106.12.106.42 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	[ssh] SSH attack	2020-04-09 15:53:32
attackspambots	Apr 3 10:58:30 gw1 sshd[28048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.42 Apr 3 10:58:32 gw1 sshd[28048]: Failed password for invalid user carlos from 106.12.106.42 port 55146 ssh2 ...	2020-04-03 19:51:17
attackbots	Unauthorized SSH login attempts	2020-04-02 05:01:57

类型

评论内容

时间

attackspambots

[ssh] SSH attack

2020-04-09 15:53:32

attackspambots

Apr  3 10:58:30 gw1 sshd[28048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.42
Apr  3 10:58:32 gw1 sshd[28048]: Failed password for invalid user carlos from 106.12.106.42 port 55146 ssh2
...

2020-04-03 19:51:17

attackbots

Unauthorized SSH login attempts

2020-04-02 05:01:57

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.106.34	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-09-29 06:50:44
106.12.106.34	attackbotsspam	Fail2Ban Ban Triggered	2020-09-28 23:18:27
106.12.106.34	attackbotsspam	Sep 28 07:19:06 rancher-0 sshd[350833]: Invalid user aaa from 106.12.106.34 port 48220 ...	2020-09-28 15:22:10
106.12.106.34	attackbotsspam	Unauthorized connection attempt detected from IP address 106.12.106.34 to port 6160 [T]	2020-08-30 14:42:56
106.12.106.221	attackbotsspam	Multiple SSH authentication failures from 106.12.106.221	2020-08-28 03:06:19
106.12.106.221	attackspam	Aug 24 12:43:07 instance-2 sshd[13970]: Failed password for root from 106.12.106.221 port 59220 ssh2 Aug 24 12:48:37 instance-2 sshd[14127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.221 Aug 24 12:48:39 instance-2 sshd[14127]: Failed password for invalid user weblogic from 106.12.106.221 port 33536 ssh2	2020-08-24 23:57:40
106.12.106.221	attack	Invalid user test from 106.12.106.221 port 45312	2020-08-23 15:13:59
106.12.106.221	attackbotsspam	SSH brute force attempt	2020-08-23 04:10:00
106.12.106.34	attack	Aug 11 22:33:11 ns381471 sshd[14012]: Failed password for root from 106.12.106.34 port 35774 ssh2	2020-08-12 04:39:42
106.12.106.221	attackbots	Aug 7 13:36:29 ovpn sshd\[9032\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.221 user=root Aug 7 13:36:31 ovpn sshd\[9032\]: Failed password for root from 106.12.106.221 port 59460 ssh2 Aug 7 13:59:17 ovpn sshd\[18037\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.221 user=root Aug 7 13:59:19 ovpn sshd\[18037\]: Failed password for root from 106.12.106.221 port 50648 ssh2 Aug 7 14:01:28 ovpn sshd\[18973\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.221 user=root	2020-08-08 02:13:50
106.12.106.34	attackbots	firewall-block, port(s): 980/tcp	2020-07-28 03:05:28
106.12.106.232	attackbots	Jul 26 15:03:23 root sshd[13172]: Invalid user apollo from 106.12.106.232 ...	2020-07-27 01:05:37
106.12.106.232	attackspam	$f2bV_matches	2020-07-16 03:55:43
106.12.106.232	attackbots	2020-07-08T14:09:10.452769mail.broermann.family sshd[21566]: Invalid user pj from 106.12.106.232 port 41786 2020-07-08T14:09:10.456964mail.broermann.family sshd[21566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.232 2020-07-08T14:09:10.452769mail.broermann.family sshd[21566]: Invalid user pj from 106.12.106.232 port 41786 2020-07-08T14:09:12.219729mail.broermann.family sshd[21566]: Failed password for invalid user pj from 106.12.106.232 port 41786 ssh2 2020-07-08T14:14:49.715390mail.broermann.family sshd[22102]: Invalid user ziyb from 106.12.106.232 port 35164 ...	2020-07-08 23:07:24
106.12.106.34	attackspam	16559/tcp 28609/tcp 6869/tcp [2020-06-23/07-05]3pkt	2020-07-05 17:28:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.106.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14592
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.106.42.			IN	A

