106.12.196.19 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Jun 21 12:17:27 fwweb01 sshd[20826]: Invalid user maintainer from 106.12.196.19 Jun 21 12:17:27 fwweb01 sshd[20826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.19 Jun 21 12:17:30 fwweb01 sshd[20826]: Failed password for invalid user maintainer from 106.12.196.19 port 40722 ssh2 Jun 21 12:17:30 fwweb01 sshd[20826]: Received disconnect from 106.12.196.19: 11: Bye Bye [preauth] Jun 21 12:35:03 fwweb01 sshd[21987]: Invalid user user1 from 106.12.196.19 Jun 21 12:35:03 fwweb01 sshd[21987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.19 Jun 21 12:35:05 fwweb01 sshd[21987]: Failed password for invalid user user1 from 106.12.196.19 port 35428 ssh2 Jun 21 12:35:05 fwweb01 sshd[21987]: Received disconnect from 106.12.196.19: 11: Bye Bye [preauth] Jun 21 12:38:20 fwweb01 sshd[22206]: Invalid user kai from 106.12.196.19 Jun 21 12:38:20 fwweb01 sshd[22206]: pam_unix(sshd:........ -------------------------------	2020-06-21 23:07:16

类型

评论内容

时间

attackspam

Jun 21 12:17:27 fwweb01 sshd[20826]: Invalid user maintainer from 106.12.196.19
Jun 21 12:17:27 fwweb01 sshd[20826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.19 
Jun 21 12:17:30 fwweb01 sshd[20826]: Failed password for invalid user maintainer from 106.12.196.19 port 40722 ssh2
Jun 21 12:17:30 fwweb01 sshd[20826]: Received disconnect from 106.12.196.19: 11: Bye Bye [preauth]
Jun 21 12:35:03 fwweb01 sshd[21987]: Invalid user user1 from 106.12.196.19
Jun 21 12:35:03 fwweb01 sshd[21987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.19 
Jun 21 12:35:05 fwweb01 sshd[21987]: Failed password for invalid user user1 from 106.12.196.19 port 35428 ssh2
Jun 21 12:35:05 fwweb01 sshd[21987]: Received disconnect from 106.12.196.19: 11: Bye Bye [preauth]
Jun 21 12:38:20 fwweb01 sshd[22206]: Invalid user kai from 106.12.196.19
Jun 21 12:38:20 fwweb01 sshd[22206]: pam_unix(sshd:........
-------------------------------

