106.12.197.119

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Nov 15 10:16:31 server sshd\[28736\]: Invalid user jacky from 106.12.197.119 port 34888 Nov 15 10:16:31 server sshd\[28736\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Nov 15 10:16:33 server sshd\[28736\]: Failed password for invalid user jacky from 106.12.197.119 port 34888 ssh2 Nov 15 10:21:04 server sshd\[16171\]: Invalid user mcnicol from 106.12.197.119 port 42320 Nov 15 10:21:04 server sshd\[16171\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119	2019-11-15 16:29:43
attackspambots	Nov 12 13:45:27 server sshd\[11328\]: Failed password for invalid user shepardson from 106.12.197.119 port 47706 ssh2 Nov 13 01:15:30 server sshd\[31177\]: Invalid user sundra from 106.12.197.119 Nov 13 01:15:30 server sshd\[31177\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Nov 13 01:15:32 server sshd\[31177\]: Failed password for invalid user sundra from 106.12.197.119 port 47110 ssh2 Nov 13 01:33:59 server sshd\[3111\]: Invalid user handbury from 106.12.197.119 Nov 13 01:33:59 server sshd\[3111\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 ...	2019-11-13 08:34:31
attackspambots	frenzy	2019-11-07 08:21:24
attackspam	Oct 25 11:07:58 hpm sshd\[20393\]: Invalid user @dministr@tor from 106.12.197.119 Oct 25 11:07:58 hpm sshd\[20393\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Oct 25 11:08:01 hpm sshd\[20393\]: Failed password for invalid user @dministr@tor from 106.12.197.119 port 57128 ssh2 Oct 25 11:11:47 hpm sshd\[20832\]: Invalid user marko123 from 106.12.197.119 Oct 25 11:11:47 hpm sshd\[20832\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119	2019-10-26 06:24:43
attackspam	Oct 23 22:36:00 OPSO sshd\[16452\]: Invalid user p4sswd1234 from 106.12.197.119 port 60866 Oct 23 22:36:00 OPSO sshd\[16452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Oct 23 22:36:02 OPSO sshd\[16452\]: Failed password for invalid user p4sswd1234 from 106.12.197.119 port 60866 ssh2 Oct 23 22:39:33 OPSO sshd\[16873\]: Invalid user Sina from 106.12.197.119 port 38516 Oct 23 22:39:33 OPSO sshd\[16873\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119	2019-10-24 08:21:24
attack	2019-10-12T20:35:16.096301abusebot-7.cloudsearch.cf sshd\[13229\]: Invalid user India@123 from 106.12.197.119 port 59428	2019-10-13 05:58:56
attackbots	Oct 2 12:03:30 vps691689 sshd[31155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Oct 2 12:03:32 vps691689 sshd[31155]: Failed password for invalid user bagab from 106.12.197.119 port 45932 ssh2 ...	2019-10-02 18:12:04
attack	Sep 24 17:07:07 vps01 sshd[25487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Sep 24 17:07:09 vps01 sshd[25487]: Failed password for invalid user alanna from 106.12.197.119 port 45388 ssh2	2019-09-25 05:04:23
attackbotsspam	Sep 14 03:34:14 xtremcommunity sshd\[65792\]: Invalid user nin from 106.12.197.119 port 50542 Sep 14 03:34:14 xtremcommunity sshd\[65792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Sep 14 03:34:16 xtremcommunity sshd\[65792\]: Failed password for invalid user nin from 106.12.197.119 port 50542 ssh2 Sep 14 03:39:19 xtremcommunity sshd\[66043\]: Invalid user tsdp from 106.12.197.119 port 34328 Sep 14 03:39:19 xtremcommunity sshd\[66043\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 ...	2019-09-14 15:51:59
