106.12.106.221

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Multiple SSH authentication failures from 106.12.106.221	2020-08-28 03:06:19
attackspam	Aug 24 12:43:07 instance-2 sshd[13970]: Failed password for root from 106.12.106.221 port 59220 ssh2 Aug 24 12:48:37 instance-2 sshd[14127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.221 Aug 24 12:48:39 instance-2 sshd[14127]: Failed password for invalid user weblogic from 106.12.106.221 port 33536 ssh2	2020-08-24 23:57:40
attack	Invalid user test from 106.12.106.221 port 45312	2020-08-23 15:13:59
attackbotsspam	SSH brute force attempt	2020-08-23 04:10:00
attackbots	Aug 7 13:36:29 ovpn sshd\[9032\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.221 user=root Aug 7 13:36:31 ovpn sshd\[9032\]: Failed password for root from 106.12.106.221 port 59460 ssh2 Aug 7 13:59:17 ovpn sshd\[18037\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.221 user=root Aug 7 13:59:19 ovpn sshd\[18037\]: Failed password for root from 106.12.106.221 port 50648 ssh2 Aug 7 14:01:28 ovpn sshd\[18973\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.221 user=root	2020-08-08 02:13:50

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.106.34	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-09-29 06:50:44
106.12.106.34	attackbotsspam	Fail2Ban Ban Triggered	2020-09-28 23:18:27
106.12.106.34	attackbotsspam	Sep 28 07:19:06 rancher-0 sshd[350833]: Invalid user aaa from 106.12.106.34 port 48220 ...	2020-09-28 15:22:10
106.12.106.34	attackbotsspam	Unauthorized connection attempt detected from IP address 106.12.106.34 to port 6160 [T]	2020-08-30 14:42:56
106.12.106.34	attack	Aug 11 22:33:11 ns381471 sshd[14012]: Failed password for root from 106.12.106.34 port 35774 ssh2	2020-08-12 04:39:42
106.12.106.34	attackbots	firewall-block, port(s): 980/tcp	2020-07-28 03:05:28
106.12.106.232	attackbots	Jul 26 15:03:23 root sshd[13172]: Invalid user apollo from 106.12.106.232 ...	2020-07-27 01:05:37
106.12.106.232	attackspam	$f2bV_matches	2020-07-16 03:55:43
106.12.106.232	attackbots	2020-07-08T14:09:10.452769mail.broermann.family sshd[21566]: Invalid user pj from 106.12.106.232 port 41786 2020-07-08T14:09:10.456964mail.broermann.family sshd[21566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.232 2020-07-08T14:09:10.452769mail.broermann.family sshd[21566]: Invalid user pj from 106.12.106.232 port 41786 2020-07-08T14:09:12.219729mail.broermann.family sshd[21566]: Failed password for invalid user pj from 106.12.106.232 port 41786 ssh2 2020-07-08T14:14:49.715390mail.broermann.family sshd[22102]: Invalid user ziyb from 106.12.106.232 port 35164 ...	2020-07-08 23:07:24
106.12.106.34	attackspam	16559/tcp 28609/tcp 6869/tcp [2020-06-23/07-05]3pkt	2020-07-05 17:28:21
106.12.106.232	attackspambots	Invalid user prashant from 106.12.106.232 port 47500	2020-07-01 16:24:58
106.12.106.34	attackbotsspam	Jun 27 15:08:03 gestao sshd[8871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.34 Jun 27 15:08:05 gestao sshd[8871]: Failed password for invalid user oo from 106.12.106.34 port 49024 ssh2 Jun 27 15:11:24 gestao sshd[9043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.34 ...	2020-06-28 00:49:04
106.12.106.34	attackbots	SSH login attempts.	2020-06-19 14:03:46
106.12.106.34	attackbots	Jun 18 08:27:36 vmd17057 sshd[1476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.34 Jun 18 08:27:39 vmd17057 sshd[1476]: Failed password for invalid user appserver from 106.12.106.34 port 38828 ssh2 ...	2020-06-18 16:01:41
106.12.106.232	attackbots	Jun 13 06:49:42 serwer sshd\[29868\]: Invalid user airflow from 106.12.106.232 port 35598 Jun 13 06:49:42 serwer sshd\[29868\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.232 Jun 13 06:49:45 serwer sshd\[29868\]: Failed password for invalid user airflow from 106.12.106.232 port 35598 ssh2 ...	2020-06-13 17:29:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.106.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5576
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.106.221.			IN	A

