106.12.200.213

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Mar 4 08:17:41 vpn01 sshd[31935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.200.213 Mar 4 08:17:43 vpn01 sshd[31935]: Failed password for invalid user yuly from 106.12.200.213 port 51730 ssh2 ...	2020-03-04 16:30:43
attack	Feb 25 10:33:34 sd-53420 sshd\[18358\]: Invalid user ns2 from 106.12.200.213 Feb 25 10:33:34 sd-53420 sshd\[18358\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.200.213 Feb 25 10:33:36 sd-53420 sshd\[18358\]: Failed password for invalid user ns2 from 106.12.200.213 port 33092 ssh2 Feb 25 10:40:53 sd-53420 sshd\[19194\]: Invalid user debian from 106.12.200.213 Feb 25 10:40:53 sd-53420 sshd\[19194\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.200.213 ...	2020-02-25 18:03:06
attack	Feb 21 18:11:28 plusreed sshd[28942]: Invalid user ns2server from 106.12.200.213 ...	2020-02-22 07:16:41
attackbots	Jan 23 10:46:44 onepro2 sshd[32045]: Failed password for invalid user pw from 106.12.200.213 port 38400 ssh2 Jan 23 10:58:26 onepro2 sshd[32113]: Failed password for invalid user xu from 106.12.200.213 port 39476 ssh2 Jan 23 11:02:39 onepro2 sshd[32121]: Failed password for root from 106.12.200.213 port 38856 ssh2	2020-01-24 05:27:44

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.200.239	attack	SSH bruteforce	2020-10-06 01:17:31
106.12.200.239	attack	2020-09-28T09:12:44.909681linuxbox-skyline sshd[202304]: Invalid user www from 106.12.200.239 port 54772 ...	2020-09-29 01:10:31
106.12.200.239	attackspambots	Aug 7 05:47:57 rotator sshd\[10543\]: Invalid user \<\;stddef.h\>\; from 106.12.200.239Aug 7 05:47:59 rotator sshd\[10543\]: Failed password for invalid user \<\;stddef.h\>\; from 106.12.200.239 port 39542 ssh2Aug 7 05:51:39 rotator sshd\[11356\]: Invalid user asd!@\#$ from 106.12.200.239Aug 7 05:51:41 rotator sshd\[11356\]: Failed password for invalid user asd!@\#$ from 106.12.200.239 port 57202 ssh2Aug 7 05:55:29 rotator sshd\[12141\]: Invalid user $cann3r123 from 106.12.200.239Aug 7 05:55:30 rotator sshd\[12141\]: Failed password for invalid user $cann3r123 from 106.12.200.239 port 46620 ssh2 ...	2020-08-07 14:44:16
106.12.200.239	attack	Aug 1 23:39:20 vps647732 sshd[26676]: Failed password for root from 106.12.200.239 port 51628 ssh2 ...	2020-08-02 05:49:05
106.12.200.239	attack	2020-07-21T22:16:05+0200 Failed SSH Authentication/Brute Force Attack. (Server 10)	2020-07-22 05:09:46
106.12.200.239	attack	2020-07-15 16:15:12,048 fail2ban.actions: WARNING [ssh] Ban 106.12.200.239	2020-07-15 22:54:04
106.12.200.145	attack	1593741323 - 07/03/2020 03:55:23 Host: 106.12.200.145/106.12.200.145 Port: 8080 TCP Blocked	2020-07-04 01:16:28
106.12.200.70	attack	leo_www	2020-06-05 12:13:06
106.12.200.70	attack	May 26 23:53:30 pixelmemory sshd[3978342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.200.70 May 26 23:53:30 pixelmemory sshd[3978342]: Invalid user office from 106.12.200.70 port 50130 May 26 23:53:32 pixelmemory sshd[3978342]: Failed password for invalid user office from 106.12.200.70 port 50130 ssh2 May 26 23:59:06 pixelmemory sshd[3987286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.200.70 user=root May 26 23:59:08 pixelmemory sshd[3987286]: Failed password for root from 106.12.200.70 port 60162 ssh2 ...	2020-05-27 16:52:32
106.12.200.70	attack	May 21 09:04:00 santamaria sshd\[5942\]: Invalid user irv from 106.12.200.70 May 21 09:04:00 santamaria sshd\[5942\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.200.70 May 21 09:04:02 santamaria sshd\[5942\]: Failed password for invalid user irv from 106.12.200.70 port 36538 ssh2 ...	2020-05-21 15:10:41
106.12.200.160	attack	ZmEu vulnerability scanner used to probe for vulnerable PHPMyAdmin installations and guess SSH passwords. 106.12.200.160 - - [29/Apr/2020:22:00:16 +0000] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 154 "-" "ZmEu"	2020-04-30 06:03:11
106.12.200.160	attackspambots	(sshd) Failed SSH login from 106.12.200.160 (CN/China/-): 5 in the last 3600 secs	2020-04-30 03:31:42
106.12.200.70	attackspambots	Wordpress malicious attack:[sshd]	2020-04-25 13:05:54
106.12.200.70	attackbotsspam	Apr 23 08:13:25 OPSO sshd\[408\]: Invalid user nw from 106.12.200.70 port 44526 Apr 23 08:13:25 OPSO sshd\[408\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.200.70 Apr 23 08:13:28 OPSO sshd\[408\]: Failed password for invalid user nw from 106.12.200.70 port 44526 ssh2 Apr 23 08:17:28 OPSO sshd\[1320\]: Invalid user testor from 106.12.200.70 port 51216 Apr 23 08:17:28 OPSO sshd\[1320\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.200.70	2020-04-23 14:36:46
106.12.200.160	attackbots	2020-04-22T14:32:27.567011mail.broermann.family sshd[14407]: Invalid user aj from 106.12.200.160 port 41250 2020-04-22T14:32:27.573538mail.broermann.family sshd[14407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.200.160 2020-04-22T14:32:27.567011mail.broermann.family sshd[14407]: Invalid user aj from 106.12.200.160 port 41250 2020-04-22T14:32:29.549501mail.broermann.family sshd[14407]: Failed password for invalid user aj from 106.12.200.160 port 41250 ssh2 2020-04-22T14:36:00.590682mail.broermann.family sshd[14585]: User root from 106.12.200.160 not allowed because not listed in AllowUsers ...	2020-04-22 21:45:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.200.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42990
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.200.213.			IN	A

