106.12.12.242 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Invalid user ali from 106.12.12.242 port 37258	2020-08-28 18:46:56
attack	Aug 23 06:26:13 ip106 sshd[30480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 Aug 23 06:26:15 ip106 sshd[30480]: Failed password for invalid user monitor from 106.12.12.242 port 50174 ssh2 ...	2020-08-23 13:35:29
attackbots	Port Scan ...	2020-08-23 02:29:19
attackbots	Aug 18 09:46:00 home sshd[881413]: Invalid user cyrus from 106.12.12.242 port 47269 Aug 18 09:46:00 home sshd[881413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 Aug 18 09:46:00 home sshd[881413]: Invalid user cyrus from 106.12.12.242 port 47269 Aug 18 09:46:02 home sshd[881413]: Failed password for invalid user cyrus from 106.12.12.242 port 47269 ssh2 Aug 18 09:50:38 home sshd[882843]: Invalid user jwu from 106.12.12.242 port 37102 ...	2020-08-18 16:26:06
attackspam	Jun 2 06:22:31 icinga sshd[56541]: Failed password for root from 106.12.12.242 port 42355 ssh2 Jun 2 06:36:17 icinga sshd[14661]: Failed password for root from 106.12.12.242 port 49105 ssh2 ...	2020-06-02 14:08:08
attackbotsspam	May 30 15:42:36 OPSO sshd\[31754\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 user=root May 30 15:42:38 OPSO sshd\[31754\]: Failed password for root from 106.12.12.242 port 34174 ssh2 May 30 15:48:25 OPSO sshd\[32548\]: Invalid user bluesky from 106.12.12.242 port 33543 May 30 15:48:25 OPSO sshd\[32548\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 May 30 15:48:27 OPSO sshd\[32548\]: Failed password for invalid user bluesky from 106.12.12.242 port 33543 ssh2	2020-05-31 01:09:02
attack	Invalid user stef from 106.12.12.242 port 34176	2020-05-28 17:59:31
attackspambots	May 23 15:14:00 lnxweb61 sshd[10226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242	2020-05-23 22:11:23
attackspam	SSH invalid-user multiple login try	2020-05-23 19:12:31
attack	SSH invalid-user multiple login attempts	2020-05-09 07:52:08
attackbots	hit -> srv3:22	2020-05-01 19:10:32
attack	Apr 28 08:26:05 lock-38 sshd[1644902]: Disconnected from invalid user mary 106.12.12.242 port 53694 [preauth] Apr 28 08:28:35 lock-38 sshd[1644971]: Invalid user hspark from 106.12.12.242 port 35660 Apr 28 08:28:35 lock-38 sshd[1644971]: Invalid user hspark from 106.12.12.242 port 35660 Apr 28 08:28:35 lock-38 sshd[1644971]: Failed password for invalid user hspark from 106.12.12.242 port 35660 ssh2 Apr 28 08:28:36 lock-38 sshd[1644971]: Disconnected from invalid user hspark 106.12.12.242 port 35660 [preauth] ...	2020-04-28 18:05:26
attack	2020-04-26 09:14:58 server sshd[79029]: Failed password for invalid user jsh from 106.12.12.242 port 38350 ssh2	2020-04-28 03:17:24
attackspam	Invalid user qg from 106.12.12.242 port 51277	2020-04-24 17:24:11
attack	Invalid user test from 106.12.12.242 port 56220	2020-04-22 01:24:39
attackbots	Invalid user test from 106.12.12.242 port 56220	2020-04-20 20:41:51
attackbots	5x Failed Password	2020-04-06 08:51:11
attackbotsspam	2020-04-04T20:25:02.347254abusebot-5.cloudsearch.cf sshd[32129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 user=root 2020-04-04T20:25:04.429982abusebot-5.cloudsearch.cf sshd[32129]: Failed password for root from 106.12.12.242 port 60956 ssh2 2020-04-04T20:27:01.066070abusebot-5.cloudsearch.cf sshd[32207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 user=root 2020-04-04T20:27:02.817738abusebot-5.cloudsearch.cf sshd[32207]: Failed password for root from 106.12.12.242 port 46196 ssh2 2020-04-04T20:28:54.292456abusebot-5.cloudsearch.cf sshd[32309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 user=root 2020-04-04T20:28:56.224693abusebot-5.cloudsearch.cf sshd[32309]: Failed password for root from 106.12.12.242 port 59658 ssh2 2020-04-04T20:30:50.147693abusebot-5.cloudsearch.cf sshd[32325]: pam_unix(sshd:auth): authe ...	2020-04-05 04:37:06
attackspam	Apr 1 14:02:42 ns382633 sshd\[10646\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 user=root Apr 1 14:02:43 ns382633 sshd\[10646\]: Failed password for root from 106.12.12.242 port 33415 ssh2 Apr 1 14:17:05 ns382633 sshd\[13803\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 user=root Apr 1 14:17:07 ns382633 sshd\[13803\]: Failed password for root from 106.12.12.242 port 44109 ssh2 Apr 1 14:27:44 ns382633 sshd\[15847\]: Invalid user ypz from 106.12.12.242 port 44138 Apr 1 14:27:44 ns382633 sshd\[15847\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242	2020-04-02 04:32:30
attackspambots	$f2bV_matches	2020-03-24 06:38:44
attackbotsspam	2020-02-07T16:27:32.419219scmdmz1 sshd[13363]: Invalid user nyj from 106.12.12.242 port 45498 2020-02-07T16:27:32.423205scmdmz1 sshd[13363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 2020-02-07T16:27:32.419219scmdmz1 sshd[13363]: Invalid user nyj from 106.12.12.242 port 45498 2020-02-07T16:27:34.078087scmdmz1 sshd[13363]: Failed password for invalid user nyj from 106.12.12.242 port 45498 ssh2 2020-02-07T16:31:54.271778scmdmz1 sshd[14125]: Invalid user ljw from 106.12.12.242 port 40602 ...	2020-02-08 05:46:15

