106.12.19.8 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jun 8 06:54:33 legacy sshd[15672]: Failed password for root from 106.12.19.8 port 35784 ssh2 Jun 8 06:58:04 legacy sshd[15888]: Failed password for root from 106.12.19.8 port 49374 ssh2 ...	2020-06-08 15:12:00

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.197.37	attackbotsspam	Invalid user support1 from 106.12.197.37 port 34940	2020-10-14 03:36:36
106.12.197.37	attack	Invalid user deginal from 106.12.197.37 port 56416	2020-10-13 18:55:47
106.12.196.118	attackbotsspam	Oct 12 14:10:41 host sshd[17786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 user=root Oct 12 14:10:43 host sshd[17786]: Failed password for root from 106.12.196.118 port 38322 ssh2 ...	2020-10-13 00:29:44
106.12.196.118	attack	Invalid user informix from 106.12.196.118 port 41438	2020-10-12 15:51:32
106.12.196.118	attack	2020-10-11T15:47:05.520064kitsunetech sshd[17599]: Invalid user admin from 106.12.196.118 port 37394	2020-10-12 07:43:20
106.12.196.118	attackbotsspam	(sshd) Failed SSH login from 106.12.196.118 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 01:35:39 server5 sshd[21225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 user=root Oct 11 01:35:41 server5 sshd[21225]: Failed password for root from 106.12.196.118 port 56116 ssh2 Oct 11 01:36:12 server5 sshd[21554]: Invalid user openvpn from 106.12.196.118 Oct 11 01:36:12 server5 sshd[21554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 Oct 11 01:36:14 server5 sshd[21554]: Failed password for invalid user openvpn from 106.12.196.118 port 59952 ssh2	2020-10-12 00:00:17
106.12.196.118	attackbotsspam	(sshd) Failed SSH login from 106.12.196.118 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 01:35:39 server5 sshd[21225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 user=root Oct 11 01:35:41 server5 sshd[21225]: Failed password for root from 106.12.196.118 port 56116 ssh2 Oct 11 01:36:12 server5 sshd[21554]: Invalid user openvpn from 106.12.196.118 Oct 11 01:36:12 server5 sshd[21554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 Oct 11 01:36:14 server5 sshd[21554]: Failed password for invalid user openvpn from 106.12.196.118 port 59952 ssh2	2020-10-11 15:59:14
106.12.196.118	attack	Oct 11 02:23:19 h2829583 sshd[29641]: Failed password for root from 106.12.196.118 port 49538 ssh2	2020-10-11 09:16:37
106.12.193.6	attackspam	Oct 10 19:01:01 prod4 sshd\[11205\]: Invalid user azureuser from 106.12.193.6 Oct 10 19:01:03 prod4 sshd\[11205\]: Failed password for invalid user azureuser from 106.12.193.6 port 37762 ssh2 Oct 10 19:09:14 prod4 sshd\[14196\]: Failed password for root from 106.12.193.6 port 52658 ssh2 ...	2020-10-11 03:35:50
106.12.193.6	attackbotsspam	repeated SSH login attempts	2020-10-10 19:28:46
106.12.199.117	attackbots	sshguard	2020-10-09 01:32:39
106.12.199.117	attack	sshguard	2020-10-08 17:28:52
106.12.196.118	attack	Bruteforce detected by fail2ban	2020-10-06 06:35:13
106.12.196.118	attack	Bruteforce detected by fail2ban	2020-10-05 22:42:14
106.12.196.118	attackspambots	SSH / Telnet Brute Force Attempts on Honeypot	2020-10-05 14:37:23

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.19.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38507
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.19.8.			IN	A

