106.12.12.242 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Invalid user ali from 106.12.12.242 port 37258	2020-08-28 18:46:56
attack	Aug 23 06:26:13 ip106 sshd[30480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 Aug 23 06:26:15 ip106 sshd[30480]: Failed password for invalid user monitor from 106.12.12.242 port 50174 ssh2 ...	2020-08-23 13:35:29
attackbots	Port Scan ...	2020-08-23 02:29:19
attackbots	Aug 18 09:46:00 home sshd[881413]: Invalid user cyrus from 106.12.12.242 port 47269 Aug 18 09:46:00 home sshd[881413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 Aug 18 09:46:00 home sshd[881413]: Invalid user cyrus from 106.12.12.242 port 47269 Aug 18 09:46:02 home sshd[881413]: Failed password for invalid user cyrus from 106.12.12.242 port 47269 ssh2 Aug 18 09:50:38 home sshd[882843]: Invalid user jwu from 106.12.12.242 port 37102 ...	2020-08-18 16:26:06
attackspam	Jun 2 06:22:31 icinga sshd[56541]: Failed password for root from 106.12.12.242 port 42355 ssh2 Jun 2 06:36:17 icinga sshd[14661]: Failed password for root from 106.12.12.242 port 49105 ssh2 ...	2020-06-02 14:08:08
attackbotsspam	May 30 15:42:36 OPSO sshd\[31754\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 user=root May 30 15:42:38 OPSO sshd\[31754\]: Failed password for root from 106.12.12.242 port 34174 ssh2 May 30 15:48:25 OPSO sshd\[32548\]: Invalid user bluesky from 106.12.12.242 port 33543 May 30 15:48:25 OPSO sshd\[32548\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 May 30 15:48:27 OPSO sshd\[32548\]: Failed password for invalid user bluesky from 106.12.12.242 port 33543 ssh2	2020-05-31 01:09:02
attack	Invalid user stef from 106.12.12.242 port 34176	2020-05-28 17:59:31
attackspambots	May 23 15:14:00 lnxweb61 sshd[10226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242	2020-05-23 22:11:23
attackspam	SSH invalid-user multiple login try	2020-05-23 19:12:31
attack	SSH invalid-user multiple login attempts	2020-05-09 07:52:08
attackbots	hit -> srv3:22	2020-05-01 19:10:32
attack	Apr 28 08:26:05 lock-38 sshd[1644902]: Disconnected from invalid user mary 106.12.12.242 port 53694 [preauth] Apr 28 08:28:35 lock-38 sshd[1644971]: Invalid user hspark from 106.12.12.242 port 35660 Apr 28 08:28:35 lock-38 sshd[1644971]: Invalid user hspark from 106.12.12.242 port 35660 Apr 28 08:28:35 lock-38 sshd[1644971]: Failed password for invalid user hspark from 106.12.12.242 port 35660 ssh2 Apr 28 08:28:36 lock-38 sshd[1644971]: Disconnected from invalid user hspark 106.12.12.242 port 35660 [preauth] ...	2020-04-28 18:05:26
attack	2020-04-26 09:14:58 server sshd[79029]: Failed password for invalid user jsh from 106.12.12.242 port 38350 ssh2	2020-04-28 03:17:24
attackspam	Invalid user qg from 106.12.12.242 port 51277	2020-04-24 17:24:11
attack	Invalid user test from 106.12.12.242 port 56220	2020-04-22 01:24:39
attackbots	Invalid user test from 106.12.12.242 port 56220	2020-04-20 20:41:51
attackbots	5x Failed Password	2020-04-06 08:51:11
attackbotsspam	2020-04-04T20:25:02.347254abusebot-5.cloudsearch.cf sshd[32129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 user=root 2020-04-04T20:25:04.429982abusebot-5.cloudsearch.cf sshd[32129]: Failed password for root from 106.12.12.242 port 60956 ssh2 2020-04-04T20:27:01.066070abusebot-5.cloudsearch.cf sshd[32207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 user=root 2020-04-04T20:27:02.817738abusebot-5.cloudsearch.cf sshd[32207]: Failed password for root from 106.12.12.242 port 46196 ssh2 2020-04-04T20:28:54.292456abusebot-5.cloudsearch.cf sshd[32309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 user=root 2020-04-04T20:28:56.224693abusebot-5.cloudsearch.cf sshd[32309]: Failed password for root from 106.12.12.242 port 59658 ssh2 2020-04-04T20:30:50.147693abusebot-5.cloudsearch.cf sshd[32325]: pam_unix(sshd:auth): authe ...	2020-04-05 04:37:06
attackspam	Apr 1 14:02:42 ns382633 sshd\[10646\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 user=root Apr 1 14:02:43 ns382633 sshd\[10646\]: Failed password for root from 106.12.12.242 port 33415 ssh2 Apr 1 14:17:05 ns382633 sshd\[13803\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 user=root Apr 1 14:17:07 ns382633 sshd\[13803\]: Failed password for root from 106.12.12.242 port 44109 ssh2 Apr 1 14:27:44 ns382633 sshd\[15847\]: Invalid user ypz from 106.12.12.242 port 44138 Apr 1 14:27:44 ns382633 sshd\[15847\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242	2020-04-02 04:32:30
attackspambots	$f2bV_matches	2020-03-24 06:38:44
attackbotsspam	2020-02-07T16:27:32.419219scmdmz1 sshd[13363]: Invalid user nyj from 106.12.12.242 port 45498 2020-02-07T16:27:32.423205scmdmz1 sshd[13363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 2020-02-07T16:27:32.419219scmdmz1 sshd[13363]: Invalid user nyj from 106.12.12.242 port 45498 2020-02-07T16:27:34.078087scmdmz1 sshd[13363]: Failed password for invalid user nyj from 106.12.12.242 port 45498 ssh2 2020-02-07T16:31:54.271778scmdmz1 sshd[14125]: Invalid user ljw from 106.12.12.242 port 40602 ...	2020-02-08 05:46:15