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.125.241	attack	Oct 12 23:39:26 localhost sshd[1152202]: Invalid user CVSROOT from 106.12.125.241 port 37014 ...	2020-10-12 23:39:48
106.12.125.241	attack	ssh brute force	2020-10-12 15:02:58
106.12.121.179	attackbotsspam	Brute-force attempt banned	2020-10-10 03:44:36
106.12.126.114	attackbots	ET SCAN NMAP -sS window 1024	2020-10-10 03:29:42
106.12.121.179	attack	sshd: Failed password for invalid user .... from 106.12.121.179 port 54966 ssh2 (8 attempts)	2020-10-09 19:40:25
106.12.126.114	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-09 19:22:57
106.12.125.241	attackbots	Oct 9 09:47:45 ns382633 sshd\[20848\]: Invalid user administrator from 106.12.125.241 port 55126 Oct 9 09:47:45 ns382633 sshd\[20848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Oct 9 09:47:47 ns382633 sshd\[20848\]: Failed password for invalid user administrator from 106.12.125.241 port 55126 ssh2 Oct 9 09:53:23 ns382633 sshd\[21610\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 user=root Oct 9 09:53:25 ns382633 sshd\[21610\]: Failed password for root from 106.12.125.241 port 48080 ssh2	2020-10-09 17:42:14
106.12.123.239	attackspam	Found on CINS badguys / proto=6 . srcport=56933 . dstport=3508 . (5380)	2020-10-09 04:11:23
106.12.123.239	attackspambots	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-08 20:19:28
106.12.123.239	attackspam	Failed password for invalid user samba from 106.12.123.239 port 42704 ssh2	2020-10-08 12:15:56
106.12.123.239	attackspambots	TCP (SYN) 106.12.123.239:53351 -> port 20725, len 44	2020-10-08 07:36:48
106.12.127.39	attackspam	Oct 6 00:16:59 dev0-dcde-rnet sshd[24466]: Failed password for root from 106.12.127.39 port 35302 ssh2 Oct 6 00:22:53 dev0-dcde-rnet sshd[24535]: Failed password for root from 106.12.127.39 port 54790 ssh2	2020-10-06 08:01:45
106.12.127.39	attackbotsspam	$f2bV_matches	2020-10-05 16:23:30
106.12.125.178	attack	2020-10-04T00:32:21.990228mail.standpoint.com.ua sshd[8726]: Invalid user admin from 106.12.125.178 port 57304 2020-10-04T00:32:21.992993mail.standpoint.com.ua sshd[8726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.178 2020-10-04T00:32:21.990228mail.standpoint.com.ua sshd[8726]: Invalid user admin from 106.12.125.178 port 57304 2020-10-04T00:32:23.391915mail.standpoint.com.ua sshd[8726]: Failed password for invalid user admin from 106.12.125.178 port 57304 ssh2 2020-10-04T00:33:47.893416mail.standpoint.com.ua sshd[8899]: Invalid user minecraft from 106.12.125.178 port 51324 ...	2020-10-04 07:12:02
106.12.125.178	attack	Oct 3 14:13:57 *** sshd[15317]: User root from 106.12.125.178 not allowed because not listed in AllowUsers	2020-10-03 23:26:07

