106.12.10.21 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	5x Failed Password	2020-10-11 00:32:24
attackspam	Oct 10 06:23:43 sshd\[15654\]: Invalid user informix from 106.12.10.21Oct 10 06:23:45 sshd\[15654\]: Failed password for invalid user informix from 106.12.10.21 port 59834 ssh2 ...	2020-10-10 16:20:16
attack	Sep 26 12:19:23 Tower sshd[12629]: Connection from 106.12.10.21 port 37370 on 192.168.10.220 port 22 rdomain "" Sep 26 12:19:25 Tower sshd[12629]: Invalid user bootcamp from 106.12.10.21 port 37370 Sep 26 12:19:25 Tower sshd[12629]: error: Could not get shadow information for NOUSER Sep 26 12:19:25 Tower sshd[12629]: Failed password for invalid user bootcamp from 106.12.10.21 port 37370 ssh2 Sep 26 12:19:27 Tower sshd[12629]: Received disconnect from 106.12.10.21 port 37370:11: Bye Bye [preauth] Sep 26 12:19:27 Tower sshd[12629]: Disconnected from invalid user bootcamp 106.12.10.21 port 37370 [preauth]	2020-09-27 01:44:10
attack	Brute%20Force%20SSH	2020-09-26 17:36:55
attackspam	Sep 12 19:37:19 sachi sshd\[14158\]: Invalid user rainbow from 106.12.10.21 Sep 12 19:37:19 sachi sshd\[14158\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 Sep 12 19:37:20 sachi sshd\[14158\]: Failed password for invalid user rainbow from 106.12.10.21 port 52582 ssh2 Sep 12 19:44:37 sachi sshd\[14820\]: Invalid user Orecle123 from 106.12.10.21 Sep 12 19:44:37 sachi sshd\[14820\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21	2020-09-13 16:40:36
attackspambots	Aug 30 15:09:29 lukav-desktop sshd\[18537\]: Invalid user maruyama from 106.12.10.21 Aug 30 15:09:29 lukav-desktop sshd\[18537\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 Aug 30 15:09:31 lukav-desktop sshd\[18537\]: Failed password for invalid user maruyama from 106.12.10.21 port 58616 ssh2 Aug 30 15:16:04 lukav-desktop sshd\[11086\]: Invalid user login from 106.12.10.21 Aug 30 15:16:04 lukav-desktop sshd\[11086\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21	2020-08-30 20:50:06
attackspam	Bruteforce detected by fail2ban	2020-08-21 16:27:37
attack	2020-08-18T22:42:49.686302vps751288.ovh.net sshd\[21708\]: Invalid user support from 106.12.10.21 port 45972 2020-08-18T22:42:49.691585vps751288.ovh.net sshd\[21708\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 2020-08-18T22:42:51.187330vps751288.ovh.net sshd\[21708\]: Failed password for invalid user support from 106.12.10.21 port 45972 ssh2 2020-08-18T22:47:02.640214vps751288.ovh.net sshd\[21752\]: Invalid user cdh from 106.12.10.21 port 48368 2020-08-18T22:47:02.643796vps751288.ovh.net sshd\[21752\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21	2020-08-19 04:56:33
attack	Jul 31 07:51:19 vps647732 sshd[2577]: Failed password for root from 106.12.10.21 port 54960 ssh2 ...	2020-07-31 14:23:50
attack	Jul 20 00:54:50 firewall sshd[19986]: Invalid user cecile from 106.12.10.21 Jul 20 00:54:52 firewall sshd[19986]: Failed password for invalid user cecile from 106.12.10.21 port 41346 ssh2 Jul 20 00:57:21 firewall sshd[20048]: Invalid user af from 106.12.10.21 ...	2020-07-20 12:15:14
attackspambots	Icarus honeypot on github	2020-07-14 14:57:03
attackspam	2020-06-23T16:31:31.735707mail.standpoint.com.ua sshd[18627]: Failed password for invalid user gian from 106.12.10.21 port 35314 ssh2 2020-06-23T16:36:43.430819mail.standpoint.com.ua sshd[19353]: Invalid user jira from 106.12.10.21 port 33842 2020-06-23T16:36:43.434244mail.standpoint.com.ua sshd[19353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 2020-06-23T16:36:43.430819mail.standpoint.com.ua sshd[19353]: Invalid user jira from 106.12.10.21 port 33842 2020-06-23T16:36:45.114311mail.standpoint.com.ua sshd[19353]: Failed password for invalid user jira from 106.12.10.21 port 33842 ssh2 ...	2020-06-23 21:40:33
