106.12.10.21 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	5x Failed Password	2020-10-11 00:32:24
attackspam	Oct 10 06:23:43 sshd\[15654\]: Invalid user informix from 106.12.10.21Oct 10 06:23:45 sshd\[15654\]: Failed password for invalid user informix from 106.12.10.21 port 59834 ssh2 ...	2020-10-10 16:20:16
attack	Sep 26 12:19:23 Tower sshd[12629]: Connection from 106.12.10.21 port 37370 on 192.168.10.220 port 22 rdomain "" Sep 26 12:19:25 Tower sshd[12629]: Invalid user bootcamp from 106.12.10.21 port 37370 Sep 26 12:19:25 Tower sshd[12629]: error: Could not get shadow information for NOUSER Sep 26 12:19:25 Tower sshd[12629]: Failed password for invalid user bootcamp from 106.12.10.21 port 37370 ssh2 Sep 26 12:19:27 Tower sshd[12629]: Received disconnect from 106.12.10.21 port 37370:11: Bye Bye [preauth] Sep 26 12:19:27 Tower sshd[12629]: Disconnected from invalid user bootcamp 106.12.10.21 port 37370 [preauth]	2020-09-27 01:44:10
attack	Brute%20Force%20SSH	2020-09-26 17:36:55
attackspam	Sep 12 19:37:19 sachi sshd\[14158\]: Invalid user rainbow from 106.12.10.21 Sep 12 19:37:19 sachi sshd\[14158\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 Sep 12 19:37:20 sachi sshd\[14158\]: Failed password for invalid user rainbow from 106.12.10.21 port 52582 ssh2 Sep 12 19:44:37 sachi sshd\[14820\]: Invalid user Orecle123 from 106.12.10.21 Sep 12 19:44:37 sachi sshd\[14820\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21	2020-09-13 16:40:36
attackspambots	Aug 30 15:09:29 lukav-desktop sshd\[18537\]: Invalid user maruyama from 106.12.10.21 Aug 30 15:09:29 lukav-desktop sshd\[18537\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 Aug 30 15:09:31 lukav-desktop sshd\[18537\]: Failed password for invalid user maruyama from 106.12.10.21 port 58616 ssh2 Aug 30 15:16:04 lukav-desktop sshd\[11086\]: Invalid user login from 106.12.10.21 Aug 30 15:16:04 lukav-desktop sshd\[11086\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21	2020-08-30 20:50:06
attackspam	Bruteforce detected by fail2ban	2020-08-21 16:27:37
attack	2020-08-18T22:42:49.686302vps751288.ovh.net sshd\[21708\]: Invalid user support from 106.12.10.21 port 45972 2020-08-18T22:42:49.691585vps751288.ovh.net sshd\[21708\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 2020-08-18T22:42:51.187330vps751288.ovh.net sshd\[21708\]: Failed password for invalid user support from 106.12.10.21 port 45972 ssh2 2020-08-18T22:47:02.640214vps751288.ovh.net sshd\[21752\]: Invalid user cdh from 106.12.10.21 port 48368 2020-08-18T22:47:02.643796vps751288.ovh.net sshd\[21752\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21	2020-08-19 04:56:33
attack	Jul 31 07:51:19 vps647732 sshd[2577]: Failed password for root from 106.12.10.21 port 54960 ssh2 ...	2020-07-31 14:23:50
attack	Jul 20 00:54:50 firewall sshd[19986]: Invalid user cecile from 106.12.10.21 Jul 20 00:54:52 firewall sshd[19986]: Failed password for invalid user cecile from 106.12.10.21 port 41346 ssh2 Jul 20 00:57:21 firewall sshd[20048]: Invalid user af from 106.12.10.21 ...	2020-07-20 12:15:14
attackspambots	Icarus honeypot on github	2020-07-14 14:57:03
