106.12.195.70 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Oct 4 14:04:10 vm1 sshd[21769]: Failed password for root from 106.12.195.70 port 58878 ssh2 ...	2020-10-05 06:55:28
attackspambots	Oct 4 14:04:10 vm1 sshd[21769]: Failed password for root from 106.12.195.70 port 58878 ssh2 ...	2020-10-04 23:00:51
attack	SSH login attempts.	2020-10-04 14:46:41
attackbots	2020-08-19T15:03:21.621190vps1033 sshd[26990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.70 2020-08-19T15:03:21.614408vps1033 sshd[26990]: Invalid user user from 106.12.195.70 port 50908 2020-08-19T15:03:23.494142vps1033 sshd[26990]: Failed password for invalid user user from 106.12.195.70 port 50908 ssh2 2020-08-19T15:07:18.723604vps1033 sshd[2809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.70 user=root 2020-08-19T15:07:20.805327vps1033 sshd[2809]: Failed password for root from 106.12.195.70 port 47300 ssh2 ...	2020-08-20 01:46:11
attack	Jun 26 22:34:21 localhost sshd\[25661\]: Invalid user nigeria from 106.12.195.70 Jun 26 22:34:21 localhost sshd\[25661\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.70 Jun 26 22:34:22 localhost sshd\[25661\]: Failed password for invalid user nigeria from 106.12.195.70 port 46174 ssh2 Jun 26 22:36:03 localhost sshd\[25846\]: Invalid user teste from 106.12.195.70 Jun 26 22:36:03 localhost sshd\[25846\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.70 ...	2020-06-27 04:43:46
attack	3x Failed Password	2020-05-07 19:09:38

