106.12.195.70 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Oct 4 14:04:10 vm1 sshd[21769]: Failed password for root from 106.12.195.70 port 58878 ssh2 ...	2020-10-05 06:55:28
attackspambots	Oct 4 14:04:10 vm1 sshd[21769]: Failed password for root from 106.12.195.70 port 58878 ssh2 ...	2020-10-04 23:00:51
attack	SSH login attempts.	2020-10-04 14:46:41
attackbots	2020-08-19T15:03:21.621190vps1033 sshd[26990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.70 2020-08-19T15:03:21.614408vps1033 sshd[26990]: Invalid user user from 106.12.195.70 port 50908 2020-08-19T15:03:23.494142vps1033 sshd[26990]: Failed password for invalid user user from 106.12.195.70 port 50908 ssh2 2020-08-19T15:07:18.723604vps1033 sshd[2809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.70 user=root 2020-08-19T15:07:20.805327vps1033 sshd[2809]: Failed password for root from 106.12.195.70 port 47300 ssh2 ...	2020-08-20 01:46:11
attack	Jun 26 22:34:21 localhost sshd\[25661\]: Invalid user nigeria from 106.12.195.70 Jun 26 22:34:21 localhost sshd\[25661\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.70 Jun 26 22:34:22 localhost sshd\[25661\]: Failed password for invalid user nigeria from 106.12.195.70 port 46174 ssh2 Jun 26 22:36:03 localhost sshd\[25846\]: Invalid user teste from 106.12.195.70 Jun 26 22:36:03 localhost sshd\[25846\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.70 ...	2020-06-27 04:43:46
attack	3x Failed Password	2020-05-07 19:09:38

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.195.99	attackbotsspam	Jul 16 10:40:33 ws12vmsma01 sshd[46871]: Invalid user oliver from 106.12.195.99 Jul 16 10:40:35 ws12vmsma01 sshd[46871]: Failed password for invalid user oliver from 106.12.195.99 port 34774 ssh2 Jul 16 10:46:28 ws12vmsma01 sshd[47728]: Invalid user tf2server from 106.12.195.99 ...	2020-07-17 00:32:04
106.12.195.99	attackspam	Jun 24 15:26:27 pkdns2 sshd\[57378\]: Invalid user henry from 106.12.195.99Jun 24 15:26:28 pkdns2 sshd\[57378\]: Failed password for invalid user henry from 106.12.195.99 port 34488 ssh2Jun 24 15:28:49 pkdns2 sshd\[57444\]: Invalid user ymx from 106.12.195.99Jun 24 15:28:50 pkdns2 sshd\[57444\]: Failed password for invalid user ymx from 106.12.195.99 port 39774 ssh2Jun 24 15:31:16 pkdns2 sshd\[57593\]: Failed password for root from 106.12.195.99 port 45052 ssh2Jun 24 15:33:48 pkdns2 sshd\[57669\]: Invalid user admin from 106.12.195.99 ...	2020-06-24 20:49:08
106.12.195.99	attack	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-18 17:19:15
106.12.195.99	attack	Jun 17 05:48:49 ns382633 sshd\[12198\]: Invalid user saq from 106.12.195.99 port 49458 Jun 17 05:48:49 ns382633 sshd\[12198\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.99 Jun 17 05:48:51 ns382633 sshd\[12198\]: Failed password for invalid user saq from 106.12.195.99 port 49458 ssh2 Jun 17 05:56:32 ns382633 sshd\[13754\]: Invalid user czerda from 106.12.195.99 port 37348 Jun 17 05:56:32 ns382633 sshd\[13754\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.99	2020-06-17 12:44:13
106.12.195.99	attackspam	Jun 1 12:07:25 localhost sshd\[16899\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.99 user=root Jun 1 12:07:27 localhost sshd\[16899\]: Failed password for root from 106.12.195.99 port 48294 ssh2 Jun 1 12:10:36 localhost sshd\[16949\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.99 user=root ...	2020-06-01 21:03:20
106.12.195.99	attackspam	May 16 02:21:02 vpn01 sshd[29975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.99 May 16 02:21:04 vpn01 sshd[29975]: Failed password for invalid user work from 106.12.195.99 port 50612 ssh2 ...	2020-05-16 22:24:09
106.12.195.99	attack	2020-04-30T05:22:54.515382linuxbox-skyline sshd[69452]: Invalid user bob from 106.12.195.99 port 50090 ...	2020-04-30 20:19:18
106.12.195.99	attackspam	Apr 25 17:09:25 sshgateway sshd\[3285\]: Invalid user hduser123 from 106.12.195.99 Apr 25 17:09:25 sshgateway sshd\[3285\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.99 Apr 25 17:09:27 sshgateway sshd\[3285\]: Failed password for invalid user hduser123 from 106.12.195.99 port 34132 ssh2	2020-04-26 02:38:55
106.12.195.99	attack	Apr 24 14:31:03 vps647732 sshd[16746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.99 Apr 24 14:31:05 vps647732 sshd[16746]: Failed password for invalid user jira from 106.12.195.99 port 39120 ssh2 ...	2020-04-25 00:37:33
106.12.195.99	attackspambots	Apr 19 20:15:14 *** sshd[13717]: Invalid user tester from 106.12.195.99	2020-04-20 05:23:21
106.12.195.99	attackspambots	Unauthorized SSH login attempts	2020-04-17 13:34:33
106.12.195.99	attackspambots	Apr 7 16:22:19 v22019038103785759 sshd\[11805\]: Invalid user dasusr from 106.12.195.99 port 60460 Apr 7 16:22:19 v22019038103785759 sshd\[11805\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.99 Apr 7 16:22:21 v22019038103785759 sshd\[11805\]: Failed password for invalid user dasusr from 106.12.195.99 port 60460 ssh2 Apr 7 16:27:25 v22019038103785759 sshd\[12156\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.99 user=root Apr 7 16:27:27 v22019038103785759 sshd\[12156\]: Failed password for root from 106.12.195.99 port 52238 ssh2 ...	2020-04-07 23:07:41
106.12.195.99	attack	$f2bV_matches	2020-03-28 03:15:05
106.12.195.177	attackspam	Mar 21 01:40:42 itv-usvr-01 sshd[14610]: Invalid user zhouwenya from 106.12.195.177 Mar 21 01:40:42 itv-usvr-01 sshd[14610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.177 Mar 21 01:40:42 itv-usvr-01 sshd[14610]: Invalid user zhouwenya from 106.12.195.177 Mar 21 01:40:44 itv-usvr-01 sshd[14610]: Failed password for invalid user zhouwenya from 106.12.195.177 port 51738 ssh2 Mar 21 01:48:18 itv-usvr-01 sshd[14971]: Invalid user louise from 106.12.195.177	2020-03-28 03:14:47
106.12.195.99	attackbots	Invalid user kelsey from 106.12.195.99 port 53744	2020-03-27 09:06:06