attackspam	2020-06-23T16:31:31.735707mail.standpoint.com.ua sshd[18627]: Failed password for invalid user gian from 106.12.10.21 port 35314 ssh2 2020-06-23T16:36:43.430819mail.standpoint.com.ua sshd[19353]: Invalid user jira from 106.12.10.21 port 33842 2020-06-23T16:36:43.434244mail.standpoint.com.ua sshd[19353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 2020-06-23T16:36:43.430819mail.standpoint.com.ua sshd[19353]: Invalid user jira from 106.12.10.21 port 33842 2020-06-23T16:36:45.114311mail.standpoint.com.ua sshd[19353]: Failed password for invalid user jira from 106.12.10.21 port 33842 ssh2 ...	2020-06-23 21:40:33
attackspam	Jun 18 22:54:35 IngegnereFirenze sshd[28326]: User root from 106.12.10.21 not allowed because not listed in AllowUsers ...	2020-06-19 06:58:13
attack	$f2bV_matches	2020-06-13 18:41:48
attack	Apr 27 13:10:00 server1 sshd\[14924\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 user=root Apr 27 13:10:02 server1 sshd\[14924\]: Failed password for root from 106.12.10.21 port 33378 ssh2 Apr 27 13:13:19 server1 sshd\[15877\]: Invalid user vivek from 106.12.10.21 Apr 27 13:13:19 server1 sshd\[15877\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 Apr 27 13:13:21 server1 sshd\[15877\]: Failed password for invalid user vivek from 106.12.10.21 port 50154 ssh2 ...	2020-04-28 03:30:39
attackspam	Mar 19 06:42:55 ms-srv sshd[27696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 user=root Mar 19 06:42:57 ms-srv sshd[27696]: Failed password for invalid user root from 106.12.10.21 port 51596 ssh2	2020-04-26 17:54:01
attackspam	Apr 16 19:48:08 vserver sshd\[2204\]: Failed password for root from 106.12.10.21 port 39886 ssh2Apr 16 19:52:03 vserver sshd\[2217\]: Invalid user ox from 106.12.10.21Apr 16 19:52:04 vserver sshd\[2217\]: Failed password for invalid user ox from 106.12.10.21 port 33256 ssh2Apr 16 19:56:07 vserver sshd\[2239\]: Invalid user test from 106.12.10.21 ...	2020-04-17 03:16:33
attackbots	$f2bV_matches	2020-04-10 18:44:11
attack	Apr 1 05:42:52 mail sshd\[9366\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 user=root Apr 1 05:42:54 mail sshd\[9366\]: Failed password for root from 106.12.10.21 port 46178 ssh2 Apr 1 05:48:14 mail sshd\[9405\]: Invalid user huasha from 106.12.10.21 Apr 1 05:48:14 mail sshd\[9405\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 ...	2020-04-01 18:23:29
attackbots	Mar 30 13:43:00 sigma sshd\[4801\]: Failed password for root from 106.12.10.21 port 54762 ssh2Mar 30 13:47:26 sigma sshd\[4851\]: Invalid user hjh from 106.12.10.21 ...	2020-03-30 21:13:07
attackspambots	Mar 29 15:58:41 server sshd\[17791\]: Failed password for invalid user prueba from 106.12.10.21 port 53520 ssh2 Mar 30 07:03:25 server sshd\[10227\]: Invalid user floy from 106.12.10.21 Mar 30 07:03:25 server sshd\[10227\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 Mar 30 07:03:26 server sshd\[10227\]: Failed password for invalid user floy from 106.12.10.21 port 54664 ssh2 Mar 30 07:18:36 server sshd\[13993\]: Invalid user francois from 106.12.10.21 Mar 30 07:18:36 server sshd\[13993\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 ...	2020-03-30 13:23:33
attack	Mar 9 15:32:05 server sshd\[23876\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 user=root Mar 9 15:32:07 server sshd\[23876\]: Failed password for root from 106.12.10.21 port 39392 ssh2 Mar 9 16:28:16 server sshd\[4776\]: Invalid user magda from 106.12.10.21 Mar 9 16:28:16 server sshd\[4776\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 Mar 9 16:28:19 server sshd\[4776\]: Failed password for invalid user magda from 106.12.10.21 port 60636 ssh2 ...	2020-03-09 22:59:53