;; AUTHORITY SECTION:
.			290	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012301 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 24 05:27:41 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 213.200.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 213.200.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
94.102.49.109	attackbots	Sep 6 16:49:40 TCP Attack: SRC=94.102.49.109 DST=[Masked] LEN=40 TOS=0x08 PREC=0x20 TTL=246 PROTO=TCP SPT=54628 DPT=43917 WINDOW=1024 RES=0x00 SYN URGP=0	2020-09-07 07:50:40
105.242.150.10	attack	Automatic report - Banned IP Access	2020-09-07 07:33:25
51.195.136.14	attackspam	Sep 6 21:41:50 vps-51d81928 sshd[268868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.195.136.14 Sep 6 21:41:50 vps-51d81928 sshd[268868]: Invalid user alfred from 51.195.136.14 port 45172 Sep 6 21:41:52 vps-51d81928 sshd[268868]: Failed password for invalid user alfred from 51.195.136.14 port 45172 ssh2 Sep 6 21:46:27 vps-51d81928 sshd[269008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.195.136.14 user=root Sep 6 21:46:29 vps-51d81928 sshd[269008]: Failed password for root from 51.195.136.14 port 49796 ssh2 ...	2020-09-07 07:33:13
23.108.46.43	attack	(From eric@talkwithwebvisitor.com) Hey there, I just found your site, quick question… My name’s Eric, I found ottochiropractic.net after doing a quick search – you showed up near the top of the rankings, so whatever you’re doing for SEO, looks like it’s working well. So here’s my question – what happens AFTER someone lands on your site? Anything? Research tells us at least 70% of the people who find your site, after a quick once-over, they disappear… forever. That means that all the work and effort you put into getting them to show up, goes down the tubes. Why would you want all that good work – and the great site you’ve built – go to waste? Because the odds are they’ll just skip over calling or even grabbing their phone, leaving you high and dry. But here’s a thought… what if you could make it super-simple for someone to raise their hand, say, “okay, let’s talk” without requiring them to even pull their cell phone from their pocket? You can – thanks to revolutionary new software th	2020-09-07 07:42:11
93.107.187.162	attackspambots	SSH invalid-user multiple login attempts	2020-09-07 07:34:26
145.239.62.249	attack	Sep 1 00:02:34 cloud sshd[23326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.62.249 user=r.r Sep 1 00:02:35 cloud sshd[23326]: Failed password for r.r from 145.239.62.249 port 37562 ssh2 Sep 1 00:17:41 cloud sshd[24466]: Invalid user version from 145.239.62.249 port 58988 Sep 1 00:17:41 cloud sshd[24466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.62.249 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=145.239.62.249	2020-09-07 07:55:11
61.177.172.61	attackbotsspam	Multiple SSH login attempts.	2020-09-07 07:34:54
