106.12.194.207

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jul 18 08:25:19 debian sshd\[9139\]: Invalid user bsd1 from 106.12.194.207 port 43610 Jul 18 08:25:19 debian sshd\[9139\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.207 ...	2019-07-18 15:31:28
attack	Jul 17 20:12:34 debian sshd\[1248\]: Invalid user pos from 106.12.194.207 port 47982 Jul 17 20:12:34 debian sshd\[1248\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.207 ...	2019-07-18 03:20:37
attack	k+ssh-bruteforce	2019-07-17 08:43:10
attackbotsspam	Jul 13 22:28:10 srv-4 sshd\[5489\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.207 user=memcache Jul 13 22:28:13 srv-4 sshd\[5489\]: Failed password for memcache from 106.12.194.207 port 54866 ssh2 Jul 13 22:33:57 srv-4 sshd\[6022\]: Invalid user temp from 106.12.194.207 ...	2019-07-14 03:44:34
attackbots	Jun 23 02:06:03 tux-35-217 sshd\[8173\]: Invalid user marek from 106.12.194.207 port 49022 Jun 23 02:06:03 tux-35-217 sshd\[8173\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.207 Jun 23 02:06:06 tux-35-217 sshd\[8173\]: Failed password for invalid user marek from 106.12.194.207 port 49022 ssh2 Jun 23 02:10:10 tux-35-217 sshd\[8204\]: Invalid user jj from 106.12.194.207 port 60604 Jun 23 02:10:10 tux-35-217 sshd\[8204\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.207 ...	2019-06-23 15:32:16