attackbotsspam	Feb 13 20:14:59 cp sshd[16016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21	2020-02-14 04:09:22
attack	Feb 5 19:00:11 lukav-desktop sshd\[21660\]: Invalid user agnes from 106.12.10.21 Feb 5 19:00:11 lukav-desktop sshd\[21660\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 Feb 5 19:00:12 lukav-desktop sshd\[21660\]: Failed password for invalid user agnes from 106.12.10.21 port 48172 ssh2 Feb 5 19:03:39 lukav-desktop sshd\[21697\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 user=root Feb 5 19:03:42 lukav-desktop sshd\[21697\]: Failed password for root from 106.12.10.21 port 41972 ssh2	2020-02-06 01:43:50
attackbotsspam	Unauthorized connection attempt detected from IP address 106.12.10.21 to port 2220 [J]	2020-02-05 20:53:41
attack	Feb 3 15:47:19 web1 sshd\[8056\]: Invalid user video from 106.12.10.21 Feb 3 15:47:19 web1 sshd\[8056\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 Feb 3 15:47:21 web1 sshd\[8056\]: Failed password for invalid user video from 106.12.10.21 port 57482 ssh2 Feb 3 15:49:15 web1 sshd\[8129\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 user=root Feb 3 15:49:17 web1 sshd\[8129\]: Failed password for root from 106.12.10.21 port 42680 ssh2	2020-02-04 09:51:17

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.100.206	attackspam	SSH Brute Force	2020-10-14 05:58:54
106.12.105.130	attack	Oct 13 04:30:10 icinga sshd[23130]: Failed password for root from 106.12.105.130 port 37780 ssh2 Oct 13 04:36:25 icinga sshd[32721]: Failed password for root from 106.12.105.130 port 49692 ssh2 ...	2020-10-13 14:12:41
106.12.105.130	attackspam	Oct 13 04:08:30 mx sshd[1404596]: Failed password for root from 106.12.105.130 port 40144 ssh2 Oct 13 04:12:08 mx sshd[1404724]: Invalid user bind from 106.12.105.130 port 42846 Oct 13 04:12:08 mx sshd[1404724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.105.130 Oct 13 04:12:08 mx sshd[1404724]: Invalid user bind from 106.12.105.130 port 42846 Oct 13 04:12:10 mx sshd[1404724]: Failed password for invalid user bind from 106.12.105.130 port 42846 ssh2 ...	2020-10-13 06:55:25
106.12.102.54	attack	2020-10-11T21:51:51+0200 Failed SSH Authentication/Brute Force Attack. (Server 4)	2020-10-12 04:53:46
106.12.102.54	attackspambots	Oct 11 09:51:57 buvik sshd[14859]: Invalid user oracle from 106.12.102.54 Oct 11 09:51:57 buvik sshd[14859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.102.54 Oct 11 09:51:59 buvik sshd[14859]: Failed password for invalid user oracle from 106.12.102.54 port 37852 ssh2 ...	2020-10-11 20:58:15
106.12.102.54	attack	$f2bV_matches	2020-10-11 12:54:32
106.12.102.54	attackspambots	Invalid user mike from 106.12.102.54 port 49028	2020-10-11 06:17:28
106.12.100.206	attackspam	$f2bV_matches	2020-10-10 02:34:31
106.12.100.206	attackbots	(sshd) Failed SSH login from 106.12.100.206 (CN/China/-): 5 in the last 3600 secs	2020-10-09 18:19:41
106.12.108.170	attackspam	firewall-block, port(s): 3838/tcp	2020-10-09 04:25:26
106.12.108.170	attack	firewall-block, port(s): 3838/tcp	2020-10-08 20:34:38
106.12.108.170	attackspambots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-08 12:30:50
106.12.108.170	attackspambots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-08 07:52:13
