106.12.116.232

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.116.75	attackbots	Invalid user izumin from 106.12.116.75 port 45404	2020-10-13 22:45:38
106.12.116.75	attackspambots	Oct 12 22:58:28 mavik sshd[13372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.116.75 Oct 12 22:58:30 mavik sshd[13372]: Failed password for invalid user nishida from 106.12.116.75 port 49788 ssh2 Oct 12 23:02:48 mavik sshd[14180]: Invalid user test from 106.12.116.75 Oct 12 23:02:48 mavik sshd[14180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.116.75 Oct 12 23:02:50 mavik sshd[14180]: Failed password for invalid user test from 106.12.116.75 port 52676 ssh2 ...	2020-10-13 06:50:10
106.12.116.75	attackbotsspam	Aug 24 00:00:07 plex-server sshd[2398342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.116.75 Aug 24 00:00:07 plex-server sshd[2398342]: Invalid user jdc from 106.12.116.75 port 47352 Aug 24 00:00:09 plex-server sshd[2398342]: Failed password for invalid user jdc from 106.12.116.75 port 47352 ssh2 Aug 24 00:05:09 plex-server sshd[2400373]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.116.75 user=root Aug 24 00:05:10 plex-server sshd[2400373]: Failed password for root from 106.12.116.75 port 54128 ssh2 ...	2020-08-24 08:06:08
106.12.116.75	attack	2020-08-17T15:06:00.618799vps-d63064a2 sshd[1017063]: Invalid user chen from 106.12.116.75 port 35212 2020-08-17T15:06:03.232545vps-d63064a2 sshd[1017063]: Failed password for invalid user chen from 106.12.116.75 port 35212 ssh2 2020-08-17T15:10:49.617548vps-d63064a2 sshd[1024011]: Invalid user bot from 106.12.116.75 port 57132 2020-08-17T15:10:49.631775vps-d63064a2 sshd[1024011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.116.75 2020-08-17T15:10:49.617548vps-d63064a2 sshd[1024011]: Invalid user bot from 106.12.116.75 port 57132 2020-08-17T15:10:51.577875vps-d63064a2 sshd[1024011]: Failed password for invalid user bot from 106.12.116.75 port 57132 ssh2 ...	2020-08-18 01:24:25
106.12.116.75	attackspambots	ssh brute force	2020-07-25 15:49:10
106.12.116.237	attackbotsspam	SSH Brute Force	2020-04-29 13:24:31
106.12.116.209	attackbotsspam	2020-04-28T17:10:27.380201amanda2.illicoweb.com sshd\[17266\]: Invalid user sonbol from 106.12.116.209 port 53836 2020-04-28T17:10:27.386354amanda2.illicoweb.com sshd\[17266\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.116.209 2020-04-28T17:10:29.759043amanda2.illicoweb.com sshd\[17266\]: Failed password for invalid user sonbol from 106.12.116.209 port 53836 ssh2 2020-04-28T17:14:31.434946amanda2.illicoweb.com sshd\[17383\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.116.209 user=root 2020-04-28T17:14:33.637123amanda2.illicoweb.com sshd\[17383\]: Failed password for root from 106.12.116.209 port 36166 ssh2 ...	2020-04-29 00:45:41
106.12.116.185	attack	Apr 25 11:49:40 nextcloud sshd\[32627\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.116.185 user=root Apr 25 11:49:42 nextcloud sshd\[32627\]: Failed password for root from 106.12.116.185 port 49840 ssh2 Apr 25 11:57:49 nextcloud sshd\[9697\]: Invalid user admin from 106.12.116.185 Apr 25 11:57:49 nextcloud sshd\[9697\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.116.185	2020-04-25 18:55:22
106.12.116.185	attackspam	Apr 24 22:40:33 sso sshd[10577]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.116.185 Apr 24 22:40:35 sso sshd[10577]: Failed password for invalid user augustine from 106.12.116.185 port 38940 ssh2 ...	2020-04-25 04:40:43
106.12.116.209	attackspambots	Invalid user ihc from 106.12.116.209 port 37110	2020-04-04 03:00:12
106.12.116.209	attack	$f2bV_matches	2020-04-02 19:37:35
106.12.116.185	attack	SSH login attempts.	2020-03-29 12:13:03
106.12.116.185	attack	Mar 22 14:40:55 sd-53420 sshd\[30177\]: Invalid user pengliang from 106.12.116.185 Mar 22 14:40:55 sd-53420 sshd\[30177\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.116.185 Mar 22 14:40:58 sd-53420 sshd\[30177\]: Failed password for invalid user pengliang from 106.12.116.185 port 43934 ssh2 Mar 22 14:43:51 sd-53420 sshd\[31030\]: Invalid user hadoop from 106.12.116.185 Mar 22 14:43:51 sd-53420 sshd\[31030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.116.185 ...	2020-03-23 01:40:45
106.12.116.209	attack	Invalid user attachments from 106.12.116.209 port 39940	2020-03-21 22:16:28
106.12.116.209	attackbotsspam	5x Failed Password	2020-03-21 19:59:03

