106.12.160.6 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-09-30T10:45:43+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-10-01 02:34:58
attack	2020-09-30T10:45:43+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-09-30 18:44:44

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.160.220	attackbotsspam	2020-06-29T14:10:22.582691lavrinenko.info sshd[6538]: Invalid user bca from 106.12.160.220 port 51507 2020-06-29T14:10:22.588370lavrinenko.info sshd[6538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.220 2020-06-29T14:10:22.582691lavrinenko.info sshd[6538]: Invalid user bca from 106.12.160.220 port 51507 2020-06-29T14:10:24.747826lavrinenko.info sshd[6538]: Failed password for invalid user bca from 106.12.160.220 port 51507 ssh2 2020-06-29T14:14:01.371732lavrinenko.info sshd[6663]: Invalid user leonardo from 106.12.160.220 port 40342 ...	2020-06-29 19:54:16
106.12.160.103	attack	(sshd) Failed SSH login from 106.12.160.103 (CN/China/-): 5 in the last 3600 secs	2020-06-18 17:00:26
106.12.160.220	attackspambots	Jun 17 06:34:14 buvik sshd[9967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.220 Jun 17 06:34:17 buvik sshd[9967]: Failed password for invalid user vinod from 106.12.160.220 port 49000 ssh2 Jun 17 06:38:10 buvik sshd[10570]: Invalid user dspace from 106.12.160.220 ...	2020-06-17 17:03:12
106.12.160.103	attack	2020-06-15T00:42:55.389256lavrinenko.info sshd[4735]: Failed password for invalid user alfresco from 106.12.160.103 port 49444 ssh2 2020-06-15T00:45:32.161613lavrinenko.info sshd[4998]: Invalid user ultra from 106.12.160.103 port 58560 2020-06-15T00:45:32.168169lavrinenko.info sshd[4998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.103 2020-06-15T00:45:32.161613lavrinenko.info sshd[4998]: Invalid user ultra from 106.12.160.103 port 58560 2020-06-15T00:45:34.271306lavrinenko.info sshd[4998]: Failed password for invalid user ultra from 106.12.160.103 port 58560 ssh2 ...	2020-06-15 06:27:41
106.12.160.31	attackspambots	Unauthorized connection attempt detected from IP address 106.12.160.31 to port 80	2020-06-13 07:54:55
106.12.160.103	attackbotsspam	Jun 12 18:32:58 ovpn sshd\[6122\]: Invalid user csgo from 106.12.160.103 Jun 12 18:32:58 ovpn sshd\[6122\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.103 Jun 12 18:33:01 ovpn sshd\[6122\]: Failed password for invalid user csgo from 106.12.160.103 port 60914 ssh2 Jun 12 18:45:03 ovpn sshd\[9369\]: Invalid user mpool from 106.12.160.103 Jun 12 18:45:03 ovpn sshd\[9369\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.103	2020-06-13 04:33:23
106.12.160.220	attackbots	Jun 11 06:08:10 localhost sshd\[13296\]: Invalid user ubuntu from 106.12.160.220 Jun 11 06:08:10 localhost sshd\[13296\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.220 Jun 11 06:08:12 localhost sshd\[13296\]: Failed password for invalid user ubuntu from 106.12.160.220 port 33312 ssh2 Jun 11 06:13:34 localhost sshd\[13571\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.220 user=root Jun 11 06:13:36 localhost sshd\[13571\]: Failed password for root from 106.12.160.220 port 53667 ssh2 ...	2020-06-11 15:42:02
106.12.160.220	attack	2020-06-04 14:09:20,151 fail2ban.actions: WARNING [ssh] Ban 106.12.160.220	2020-06-04 20:58:29
106.12.160.220	attackspambots	Jun 1 05:56:39 cdc sshd[25267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.220 user=root Jun 1 05:56:41 cdc sshd[25267]: Failed password for invalid user root from 106.12.160.220 port 50550 ssh2	2020-06-01 13:46:36
106.12.160.103	attack	May 29 08:52:44 gw1 sshd[16925]: Failed password for root from 106.12.160.103 port 36336 ssh2 ...	2020-05-29 12:09:07
106.12.160.220	attack	May 26 17:07:14 localhost sshd[51582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.220 user=root May 26 17:07:16 localhost sshd[51582]: Failed password for root from 106.12.160.220 port 49612 ssh2 May 26 17:11:22 localhost sshd[52211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.220 user=root May 26 17:11:24 localhost sshd[52211]: Failed password for root from 106.12.160.220 port 47891 ssh2 May 26 17:15:25 localhost sshd[52859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.160.220 user=root May 26 17:15:26 localhost sshd[52859]: Failed password for root from 106.12.160.220 port 46245 ssh2 ...	2020-05-27 01:17:11
106.12.160.220	attack	odoo8 ...	2020-04-28 02:07:47
106.12.160.17	attackspambots	Invalid user technology from 106.12.160.17 port 39852	2020-04-17 14:03:50
106.12.160.220	attackspam	$f2bV_matches	2020-04-14 08:24:32
106.12.160.17	attack	$f2bV_matches	2020-04-12 07:07:38