attack	Sep 1 18:54:27 web9 sshd\[6406\]: Invalid user formation from 106.12.197.119 Sep 1 18:54:27 web9 sshd\[6406\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Sep 1 18:54:29 web9 sshd\[6406\]: Failed password for invalid user formation from 106.12.197.119 port 49996 ssh2 Sep 1 18:59:41 web9 sshd\[7385\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 user=root Sep 1 18:59:43 web9 sshd\[7385\]: Failed password for root from 106.12.197.119 port 38150 ssh2	2019-09-02 13:01:51
attackbots	Aug 26 04:46:56 v22019058497090703 sshd[23644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 Aug 26 04:46:57 v22019058497090703 sshd[23644]: Failed password for invalid user weblogic from 106.12.197.119 port 45416 ssh2 Aug 26 04:52:10 v22019058497090703 sshd[24017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 ...	2019-08-26 10:56:24
attack	Jul 31 01:24:50 dedicated sshd[7885]: Invalid user ts from 106.12.197.119 port 50952	2019-07-31 07:31:34
attackbotsspam	Jul 22 10:03:17 giegler sshd[9276]: Invalid user student from 106.12.197.119 port 38048	2019-07-22 18:56:52
attackbots	2019-07-13T01:46:15.594708hub.schaetter.us sshd\[21242\]: Invalid user nodejs from 106.12.197.119 2019-07-13T01:46:15.629522hub.schaetter.us sshd\[21242\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 2019-07-13T01:46:17.767550hub.schaetter.us sshd\[21242\]: Failed password for invalid user nodejs from 106.12.197.119 port 43050 ssh2 2019-07-13T01:53:14.982394hub.schaetter.us sshd\[21305\]: Invalid user archive from 106.12.197.119 2019-07-13T01:53:15.023272hub.schaetter.us sshd\[21305\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.119 ...	2019-07-13 11:59:29
attackspam	2019-06-21T19:47:02.706657abusebot.cloudsearch.cf sshd\[26229\]: Invalid user ca from 106.12.197.119 port 52614	2019-06-22 04:18:46

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.197.37	attackbotsspam	Invalid user support1 from 106.12.197.37 port 34940	2020-10-14 03:36:36
106.12.197.37	attack	Invalid user deginal from 106.12.197.37 port 56416	2020-10-13 18:55:47
106.12.197.52	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-06 01:57:58
106.12.197.52	attackspambots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-05 17:30:52
106.12.197.165	attackspam	Aug 17 12:27:36 vps1 sshd[13462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.165 Aug 17 12:27:38 vps1 sshd[13462]: Failed password for invalid user hyegyeong from 106.12.197.165 port 47606 ssh2 Aug 17 12:30:39 vps1 sshd[13495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.165 Aug 17 12:30:41 vps1 sshd[13495]: Failed password for invalid user wangjing from 106.12.197.165 port 58938 ssh2 Aug 17 12:33:47 vps1 sshd[13542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.165 Aug 17 12:33:48 vps1 sshd[13542]: Failed password for invalid user kea from 106.12.197.165 port 42076 ssh2 Aug 17 12:36:54 vps1 sshd[13574]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.165 ...	2020-08-17 19:12:35
106.12.197.165	attackbots	Aug 13 23:41:45 hosting sshd[31269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.165 user=root Aug 13 23:41:48 hosting sshd[31269]: Failed password for root from 106.12.197.165 port 52304 ssh2 Aug 13 23:46:23 hosting sshd[31859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.165 user=root Aug 13 23:46:25 hosting sshd[31859]: Failed password for root from 106.12.197.165 port 60046 ssh2 ...	2020-08-14 04:59:44
106.12.197.165	attackspam	Aug 13 08:02:51 mellenthin sshd[15596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.165 user=root Aug 13 08:02:54 mellenthin sshd[15596]: Failed password for invalid user root from 106.12.197.165 port 58016 ssh2	2020-08-13 15:55:57
