106.12.160.6 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-09-30T10:45:43+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-10-01 02:34:58
attack	2020-09-30T10:45:43+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-09-30 18:44:44

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.160.220	attackbotsspam	2020-06-29T14:10:22.582691lavrinenko.info sshd[6538]: Invalid user bca from 106.12.160.220 port 51507 2020-06-29T14:10:22.588370lavrinenko.info sshd[6538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.220 2020-06-29T14:10:22.582691lavrinenko.info sshd[6538]: Invalid user bca from 106.12.160.220 port 51507 2020-06-29T14:10:24.747826lavrinenko.info sshd[6538]: Failed password for invalid user bca from 106.12.160.220 port 51507 ssh2 2020-06-29T14:14:01.371732lavrinenko.info sshd[6663]: Invalid user leonardo from 106.12.160.220 port 40342 ...	2020-06-29 19:54:16
106.12.160.103	attack	(sshd) Failed SSH login from 106.12.160.103 (CN/China/-): 5 in the last 3600 secs	2020-06-18 17:00:26
106.12.160.220	attackspambots	Jun 17 06:34:14 buvik sshd[9967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.220 Jun 17 06:34:17 buvik sshd[9967]: Failed password for invalid user vinod from 106.12.160.220 port 49000 ssh2 Jun 17 06:38:10 buvik sshd[10570]: Invalid user dspace from 106.12.160.220 ...	2020-06-17 17:03:12
106.12.160.103	attack	2020-06-15T00:42:55.389256lavrinenko.info sshd[4735]: Failed password for invalid user alfresco from 106.12.160.103 port 49444 ssh2 2020-06-15T00:45:32.161613lavrinenko.info sshd[4998]: Invalid user ultra from 106.12.160.103 port 58560 2020-06-15T00:45:32.168169lavrinenko.info sshd[4998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.103 2020-06-15T00:45:32.161613lavrinenko.info sshd[4998]: Invalid user ultra from 106.12.160.103 port 58560 2020-06-15T00:45:34.271306lavrinenko.info sshd[4998]: Failed password for invalid user ultra from 106.12.160.103 port 58560 ssh2 ...	2020-06-15 06:27:41
106.12.160.31	attackspambots	Unauthorized connection attempt detected from IP address 106.12.160.31 to port 80	2020-06-13 07:54:55
106.12.160.103	attackbotsspam	Jun 12 18:32:58 ovpn sshd\[6122\]: Invalid user csgo from 106.12.160.103 Jun 12 18:32:58 ovpn sshd\[6122\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.103 Jun 12 18:33:01 ovpn sshd\[6122\]: Failed password for invalid user csgo from 106.12.160.103 port 60914 ssh2 Jun 12 18:45:03 ovpn sshd\[9369\]: Invalid user mpool from 106.12.160.103 Jun 12 18:45:03 ovpn sshd\[9369\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.103	2020-06-13 04:33:23
106.12.160.220	attackbots	Jun 11 06:08:10 localhost sshd\[13296\]: Invalid user ubuntu from 106.12.160.220 Jun 11 06:08:10 localhost sshd\[13296\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.220 Jun 11 06:08:12 localhost sshd\[13296\]: Failed password for invalid user ubuntu from 106.12.160.220 port 33312 ssh2 Jun 11 06:13:34 localhost sshd\[13571\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.220 user=root Jun 11 06:13:36 localhost sshd\[13571\]: Failed password for root from 106.12.160.220 port 53667 ssh2 ...	2020-06-11 15:42:02
106.12.160.220	attack	2020-06-04 14:09:20,151 fail2ban.actions: WARNING [ssh] Ban 106.12.160.220	2020-06-04 20:58:29
106.12.160.220	attackspambots	Jun 1 05:56:39 cdc sshd[25267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.220 user=root Jun 1 05:56:41 cdc sshd[25267]: Failed password for invalid user root from 106.12.160.220 port 50550 ssh2	2020-06-01 13:46:36
106.12.160.103	attack	May 29 08:52:44 gw1 sshd[16925]: Failed password for root from 106.12.160.103 port 36336 ssh2 ...	2020-05-29 12:09:07
106.12.160.220	attack	May 26 17:07:14 localhost sshd[51582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.220 user=root May 26 17:07:16 localhost sshd[51582]: Failed password for root from 106.12.160.220 port 49612 ssh2 May 26 17:11:22 localhost sshd[52211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.220 user=root May 26 17:11:24 localhost sshd[52211]: Failed password for root from 106.12.160.220 port 47891 ssh2 May 26 17:15:25 localhost sshd[52859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.220 user=root May 26 17:15:26 localhost sshd[52859]: Failed password for root from 106.12.160.220 port 46245 ssh2 ...	2020-05-27 01:17:11
106.12.160.220	attack	odoo8 ...	2020-04-28 02:07:47
106.12.160.17	attackspambots	Invalid user technology from 106.12.160.17 port 39852	2020-04-17 14:03:50
106.12.160.220	attackspam	$f2bV_matches	2020-04-14 08:24:32
106.12.160.17	attack	$f2bV_matches	2020-04-12 07:07:38