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.194.26	attack	Sep 23 12:10:48 sip sshd[27036]: Invalid user aditya from 106.12.194.26 port 47662 Sep 23 12:10:50 sip sshd[27036]: Failed password for invalid user aditya from 106.12.194.26 port 47662 ssh2 Sep 23 12:16:06 sip sshd[27571]: Invalid user ubuntu from 106.12.194.26 port 50678 ...	2020-09-23 20:08:00
106.12.194.26	attack	Sep 22 22:02:36 r.ca sshd[10460]: Failed password for root from 106.12.194.26 port 48230 ssh2	2020-09-23 12:29:36
106.12.194.26	attackspambots	fail2ban/Sep 22 19:16:26 h1962932 sshd[7900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.26 user=root Sep 22 19:16:28 h1962932 sshd[7900]: Failed password for root from 106.12.194.26 port 43682 ssh2 Sep 22 19:23:45 h1962932 sshd[8571]: Invalid user jesse from 106.12.194.26 port 33530 Sep 22 19:23:45 h1962932 sshd[8571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.26 Sep 22 19:23:45 h1962932 sshd[8571]: Invalid user jesse from 106.12.194.26 port 33530 Sep 22 19:23:47 h1962932 sshd[8571]: Failed password for invalid user jesse from 106.12.194.26 port 33530 ssh2	2020-09-23 04:15:36
106.12.194.204	attackbotsspam	Sep 22 11:56:34 vps-51d81928 sshd[289412]: Failed password for root from 106.12.194.204 port 36116 ssh2 Sep 22 11:59:25 vps-51d81928 sshd[289460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.204 user=root Sep 22 11:59:27 vps-51d81928 sshd[289460]: Failed password for root from 106.12.194.204 port 45572 ssh2 Sep 22 12:02:28 vps-51d81928 sshd[289488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.204 user=root Sep 22 12:02:30 vps-51d81928 sshd[289488]: Failed password for root from 106.12.194.204 port 55020 ssh2 ...	2020-09-22 20:37:40
106.12.194.204	attack	Sep 22 05:40:16 vserver sshd\[15718\]: Invalid user fred from 106.12.194.204Sep 22 05:40:18 vserver sshd\[15718\]: Failed password for invalid user fred from 106.12.194.204 port 55960 ssh2Sep 22 05:48:43 vserver sshd\[16019\]: Invalid user asd from 106.12.194.204Sep 22 05:48:45 vserver sshd\[16019\]: Failed password for invalid user asd from 106.12.194.204 port 41604 ssh2 ...	2020-09-22 12:35:05
106.12.194.204	attackspam	Sep 21 19:17:05 inter-technics sshd[739]: Invalid user itadmin from 106.12.194.204 port 49630 Sep 21 19:17:05 inter-technics sshd[739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.204 Sep 21 19:17:05 inter-technics sshd[739]: Invalid user itadmin from 106.12.194.204 port 49630 Sep 21 19:17:07 inter-technics sshd[739]: Failed password for invalid user itadmin from 106.12.194.204 port 49630 ssh2 Sep 21 19:20:22 inter-technics sshd[916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.204 user=root Sep 21 19:20:23 inter-technics sshd[916]: Failed password for root from 106.12.194.204 port 37914 ssh2 ...	2020-09-22 04:44:50
106.12.194.204	attackbots	Invalid user dev from 106.12.194.204 port 58274	2020-09-03 22:00:48
106.12.194.204	attack	Invalid user dev from 106.12.194.204 port 58274	2020-09-03 13:42:45
106.12.194.204	attack	Sep 2 19:26:04 ip-172-31-16-56 sshd\[13000\]: Invalid user nina from 106.12.194.204\ Sep 2 19:26:06 ip-172-31-16-56 sshd\[13000\]: Failed password for invalid user nina from 106.12.194.204 port 41736 ssh2\ Sep 2 19:28:46 ip-172-31-16-56 sshd\[13018\]: Invalid user test5 from 106.12.194.204\ Sep 2 19:28:48 ip-172-31-16-56 sshd\[13018\]: Failed password for invalid user test5 from 106.12.194.204 port 53178 ssh2\ Sep 2 19:31:31 ip-172-31-16-56 sshd\[13041\]: Invalid user dac from 106.12.194.204\	2020-09-03 05:55:37
106.12.194.204	attackbots	Aug 18 10:26:26 dignus sshd[32486]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.204 Aug 18 10:26:28 dignus sshd[32486]: Failed password for invalid user minecraft from 106.12.194.204 port 60740 ssh2 Aug 18 10:29:47 dignus sshd[474]: Invalid user gituser from 106.12.194.204 port 44042 Aug 18 10:29:47 dignus sshd[474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.204 Aug 18 10:29:49 dignus sshd[474]: Failed password for invalid user gituser from 106.12.194.204 port 44042 ssh2 ...	2020-08-19 01:44:57
106.12.194.204	attack	Aug 16 05:54:45 db sshd[21202]: User root from 106.12.194.204 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 14:53:51
106.12.194.204	attackbotsspam	Aug 13 15:32:32 OPSO sshd\[19892\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.204 user=root Aug 13 15:32:35 OPSO sshd\[19892\]: Failed password for root from 106.12.194.204 port 38452 ssh2 Aug 13 15:35:57 OPSO sshd\[20389\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.204 user=root Aug 13 15:35:59 OPSO sshd\[20389\]: Failed password for root from 106.12.194.204 port 45860 ssh2 Aug 13 15:39:10 OPSO sshd\[20703\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.204 user=root	2020-08-13 23:01:58
106.12.194.204	attackspambots	Aug 12 01:58:33 lunarastro sshd[29861]: Failed password for root from 106.12.194.204 port 57476 ssh2 Aug 12 02:05:23 lunarastro sshd[29953]: Failed password for root from 106.12.194.204 port 51962 ssh2	2020-08-12 06:09:01
106.12.194.204	attackbotsspam	Aug 9 16:29:08 server sshd[25490]: Failed password for root from 106.12.194.204 port 45544 ssh2 Aug 9 16:33:16 server sshd[4133]: Failed password for root from 106.12.194.204 port 59370 ssh2 Aug 9 16:37:18 server sshd[17132]: Failed password for root from 106.12.194.204 port 44968 ssh2	2020-08-09 23:49:41
106.12.194.204	attackbots	2020-08-05T09:07:10.6511701495-001 sshd[27118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.204 user=root 2020-08-05T09:07:12.1824161495-001 sshd[27118]: Failed password for root from 106.12.194.204 port 60860 ssh2 2020-08-05T09:10:28.4754081495-001 sshd[27273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.204 user=root 2020-08-05T09:10:30.8547481495-001 sshd[27273]: Failed password for root from 106.12.194.204 port 39994 ssh2 2020-08-05T09:13:47.0103771495-001 sshd[27460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.204 user=root 2020-08-05T09:13:48.5717341495-001 sshd[27460]: Failed password for root from 106.12.194.204 port 47364 ssh2 ...	2020-08-06 01:32:51

