106.12.197.119

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Nov 15 10:16:31 server sshd\[28736\]: Invalid user jacky from 106.12.197.119 port 34888 Nov 15 10:16:31 server sshd\[28736\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Nov 15 10:16:33 server sshd\[28736\]: Failed password for invalid user jacky from 106.12.197.119 port 34888 ssh2 Nov 15 10:21:04 server sshd\[16171\]: Invalid user mcnicol from 106.12.197.119 port 42320 Nov 15 10:21:04 server sshd\[16171\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119	2019-11-15 16:29:43
attackspambots	Nov 12 13:45:27 server sshd\[11328\]: Failed password for invalid user shepardson from 106.12.197.119 port 47706 ssh2 Nov 13 01:15:30 server sshd\[31177\]: Invalid user sundra from 106.12.197.119 Nov 13 01:15:30 server sshd\[31177\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Nov 13 01:15:32 server sshd\[31177\]: Failed password for invalid user sundra from 106.12.197.119 port 47110 ssh2 Nov 13 01:33:59 server sshd\[3111\]: Invalid user handbury from 106.12.197.119 Nov 13 01:33:59 server sshd\[3111\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 ...	2019-11-13 08:34:31
attackspambots	frenzy	2019-11-07 08:21:24
attackspam	Oct 25 11:07:58 hpm sshd\[20393\]: Invalid user @dministr@tor from 106.12.197.119 Oct 25 11:07:58 hpm sshd\[20393\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Oct 25 11:08:01 hpm sshd\[20393\]: Failed password for invalid user @dministr@tor from 106.12.197.119 port 57128 ssh2 Oct 25 11:11:47 hpm sshd\[20832\]: Invalid user marko123 from 106.12.197.119 Oct 25 11:11:47 hpm sshd\[20832\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119	2019-10-26 06:24:43
attackspam	Oct 23 22:36:00 OPSO sshd\[16452\]: Invalid user p4sswd1234 from 106.12.197.119 port 60866 Oct 23 22:36:00 OPSO sshd\[16452\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Oct 23 22:36:02 OPSO sshd\[16452\]: Failed password for invalid user p4sswd1234 from 106.12.197.119 port 60866 ssh2 Oct 23 22:39:33 OPSO sshd\[16873\]: Invalid user Sina from 106.12.197.119 port 38516 Oct 23 22:39:33 OPSO sshd\[16873\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119	2019-10-24 08:21:24
attack	2019-10-12T20:35:16.096301abusebot-7.cloudsearch.cf sshd\[13229\]: Invalid user India@123 from 106.12.197.119 port 59428	2019-10-13 05:58:56
attackbots	Oct 2 12:03:30 vps691689 sshd[31155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Oct 2 12:03:32 vps691689 sshd[31155]: Failed password for invalid user bagab from 106.12.197.119 port 45932 ssh2 ...	2019-10-02 18:12:04
attack	Sep 24 17:07:07 vps01 sshd[25487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Sep 24 17:07:09 vps01 sshd[25487]: Failed password for invalid user alanna from 106.12.197.119 port 45388 ssh2	2019-09-25 05:04:23
attackbotsspam	Sep 14 03:34:14 xtremcommunity sshd\[65792\]: Invalid user nin from 106.12.197.119 port 50542 Sep 14 03:34:14 xtremcommunity sshd\[65792\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Sep 14 03:34:16 xtremcommunity sshd\[65792\]: Failed password for invalid user nin from 106.12.197.119 port 50542 ssh2 Sep 14 03:39:19 xtremcommunity sshd\[66043\]: Invalid user tsdp from 106.12.197.119 port 34328 Sep 14 03:39:19 xtremcommunity sshd\[66043\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 ...	2019-09-14 15:51:59
attack	Sep 1 18:54:27 web9 sshd\[6406\]: Invalid user formation from 106.12.197.119 Sep 1 18:54:27 web9 sshd\[6406\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Sep 1 18:54:29 web9 sshd\[6406\]: Failed password for invalid user formation from 106.12.197.119 port 49996 ssh2 Sep 1 18:59:41 web9 sshd\[7385\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 user=root Sep 1 18:59:43 web9 sshd\[7385\]: Failed password for root from 106.12.197.119 port 38150 ssh2	2019-09-02 13:01:51
attackbots	Aug 26 04:46:56 v22019058497090703 sshd[23644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Aug 26 04:46:57 v22019058497090703 sshd[23644]: Failed password for invalid user weblogic from 106.12.197.119 port 45416 ssh2 Aug 26 04:52:10 v22019058497090703 sshd[24017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 ...	2019-08-26 10:56:24
attack	Jul 31 01:24:50 dedicated sshd[7885]: Invalid user ts from 106.12.197.119 port 50952	2019-07-31 07:31:34
attackbotsspam	Jul 22 10:03:17 giegler sshd[9276]: Invalid user student from 106.12.197.119 port 38048	2019-07-22 18:56:52
attackbots	2019-07-13T01:46:15.594708hub.schaetter.us sshd\[21242\]: Invalid user nodejs from 106.12.197.119 2019-07-13T01:46:15.629522hub.schaetter.us sshd\[21242\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 2019-07-13T01:46:17.767550hub.schaetter.us sshd\[21242\]: Failed password for invalid user nodejs from 106.12.197.119 port 43050 ssh2 2019-07-13T01:53:14.982394hub.schaetter.us sshd\[21305\]: Invalid user archive from 106.12.197.119 2019-07-13T01:53:15.023272hub.schaetter.us sshd\[21305\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 ...	2019-07-13 11:59:29
attackspam	2019-06-21T19:47:02.706657abusebot.cloudsearch.cf sshd\[26229\]: Invalid user ca from 106.12.197.119 port 52614	2019-06-22 04:18:46