194.36.174.121	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-07 08:01:43
221.127.29.183	attackbots	Honeypot attack, port: 5555, PTR: PTR record not found	2020-09-07 07:49:38
35.229.141.62	attackbotsspam	2020-09-06T20:37:32.079300vps-d63064a2 sshd[16380]: Invalid user nx from 35.229.141.62 port 60180 2020-09-06T20:37:33.820423vps-d63064a2 sshd[16380]: Failed password for invalid user nx from 35.229.141.62 port 60180 ssh2 2020-09-06T20:44:38.318776vps-d63064a2 sshd[16452]: Invalid user server from 35.229.141.62 port 34785 2020-09-06T20:44:38.330464vps-d63064a2 sshd[16452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.229.141.62 2020-09-06T20:44:38.318776vps-d63064a2 sshd[16452]: Invalid user server from 35.229.141.62 port 34785 2020-09-06T20:44:40.878494vps-d63064a2 sshd[16452]: Failed password for invalid user server from 35.229.141.62 port 34785 ssh2 ...	2020-09-07 07:55:59
122.51.37.26	attackspambots	SSH login attempts.	2020-09-07 07:31:51
138.197.135.102	attackbotsspam	Brute forcing Wordpress login	2020-09-07 08:07:25
109.227.63.3	attack	Sep 7 01:19:31 cp sshd[18915]: Failed password for root from 109.227.63.3 port 48048 ssh2 Sep 7 01:23:30 cp sshd[21090]: Failed password for root from 109.227.63.3 port 50879 ssh2 Sep 7 01:27:20 cp sshd[23228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.227.63.3	2020-09-07 07:35:48
49.69.205.106	attackspambots	Aug 31 16:20:07 nxxxxxxx sshd[13756]: refused connect from 49.69.205.106 (49= .69.205.106) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.69.205.106	2020-09-07 07:32:23
94.176.187.142	attackbots	(Sep 7) LEN=52 TTL=114 ID=2013 DF TCP DPT=445 WINDOW=8192 SYN (Sep 6) LEN=52 TTL=114 ID=14568 DF TCP DPT=445 WINDOW=8192 SYN (Sep 6) LEN=52 TTL=114 ID=21143 DF TCP DPT=445 WINDOW=8192 SYN (Sep 6) LEN=52 TTL=117 ID=1358 DF TCP DPT=445 WINDOW=8192 SYN (Sep 6) LEN=52 TTL=114 ID=2425 DF TCP DPT=445 WINDOW=8192 SYN (Sep 6) LEN=52 TTL=114 ID=30765 DF TCP DPT=445 WINDOW=8192 SYN (Sep 6) LEN=52 TTL=117 ID=4674 DF TCP DPT=445 WINDOW=8192 SYN (Sep 5) LEN=52 TTL=117 ID=10376 DF TCP DPT=445 WINDOW=8192 SYN (Sep 5) LEN=52 TTL=117 ID=18623 DF TCP DPT=445 WINDOW=8192 SYN (Sep 5) LEN=52 TTL=117 ID=154 DF TCP DPT=445 WINDOW=8192 SYN (Sep 5) LEN=52 TTL=114 ID=10378 DF TCP DPT=445 WINDOW=8192 SYN (Sep 5) LEN=52 TTL=117 ID=12696 DF TCP DPT=445 WINDOW=8192 SYN (Sep 5) LEN=52 TTL=114 ID=15273 DF TCP DPT=445 WINDOW=8192 SYN (Sep 5) LEN=52 TTL=117 ID=4943 DF TCP DPT=445 WINDOW=8192 SYN (Sep 4) LEN=52 TTL=114 ID=26964 DF TCP DPT=445 WINDOW=8192 SYN (...	2020-09-07 07:33:55

最近上报的IP列表

50.65.180.150	76.211.210.169	73.141.79.203	36.189.222.253
101.19.52.146	220.31.17.131	182.73.55.91	174.54.132.47
202.99.72.162	209.250.248.123	69.46.10.247	90.143.60.226
203.195.236.165	31.104.33.120	92.73.141.77	132.199.161.132
123.253.65.222	81.209.20.194	119.129.176.51	216.49.55.67