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.195.99	attackbotsspam	Jul 16 10:40:33 ws12vmsma01 sshd[46871]: Invalid user oliver from 106.12.195.99 Jul 16 10:40:35 ws12vmsma01 sshd[46871]: Failed password for invalid user oliver from 106.12.195.99 port 34774 ssh2 Jul 16 10:46:28 ws12vmsma01 sshd[47728]: Invalid user tf2server from 106.12.195.99 ...	2020-07-17 00:32:04
106.12.195.99	attackspam	Jun 24 15:26:27 pkdns2 sshd\[57378\]: Invalid user henry from 106.12.195.99Jun 24 15:26:28 pkdns2 sshd\[57378\]: Failed password for invalid user henry from 106.12.195.99 port 34488 ssh2Jun 24 15:28:49 pkdns2 sshd\[57444\]: Invalid user ymx from 106.12.195.99Jun 24 15:28:50 pkdns2 sshd\[57444\]: Failed password for invalid user ymx from 106.12.195.99 port 39774 ssh2Jun 24 15:31:16 pkdns2 sshd\[57593\]: Failed password for root from 106.12.195.99 port 45052 ssh2Jun 24 15:33:48 pkdns2 sshd\[57669\]: Invalid user admin from 106.12.195.99 ...	2020-06-24 20:49:08
106.12.195.99	attack	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-18 17:19:15
106.12.195.99	attack	Jun 17 05:48:49 ns382633 sshd\[12198\]: Invalid user saq from 106.12.195.99 port 49458 Jun 17 05:48:49 ns382633 sshd\[12198\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.99 Jun 17 05:48:51 ns382633 sshd\[12198\]: Failed password for invalid user saq from 106.12.195.99 port 49458 ssh2 Jun 17 05:56:32 ns382633 sshd\[13754\]: Invalid user czerda from 106.12.195.99 port 37348 Jun 17 05:56:32 ns382633 sshd\[13754\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.99	2020-06-17 12:44:13
106.12.195.99	attackspam	Jun 1 12:07:25 localhost sshd\[16899\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.99 user=root Jun 1 12:07:27 localhost sshd\[16899\]: Failed password for root from 106.12.195.99 port 48294 ssh2 Jun 1 12:10:36 localhost sshd\[16949\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.99 user=root ...	2020-06-01 21:03:20
106.12.195.99	attackspam	May 16 02:21:02 vpn01 sshd[29975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.99 May 16 02:21:04 vpn01 sshd[29975]: Failed password for invalid user work from 106.12.195.99 port 50612 ssh2 ...	2020-05-16 22:24:09
106.12.195.99	attack	2020-04-30T05:22:54.515382linuxbox-skyline sshd[69452]: Invalid user bob from 106.12.195.99 port 50090 ...	2020-04-30 20:19:18
106.12.195.99	attackspam	Apr 25 17:09:25 sshgateway sshd\[3285\]: Invalid user hduser123 from 106.12.195.99 Apr 25 17:09:25 sshgateway sshd\[3285\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.99 Apr 25 17:09:27 sshgateway sshd\[3285\]: Failed password for invalid user hduser123 from 106.12.195.99 port 34132 ssh2	2020-04-26 02:38:55
106.12.195.99	attack	Apr 24 14:31:03 vps647732 sshd[16746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.99 Apr 24 14:31:05 vps647732 sshd[16746]: Failed password for invalid user jira from 106.12.195.99 port 39120 ssh2 ...	2020-04-25 00:37:33
106.12.195.99	attackspambots	Apr 19 20:15:14 *** sshd[13717]: Invalid user tester from 106.12.195.99	2020-04-20 05:23:21
106.12.195.99	attackspambots	Unauthorized SSH login attempts	2020-04-17 13:34:33
106.12.195.99	attackspambots	Apr 7 16:22:19 v22019038103785759 sshd\[11805\]: Invalid user dasusr from 106.12.195.99 port 60460 Apr 7 16:22:19 v22019038103785759 sshd\[11805\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.99 Apr 7 16:22:21 v22019038103785759 sshd\[11805\]: Failed password for invalid user dasusr from 106.12.195.99 port 60460 ssh2 Apr 7 16:27:25 v22019038103785759 sshd\[12156\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.99 user=root Apr 7 16:27:27 v22019038103785759 sshd\[12156\]: Failed password for root from 106.12.195.99 port 52238 ssh2 ...	2020-04-07 23:07:41
106.12.195.99	attack	$f2bV_matches	2020-03-28 03:15:05
106.12.195.177	attackspam	Mar 21 01:40:42 itv-usvr-01 sshd[14610]: Invalid user zhouwenya from 106.12.195.177 Mar 21 01:40:42 itv-usvr-01 sshd[14610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.177 Mar 21 01:40:42 itv-usvr-01 sshd[14610]: Invalid user zhouwenya from 106.12.195.177 Mar 21 01:40:44 itv-usvr-01 sshd[14610]: Failed password for invalid user zhouwenya from 106.12.195.177 port 51738 ssh2 Mar 21 01:48:18 itv-usvr-01 sshd[14971]: Invalid user louise from 106.12.195.177	2020-03-28 03:14:47
106.12.195.99	attackbots	Invalid user kelsey from 106.12.195.99 port 53744	2020-03-27 09:06:06

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.195.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21302
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.195.70.			IN	A