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.197.37	attackbotsspam	Invalid user support1 from 106.12.197.37 port 34940	2020-10-14 03:36:36
106.12.197.37	attack	Invalid user deginal from 106.12.197.37 port 56416	2020-10-13 18:55:47
106.12.197.52	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-06 01:57:58
106.12.197.52	attackspambots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-05 17:30:52
106.12.197.165	attackspam	Aug 17 12:27:36 vps1 sshd[13462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.165 Aug 17 12:27:38 vps1 sshd[13462]: Failed password for invalid user hyegyeong from 106.12.197.165 port 47606 ssh2 Aug 17 12:30:39 vps1 sshd[13495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.165 Aug 17 12:30:41 vps1 sshd[13495]: Failed password for invalid user wangjing from 106.12.197.165 port 58938 ssh2 Aug 17 12:33:47 vps1 sshd[13542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.165 Aug 17 12:33:48 vps1 sshd[13542]: Failed password for invalid user kea from 106.12.197.165 port 42076 ssh2 Aug 17 12:36:54 vps1 sshd[13574]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.165 ...	2020-08-17 19:12:35
106.12.197.165	attackbots	Aug 13 23:41:45 hosting sshd[31269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.165 user=root Aug 13 23:41:48 hosting sshd[31269]: Failed password for root from 106.12.197.165 port 52304 ssh2 Aug 13 23:46:23 hosting sshd[31859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.165 user=root Aug 13 23:46:25 hosting sshd[31859]: Failed password for root from 106.12.197.165 port 60046 ssh2 ...	2020-08-14 04:59:44
106.12.197.165	attackspam	Aug 13 08:02:51 mellenthin sshd[15596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.165 user=root Aug 13 08:02:54 mellenthin sshd[15596]: Failed password for invalid user root from 106.12.197.165 port 58016 ssh2	2020-08-13 15:55:57
106.12.197.37	attack	Aug 11 02:55:54 xxxxxxx5185820 sshd[1579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.37 user=r.r Aug 11 02:55:57 xxxxxxx5185820 sshd[1579]: Failed password for r.r from 106.12.197.37 port 42416 ssh2 Aug 11 02:55:57 xxxxxxx5185820 sshd[1579]: Received disconnect from 106.12.197.37 port 42416:11: Bye Bye [preauth] Aug 11 02:55:57 xxxxxxx5185820 sshd[1579]: Disconnected from 106.12.197.37 port 42416 [preauth] Aug 11 02:58:27 xxxxxxx5185820 sshd[1856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.37 user=r.r Aug 11 02:58:29 xxxxxxx5185820 sshd[1856]: Failed password for r.r from 106.12.197.37 port 48240 ssh2 Aug 11 02:58:29 xxxxxxx5185820 sshd[1856]: Received disconnect from 106.12.197.37 port 48240:11: Bye Bye [preauth] Aug 11 02:58:29 xxxxxxx5185820 sshd[1856]: Disconnected from 106.12.197.37 port 48240 [preauth] Aug 11 03:00:54 xxxxxxx5185820 sshd[3452]: pam_u........ -------------------------------	2020-08-12 02:41:34
106.12.197.165	attack	<6 unauthorized SSH connections	2020-08-09 19:04:09
106.12.197.165	attack	Aug 4 22:40:04 ip40 sshd[7844]: Failed password for root from 106.12.197.165 port 36592 ssh2 ...	2020-08-05 04:56:02
106.12.197.165	attackspambots	Jul 31 17:36:09 vmd36147 sshd[13581]: Failed password for root from 106.12.197.165 port 60880 ssh2 Jul 31 17:40:19 vmd36147 sshd[22629]: Failed password for root from 106.12.197.165 port 44464 ssh2 ...	2020-07-31 23:49:07
106.12.197.165	attack	Automatic Fail2ban report - Trying login SSH	2020-07-23 04:25:09
106.12.197.232	attackbotsspam	fail2ban -- 106.12.197.232 ...	2020-07-18 16:58:36
106.12.197.232	attackspambots	SSHD brute force attack detected by fail2ban	2020-07-17 12:28:20
106.12.197.165	attackspam	2020-07-12T08:36:18.489376morrigan.ad5gb.com sshd[1254326]: Failed password for invalid user yk from 106.12.197.165 port 41884 ssh2 2020-07-12T08:36:18.857927morrigan.ad5gb.com sshd[1254326]: Disconnected from invalid user yk 106.12.197.165 port 41884 [preauth]	2020-07-13 03:35:17