attackspam	Jun 18 22:54:35 IngegnereFirenze sshd[28326]: User root from 106.12.10.21 not allowed because not listed in AllowUsers ...	2020-06-19 06:58:13
attack	$f2bV_matches	2020-06-13 18:41:48
attack	Apr 27 13:10:00 server1 sshd\[14924\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 user=root Apr 27 13:10:02 server1 sshd\[14924\]: Failed password for root from 106.12.10.21 port 33378 ssh2 Apr 27 13:13:19 server1 sshd\[15877\]: Invalid user vivek from 106.12.10.21 Apr 27 13:13:19 server1 sshd\[15877\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 Apr 27 13:13:21 server1 sshd\[15877\]: Failed password for invalid user vivek from 106.12.10.21 port 50154 ssh2 ...	2020-04-28 03:30:39
attackspam	Mar 19 06:42:55 ms-srv sshd[27696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 user=root Mar 19 06:42:57 ms-srv sshd[27696]: Failed password for invalid user root from 106.12.10.21 port 51596 ssh2	2020-04-26 17:54:01
attackspam	Apr 16 19:48:08 vserver sshd\[2204\]: Failed password for root from 106.12.10.21 port 39886 ssh2Apr 16 19:52:03 vserver sshd\[2217\]: Invalid user ox from 106.12.10.21Apr 16 19:52:04 vserver sshd\[2217\]: Failed password for invalid user ox from 106.12.10.21 port 33256 ssh2Apr 16 19:56:07 vserver sshd\[2239\]: Invalid user test from 106.12.10.21 ...	2020-04-17 03:16:33
attackbots	$f2bV_matches	2020-04-10 18:44:11
attack	Apr 1 05:42:52 mail sshd\[9366\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 user=root Apr 1 05:42:54 mail sshd\[9366\]: Failed password for root from 106.12.10.21 port 46178 ssh2 Apr 1 05:48:14 mail sshd\[9405\]: Invalid user huasha from 106.12.10.21 Apr 1 05:48:14 mail sshd\[9405\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 ...	2020-04-01 18:23:29
attackbots	Mar 30 13:43:00 sigma sshd\[4801\]: Failed password for root from 106.12.10.21 port 54762 ssh2Mar 30 13:47:26 sigma sshd\[4851\]: Invalid user hjh from 106.12.10.21 ...	2020-03-30 21:13:07
attackspambots	Mar 29 15:58:41 server sshd\[17791\]: Failed password for invalid user prueba from 106.12.10.21 port 53520 ssh2 Mar 30 07:03:25 server sshd\[10227\]: Invalid user floy from 106.12.10.21 Mar 30 07:03:25 server sshd\[10227\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 Mar 30 07:03:26 server sshd\[10227\]: Failed password for invalid user floy from 106.12.10.21 port 54664 ssh2 Mar 30 07:18:36 server sshd\[13993\]: Invalid user francois from 106.12.10.21 Mar 30 07:18:36 server sshd\[13993\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 ...	2020-03-30 13:23:33
attack	Mar 9 15:32:05 server sshd\[23876\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 user=root Mar 9 15:32:07 server sshd\[23876\]: Failed password for root from 106.12.10.21 port 39392 ssh2 Mar 9 16:28:16 server sshd\[4776\]: Invalid user magda from 106.12.10.21 Mar 9 16:28:16 server sshd\[4776\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 Mar 9 16:28:19 server sshd\[4776\]: Failed password for invalid user magda from 106.12.10.21 port 60636 ssh2 ...	2020-03-09 22:59:53
attackbotsspam	Feb 13 20:14:59 cp sshd[16016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21	2020-02-14 04:09:22