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.125.241	attack	Oct 12 23:39:26 localhost sshd[1152202]: Invalid user CVSROOT from 106.12.125.241 port 37014 ...	2020-10-12 23:39:48
106.12.125.241	attack	ssh brute force	2020-10-12 15:02:58
106.12.121.179	attackbotsspam	Brute-force attempt banned	2020-10-10 03:44:36
106.12.126.114	attackbots	ET SCAN NMAP -sS window 1024	2020-10-10 03:29:42
106.12.121.179	attack	sshd: Failed password for invalid user .... from 106.12.121.179 port 54966 ssh2 (8 attempts)	2020-10-09 19:40:25
106.12.126.114	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-09 19:22:57
106.12.125.241	attackbots	Oct 9 09:47:45 ns382633 sshd\[20848\]: Invalid user administrator from 106.12.125.241 port 55126 Oct 9 09:47:45 ns382633 sshd\[20848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Oct 9 09:47:47 ns382633 sshd\[20848\]: Failed password for invalid user administrator from 106.12.125.241 port 55126 ssh2 Oct 9 09:53:23 ns382633 sshd\[21610\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 user=root Oct 9 09:53:25 ns382633 sshd\[21610\]: Failed password for root from 106.12.125.241 port 48080 ssh2	2020-10-09 17:42:14
106.12.123.239	attackspam	Found on CINS badguys / proto=6 . srcport=56933 . dstport=3508 . (5380)	2020-10-09 04:11:23
106.12.123.239	attackspambots	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-08 20:19:28
106.12.123.239	attackspam	Failed password for invalid user samba from 106.12.123.239 port 42704 ssh2	2020-10-08 12:15:56
106.12.123.239	attackspambots	TCP (SYN) 106.12.123.239:53351 -> port 20725, len 44	2020-10-08 07:36:48
106.12.127.39	attackspam	Oct 6 00:16:59 dev0-dcde-rnet sshd[24466]: Failed password for root from 106.12.127.39 port 35302 ssh2 Oct 6 00:22:53 dev0-dcde-rnet sshd[24535]: Failed password for root from 106.12.127.39 port 54790 ssh2	2020-10-06 08:01:45
106.12.127.39	attackbotsspam	$f2bV_matches	2020-10-05 16:23:30
106.12.125.178	attack	2020-10-04T00:32:21.990228mail.standpoint.com.ua sshd[8726]: Invalid user admin from 106.12.125.178 port 57304 2020-10-04T00:32:21.992993mail.standpoint.com.ua sshd[8726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.178 2020-10-04T00:32:21.990228mail.standpoint.com.ua sshd[8726]: Invalid user admin from 106.12.125.178 port 57304 2020-10-04T00:32:23.391915mail.standpoint.com.ua sshd[8726]: Failed password for invalid user admin from 106.12.125.178 port 57304 ssh2 2020-10-04T00:33:47.893416mail.standpoint.com.ua sshd[8899]: Invalid user minecraft from 106.12.125.178 port 51324 ...	2020-10-04 07:12:02
106.12.125.178	attack	Oct 3 14:13:57 *** sshd[15317]: User root from 106.12.125.178 not allowed because not listed in AllowUsers	2020-10-03 23:26:07