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.197.119
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57398
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.197.119.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032900 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Mar 29 21:23:00 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 119.197.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 119.197.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
75.101.172.223	attackbots	Unauthorized connection attempt detected from IP address 75.101.172.223 to port 1900 [J]	2020-01-07 20:29:06
14.17.76.176	attackbots	Unauthorized connection attempt detected from IP address 14.17.76.176 to port 2220 [J]	2020-01-07 20:32:42
113.141.64.224	attack	Jan 7 12:07:24 debian-2gb-nbg1-2 kernel: \[654562.506747\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=113.141.64.224 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=29201 PROTO=TCP SPT=45310 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-07 19:57:04
167.114.113.141	attackbotsspam	Unauthorized connection attempt detected from IP address 167.114.113.141 to port 2220 [J]	2020-01-07 20:20:51
151.75.192.101	attack	Unauthorized connection attempt detected from IP address 151.75.192.101 to port 23 [J]	2020-01-07 20:22:04
27.109.219.225	attackbots	Unauthorized connection attempt detected from IP address 27.109.219.225 to port 5555 [J]	2020-01-07 20:32:29
18.206.182.232	attackbotsspam	Unauthorized connection attempt detected from IP address 18.206.182.232 to port 53 [J]	2020-01-07 20:12:04
175.210.190.43	attackspam	Unauthorized connection attempt detected from IP address 175.210.190.43 to port 81 [J]	2020-01-07 20:20:39
102.40.127.91	attack	Unauthorized connection attempt detected from IP address 102.40.127.91 to port 23 [J]	2020-01-07 20:00:48
107.185.225.90	attackbotsspam	Unauthorized connection attempt detected from IP address 107.185.225.90 to port 88 [J]	2020-01-07 20:26:10
59.126.129.43	attackbotsspam	Unauthorized connection attempt detected from IP address 59.126.129.43 to port 85 [J]	2020-01-07 20:07:57
61.35.152.114	attack	Unauthorized connection attempt detected from IP address 61.35.152.114 to port 2220 [J]	2020-01-07 20:07:03
150.109.180.156	attackspam	Unauthorized connection attempt detected from IP address 150.109.180.156 to port 22 [J]	2020-01-07 20:22:31
194.204.236.164	attackspambots	Unauthorized connection attempt detected from IP address 194.204.236.164 to port 2220 [J]	2020-01-07 20:17:39
51.75.17.6	attack	Unauthorized connection attempt detected from IP address 51.75.17.6 to port 2220 [J]	2020-01-07 20:08:19

最近上报的IP列表

110.44.126.83	106.12.144.207	104.248.190.16	103.5.112.128
101.231.104.82	96.36.55.50	89.155.228.202	84.255.152.10
82.64.97.17	61.191.20.20	50.93.249.242	46.101.103.207
213.240.24.18	210.54.37.139	206.189.239.103	206.189.134.83
203.223.189.214	201.249.134.155	201.235.19.122	201.212.227.95