106.12.197.37	attack	Aug 11 02:55:54 xxxxxxx5185820 sshd[1579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.37 user=r.r Aug 11 02:55:57 xxxxxxx5185820 sshd[1579]: Failed password for r.r from 106.12.197.37 port 42416 ssh2 Aug 11 02:55:57 xxxxxxx5185820 sshd[1579]: Received disconnect from 106.12.197.37 port 42416:11: Bye Bye [preauth] Aug 11 02:55:57 xxxxxxx5185820 sshd[1579]: Disconnected from 106.12.197.37 port 42416 [preauth] Aug 11 02:58:27 xxxxxxx5185820 sshd[1856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.197.37 user=r.r Aug 11 02:58:29 xxxxxxx5185820 sshd[1856]: Failed password for r.r from 106.12.197.37 port 48240 ssh2 Aug 11 02:58:29 xxxxxxx5185820 sshd[1856]: Received disconnect from 106.12.197.37 port 48240:11: Bye Bye [preauth] Aug 11 02:58:29 xxxxxxx5185820 sshd[1856]: Disconnected from 106.12.197.37 port 48240 [preauth] Aug 11 03:00:54 xxxxxxx5185820 sshd[3452]: pam_u........ -------------------------------	2020-08-12 02:41:34
106.12.197.165	attack	<6 unauthorized SSH connections	2020-08-09 19:04:09
106.12.197.165	attack	Aug 4 22:40:04 ip40 sshd[7844]: Failed password for root from 106.12.197.165 port 36592 ssh2 ...	2020-08-05 04:56:02
106.12.197.165	attackspambots	Jul 31 17:36:09 vmd36147 sshd[13581]: Failed password for root from 106.12.197.165 port 60880 ssh2 Jul 31 17:40:19 vmd36147 sshd[22629]: Failed password for root from 106.12.197.165 port 44464 ssh2 ...	2020-07-31 23:49:07
106.12.197.165	attack	Automatic Fail2ban report - Trying login SSH	2020-07-23 04:25:09
106.12.197.232	attackbotsspam	fail2ban -- 106.12.197.232 ...	2020-07-18 16:58:36
106.12.197.232	attackspambots	SSHD brute force attack detected by fail2ban	2020-07-17 12:28:20
106.12.197.165	attackspam	2020-07-12T08:36:18.489376morrigan.ad5gb.com sshd[1254326]: Failed password for invalid user yk from 106.12.197.165 port 41884 ssh2 2020-07-12T08:36:18.857927morrigan.ad5gb.com sshd[1254326]: Disconnected from invalid user yk 106.12.197.165 port 41884 [preauth]	2020-07-13 03:35:17

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.197.119
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57398
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.197.119.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032900 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Mar 29 21:23:00 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 119.197.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 119.197.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
115.159.3.221	attackbotsspam	Nov 25 04:32:28 eddieflores sshd\[21655\]: Invalid user kpaalberta from 115.159.3.221 Nov 25 04:32:28 eddieflores sshd\[21655\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.3.221 Nov 25 04:32:30 eddieflores sshd\[21655\]: Failed password for invalid user kpaalberta from 115.159.3.221 port 54900 ssh2 Nov 25 04:41:12 eddieflores sshd\[22436\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.3.221 user=root Nov 25 04:41:15 eddieflores sshd\[22436\]: Failed password for root from 115.159.3.221 port 33122 ssh2	2019-11-25 23:11:57
188.211.149.23	attackbotsspam	Connection by 188.211.149.23 on port: 23 got caught by honeypot at 11/25/2019 1:41:41 PM	2019-11-25 23:04:30