attack	Feb 5 19:00:11 lukav-desktop sshd\[21660\]: Invalid user agnes from 106.12.10.21 Feb 5 19:00:11 lukav-desktop sshd\[21660\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 Feb 5 19:00:12 lukav-desktop sshd\[21660\]: Failed password for invalid user agnes from 106.12.10.21 port 48172 ssh2 Feb 5 19:03:39 lukav-desktop sshd\[21697\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 user=root Feb 5 19:03:42 lukav-desktop sshd\[21697\]: Failed password for root from 106.12.10.21 port 41972 ssh2	2020-02-06 01:43:50
attackbotsspam	Unauthorized connection attempt detected from IP address 106.12.10.21 to port 2220 [J]	2020-02-05 20:53:41
attack	Feb 3 15:47:19 web1 sshd\[8056\]: Invalid user video from 106.12.10.21 Feb 3 15:47:19 web1 sshd\[8056\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 Feb 3 15:47:21 web1 sshd\[8056\]: Failed password for invalid user video from 106.12.10.21 port 57482 ssh2 Feb 3 15:49:15 web1 sshd\[8129\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 user=root Feb 3 15:49:17 web1 sshd\[8129\]: Failed password for root from 106.12.10.21 port 42680 ssh2	2020-02-04 09:51:17

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.100.206	attackspam	SSH Brute Force	2020-10-14 05:58:54
106.12.105.130	attack	Oct 13 04:30:10 icinga sshd[23130]: Failed password for root from 106.12.105.130 port 37780 ssh2 Oct 13 04:36:25 icinga sshd[32721]: Failed password for root from 106.12.105.130 port 49692 ssh2 ...	2020-10-13 14:12:41
106.12.105.130	attackspam	Oct 13 04:08:30 mx sshd[1404596]: Failed password for root from 106.12.105.130 port 40144 ssh2 Oct 13 04:12:08 mx sshd[1404724]: Invalid user bind from 106.12.105.130 port 42846 Oct 13 04:12:08 mx sshd[1404724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.105.130 Oct 13 04:12:08 mx sshd[1404724]: Invalid user bind from 106.12.105.130 port 42846 Oct 13 04:12:10 mx sshd[1404724]: Failed password for invalid user bind from 106.12.105.130 port 42846 ssh2 ...	2020-10-13 06:55:25
106.12.102.54	attack	2020-10-11T21:51:51+0200 Failed SSH Authentication/Brute Force Attack. (Server 4)	2020-10-12 04:53:46
106.12.102.54	attackspambots	Oct 11 09:51:57 buvik sshd[14859]: Invalid user oracle from 106.12.102.54 Oct 11 09:51:57 buvik sshd[14859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.102.54 Oct 11 09:51:59 buvik sshd[14859]: Failed password for invalid user oracle from 106.12.102.54 port 37852 ssh2 ...	2020-10-11 20:58:15
106.12.102.54	attack	$f2bV_matches	2020-10-11 12:54:32
106.12.102.54	attackspambots	Invalid user mike from 106.12.102.54 port 49028	2020-10-11 06:17:28
106.12.100.206	attackspam	$f2bV_matches	2020-10-10 02:34:31
106.12.100.206	attackbots	(sshd) Failed SSH login from 106.12.100.206 (CN/China/-): 5 in the last 3600 secs	2020-10-09 18:19:41
106.12.108.170	attackspam	firewall-block, port(s): 3838/tcp	2020-10-09 04:25:26
106.12.108.170	attack	firewall-block, port(s): 3838/tcp	2020-10-08 20:34:38
106.12.108.170	attackspambots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-08 12:30:50
106.12.108.170	attackspambots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-08 07:52:13
106.12.105.130	attackbots	(sshd) Failed SSH login from 106.12.105.130 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 1 12:20:40 jbs1 sshd[32029]: Invalid user dayz from 106.12.105.130 Oct 1 12:20:40 jbs1 sshd[32029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.105.130 Oct 1 12:20:41 jbs1 sshd[32029]: Failed password for invalid user dayz from 106.12.105.130 port 60440 ssh2 Oct 1 12:27:16 jbs1 sshd[2313]: Invalid user rajesh from 106.12.105.130 Oct 1 12:27:16 jbs1 sshd[2313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.105.130	2020-10-02 02:49:22