;; AUTHORITY SECTION:
.			532	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060800 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 08 15:11:55 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 8.19.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 8.19.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
45.125.65.35	attackspam	Mar 9 16:04:00 mail postfix/smtpd\[29312\]: warning: unknown\[45.125.65.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Mar 9 16:37:13 mail postfix/smtpd\[30043\]: warning: unknown\[45.125.65.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Mar 9 16:41:44 mail postfix/smtpd\[30164\]: warning: unknown\[45.125.65.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Mar 9 16:57:09 mail postfix/smtpd\[30176\]: warning: unknown\[45.125.65.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-03-09 23:59:39
79.142.50.23	attack	Mar 9 05:59:05 web9 sshd\[27226\]: Invalid user video from 79.142.50.23 Mar 9 05:59:05 web9 sshd\[27226\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.142.50.23 Mar 9 05:59:06 web9 sshd\[27226\]: Failed password for invalid user video from 79.142.50.23 port 41404 ssh2 Mar 9 06:03:23 web9 sshd\[27767\]: Invalid user plugdev from 79.142.50.23 Mar 9 06:03:23 web9 sshd\[27767\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.142.50.23	2020-03-10 00:12:17
181.123.10.221	attackbotsspam	$f2bV_matches	2020-03-10 00:30:24
167.71.205.8	attack	Mar 9 14:54:50 sd-53420 sshd\[16243\]: Invalid user watari from 167.71.205.8 Mar 9 14:54:50 sd-53420 sshd\[16243\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.205.8 Mar 9 14:54:52 sd-53420 sshd\[16243\]: Failed password for invalid user watari from 167.71.205.8 port 37968 ssh2 Mar 9 14:58:40 sd-53420 sshd\[16614\]: User root from 167.71.205.8 not allowed because none of user's groups are listed in AllowGroups Mar 9 14:58:40 sd-53420 sshd\[16614\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.205.8 user=root ...	2020-03-10 00:29:48
158.69.194.115	attackbots	Mar 9 14:54:54 ip-172-31-62-245 sshd\[24021\]: Invalid user precos from 158.69.194.115\ Mar 9 14:54:56 ip-172-31-62-245 sshd\[24021\]: Failed password for invalid user precos from 158.69.194.115 port 36164 ssh2\ Mar 9 14:59:32 ip-172-31-62-245 sshd\[24060\]: Invalid user test from 158.69.194.115\ Mar 9 14:59:34 ip-172-31-62-245 sshd\[24060\]: Failed password for invalid user test from 158.69.194.115 port 34165 ssh2\ Mar 9 15:04:04 ip-172-31-62-245 sshd\[24101\]: Failed password for root from 158.69.194.115 port 60399 ssh2\	2020-03-10 00:02:16
212.92.111.192	attack	RDPBruteCAu	2020-03-09 23:58:51
63.82.48.248	attackspam	Mar 9 14:31:14 mail.srvfarm.net postfix/smtpd[4074822]: NOQUEUE: reject: RCPT from unknown[63.82.48.248]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 9 14:31:15 mail.srvfarm.net postfix/smtpd[4074825]: NOQUEUE: reject: RCPT from unknown[63.82.48.248]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 9 14:31:15 mail.srvfarm.net postfix/smtpd[4074818]: NOQUEUE: reject: RCPT from unknown[63.82.48.248]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 9 14:31:45 mail.srvfarm.net postfix/smtpd[4073575]: NOQUEUE: reject: RCPT from unknown[63.82.48.248]: 450 4.1.8	2020-03-10 00:20:32
139.198.190.182	attack	$f2bV_matches	2020-03-10 00:04:39
86.98.2.105	attack	High volume WP login attempts -eld	2020-03-10 00:01:10
77.103.227.84	attack	$f2bV_matches	2020-03-09 23:59:23
202.191.121.66	attackbots	Unauthorized IMAP connection attempt	2020-03-10 00:11:54
103.58.92.5	attack	$f2bV_matches	2020-03-10 00:35:54
103.206.162.54	attackbots	port scan and connect, tcp 23 (telnet)	2020-03-10 00:08:33
204.93.169.27	attackspambots	Automatic report - WordPress Brute Force	2020-03-10 00:40:06
41.139.185.154	attackbotsspam	Email rejected due to spam filtering	2020-03-10 00:12:47

最近上报的IP列表

118.70.151.185	144.217.228.125	5.180.79.250	114.5.110.250
212.102.33.74	180.241.44.203	174.59.213.75	166.157.225.212
124.11.168.4	203.205.26.10	36.68.86.64	61.93.246.33
85.128.142.248	200.8.127.141	185.55.47.1	182.2.138.113
36.81.7.66	220.132.252.227	190.229.15.254	113.169.151.205