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.195.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21302
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.195.70.			IN	A

;; AUTHORITY SECTION:
.			548	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050700 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 07 19:09:34 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 70.195.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 70.195.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
222.186.30.59	attackspam	Aug 1 21:07:54 gw1 sshd[7469]: Failed password for root from 222.186.30.59 port 36489 ssh2 ...	2020-08-02 00:09:23
1.54.34.55	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-08-01 23:58:42
110.78.114.236	attackspambots	2020-08-01 10:14:37.534681-0500 localhost sshd[65661]: Failed password for root from 110.78.114.236 port 42510 ssh2	2020-08-01 23:40:01
185.37.26.65	attackbotsspam	Email rejected due to spam filtering	2020-08-02 00:28:44
119.166.28.82	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-08-02 00:33:05
45.129.33.24	attack	TCP (SYN) 45.129.33.24:45493 -> port 21518, len 44	2020-08-01 23:47:37
111.120.86.111	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-08-02 00:10:39
85.52.230.6	attackbots	Email rejected due to spam filtering	2020-08-02 00:28:04
85.140.14.184	attackspambots	Email rejected due to spam filtering	2020-08-02 00:13:09
45.129.33.22	attackspambots	TCP (SYN) 45.129.33.22:55588 -> port 3322, len 44	2020-08-01 23:49:37
193.169.253.136	attack	28 times SMTP brute-force	2020-08-02 00:18:10
177.124.40.7	attack	Unauthorised access (Aug 1) SRC=177.124.40.7 LEN=40 TTL=242 ID=39626 TCP DPT=445 WINDOW=1024 SYN	2020-08-01 23:59:21
1.34.213.46	attack	HTTP/80/443/8080 Probe, BF, WP, Hack -	2020-08-01 23:51:12
51.83.131.209	attackbots	2020-08-01T06:12:57.097042perso.[domain] sshd[1295105]: Failed password for root from 51.83.131.209 port 49626 ssh2 2020-08-01T06:17:29.822392perso.[domain] sshd[1297231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.131.209 user=root 2020-08-01T06:17:31.846889perso.[domain] sshd[1297231]: Failed password for root from 51.83.131.209 port 33884 ssh2 ...	2020-08-02 00:19:25
223.85.112.162	attackbotsspam	"fail2ban match"	2020-08-01 23:41:22

最近上报的IP列表

189.15.50.44	70.37.65.27	45.187.204.32	165.227.45.249
89.162.93.30	195.158.8.68	115.124.68.39	180.97.204.251
185.18.196.7	177.133.98.115	163.179.152.242	102.187.47.38
16.112.138.141	154.194.3.173	150.129.165.54	79.36.16.29
45.95.169.246	34.87.137.154	27.77.20.4	122.117.62.15