106.12.196.48 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.196.118	attackbotsspam	Oct 12 14:10:41 host sshd[17786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 user=root Oct 12 14:10:43 host sshd[17786]: Failed password for root from 106.12.196.118 port 38322 ssh2 ...	2020-10-13 00:29:44
106.12.196.118	attack	Invalid user informix from 106.12.196.118 port 41438	2020-10-12 15:51:32
106.12.196.118	attack	2020-10-11T15:47:05.520064kitsunetech sshd[17599]: Invalid user admin from 106.12.196.118 port 37394	2020-10-12 07:43:20
106.12.196.118	attackbotsspam	(sshd) Failed SSH login from 106.12.196.118 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 01:35:39 server5 sshd[21225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 user=root Oct 11 01:35:41 server5 sshd[21225]: Failed password for root from 106.12.196.118 port 56116 ssh2 Oct 11 01:36:12 server5 sshd[21554]: Invalid user openvpn from 106.12.196.118 Oct 11 01:36:12 server5 sshd[21554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 Oct 11 01:36:14 server5 sshd[21554]: Failed password for invalid user openvpn from 106.12.196.118 port 59952 ssh2	2020-10-12 00:00:17
106.12.196.118	attackbotsspam	(sshd) Failed SSH login from 106.12.196.118 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 01:35:39 server5 sshd[21225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 user=root Oct 11 01:35:41 server5 sshd[21225]: Failed password for root from 106.12.196.118 port 56116 ssh2 Oct 11 01:36:12 server5 sshd[21554]: Invalid user openvpn from 106.12.196.118 Oct 11 01:36:12 server5 sshd[21554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 Oct 11 01:36:14 server5 sshd[21554]: Failed password for invalid user openvpn from 106.12.196.118 port 59952 ssh2	2020-10-11 15:59:14
106.12.196.118	attack	Oct 11 02:23:19 h2829583 sshd[29641]: Failed password for root from 106.12.196.118 port 49538 ssh2	2020-10-11 09:16:37
106.12.196.118	attack	Bruteforce detected by fail2ban	2020-10-06 06:35:13
106.12.196.118	attack	Bruteforce detected by fail2ban	2020-10-05 22:42:14
106.12.196.118	attackspambots	SSH / Telnet Brute Force Attempts on Honeypot	2020-10-05 14:37:23
106.12.196.38	attackspambots	Sep 27 17:42:13 serwer sshd\[7008\]: Invalid user brian from 106.12.196.38 port 41874 Sep 27 17:42:13 serwer sshd\[7008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.38 Sep 27 17:42:15 serwer sshd\[7008\]: Failed password for invalid user brian from 106.12.196.38 port 41874 ssh2 Sep 27 17:58:18 serwer sshd\[8557\]: Invalid user mongodb from 106.12.196.38 port 60976 Sep 27 17:58:18 serwer sshd\[8557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.38 Sep 27 17:58:20 serwer sshd\[8557\]: Failed password for invalid user mongodb from 106.12.196.38 port 60976 ssh2 ...	2020-09-29 03:01:11
106.12.196.38	attack	fail2ban	2020-09-28 19:10:01
106.12.196.118	attackspambots	106.12.196.118 (CN/China/-), 6 distributed sshd attacks on account [test] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 27 12:28:35 server5 sshd[18033]: Failed password for invalid user test from 106.54.205.236 port 51262 ssh2 Sep 27 12:53:04 server5 sshd[30548]: Invalid user test from 138.204.100.70 Sep 27 12:53:06 server5 sshd[30548]: Failed password for invalid user test from 138.204.100.70 port 36118 ssh2 Sep 27 13:08:18 server5 sshd[4951]: Invalid user test from 106.12.196.118 Sep 27 12:35:15 server5 sshd[21107]: Invalid user test from 115.223.34.141 Sep 27 12:28:33 server5 sshd[18033]: Invalid user test from 106.54.205.236 IP Addresses Blocked: 106.54.205.236 (CN/China/-) 138.204.100.70 (BR/Brazil/-)	2020-09-28 01:58:33
106.12.196.118	attack	Invalid user laravel from 106.12.196.118 port 34382	2020-09-27 18:02:28
106.12.196.118	attackspam	SSH / Telnet Brute Force Attempts on Honeypot	2020-09-25 08:31:28
106.12.196.118	attackbots	2020-08-17T21:30:45.064290abusebot-4.cloudsearch.cf sshd[20905]: Invalid user drop from 106.12.196.118 port 37874 2020-08-17T21:30:45.071874abusebot-4.cloudsearch.cf sshd[20905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 2020-08-17T21:30:45.064290abusebot-4.cloudsearch.cf sshd[20905]: Invalid user drop from 106.12.196.118 port 37874 2020-08-17T21:30:47.511155abusebot-4.cloudsearch.cf sshd[20905]: Failed password for invalid user drop from 106.12.196.118 port 37874 ssh2 2020-08-17T21:36:48.845494abusebot-4.cloudsearch.cf sshd[21109]: Invalid user maria from 106.12.196.118 port 53938 2020-08-17T21:36:48.852272abusebot-4.cloudsearch.cf sshd[21109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.196.118 2020-08-17T21:36:48.845494abusebot-4.cloudsearch.cf sshd[21109]: Invalid user maria from 106.12.196.118 port 53938 2020-08-17T21:36:50.789957abusebot-4.cloudsearch.cf sshd[21109]: Fa ...	2020-08-18 06:05:36