182.76.74.78	attack	Nov 25 14:31:10 wh01 sshd[20125]: Invalid user testuser1 from 182.76.74.78 port 53401 Nov 25 14:31:10 wh01 sshd[20125]: Failed password for invalid user testuser1 from 182.76.74.78 port 53401 ssh2 Nov 25 14:31:10 wh01 sshd[20125]: Received disconnect from 182.76.74.78 port 53401:11: Bye Bye [preauth] Nov 25 14:31:10 wh01 sshd[20125]: Disconnected from 182.76.74.78 port 53401 [preauth] Nov 25 15:33:05 wh01 sshd[27479]: Invalid user yenilmez from 182.76.74.78 port 6922 Nov 25 15:33:05 wh01 sshd[27479]: Failed password for invalid user yenilmez from 182.76.74.78 port 6922 ssh2 Nov 25 15:33:05 wh01 sshd[27479]: Received disconnect from 182.76.74.78 port 6922:11: Bye Bye [preauth] Nov 25 15:33:05 wh01 sshd[27479]: Disconnected from 182.76.74.78 port 6922 [preauth] Nov 25 15:41:45 wh01 sshd[28495]: Failed password for root from 182.76.74.78 port 29415 ssh2	2019-11-25 22:45:07
49.88.112.55	attack	Too many connections or unauthorized access detected from Arctic banned ip	2019-11-25 22:56:33
85.112.69.62	attackspam	Brute force attempt	2019-11-25 22:59:22
46.38.144.146	attack	Nov 25 16:04:31 webserver postfix/smtpd\[11091\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 25 16:05:07 webserver postfix/smtpd\[11091\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 25 16:05:42 webserver postfix/smtpd\[11091\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 25 16:06:19 webserver postfix/smtpd\[11091\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 25 16:06:55 webserver postfix/smtpd\[11284\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-11-25 23:09:29
138.255.185.196	attack	Automatic report - Port Scan Attack	2019-11-25 22:47:07
43.250.224.29	attackspam	Nov 25 09:26:03 server sshd\[28744\]: Invalid user fucker from 43.250.224.29 port 48914 Nov 25 09:26:03 server sshd\[28744\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.250.224.29 Nov 25 09:26:04 server sshd\[28744\]: Failed password for invalid user fucker from 43.250.224.29 port 48914 ssh2 Nov 25 09:30:58 server sshd\[13889\]: Invalid user 123Admin from 43.250.224.29 port 11677 Nov 25 09:30:58 server sshd\[13889\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.250.224.29	2019-11-25 22:34:27
203.195.223.104	attackspambots	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-25 23:03:23
80.230.128.154	attack	rdp brute-force attack (aggressivity: medium)	2019-11-25 22:49:27
81.12.159.146	attackspambots	Nov 25 16:12:22 nextcloud sshd\[13720\]: Invalid user ftp_test from 81.12.159.146 Nov 25 16:12:22 nextcloud sshd\[13720\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.12.159.146 Nov 25 16:12:24 nextcloud sshd\[13720\]: Failed password for invalid user ftp_test from 81.12.159.146 port 56476 ssh2 ...	2019-11-25 23:13:55
159.203.201.210	attackbotsspam	Portscan or hack attempt detected by psad/fwsnort	2019-11-25 22:58:39
112.85.42.194	attackspambots	2019-11-25T15:41:54.575932scmdmz1 sshd\[12548\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.194 user=root 2019-11-25T15:41:56.427299scmdmz1 sshd\[12548\]: Failed password for root from 112.85.42.194 port 36358 ssh2 2019-11-25T15:41:59.191968scmdmz1 sshd\[12548\]: Failed password for root from 112.85.42.194 port 36358 ssh2 ...	2019-11-25 22:45:40
222.186.175.147	attack	$f2bV_matches	2019-11-25 23:08:40
177.23.184.99	attackspam	Nov 25 16:08:20 dedicated sshd[26882]: Invalid user daryouch from 177.23.184.99 port 38700	2019-11-25 23:15:46

最近上报的IP列表

110.44.126.83	106.12.144.207	104.248.190.16	103.5.112.128
101.231.104.82	96.36.55.50	89.155.228.202	84.255.152.10
82.64.97.17	61.191.20.20	50.93.249.242	46.101.103.207
213.240.24.18	210.54.37.139	206.189.239.103	206.189.134.83
203.223.189.214	201.249.134.155	201.235.19.122	201.212.227.95