;; AUTHORITY SECTION:
.			548	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050700 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 07 19:09:34 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 70.195.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 70.195.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
49.135.36.86	attackspam	Invalid user webadm from 49.135.36.86 port 47362	2020-09-03 12:04:53
45.95.168.96	attackbots	2020-09-03 02:28:26 dovecot_login authenticator failed for pr.predictams.live $USER$ \[45.95.168.96\]: 535 Incorrect authentication data $set_id=billing@opso.it$ 2020-09-03 02:28:26 dovecot_login authenticator failed for pr.predictams.live $USER$ \[45.95.168.96\]: 535 Incorrect authentication data $set_id=billing@nophost.com$ 2020-09-03 02:32:22 dovecot_login authenticator failed for pr.predictams.live $USER$ \[45.95.168.96\]: 535 Incorrect authentication data $set_id=billing@nopcommerce.it$ 2020-09-03 02:33:00 dovecot_login authenticator failed for pr.predictams.live $USER$ \[45.95.168.96\]: 535 Incorrect authentication data $set_id=no-reply@opso.it$ 2020-09-03 02:33:13 dovecot_login authenticator failed for pr.predictams.live $USER$ \[45.95.168.96\]: 535 Incorrect authentication data $set_id=no-reply@nopcommerce.it$	2020-09-03 08:40:59
50.62.208.86	attackbots	50.62.208.86 - - [02/Sep/2020:17:28:24 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 50.62.208.86 - - [02/Sep/2020:17:45:01 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 50.62.208.86 - - [02/Sep/2020:17:45:01 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" ...	2020-09-03 08:31:56
142.4.213.28	attackspam	142.4.213.28 - - [03/Sep/2020:05:10:37 +0100] "POST /wp-login.php HTTP/1.1" 200 4400 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.4.213.28 - - [03/Sep/2020:05:10:38 +0100] "POST /wp-login.php HTTP/1.1" 200 4400 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.4.213.28 - - [03/Sep/2020:05:10:40 +0100] "POST /wp-login.php HTTP/1.1" 200 4400 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-03 12:20:28
119.28.136.172	attackbotsspam	2020-09-02T21:58:52.652170linuxbox-skyline sshd[42630]: Invalid user sy from 119.28.136.172 port 49022 ...	2020-09-03 12:08:29
89.234.157.254	attackbots	Sep 2 19:57:15 vps46666688 sshd[4327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.234.157.254 Sep 2 19:57:17 vps46666688 sshd[4327]: Failed password for invalid user admin from 89.234.157.254 port 45795 ssh2 ...	2020-09-03 08:28:11
162.142.125.33	attack	Unauthorized access to SSH at 3/Sep/2020:02:20:02 +0000. Received: (SSH-2.0-Go)	2020-09-03 12:07:17
104.131.29.92	attack	Sep 3 00:38:59 funkybot sshd[23013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.29.92 Sep 3 00:39:01 funkybot sshd[23013]: Failed password for invalid user hqy from 104.131.29.92 port 45005 ssh2 ...	2020-09-03 08:40:44
59.124.6.166	attack	Invalid user monte from 59.124.6.166 port 38254	2020-09-03 08:30:51
112.85.42.67	attackbots	September 03 2020, 00:00:46 [sshd] - Banned from the Mad Pony WordPress hosting platform by Fail2ban.	2020-09-03 12:04:20
46.31.221.116	attack	Sep 2 19:26:47 rancher-0 sshd[1409114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.31.221.116 user=root Sep 2 19:26:50 rancher-0 sshd[1409114]: Failed password for root from 46.31.221.116 port 54878 ssh2 ...	2020-09-03 08:35:24
222.186.180.147	attack	Sep 3 06:07:44 v22019058497090703 sshd[31967]: Failed password for root from 222.186.180.147 port 58126 ssh2 Sep 3 06:07:47 v22019058497090703 sshd[31967]: Failed password for root from 222.186.180.147 port 58126 ssh2 ...	2020-09-03 12:09:19
71.6.232.5	attackspambots	$f2bV_matches	2020-09-03 12:03:46
222.186.42.155	attackspam	2020-09-03T04:15:51.871924vps1033 sshd[23380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root 2020-09-03T04:15:54.546154vps1033 sshd[23380]: Failed password for root from 222.186.42.155 port 30753 ssh2 2020-09-03T04:15:51.871924vps1033 sshd[23380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root 2020-09-03T04:15:54.546154vps1033 sshd[23380]: Failed password for root from 222.186.42.155 port 30753 ssh2 2020-09-03T04:15:57.200316vps1033 sshd[23380]: Failed password for root from 222.186.42.155 port 30753 ssh2 ...	2020-09-03 12:18:26
5.188.206.194	attackbotsspam	Sep 3 02:04:14 relay postfix/smtpd\[16287\]: warning: unknown\[5.188.206.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 3 02:10:10 relay postfix/smtpd\[14055\]: warning: unknown\[5.188.206.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 3 02:10:32 relay postfix/smtpd\[13007\]: warning: unknown\[5.188.206.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 3 02:20:26 relay postfix/smtpd\[16284\]: warning: unknown\[5.188.206.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 3 02:20:44 relay postfix/smtpd\[14055\]: warning: unknown\[5.188.206.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-03 08:38:43

最近上报的IP列表

189.15.50.44	70.37.65.27	45.187.204.32	165.227.45.249
89.162.93.30	195.158.8.68	115.124.68.39	180.97.204.251
185.18.196.7	177.133.98.115	163.179.152.242	102.187.47.38
16.112.138.141	154.194.3.173	150.129.165.54	79.36.16.29
45.95.169.246	34.87.137.154	27.77.20.4	122.117.62.15