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.196.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10563
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.196.48.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041201 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 10:20:35 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 48.196.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 48.196.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
40.78.9.251	attack	Jul 15 14:25:27 piServer sshd[5982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.78.9.251 ...	2020-07-15 20:26:31
112.85.42.104	attackspambots	Jul 15 14:39:21 v22018053744266470 sshd[21795]: Failed password for root from 112.85.42.104 port 35591 ssh2 Jul 15 14:39:32 v22018053744266470 sshd[21808]: Failed password for root from 112.85.42.104 port 23685 ssh2 ...	2020-07-15 20:41:21
82.112.43.15	attackbots	Honeypot attack, port: 445, PTR: 82-112-43-15.k-telecom.org.	2020-07-15 20:51:53
36.83.16.101	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-07-15 20:29:35
52.188.23.7	attackspambots	Fail2Ban Ban Triggered	2020-07-15 20:52:12
183.82.96.185	attackbotsspam	Unauthorized connection attempt from IP address 183.82.96.185 on Port 445(SMB)	2020-07-15 20:23:28
106.12.98.182	attackbots	sshd	2020-07-15 20:53:18
203.202.243.57	attackspam	Attempted connection to port 445.	2020-07-15 20:54:08
40.77.62.165	attackspam	Jul 15 14:36:58 prod4 sshd\[7097\]: Invalid user 2019.fontainepicard.com from 40.77.62.165 Jul 15 14:36:58 prod4 sshd\[7099\]: Invalid user fontainepicard from 40.77.62.165 Jul 15 14:36:58 prod4 sshd\[7098\]: Invalid user 2019 from 40.77.62.165 ...	2020-07-15 20:51:07
47.52.239.42	attack	47.52.239.42 - - \[15/Jul/2020:13:40:02 +0200\] "POST /wp-login.php HTTP/1.0" 200 6400 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 47.52.239.42 - - \[15/Jul/2020:13:40:05 +0200\] "POST /wp-login.php HTTP/1.0" 200 6412 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 47.52.239.42 - - \[15/Jul/2020:13:40:08 +0200\] "POST /wp-login.php HTTP/1.0" 200 6404 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-07-15 20:30:52
123.176.34.115	attackspam	Brute forcing RDP port 3389	2020-07-15 20:28:25
222.186.30.167	attackspam	2020-07-15T14:24:29.470149vps751288.ovh.net sshd\[9322\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root 2020-07-15T14:24:31.234250vps751288.ovh.net sshd\[9322\]: Failed password for root from 222.186.30.167 port 34992 ssh2 2020-07-15T14:24:33.211661vps751288.ovh.net sshd\[9322\]: Failed password for root from 222.186.30.167 port 34992 ssh2 2020-07-15T14:24:35.796349vps751288.ovh.net sshd\[9322\]: Failed password for root from 222.186.30.167 port 34992 ssh2 2020-07-15T14:24:43.487062vps751288.ovh.net sshd\[9326\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root	2020-07-15 20:32:20
102.133.228.153	attackspambots	Jul 15 15:27:36 ift sshd\[47555\]: Invalid user ift.org.ua from 102.133.228.153Jul 15 15:27:36 ift sshd\[47558\]: Invalid user org from 102.133.228.153Jul 15 15:27:38 ift sshd\[47558\]: Failed password for invalid user org from 102.133.228.153 port 11641 ssh2Jul 15 15:27:38 ift sshd\[47555\]: Failed password for invalid user ift.org.ua from 102.133.228.153 port 11642 ssh2Jul 15 15:27:38 ift sshd\[47556\]: Failed password for ift from 102.133.228.153 port 11640 ssh2 ...	2020-07-15 20:33:02
213.6.239.82	attackspam	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-07-15 21:00:39
113.54.156.94	attackbots	sshd	2020-07-15 20:28:59

最近上报的IP列表

185.38.3.138	162.243.163.136	94.74.188.137	83.3.245.132
73.53.95.248	58.59.2.26	183.81.75.89	107.170.192.122
104.189.118.224	72.9.100.190	36.89.31.98	198.58.116.243
193.227.20.171	91.206.14.193	61.175.121.76	197.165.162.214
91.206.14.190	198.108.67.48	66.175.223.153	190.9.132.202