106.12.12.7 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	SSH Brute Force	2020-04-29 13:23:14
attackspambots	Dec 12 09:27:16 124388 sshd[5562]: Failed password for invalid user sezen from 106.12.12.7 port 35384 ssh2 Dec 12 09:31:46 124388 sshd[5602]: Invalid user home from 106.12.12.7 port 47654 Dec 12 09:31:46 124388 sshd[5602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Dec 12 09:31:46 124388 sshd[5602]: Invalid user home from 106.12.12.7 port 47654 Dec 12 09:31:48 124388 sshd[5602]: Failed password for invalid user home from 106.12.12.7 port 47654 ssh2	2019-12-12 21:25:56
attackspam	Dec 2 18:55:53 ny01 sshd[15468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Dec 2 18:55:55 ny01 sshd[15468]: Failed password for invalid user ts3server from 106.12.12.7 port 56448 ssh2 Dec 2 19:02:01 ny01 sshd[16285]: Failed password for root from 106.12.12.7 port 32880 ssh2	2019-12-03 08:05:36
attackbotsspam	Nov 26 04:10:42 vibhu-HP-Z238-Microtower-Workstation sshd\[22513\]: Invalid user chilibeck from 106.12.12.7 Nov 26 04:10:42 vibhu-HP-Z238-Microtower-Workstation sshd\[22513\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Nov 26 04:10:44 vibhu-HP-Z238-Microtower-Workstation sshd\[22513\]: Failed password for invalid user chilibeck from 106.12.12.7 port 57566 ssh2 Nov 26 04:17:15 vibhu-HP-Z238-Microtower-Workstation sshd\[22763\]: Invalid user password from 106.12.12.7 Nov 26 04:17:15 vibhu-HP-Z238-Microtower-Workstation sshd\[22763\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 ...	2019-11-26 06:51:58
attackbots	Automatic report - Banned IP Access	2019-11-21 05:34:57
attackspambots	Nov 9 08:14:36 mail sshd[24681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Nov 9 08:14:38 mail sshd[24681]: Failed password for invalid user Success123 from 106.12.12.7 port 56586 ssh2 Nov 9 08:20:01 mail sshd[26666]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7	2019-11-09 19:15:26
attackbotsspam	SSH Brute-Force reported by Fail2Ban	2019-11-02 04:50:05
attackbots	2019-10-30T04:44:29.4940711495-001 sshd\[40119\]: Failed password for root from 106.12.12.7 port 46652 ssh2 2019-10-30T05:45:05.7670541495-001 sshd\[42401\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 user=root 2019-10-30T05:45:07.4898231495-001 sshd\[42401\]: Failed password for root from 106.12.12.7 port 43682 ssh2 2019-10-30T05:49:43.0923171495-001 sshd\[42600\]: Invalid user Pirkka from 106.12.12.7 port 53538 2019-10-30T05:49:43.0954891495-001 sshd\[42600\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 2019-10-30T05:49:45.6510911495-001 sshd\[42600\]: Failed password for invalid user Pirkka from 106.12.12.7 port 53538 ssh2 ...	2019-10-30 18:26:19
attackbots	Oct 24 06:38:48 sauna sshd[192850]: Failed password for root from 106.12.12.7 port 55762 ssh2 ...	2019-10-24 19:58:16
attackbotsspam	Repeated brute force against a port	2019-10-13 06:31:46
attackbotsspam	Oct 10 09:51:29 [munged] sshd[29004]: Failed password for root from 106.12.12.7 port 52860 ssh2	2019-10-10 16:13:04
attackbots	2019-09-29T21:54:55.481847abusebot.cloudsearch.cf sshd\[19209\]: Invalid user jim from 106.12.12.7 port 59970	2019-09-30 06:16:07
attackbots	Sep 28 23:09:29 server sshd\[26350\]: Invalid user 3edc from 106.12.12.7 port 40104 Sep 28 23:09:29 server sshd\[26350\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Sep 28 23:09:31 server sshd\[26350\]: Failed password for invalid user 3edc from 106.12.12.7 port 40104 ssh2 Sep 28 23:13:55 server sshd\[19187\]: Invalid user epmd from 106.12.12.7 port 50100 Sep 28 23:13:55 server sshd\[19187\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7	2019-09-29 04:34:28
attackbotsspam	Sep 27 05:38:18 apollo sshd\[6864\]: Invalid user tang from 106.12.12.7Sep 27 05:38:19 apollo sshd\[6864\]: Failed password for invalid user tang from 106.12.12.7 port 40622 ssh2Sep 27 05:48:14 apollo sshd\[6907\]: Invalid user cbrown from 106.12.12.7 ...	2019-09-27 17:59:46
attack	Sep 8 11:16:14 server01 sshd\[8540\]: Invalid user hadoop from 106.12.12.7 Sep 8 11:16:14 server01 sshd\[8540\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Sep 8 11:16:16 server01 sshd\[8540\]: Failed password for invalid user hadoop from 106.12.12.7 port 55106 ssh2 ...	2019-09-08 18:22:42