106.12.105.130	attackbots	(sshd) Failed SSH login from 106.12.105.130 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 1 12:20:40 jbs1 sshd[32029]: Invalid user dayz from 106.12.105.130 Oct 1 12:20:40 jbs1 sshd[32029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.105.130 Oct 1 12:20:41 jbs1 sshd[32029]: Failed password for invalid user dayz from 106.12.105.130 port 60440 ssh2 Oct 1 12:27:16 jbs1 sshd[2313]: Invalid user rajesh from 106.12.105.130 Oct 1 12:27:16 jbs1 sshd[2313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.105.130	2020-10-02 02:49:22
106.12.100.206	attackbotsspam	Invalid user demo from 106.12.100.206 port 45768	2020-10-02 02:22:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.10.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49981
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.10.21.			IN	A

;; AUTHORITY SECTION:
.			379	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020301 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 04 09:51:13 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 21.10.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 21.10.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
110.93.247.108	attackbotsspam	Unauthorized connection attempt from IP address 110.93.247.108 on Port 445(SMB)	2020-02-13 02:42:15
222.185.244.178	attackspambots	02/12/2020-18:15:26.627568 222.185.244.178 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-02-13 02:29:14
178.128.221.237	attack	Feb 12 19:34:22 silence02 sshd[31662]: Failed password for root from 178.128.221.237 port 60766 ssh2 Feb 12 19:37:36 silence02 sshd[31902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.221.237 Feb 12 19:37:38 silence02 sshd[31902]: Failed password for invalid user dmontano from 178.128.221.237 port 33270 ssh2	2020-02-13 02:40:06
186.251.55.190	attackspambots	Caught in portsentry honeypot	2020-02-13 02:32:41
117.34.118.44	attackbotsspam	1581520569 - 02/12/2020 16:16:09 Host: 117.34.118.44/117.34.118.44 Port: 445 TCP Blocked	2020-02-13 02:27:05
181.40.76.162	attack	Feb 12 08:04:22 hpm sshd\[12091\]: Invalid user 123 from 181.40.76.162 Feb 12 08:04:22 hpm sshd\[12091\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.40.76.162 Feb 12 08:04:24 hpm sshd\[12091\]: Failed password for invalid user 123 from 181.40.76.162 port 43132 ssh2 Feb 12 08:08:12 hpm sshd\[12574\]: Invalid user shangqi@2016 from 181.40.76.162 Feb 12 08:08:12 hpm sshd\[12574\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.40.76.162	2020-02-13 02:19:59
51.77.146.170	attackbotsspam	Fail2Ban Ban Triggered	2020-02-13 02:52:56
190.247.241.64	attackbots	Brute force attempt	2020-02-13 02:41:59
222.209.85.197	attackbots	Feb 12 13:37:25 prox sshd[30527]: Failed password for root from 222.209.85.197 port 58932 ssh2	2020-02-13 02:45:00
115.69.216.227	attackspam	SSH/22 MH Probe, BF, Hack -	2020-02-13 02:15:35
35.197.52.214	attack	sex	2020-02-13 02:43:37
177.126.128.216	attack	Automatic report - Port Scan Attack	2020-02-13 02:10:06
90.3.194.84	attackbots	Feb 12 14:42:23 jane sshd[31122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.3.194.84 ...	2020-02-13 02:39:00
162.243.129.153	attackbotsspam	Portscan or hack attempt detected by psad/fwsnort	2020-02-13 02:46:03
115.112.61.221	attack	Invalid user danilete from 115.112.61.221 port 49414	2020-02-13 02:25:32

最近上报的IP列表

172.30.1.33	221.213.75.160	171.9.197.100	54.75.174.179
56.166.26.229	54.124.50.161	165.25.160.113	109.240.50.136
102.95.177.209	70.43.150.127	145.50.94.174	193.57.240.184
46.38.144.109	166.240.150.47	46.38.144.142	95.210.3.65
212.64.54.167	129.213.145.118	208.131.166.46	207.216.89.109