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.160.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31787
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.160.6.			IN	A

;; AUTHORITY SECTION:
.			314	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020093000 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 30 18:44:40 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 6.160.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 6.160.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
104.37.185.151	attackbots	Oct 21 10:03:44 zimbra sshd[29388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.37.185.151 user=r.r Oct 21 10:03:45 zimbra sshd[29388]: Failed password for r.r from 104.37.185.151 port 59934 ssh2 Oct 21 10:03:45 zimbra sshd[29388]: Received disconnect from 104.37.185.151 port 59934:11: Bye Bye [preauth] Oct 21 10:03:45 zimbra sshd[29388]: Disconnected from 104.37.185.151 port 59934 [preauth] Oct 21 10:27:26 zimbra sshd[15637]: Invalid user musicbot from 104.37.185.151 Oct 21 10:27:26 zimbra sshd[15637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.37.185.151 Oct 21 10:27:27 zimbra sshd[15637]: Failed password for invalid user musicbot from 104.37.185.151 port 52904 ssh2 Oct 21 10:27:27 zimbra sshd[15637]: Received disconnect from 104.37.185.151 port 52904:11: Bye Bye [preauth] Oct 21 10:27:27 zimbra sshd[15637]: Disconnected from 104.37.185.151 port 52904 [preauth] Oct 21 10:........ -------------------------------	2019-10-25 07:59:52
139.59.12.109	attackspambots	139.59.12.109 - - [25/Oct/2019:01:06:00 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.12.109 - - [25/Oct/2019:01:06:01 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.12.109 - - [25/Oct/2019:01:06:01 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.12.109 - - [25/Oct/2019:01:06:03 +0200] "POST /wp-login.php HTTP/1.1" 200 1524 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.12.109 - - [25/Oct/2019:01:06:03 +0200] "POST /wp-login.php HTTP/1.1" 200 1526 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.12.109 - - [25/Oct/2019:01:06:03 +0200] "POST /wp-login.php HTTP/1.1" 200 1530 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-25 07:53:37
94.23.215.90	attackbots	2019-10-24T17:23:19.468190mizuno.rwx.ovh sshd[3553188]: Connection from 94.23.215.90 port 57888 on 78.46.61.178 port 22 rdomain "" 2019-10-24T17:23:19.612874mizuno.rwx.ovh sshd[3553188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.215.90 user=root 2019-10-24T17:23:21.810658mizuno.rwx.ovh sshd[3553188]: Failed password for root from 94.23.215.90 port 57888 ssh2 2019-10-24T17:39:43.805596mizuno.rwx.ovh sshd[3557209]: Connection from 94.23.215.90 port 58926 on 78.46.61.178 port 22 rdomain "" 2019-10-24T17:39:43.973619mizuno.rwx.ovh sshd[3557209]: Invalid user cn!@# from 94.23.215.90 port 58926 ...	2019-10-25 08:17:15
121.165.66.226	attackspambots	2019-10-24T23:54:09.964444homeassistant sshd[7130]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.165.66.226 user=root 2019-10-24T23:54:12.120511homeassistant sshd[7130]: Failed password for root from 121.165.66.226 port 54084 ssh2 ...	2019-10-25 08:16:56