attack	Aug 25 15:31:19 mail1 sshd\[5809\]: Invalid user bukkit from 106.12.12.7 port 43796 Aug 25 15:31:19 mail1 sshd\[5809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Aug 25 15:31:22 mail1 sshd\[5809\]: Failed password for invalid user bukkit from 106.12.12.7 port 43796 ssh2 Aug 25 15:38:54 mail1 sshd\[9291\]: Invalid user admin from 106.12.12.7 port 38916 Aug 25 15:38:54 mail1 sshd\[9291\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 ...	2019-08-26 00:59:03

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.125.241	attack	Oct 12 23:39:26 localhost sshd[1152202]: Invalid user CVSROOT from 106.12.125.241 port 37014 ...	2020-10-12 23:39:48
106.12.125.241	attack	ssh brute force	2020-10-12 15:02:58
106.12.121.179	attackbotsspam	Brute-force attempt banned	2020-10-10 03:44:36
106.12.126.114	attackbots	ET SCAN NMAP -sS window 1024	2020-10-10 03:29:42
106.12.121.179	attack	sshd: Failed password for invalid user .... from 106.12.121.179 port 54966 ssh2 (8 attempts)	2020-10-09 19:40:25
106.12.126.114	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-09 19:22:57
106.12.125.241	attackbots	Oct 9 09:47:45 ns382633 sshd\[20848\]: Invalid user administrator from 106.12.125.241 port 55126 Oct 9 09:47:45 ns382633 sshd\[20848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Oct 9 09:47:47 ns382633 sshd\[20848\]: Failed password for invalid user administrator from 106.12.125.241 port 55126 ssh2 Oct 9 09:53:23 ns382633 sshd\[21610\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 user=root Oct 9 09:53:25 ns382633 sshd\[21610\]: Failed password for root from 106.12.125.241 port 48080 ssh2	2020-10-09 17:42:14
106.12.123.239	attackspam	Found on CINS badguys / proto=6 . srcport=56933 . dstport=3508 . (5380)	2020-10-09 04:11:23
106.12.123.239	attackspambots	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-08 20:19:28
106.12.123.239	attackspam	Failed password for invalid user samba from 106.12.123.239 port 42704 ssh2	2020-10-08 12:15:56
106.12.123.239	attackspambots	TCP (SYN) 106.12.123.239:53351 -> port 20725, len 44	2020-10-08 07:36:48
106.12.127.39	attackspam	Oct 6 00:16:59 dev0-dcde-rnet sshd[24466]: Failed password for root from 106.12.127.39 port 35302 ssh2 Oct 6 00:22:53 dev0-dcde-rnet sshd[24535]: Failed password for root from 106.12.127.39 port 54790 ssh2	2020-10-06 08:01:45
106.12.127.39	attackbotsspam	$f2bV_matches	2020-10-05 16:23:30
106.12.125.178	attack	2020-10-04T00:32:21.990228mail.standpoint.com.ua sshd[8726]: Invalid user admin from 106.12.125.178 port 57304 2020-10-04T00:32:21.992993mail.standpoint.com.ua sshd[8726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.178 2020-10-04T00:32:21.990228mail.standpoint.com.ua sshd[8726]: Invalid user admin from 106.12.125.178 port 57304 2020-10-04T00:32:23.391915mail.standpoint.com.ua sshd[8726]: Failed password for invalid user admin from 106.12.125.178 port 57304 ssh2 2020-10-04T00:33:47.893416mail.standpoint.com.ua sshd[8899]: Invalid user minecraft from 106.12.125.178 port 51324 ...	2020-10-04 07:12:02
106.12.125.178	attack	Oct 3 14:13:57 *** sshd[15317]: User root from 106.12.125.178 not allowed because not listed in AllowUsers	2020-10-03 23:26:07

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.12.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6351
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.12.7.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 26 00:58:53 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 7.12.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 7.12.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
175.158.50.1	attackbots	Dec 18 15:50:28 sso sshd[27184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.158.50.1 Dec 18 15:50:30 sso sshd[27184]: Failed password for invalid user ikko from 175.158.50.1 port 38275 ssh2 ...	2019-12-18 22:59:35
40.92.72.45	attackbots	Dec 18 17:38:10 debian-2gb-vpn-nbg1-1 kernel: [1058254.966774] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.72.45 DST=78.46.192.101 LEN=52 TOS=0x02 PREC=0x00 TTL=112 ID=4432 DF PROTO=TCP SPT=56196 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0	2019-12-18 22:48:19