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.116.232
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28941
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.116.232.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 30 00:50:55 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 232.116.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 232.116.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
92.63.194.90	attackspam	Apr 1 06:19:29 vps647732 sshd[31447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.90 Apr 1 06:19:31 vps647732 sshd[31447]: Failed password for invalid user 1234 from 92.63.194.90 port 57220 ssh2 ...	2020-04-01 12:25:02
77.75.76.160	attack	20 attempts against mh-misbehave-ban on pluto	2020-04-01 12:13:24
120.68.244.205	attack	trying to access non-authorized port	2020-04-01 12:42:21
91.121.116.65	attack	Brute force SMTP login attempted. ...	2020-04-01 12:45:52
92.63.194.59	attack	Apr 1 06:19:22 vps647732 sshd[31445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.59 Apr 1 06:19:23 vps647732 sshd[31445]: Failed password for invalid user admin from 92.63.194.59 port 38299 ssh2 ...	2020-04-01 12:32:42
185.56.153.229	attackbotsspam	Mar 31 23:56:26 mail sshd\[3524\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.56.153.229 user=root ...	2020-04-01 12:20:47
103.114.104.140	attackspambots	(smtpauth) Failed SMTP AUTH login from 103.114.104.140 (VN/Vietnam/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-04-01 08:26:40 login authenticator failed for (User) [103.114.104.140]: 535 Incorrect authentication data (set_id=ann)	2020-04-01 12:11:15
45.56.78.64	attackspambots	Unauthorized connection attempt detected from IP address 45.56.78.64 to port 443	2020-04-01 12:33:01
122.53.157.26	attackbots	Apr 1 06:52:20 www sshd\[8707\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.53.157.26 user=root Apr 1 06:52:22 www sshd\[8707\]: Failed password for root from 122.53.157.26 port 43538 ssh2 Apr 1 06:56:37 www sshd\[8735\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.53.157.26 user=root ...	2020-04-01 12:13:50
87.98.190.42	attackspambots	Apr 1 01:04:47 hgb10301 sshd[25170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.98.190.42 user=r.r Apr 1 01:04:49 hgb10301 sshd[25170]: Failed password for r.r from 87.98.190.42 port 52077 ssh2 Apr 1 01:04:51 hgb10301 sshd[25170]: Received disconnect from 87.98.190.42 port 52077:11: Bye Bye [preauth] Apr 1 01:04:51 hgb10301 sshd[25170]: Disconnected from authenticating user r.r 87.98.190.42 port 52077 [preauth] Apr 1 01:09:04 hgb10301 sshd[25286]: Invalid user shubh from 87.98.190.42 port 58926 Apr 1 01:09:04 hgb10301 sshd[25286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.98.190.42 Apr 1 01:09:06 hgb10301 sshd[25286]: Failed password for invalid user shubh from 87.98.190.42 port 58926 ssh2 Apr 1 01:09:07 hgb10301 sshd[25286]: Received disconnect from 87.98.190.42 port 58926:11: Bye Bye [preauth] Apr 1 01:09:07 hgb10301 sshd[25286]: Disconnected from invalid user s........ -------------------------------	2020-04-01 12:25:27
62.234.156.66	attackbots	(sshd) Failed SSH login from 62.234.156.66 (CN/China/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 1 05:56:10 ubnt-55d23 sshd[6248]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.156.66 user=root Apr 1 05:56:12 ubnt-55d23 sshd[6248]: Failed password for root from 62.234.156.66 port 39876 ssh2	2020-04-01 12:31:15
117.35.118.42	attackbots	Apr 1 05:52:56 host01 sshd[27398]: Failed password for root from 117.35.118.42 port 45941 ssh2 Apr 1 05:55:52 host01 sshd[27892]: Failed password for root from 117.35.118.42 port 59867 ssh2 ...	2020-04-01 12:18:25
103.71.255.100	attackspam	[Wed Apr 01 00:55:53.204986 2020] [:error] [pid 76631] [client 103.71.255.100:54476] [client 103.71.255.100] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ws24vmsma01.ufn.edu.br"] [uri "/xmlrpc.php"] [unique_id "XoQQyRMVuRP@kmurvlmb7AAAACU"] ...	2020-04-01 12:45:01
185.234.217.184	attackspambots	Apr 1 05:56:42 debian-2gb-nbg1-2 kernel: \[7972452.129937\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.234.217.184 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=54321 PROTO=TCP SPT=42952 DPT=8080 WINDOW=65535 RES=0x00 SYN URGP=0	2020-04-01 12:12:26
5.45.207.56	attackbotsspam	[Wed Apr 01 10:56:04.630557 2020] [:error] [pid 10727:tid 140071088940800] [client 5.45.207.56:57457] [client 5.45.207.56] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XoQQ1NBzsI9Mdj5KTf4lLAAAAko"] ...	2020-04-01 12:36:46

最近上报的IP列表

5.8.47.207	70.173.40.88	116.138.182.199	91.204.14.228
91.208.253.230	99.105.134.217	95.85.68.239	190.16.20.8
166.111.178.151	185.251.71.148	67.145.221.153	193.188.23.5
37.44.252.101	63.230.167.238	156.203.12.193	147.208.191.183
46.101.198.238	39.100.145.241	156.221.252.170	126.169.61.188