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.194.207
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14599
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.194.207.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019033102 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 01 09:39:57 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 207.194.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 207.194.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
103.76.175.130	attack	$f2bV_matches	2020-09-13 16:27:06
213.163.120.226	attack	DATE:2020-09-12 18:51:41, IP:213.163.120.226, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-09-13 16:54:41
85.133.132.219	attackspambots	DATE:2020-09-12 18:51:25, IP:85.133.132.219, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-09-13 17:02:06
104.248.205.67	attackspam	Port scan denied	2020-09-13 16:47:38
27.30.97.210	attackbotsspam	Unauthorised access (Sep 12) SRC=27.30.97.210 LEN=48 TTL=48 ID=7077 DF TCP DPT=1433 WINDOW=8192 SYN	2020-09-13 16:39:53
91.134.167.236	attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-13T06:17:10Z and 2020-09-13T06:27:36Z	2020-09-13 16:21:41
51.75.249.224	attackbots	5x Failed Password	2020-09-13 16:23:44
61.110.143.248	attackspam	DATE:2020-09-13 02:10:36, IP:61.110.143.248, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2020-09-13 16:51:38
27.5.47.149	attack	1599929566 - 09/12/2020 23:52:46 Host: 27.5.47.149/27.5.47.149 Port: 23 TCP Blocked ...	2020-09-13 17:05:18
106.53.249.204	attackbotsspam	Sep 13 08:19:12 mx sshd[656417]: Failed password for invalid user user from 106.53.249.204 port 37318 ssh2 Sep 13 08:23:00 mx sshd[656470]: Invalid user admin from 106.53.249.204 port 22169 Sep 13 08:23:00 mx sshd[656470]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.249.204 Sep 13 08:23:00 mx sshd[656470]: Invalid user admin from 106.53.249.204 port 22169 Sep 13 08:23:02 mx sshd[656470]: Failed password for invalid user admin from 106.53.249.204 port 22169 ssh2 ...	2020-09-13 16:56:12
46.101.151.97	attack	Sep 13 10:35:45 * sshd[27583]: Failed password for root from 46.101.151.97 port 32962 ssh2	2020-09-13 17:06:02
41.225.24.18	attack	1599929574 - 09/12/2020 18:52:54 Host: 41.225.24.18/41.225.24.18 Port: 445 TCP Blocked	2020-09-13 17:00:45
103.4.217.139	attackbotsspam	Sep 13 08:05:07 l02a sshd[29778]: Invalid user admin from 103.4.217.139 Sep 13 08:05:07 l02a sshd[29778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.4.217.139 Sep 13 08:05:07 l02a sshd[29778]: Invalid user admin from 103.4.217.139 Sep 13 08:05:09 l02a sshd[29778]: Failed password for invalid user admin from 103.4.217.139 port 39906 ssh2	2020-09-13 16:23:06
211.141.234.16	attack	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-09-13 16:20:23
210.182.189.215	attack	DATE:2020-09-12 18:52:00, IP:210.182.189.215, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-09-13 16:42:31

最近上报的IP列表

118.25.49.95	193.112.213.48	180.103.132.212	164.132.225.250
107.170.18.163	197.245.235.170	178.128.84.122	140.143.247.51
157.240.8.18	158.69.241.207	37.115.184.170	1.9.46.177
219.151.22.86	178.184.19.114	159.89.114.191	91.199.144.23
188.32.243.152	180.76.108.147	52.35.228.185	140.143.146.206