117.255.216.106	attackspam	Dec 18 15:38:12 vps647732 sshd[19225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.255.216.106 Dec 18 15:38:14 vps647732 sshd[19225]: Failed password for invalid user labrecque from 117.255.216.106 port 59812 ssh2 ...	2019-12-18 22:43:43
148.251.8.250	attack	Forbidden directory scan :: 2019/12/18 14:38:01 [error] 986#986: *12624 access forbidden by rule, client: 148.251.8.250, server: [censored_1], request: "GET /knowledge-base/%ht_kb_category%/regex-to-select-table-from-html-content/ HTTP/1.1", host: "www.[censored_1]"	2019-12-18 23:01:11
191.232.189.227	attack	Dec 18 15:38:15 [host] sshd[7529]: Invalid user apache from 191.232.189.227 Dec 18 15:38:15 [host] sshd[7529]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.232.189.227 Dec 18 15:38:17 [host] sshd[7529]: Failed password for invalid user apache from 191.232.189.227 port 39090 ssh2	2019-12-18 22:42:04
125.141.139.9	attackbotsspam	Dec 18 15:37:44 lnxmysql61 sshd[4868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.9	2019-12-18 23:13:58
103.199.155.26	attack	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2019-12-18 22:32:46
146.185.130.101	attackspam	Dec 18 15:34:11 srv01 sshd[30786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.130.101 user=dovecot Dec 18 15:34:13 srv01 sshd[30786]: Failed password for dovecot from 146.185.130.101 port 42930 ssh2 Dec 18 15:42:56 srv01 sshd[31422]: Invalid user tokend from 146.185.130.101 port 32950 Dec 18 15:42:57 srv01 sshd[31422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.130.101 Dec 18 15:42:56 srv01 sshd[31422]: Invalid user tokend from 146.185.130.101 port 32950 Dec 18 15:42:58 srv01 sshd[31422]: Failed password for invalid user tokend from 146.185.130.101 port 32950 ssh2 ...	2019-12-18 22:49:44
82.221.131.71	attack	Dec 18 15:37:38 vpn01 sshd[28143]: Failed password for root from 82.221.131.71 port 45607 ssh2 Dec 18 15:37:53 vpn01 sshd[28143]: error: maximum authentication attempts exceeded for root from 82.221.131.71 port 45607 ssh2 [preauth] ...	2019-12-18 23:07:31
137.74.171.160	attack	$f2bV_matches	2019-12-18 23:03:41
47.52.204.46	attackspam	[portscan] Port scan	2019-12-18 23:08:57
51.254.210.53	attackbots	Dec 18 04:48:38 eddieflores sshd\[24293\]: Invalid user collenberger from 51.254.210.53 Dec 18 04:48:38 eddieflores sshd\[24293\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=53.ip-51-254-210.eu Dec 18 04:48:40 eddieflores sshd\[24293\]: Failed password for invalid user collenberger from 51.254.210.53 port 46568 ssh2 Dec 18 04:54:01 eddieflores sshd\[24802\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=53.ip-51-254-210.eu user=root Dec 18 04:54:03 eddieflores sshd\[24802\]: Failed password for root from 51.254.210.53 port 56164 ssh2	2019-12-18 23:07:05
106.75.15.142	attackspambots	Dec 18 15:37:49 * sshd[1717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.15.142 Dec 18 15:37:51 * sshd[1717]: Failed password for invalid user jx from 106.75.15.142 port 38996 ssh2	2019-12-18 23:08:33
76.186.81.229	attackspam	Dec 18 15:38:02 vpn01 sshd[28159]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.186.81.229 Dec 18 15:38:05 vpn01 sshd[28159]: Failed password for invalid user molt from 76.186.81.229 port 55819 ssh2 ...	2019-12-18 22:54:23
54.188.90.150	attack	54.188.90.150 - - \[18/Dec/2019:07:23:27 +0100\] "POST /wp-login.php HTTP/1.0" 200 6640 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 54.188.90.150 - - \[18/Dec/2019:07:23:30 +0100\] "POST /wp-login.php HTTP/1.0" 200 6453 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 54.188.90.150 - - \[18/Dec/2019:07:23:33 +0100\] "POST /wp-login.php HTTP/1.0" 200 6453 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-12-18 22:33:34

最近上报的IP列表

85.66.131.184	88.195.55.249	46.226.143.149	110.242.118.255
156.215.137.141	196.235.69.135	209.103.250.185	202.195.80.56
145.234.81.52	131.65.143.111	62.252.196.52	113.93.123.141
109.167.98.27	123.32.38.175	92.45.73.95	40.81.188.85
122.11.119.140	165.9.78.33	56.204.74.210	204.253.237.33