;; AUTHORITY SECTION:
.			176	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040101 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 02 05:01:53 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 42.106.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.106.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
211.195.12.33	attack	Sep 12 02:10:32 web8 sshd\[15313\]: Invalid user test from 211.195.12.33 Sep 12 02:10:32 web8 sshd\[15313\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.195.12.33 Sep 12 02:10:35 web8 sshd\[15313\]: Failed password for invalid user test from 211.195.12.33 port 34998 ssh2 Sep 12 02:17:45 web8 sshd\[18619\]: Invalid user ubuntu from 211.195.12.33 Sep 12 02:17:45 web8 sshd\[18619\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.195.12.33	2019-09-12 10:29:06
200.115.157.122	attackspambots	Unauthorized connection attempt from IP address 200.115.157.122 on Port 445(SMB)	2019-09-12 10:08:38
103.19.252.238	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-11 17:12:13,938 INFO [amun_request_handler] PortScan Detected on Port: 445 (103.19.252.238)	2019-09-12 10:18:31
82.208.114.88	attack	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-09-12 10:20:43
115.214.197.203	attack	Automatic report - Port Scan Attack	2019-09-12 10:30:29
154.118.141.90	attack	Automatic report	2019-09-12 10:30:04
82.208.99.17	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-11 17:11:36,757 INFO [amun_request_handler] PortScan Detected on Port: 445 (82.208.99.17)	2019-09-12 10:31:14
182.61.175.71	attackbots	Sep 11 12:33:01 kapalua sshd\[25809\]: Invalid user git from 182.61.175.71 Sep 11 12:33:01 kapalua sshd\[25809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.175.71 Sep 11 12:33:02 kapalua sshd\[25809\]: Failed password for invalid user git from 182.61.175.71 port 49332 ssh2 Sep 11 12:39:16 kapalua sshd\[26543\]: Invalid user chris from 182.61.175.71 Sep 11 12:39:16 kapalua sshd\[26543\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.175.71	2019-09-12 09:57:06
177.12.245.18	attackspambots	Automatic report - Port Scan Attack	2019-09-12 09:57:42
213.239.204.242	attack	law firm spam, honey pot	2019-09-12 10:12:29
66.249.64.149	attackspam	66.249.64.149 - - [11/Sep/2019:20:50:46 +0200] "GET /site/wp-login.php HTTP/1.1" 301 252 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"	2019-09-12 10:09:06
51.77.230.125	attackspambots	Sep 12 04:18:38 markkoudstaal sshd[24063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.230.125 Sep 12 04:18:40 markkoudstaal sshd[24063]: Failed password for invalid user test123 from 51.77.230.125 port 49686 ssh2 Sep 12 04:24:59 markkoudstaal sshd[24650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.230.125	2019-09-12 10:28:16
43.230.213.114	attackspambots	Sep 12 02:45:10 andromeda sshd\[16431\]: Invalid user test from 43.230.213.114 port 37568 Sep 12 02:45:10 andromeda sshd\[16431\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.230.213.114 Sep 12 02:45:12 andromeda sshd\[16431\]: Failed password for invalid user test from 43.230.213.114 port 37568 ssh2	2019-09-12 10:28:37
91.134.153.144	attackbotsspam	Sep 12 03:52:23 mail sshd\[28039\]: Invalid user alex from 91.134.153.144 port 48402 Sep 12 03:52:23 mail sshd\[28039\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.153.144 Sep 12 03:52:25 mail sshd\[28039\]: Failed password for invalid user alex from 91.134.153.144 port 48402 ssh2 Sep 12 03:58:42 mail sshd\[28630\]: Invalid user ansibleuser from 91.134.153.144 port 37544 Sep 12 03:58:42 mail sshd\[28630\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.153.144	2019-09-12 10:01:25
194.187.249.178	attackbotsspam	B: Magento admin pass test (wrong country)	2019-09-12 10:32:36

最近上报的IP列表

220.58.120.191	153.134.75.210	52.43.161.104	39.136.146.187
118.169.226.91	140.74.84.67	189.189.235.107	124.131.157.16
176.102.89.233	27.26.98.52	91.245.158.91	92.239.139.7
80.7.95.80	10.134.246.28	165.51.138.126	223.215.203.40
177.130.241.0	129.205.113.138	14.43.51.192	124.58.25.88