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.160.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31787
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.160.6.			IN	A

;; AUTHORITY SECTION:
.			314	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020093000 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 30 18:44:40 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 6.160.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 6.160.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
51.77.148.248	attackspam	fail2ban	2020-03-10 23:31:51
45.83.65.80	attack	" "	2020-03-10 23:48:40
192.241.226.18	attack	Hits on port : 5672	2020-03-10 23:51:03
222.168.18.227	attackspam	SSH brute-force: detected 7 distinct usernames within a 24-hour window.	2020-03-10 23:52:53
119.118.99.171	attack	firewall-block, port(s): 23/tcp	2020-03-10 23:55:44
80.211.241.151	attackspambots	SIPVicious Scanner Detection	2020-03-11 00:04:10
67.227.87.158	attack	Mon, 09 Mar 2020 11:12:51 -0400 Received: from n158.mxout.mta4.net ([67.227.87.158]:52614) From: James logan Subject: Finance Advice Mist Constructions LLC spam	2020-03-10 23:43:19
89.248.160.178	attack	03/10/2020-11:51:52.515852 89.248.160.178 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-03-10 23:55:18
158.46.161.95	attackspam	Chat Spam	2020-03-10 23:58:06
183.82.121.34	attack	Mar 10 16:32:24 nextcloud sshd\[3581\]: Invalid user ts from 183.82.121.34 Mar 10 16:32:24 nextcloud sshd\[3581\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.121.34 Mar 10 16:32:26 nextcloud sshd\[3581\]: Failed password for invalid user ts from 183.82.121.34 port 55154 ssh2	2020-03-10 23:41:32
104.236.81.204	attackbots	Mar 10 14:53:39 localhost sshd[99433]: Invalid user postgres from 104.236.81.204 port 51175 Mar 10 14:53:39 localhost sshd[99433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.81.204 Mar 10 14:53:39 localhost sshd[99433]: Invalid user postgres from 104.236.81.204 port 51175 Mar 10 14:53:41 localhost sshd[99433]: Failed password for invalid user postgres from 104.236.81.204 port 51175 ssh2 Mar 10 14:57:09 localhost sshd[99808]: Invalid user losbuceitos from 104.236.81.204 port 35942 ...	2020-03-10 23:35:06
182.160.104.90	attackspam	20/3/10@05:20:49: FAIL: Alarm-Network address from=182.160.104.90 ...	2020-03-10 23:28:51
46.152.113.173	attackspambots	firewall-block, port(s): 445/tcp	2020-03-11 00:03:44
129.88.46.51	attackbotsspam	03/10/2020-05:20:54.025683 129.88.46.51 Protocol: 17 GPL DNS named version attempt	2020-03-10 23:25:52
27.5.171.252	attack	20/3/10@05:20:16: FAIL: IoT-Telnet address from=27.5.171.252 ...	2020-03-10 23:52:21

最近上报的IP列表

51.15.12.78	123.233.116.36	208.186.112.20	189.94.216.22
91.231.247.64	108.58.170.198	182.254.199.80	141.232.212.93
129.226.12.233	46.161.27.174	134.195.159.172	205.10.218.75
214.35.104.118	5.187.237.56	173.202.204.215	220.132.168.28
66.181.242.8	185.12.111.75	16.178.253.19	11.68.112.210