;; AUTHORITY SECTION:
.			308	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080701 1800 900 604800 86400

;; Query time: 84 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 08 02:13:46 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 221.106.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 221.106.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
223.205.249.240	attackspam	Unauthorized connection attempt from IP address 223.205.249.240 on Port 445(SMB)	2019-07-09 12:21:24
153.36.232.49	attack	19/7/8@23:51:17: FAIL: Alarm-SSH address from=153.36.232.49 ...	2019-07-09 12:25:57
88.214.26.47	attackbots	2019-07-09T10:33:40.759434enmeeting.mahidol.ac.th sshd\[11349\]: Invalid user admin from 88.214.26.47 port 43146 2019-07-09T10:33:40.774602enmeeting.mahidol.ac.th sshd\[11349\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.214.26.47 2019-07-09T10:33:42.838344enmeeting.mahidol.ac.th sshd\[11349\]: Failed password for invalid user admin from 88.214.26.47 port 43146 ssh2 ...	2019-07-09 12:03:47
190.15.203.153	attackspambots	$f2bV_matches	2019-07-09 11:51:54
58.20.185.12	attack	Jul 8 22:33:53 mailman dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=, method=PLAIN, rip=58.20.185.12, lip=[munged], TLS	2019-07-09 12:01:24
115.79.74.158	attackbots	Unauthorized connection attempt from IP address 115.79.74.158 on Port 445(SMB)	2019-07-09 12:32:53
185.156.177.149	attackbotsspam	RDP Bruteforce	2019-07-09 11:56:42
36.69.8.152	attack	Unauthorized connection attempt from IP address 36.69.8.152 on Port 445(SMB)	2019-07-09 12:28:08
51.38.90.195	attackbots	Jul 9 05:50:10 vpn01 sshd\[15122\]: Invalid user laura from 51.38.90.195 Jul 9 05:50:10 vpn01 sshd\[15122\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.90.195 Jul 9 05:50:12 vpn01 sshd\[15122\]: Failed password for invalid user laura from 51.38.90.195 port 43954 ssh2	2019-07-09 12:03:01
142.93.90.49	attackspam	Automatic report - Web App Attack	2019-07-09 11:47:28
79.37.102.169	attackbotsspam	wget call in url	2019-07-09 11:55:37
190.233.70.229	attackspam	Autoban 190.233.70.229 AUTH/CONNECT	2019-07-09 11:58:00
36.70.26.11	attackbotsspam	Unauthorized connection attempt from IP address 36.70.26.11 on Port 445(SMB)	2019-07-09 12:13:19
180.250.194.171	attackbots	TCP port 445 (SMB) attempt blocked by firewall. [2019-07-09 05:33:38]	2019-07-09 11:44:08
202.126.88.61	attackspam	Unauthorized connection attempt from IP address 202.126.88.61 on Port 445(SMB)	2019-07-09 12:20:08

最近上报的IP列表

78.142.29.199	59.41.171.23	119.155.25.171	116.74.120.122
76.190.8.85	66.249.70.59	186.98.51.118	189.252.74.31
114.32.64.186	37.59.172.218	197.3.6.82	112.30.136.31
62.210.14.241	190.98.254.154	121.10.41.109	186.219.243.53
111.241.134.207	49.206.51.33	122.184.85.89	192.241.239.140