179.232.1.254	attack	2019-10-24T23:35:14.964057abusebot.cloudsearch.cf sshd\[30374\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.232.1.254 user=root	2019-10-25 08:04:38
176.100.113.83	attackbotsspam	Fail2Ban Ban Triggered	2019-10-25 08:02:45
178.176.174.23	attack	Oct 24 22:11:22 mail postfix/smtps/smtpd[11832]: warning: unknown[178.176.174.23]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 24 22:11:30 mail postfix/smtps/smtpd[11832]: warning: unknown[178.176.174.23]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 24 22:11:32 mail postfix/smtps/smtpd[11835]: warning: unknown[178.176.174.23]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-25 08:09:17
211.44.226.158	attackbotsspam	10/25/2019-00:07:37.593013 211.44.226.158 Protocol: 6 ET SCAN Potential SSH Scan	2019-10-25 12:07:45
45.180.73.47	attack	scan z	2019-10-25 08:12:06
101.99.80.99	attackbotsspam	Oct 25 01:40:31 localhost sshd\[18229\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.99.80.99 user=root Oct 25 01:40:34 localhost sshd\[18229\]: Failed password for root from 101.99.80.99 port 21116 ssh2 Oct 25 01:44:54 localhost sshd\[18655\]: Invalid user administrator from 101.99.80.99 port 22186 Oct 25 01:44:54 localhost sshd\[18655\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.99.80.99	2019-10-25 08:08:26
49.235.240.202	attack	Automatic report - Banned IP Access	2019-10-25 08:03:01
58.20.139.31	attackspam	Fail2Ban Ban Triggered	2019-10-25 12:01:43
209.17.96.194	attackbotsspam	Automatic report - Banned IP Access	2019-10-25 08:02:31
110.42.30.94	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/110.42.30.94/ CN - 1H : (846) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN136188 IP : 110.42.30.94 CIDR : 110.42.0.0/18 PREFIX COUNT : 87 UNIQUE IP COUNT : 143104 ATTACKS DETECTED ASN136188 : 1H - 3 3H - 6 6H - 6 12H - 6 24H - 6 DateTime : 2019-10-24 22:11:26 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-10-25 08:12:48
68.194.196.82	attackspambots	68.194.196.82 - - \[24/Oct/2019:22:12:00 +0200\] "GET /mysql/admin/index.php\?lang=en HTTP/1.1" 403 467 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/77.0.3865.120 Safari/537.36" 68.194.196.82 - - \[24/Oct/2019:22:12:00 +0200\] "GET /mysql/dbadmin/index.php\?lang=en HTTP/1.1" 403 469 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/77.0.3865.120 Safari/537.36" 68.194.196.82 - - \[24/Oct/2019:22:12:00 +0200\] "GET /mysql/sqlmanager/index.php\?lang=en HTTP/1.1" 403 472 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/77.0.3865.120 Safari/537.36" ...	2019-10-25 07:54:24

最近上报的IP列表

51.15.12.78	123.233.116.36	208.186.112.20	189.94.216.22
91.231.247.64	108.58.170.198	182.254.199.80	141.232.212.93
129.226.12.233	46.161.27.174	134.195.159.172	205.10.218.75
214.35.104.118	5.187.237.56	173.202.204.215	220.132.168.28
66.181.242.8	185.12.111.75	16.178.253.19	11.68.112.210