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.12.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22095
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.12.242.			IN	A

;; AUTHORITY SECTION:
.			378	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020701 1800 900 604800 86400

;; Query time: 401 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 08 05:46:09 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 242.12.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 242.12.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
88.119.221.196	attackspam	ports scanning	2019-07-14 14:50:42
121.122.103.213	attackspam	Jul 14 06:44:52 mail sshd\[10489\]: Failed password for invalid user hdfs from 121.122.103.213 port 12912 ssh2 Jul 14 07:02:15 mail sshd\[10676\]: Invalid user pascal from 121.122.103.213 port 38694 ...	2019-07-14 14:03:14
98.253.128.193	attackbotsspam	(Default IP, Port Scanning & Connects, Bad UA) 2019-07-13 23:00:29 98.253.128.193 HTTP/1.1 GET /	2019-07-14 14:53:23
134.175.149.218	attack	SSH/22 MH Probe, BF, Hack -	2019-07-14 14:39:36
83.221.202.93	attackbots	TCP port 993 (IMAP) attempt blocked by hMailServer IP-check. Abuse score 92%	2019-07-14 14:14:55
159.89.182.139	attack	fail2ban honeypot	2019-07-14 14:51:14
106.13.4.172	attack	SSH Bruteforce attack	2019-07-14 14:18:04
5.39.67.154	attack	Jul 14 07:00:30 mail sshd\[20741\]: Invalid user ale from 5.39.67.154\ Jul 14 07:00:32 mail sshd\[20741\]: Failed password for invalid user ale from 5.39.67.154 port 41979 ssh2\ Jul 14 07:05:15 mail sshd\[20783\]: Invalid user dekait from 5.39.67.154\ Jul 14 07:05:17 mail sshd\[20783\]: Failed password for invalid user dekait from 5.39.67.154 port 42548 ssh2\ Jul 14 07:09:54 mail sshd\[20862\]: Invalid user mc from 5.39.67.154\ Jul 14 07:09:56 mail sshd\[20862\]: Failed password for invalid user mc from 5.39.67.154 port 43120 ssh2\	2019-07-14 14:32:05
206.189.166.159	attackbotsspam	ports scanning	2019-07-14 14:38:46
75.75.234.107	attack	2,44-04/04 concatform PostRequest-Spammer scoring: zurich	2019-07-14 14:37:50
180.250.205.114	attack	Jul 14 07:26:05 legacy sshd[17716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.205.114 Jul 14 07:26:07 legacy sshd[17716]: Failed password for invalid user mysql from 180.250.205.114 port 52942 ssh2 Jul 14 07:31:59 legacy sshd[17860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.205.114 ...	2019-07-14 14:06:45
79.133.158.233	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-13 14:38:58,205 INFO [shellcode_manager] (79.133.158.233) no match, writing hexdump (cdf920d029c2b6918f469cb67f3b776b :2108054) - MS17010 (EternalBlue)	2019-07-14 14:30:39
165.22.96.225	attack	Invalid user art from 165.22.96.225 port 49174	2019-07-14 14:05:25
202.93.35.19	attackbotsspam	Brute force attempt	2019-07-14 14:48:58
121.7.127.92	attackbots	Jul 14 03:45:02 dev sshd\[3784\]: Invalid user temp1 from 121.7.127.92 port 40121 Jul 14 03:45:02 dev sshd\[3784\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.7.127.92 ...	2019-07-14 14:32:59

最近上报的IP列表

100.141.76.130	138.97.31.81	190.180.181.236	119.91.104.77
216.24.183.114	1.55.43.230	39.93.241.201	85.231.43.22
150.109.204.252	116.89.88.245	220.200.56.195	187.18.175.55
162.251.126.149	120.17.222.117	159.89.90.41	49.235.190.177
86.216.5.65	41.218.202.140	190.124.172.36	90.192.83.194