149.106.202.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
142.93.160.56	attackspambots	6 failed attempt(s) in the last 24h	2019-11-15 07:41:31
81.26.130.133	attack	Nov 14 13:08:20 eddieflores sshd\[599\]: Invalid user koson from 81.26.130.133 Nov 14 13:08:20 eddieflores sshd\[599\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.26.130.133 Nov 14 13:08:22 eddieflores sshd\[599\]: Failed password for invalid user koson from 81.26.130.133 port 48246 ssh2 Nov 14 13:12:59 eddieflores sshd\[1037\]: Invalid user petronela from 81.26.130.133 Nov 14 13:12:59 eddieflores sshd\[1037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.26.130.133	2019-11-15 07:25:49
81.28.167.30	attackbotsspam	2019-11-14T23:24:29.033567abusebot-2.cloudsearch.cf sshd\[6611\]: Invalid user adamos from 81.28.167.30 port 38764	2019-11-15 07:59:46
68.183.236.66	attack	Invalid user bonelli from 68.183.236.66 port 52772	2019-11-15 08:02:00
41.108.252.62	attack	Fail2Ban Ban Triggered HTTP SQL Injection Attempt	2019-11-15 07:34:51
49.88.112.68	attack	Nov 14 19:36:37 firewall sshd[3138]: Failed password for root from 49.88.112.68 port 26677 ssh2 Nov 14 19:37:22 firewall sshd[3149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.68 user=root Nov 14 19:37:25 firewall sshd[3149]: Failed password for root from 49.88.112.68 port 41496 ssh2 ...	2019-11-15 07:29:33
51.83.98.52	attackbots	50 failed attempt(s) in the last 24h	2019-11-15 08:04:19
54.38.241.171	attack	50 failed attempt(s) in the last 24h	2019-11-15 08:03:09
51.15.160.67	attackbots	CloudCIX Reconnaissance Scan Detected, PTR: 51-15-160-67.rev.poneytelecom.eu.	2019-11-15 07:42:53
202.120.39.141	attackbots	202.120.39.141 was recorded 5 times by 5 hosts attempting to connect to the following ports: 2222. Incident counter (4h, 24h, all-time): 5, 5, 5	2019-11-15 07:24:46
36.112.137.55	attack	Nov 14 13:23:57 hpm sshd\[29380\]: Invalid user gerin from 36.112.137.55 Nov 14 13:23:57 hpm sshd\[29380\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.112.137.55 Nov 14 13:24:00 hpm sshd\[29380\]: Failed password for invalid user gerin from 36.112.137.55 port 54411 ssh2 Nov 14 13:28:19 hpm sshd\[29735\]: Invalid user macos from 36.112.137.55 Nov 14 13:28:19 hpm sshd\[29735\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.112.137.55	2019-11-15 07:40:32
41.77.145.34	attackbotsspam	Nov 14 13:42:01 auw2 sshd\[31934\]: Invalid user 123456dg from 41.77.145.34 Nov 14 13:42:01 auw2 sshd\[31934\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.parliament.gov.zm Nov 14 13:42:03 auw2 sshd\[31934\]: Failed password for invalid user 123456dg from 41.77.145.34 port 6147 ssh2 Nov 14 13:46:35 auw2 sshd\[32314\]: Invalid user snoopdog from 41.77.145.34 Nov 14 13:46:35 auw2 sshd\[32314\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.parliament.gov.zm	2019-11-15 07:51:50
188.131.211.207	attackbots	Nov 14 13:09:38 auw2 sshd\[29257\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.211.207 user=root Nov 14 13:09:40 auw2 sshd\[29257\]: Failed password for root from 188.131.211.207 port 33210 ssh2 Nov 14 13:14:07 auw2 sshd\[29627\]: Invalid user nikai from 188.131.211.207 Nov 14 13:14:07 auw2 sshd\[29627\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.211.207 Nov 14 13:14:09 auw2 sshd\[29627\]: Failed password for invalid user nikai from 188.131.211.207 port 41534 ssh2	2019-11-15 07:53:26
77.40.61.142	attack	Logged: 14/11/2019 10:55:16 PM UTC AS12389 Rostelecom Port: 25 Protocol: tcp Service Name: smtp Description: Simple Mail Transfer	2019-11-15 07:43:40
104.175.32.206	attackbots	Nov 14 13:22:36 web1 sshd\[19992\]: Invalid user wren from 104.175.32.206 Nov 14 13:22:36 web1 sshd\[19992\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.175.32.206 Nov 14 13:22:38 web1 sshd\[19992\]: Failed password for invalid user wren from 104.175.32.206 port 41766 ssh2 Nov 14 13:26:25 web1 sshd\[20324\]: Invalid user brittaney from 104.175.32.206 Nov 14 13:26:25 web1 sshd\[20324\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.175.32.206	2019-11-15 07:40:16

最近上报的IP列表

167.99.108.200	90.71.146.126	41.237.160.33	141.237.34.19
139.213.133.159	116.55.54.105	124.164.238.36	123.207.241.148
85.90.202.137	108.82.196.235	137.93.218.46	52.255.0.139
79.40.234.104	116.255.174.49	70.13.69.159	187.114.27.236
113.22.135.185	218.215.118.162	101.108.103.120	95.188.135.195