106.12.100.206	attackbotsspam	Invalid user demo from 106.12.100.206 port 45768	2020-10-02 02:22:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.10.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49981
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.10.21.			IN	A

;; AUTHORITY SECTION:
.			379	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020301 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 04 09:51:13 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 21.10.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 21.10.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
110.80.155.108	attackbots	Unauthorized connection attempt detected from IP address 110.80.155.108 to port 9999	2019-12-30 03:32:49
125.142.93.34	attackspam	Unauthorized connection attempt detected from IP address 125.142.93.34 to port 23	2019-12-30 03:05:00
186.188.153.226	attack	Unauthorized connection attempt detected from IP address 186.188.153.226 to port 5555	2019-12-30 03:27:06
196.221.196.226	attack	Unauthorized connection attempt detected from IP address 196.221.196.226 to port 445	2019-12-30 02:57:04
143.202.189.168	attack	Unauthorized connection attempt detected from IP address 143.202.189.168 to port 23	2019-12-30 03:31:48
186.130.100.131	attackbots	Unauthorized connection attempt detected from IP address 186.130.100.131 to port 23	2019-12-30 03:00:27
213.254.129.55	attackspambots	Unauthorized connection attempt detected from IP address 213.254.129.55 to port 8080	2019-12-30 03:19:30
178.216.26.175	attackspambots	Unauthorized connection attempt detected from IP address 178.216.26.175 to port 8080	2019-12-30 03:27:34
117.15.95.110	attackbots	Unauthorized connection attempt detected from IP address 117.15.95.110 to port 9999	2019-12-30 03:32:33
103.52.217.123	attack	firewall-block, port(s): 3128/tcp	2019-12-30 03:08:23
159.203.201.19	attack	UTC: 2019-12-28 port: 808/tcp	2019-12-30 03:30:58
123.127.45.152	attackspambots	2019-12-29T18:54:56.928127shield sshd\[9850\]: Invalid user corey from 123.127.45.152 port 56445 2019-12-29T18:54:56.932550shield sshd\[9850\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.127.45.152 2019-12-29T18:54:58.324782shield sshd\[9850\]: Failed password for invalid user corey from 123.127.45.152 port 56445 ssh2 2019-12-29T19:02:17.652487shield sshd\[11579\]: Invalid user kjoele from 123.127.45.152 port 46820 2019-12-29T19:02:17.656730shield sshd\[11579\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.127.45.152	2019-12-30 03:05:15
49.51.12.205	attackspambots	Unauthorized connection attempt detected from IP address 49.51.12.205 to port 7777	2019-12-30 03:15:27
119.198.244.50	attackspambots	Unauthorized connection attempt detected from IP address 119.198.244.50 to port 5555	2019-12-30 03:06:26
188.119.24.209	attack	Unauthorized connection attempt detected from IP address 188.119.24.209 to port 2323	2019-12-30 02:59:36

最近上报的IP列表

172.30.1.33	221.213.75.160	171.9.197.100	54.75.174.179
56.166.26.229	54.124.50.161	165.25.160.113	109.240.50.136
102.95.177.209	70.43.150.127	145.50.94.174	193.57.240.184
46.38.144.109	166.240.150.47	46.38.144.142	95.210.3.65
212.64.54.167	129.213.145.118	208.131.166.46	207.216.89.109