2020-06-21 23:07:16

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.196.118	attackbotsspam	Oct 12 14:10:41 host sshd[17786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 user=root Oct 12 14:10:43 host sshd[17786]: Failed password for root from 106.12.196.118 port 38322 ssh2 ...	2020-10-13 00:29:44
106.12.196.118	attack	Invalid user informix from 106.12.196.118 port 41438	2020-10-12 15:51:32
106.12.196.118	attack	2020-10-11T15:47:05.520064kitsunetech sshd[17599]: Invalid user admin from 106.12.196.118 port 37394	2020-10-12 07:43:20
106.12.196.118	attackbotsspam	(sshd) Failed SSH login from 106.12.196.118 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 01:35:39 server5 sshd[21225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 user=root Oct 11 01:35:41 server5 sshd[21225]: Failed password for root from 106.12.196.118 port 56116 ssh2 Oct 11 01:36:12 server5 sshd[21554]: Invalid user openvpn from 106.12.196.118 Oct 11 01:36:12 server5 sshd[21554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 Oct 11 01:36:14 server5 sshd[21554]: Failed password for invalid user openvpn from 106.12.196.118 port 59952 ssh2	2020-10-12 00:00:17
106.12.196.118	attackbotsspam	(sshd) Failed SSH login from 106.12.196.118 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 01:35:39 server5 sshd[21225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 user=root Oct 11 01:35:41 server5 sshd[21225]: Failed password for root from 106.12.196.118 port 56116 ssh2 Oct 11 01:36:12 server5 sshd[21554]: Invalid user openvpn from 106.12.196.118 Oct 11 01:36:12 server5 sshd[21554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 Oct 11 01:36:14 server5 sshd[21554]: Failed password for invalid user openvpn from 106.12.196.118 port 59952 ssh2	2020-10-11 15:59:14
106.12.196.118	attack	Oct 11 02:23:19 h2829583 sshd[29641]: Failed password for root from 106.12.196.118 port 49538 ssh2	2020-10-11 09:16:37
106.12.196.118	attack	Bruteforce detected by fail2ban	2020-10-06 06:35:13
106.12.196.118	attack	Bruteforce detected by fail2ban	2020-10-05 22:42:14
106.12.196.118	attackspambots	SSH / Telnet Brute Force Attempts on Honeypot	2020-10-05 14:37:23
106.12.196.38	attackspambots	Sep 27 17:42:13 serwer sshd\[7008\]: Invalid user brian from 106.12.196.38 port 41874 Sep 27 17:42:13 serwer sshd\[7008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.38 Sep 27 17:42:15 serwer sshd\[7008\]: Failed password for invalid user brian from 106.12.196.38 port 41874 ssh2 Sep 27 17:58:18 serwer sshd\[8557\]: Invalid user mongodb from 106.12.196.38 port 60976 Sep 27 17:58:18 serwer sshd\[8557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.38 Sep 27 17:58:20 serwer sshd\[8557\]: Failed password for invalid user mongodb from 106.12.196.38 port 60976 ssh2 ...	2020-09-29 03:01:11
106.12.196.38	attack	fail2ban	2020-09-28 19:10:01
106.12.196.118	attackspambots	106.12.196.118 (CN/China/-), 6 distributed sshd attacks on account [test] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 27 12:28:35 server5 sshd[18033]: Failed password for invalid user test from 106.54.205.236 port 51262 ssh2 Sep 27 12:53:04 server5 sshd[30548]: Invalid user test from 138.204.100.70 Sep 27 12:53:06 server5 sshd[30548]: Failed password for invalid user test from 138.204.100.70 port 36118 ssh2 Sep 27 13:08:18 server5 sshd[4951]: Invalid user test from 106.12.196.118 Sep 27 12:35:15 server5 sshd[21107]: Invalid user test from 115.223.34.141 Sep 27 12:28:33 server5 sshd[18033]: Invalid user test from 106.54.205.236 IP Addresses Blocked: 106.54.205.236 (CN/China/-) 138.204.100.70 (BR/Brazil/-)	2020-09-28 01:58:33
106.12.196.118	attack	Invalid user laravel from 106.12.196.118 port 34382	2020-09-27 18:02:28
106.12.196.118	attackspam	SSH / Telnet Brute Force Attempts on Honeypot	2020-09-25 08:31:28
106.12.196.118	attackbots	2020-08-17T21:30:45.064290abusebot-4.cloudsearch.cf sshd[20905]: Invalid user drop from 106.12.196.118 port 37874 2020-08-17T21:30:45.071874abusebot-4.cloudsearch.cf sshd[20905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 2020-08-17T21:30:45.064290abusebot-4.cloudsearch.cf sshd[20905]: Invalid user drop from 106.12.196.118 port 37874 2020-08-17T21:30:47.511155abusebot-4.cloudsearch.cf sshd[20905]: Failed password for invalid user drop from 106.12.196.118 port 37874 ssh2 2020-08-17T21:36:48.845494abusebot-4.cloudsearch.cf sshd[21109]: Invalid user maria from 106.12.196.118 port 53938 2020-08-17T21:36:48.852272abusebot-4.cloudsearch.cf sshd[21109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 2020-08-17T21:36:48.845494abusebot-4.cloudsearch.cf sshd[21109]: Invalid user maria from 106.12.196.118 port 53938 2020-08-17T21:36:50.789957abusebot-4.cloudsearch.cf sshd[21109]: Fa ...	2020-08-18 06:05:36

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.196.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61681
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.196.19.			IN	A

;; AUTHORITY SECTION:
.			283	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062100 1800 900 604800 86400

;; Query time: 35 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 21 23:07:13 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 19.196.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 19.196.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
67.141.107.227	attack	unauthorized connection attempt	2020-02-26 20:11:30
177.103.185.29	attackbots	Automatic report - Banned IP Access	2020-02-26 20:18:46
61.216.130.60	attackbots	unauthorized connection attempt	2020-02-26 20:11:54
59.6.137.47	attack	KR__<177>1582712562 [1:2403392:55566] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 47 [Classification: Misc Attack] [Priority: 2] {TCP} 59.6.137.47:28682	2020-02-26 20:34:57
85.133.130.135	attackbots	unauthorized connection attempt	2020-02-26 20:09:43
120.150.213.110	attack	unauthorized connection attempt	2020-02-26 20:46:54
211.100.96.173	attack	unauthorized connection attempt	2020-02-26 20:41:01
163.47.146.236	attackspam	unauthorized connection attempt	2020-02-26 20:45:07
85.65.144.78	attackspambots	unauthorized connection attempt	2020-02-26 20:10:09
42.119.60.46	attack	unauthorized connection attempt	2020-02-26 20:12:27
118.137.160.219	attack	unauthorized connection attempt	2020-02-26 20:31:10
201.86.133.160	attackbotsspam	unauthorized connection attempt	2020-02-26 20:17:09
211.100.96.162	attackbots	unauthorized connection attempt	2020-02-26 20:41:22
31.41.249.78	attack	unauthorized connection attempt	2020-02-26 20:14:30
86.171.116.134	attackbotsspam	unauthorized connection attempt	2020-02-26 20:21:54

最近上报的IP列表

57.106.154.230	176.98.65.43	180.141.140.50	237.221.47.99
184.22.113.207	135.88.253.251	92.206.38.116	67.79.62.91
96.248.160.43	131.238.136.33	189.57.198.41	55.201.199.236
180.202.74.216	45.153.242.163	90.162.15.160	193.250.127.187
190.191.83.0	250.94.19.101	124.66.54.80	208.76.15.29