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.12.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22095
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.12.242.			IN	A

;; AUTHORITY SECTION:
.			378	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020701 1800 900 604800 86400

;; Query time: 401 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 08 05:46:09 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 242.12.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 242.12.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
208.64.33.89	attackspambots	Unauthorized connection attempt detected from IP address 208.64.33.89 to port 2220 [J]	2020-01-13 01:16:42
145.239.82.11	attackspam	Unauthorized connection attempt detected from IP address 145.239.82.11 to port 2220 [J]	2020-01-13 01:25:16
124.156.54.74	attack	Unauthorized connection attempt detected from IP address 124.156.54.74 to port 5357 [J]	2020-01-13 00:57:07
114.7.162.198	attackbotsspam	Unauthorized connection attempt detected from IP address 114.7.162.198 to port 2220 [J]	2020-01-13 01:30:02
118.216.180.155	attackspam	Unauthorized connection attempt detected from IP address 118.216.180.155 to port 81 [J]	2020-01-13 01:28:51
65.131.73.44	attackspambots	Unauthorized connection attempt detected from IP address 65.131.73.44 to port 23 [J]	2020-01-13 01:07:27
51.38.234.224	attackspam	Jan 12 15:58:54 server sshd\[13225\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=224.ip-51-38-234.eu user=root Jan 12 15:58:55 server sshd\[13225\]: Failed password for root from 51.38.234.224 port 48428 ssh2 Jan 12 16:10:26 server sshd\[16347\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=224.ip-51-38-234.eu user=root Jan 12 16:10:28 server sshd\[16347\]: Failed password for root from 51.38.234.224 port 35904 ssh2 Jan 12 16:13:05 server sshd\[16804\]: Invalid user satheesh from 51.38.234.224 Jan 12 16:13:05 server sshd\[16804\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=224.ip-51-38-234.eu ...	2020-01-13 01:08:24
84.232.241.233	attackbotsspam	Unauthorized connection attempt detected from IP address 84.232.241.233 to port 4567 [J]	2020-01-13 01:04:54
138.219.104.131	attack	Unauthorized connection attempt detected from IP address 138.219.104.131 to port 81 [J]	2020-01-13 00:55:48
45.229.53.189	attackbotsspam	Unauthorized connection attempt detected from IP address 45.229.53.189 to port 80 [J]	2020-01-13 01:09:55
80.97.201.158	attackspam	Unauthorized connection attempt detected from IP address 80.97.201.158 to port 4567 [J]	2020-01-13 01:05:13
210.117.8.140	attackbots	Unauthorized connection attempt detected from IP address 210.117.8.140 to port 80 [J]	2020-01-13 01:16:15
125.164.217.157	attackspambots	Unauthorized connection attempt detected from IP address 125.164.217.157 to port 81 [J]	2020-01-13 00:56:09
165.16.37.167	attackspambots	Unauthorized connection attempt detected from IP address 165.16.37.167 to port 80 [J]	2020-01-13 00:53:57
2.207.17.109	attack	Jan 12 14:13:03 [host] sshd[6208]: Invalid user pi from 2.207.17.109 Jan 12 14:13:03 [host] sshd[6208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.207.17.109 Jan 12 14:13:03 [host] sshd[6210]: Invalid user pi from 2.207.17.109	2020-01-13 01:12:14

最近上报的IP列表

100.141.76.130	138.97.31.81	190.180.181.236	119.91.104.77
216.24.183.114	1.55.43.230	39.93.241.201	85.231.43.22
150.109.204.252	116.89.88.245	220.200.56.195	187.18.175.55
162.251.126.149	120.17.222.117	159.89.90.41	49.235.190.177
86.216.5.65	41.218.202.140	190.124.172.36	90.192.83.194