106.12.12.7 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	SSH Brute Force	2020-04-29 13:23:14
attackspambots	Dec 12 09:27:16 124388 sshd[5562]: Failed password for invalid user sezen from 106.12.12.7 port 35384 ssh2 Dec 12 09:31:46 124388 sshd[5602]: Invalid user home from 106.12.12.7 port 47654 Dec 12 09:31:46 124388 sshd[5602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Dec 12 09:31:46 124388 sshd[5602]: Invalid user home from 106.12.12.7 port 47654 Dec 12 09:31:48 124388 sshd[5602]: Failed password for invalid user home from 106.12.12.7 port 47654 ssh2	2019-12-12 21:25:56
attackspam	Dec 2 18:55:53 ny01 sshd[15468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Dec 2 18:55:55 ny01 sshd[15468]: Failed password for invalid user ts3server from 106.12.12.7 port 56448 ssh2 Dec 2 19:02:01 ny01 sshd[16285]: Failed password for root from 106.12.12.7 port 32880 ssh2	2019-12-03 08:05:36
attackbotsspam	Nov 26 04:10:42 vibhu-HP-Z238-Microtower-Workstation sshd\[22513\]: Invalid user chilibeck from 106.12.12.7 Nov 26 04:10:42 vibhu-HP-Z238-Microtower-Workstation sshd\[22513\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Nov 26 04:10:44 vibhu-HP-Z238-Microtower-Workstation sshd\[22513\]: Failed password for invalid user chilibeck from 106.12.12.7 port 57566 ssh2 Nov 26 04:17:15 vibhu-HP-Z238-Microtower-Workstation sshd\[22763\]: Invalid user password from 106.12.12.7 Nov 26 04:17:15 vibhu-HP-Z238-Microtower-Workstation sshd\[22763\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 ...	2019-11-26 06:51:58
attackbots	Automatic report - Banned IP Access	2019-11-21 05:34:57
attackspambots	Nov 9 08:14:36 mail sshd[24681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Nov 9 08:14:38 mail sshd[24681]: Failed password for invalid user Success123 from 106.12.12.7 port 56586 ssh2 Nov 9 08:20:01 mail sshd[26666]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7	2019-11-09 19:15:26
attackbotsspam	SSH Brute-Force reported by Fail2Ban	2019-11-02 04:50:05
attackbots	2019-10-30T04:44:29.4940711495-001 sshd\[40119\]: Failed password for root from 106.12.12.7 port 46652 ssh2 2019-10-30T05:45:05.7670541495-001 sshd\[42401\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 user=root 2019-10-30T05:45:07.4898231495-001 sshd\[42401\]: Failed password for root from 106.12.12.7 port 43682 ssh2 2019-10-30T05:49:43.0923171495-001 sshd\[42600\]: Invalid user Pirkka from 106.12.12.7 port 53538 2019-10-30T05:49:43.0954891495-001 sshd\[42600\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 2019-10-30T05:49:45.6510911495-001 sshd\[42600\]: Failed password for invalid user Pirkka from 106.12.12.7 port 53538 ssh2 ...	2019-10-30 18:26:19
attackbots	Oct 24 06:38:48 sauna sshd[192850]: Failed password for root from 106.12.12.7 port 55762 ssh2 ...	2019-10-24 19:58:16
attackbotsspam	Repeated brute force against a port	2019-10-13 06:31:46
attackbotsspam	Oct 10 09:51:29 [munged] sshd[29004]: Failed password for root from 106.12.12.7 port 52860 ssh2	2019-10-10 16:13:04
attackbots	2019-09-29T21:54:55.481847abusebot.cloudsearch.cf sshd\[19209\]: Invalid user jim from 106.12.12.7 port 59970	2019-09-30 06:16:07
attackbots	Sep 28 23:09:29 server sshd\[26350\]: Invalid user 3edc from 106.12.12.7 port 40104 Sep 28 23:09:29 server sshd\[26350\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Sep 28 23:09:31 server sshd\[26350\]: Failed password for invalid user 3edc from 106.12.12.7 port 40104 ssh2 Sep 28 23:13:55 server sshd\[19187\]: Invalid user epmd from 106.12.12.7 port 50100 Sep 28 23:13:55 server sshd\[19187\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7	2019-09-29 04:34:28
attackbotsspam	Sep 27 05:38:18 apollo sshd\[6864\]: Invalid user tang from 106.12.12.7Sep 27 05:38:19 apollo sshd\[6864\]: Failed password for invalid user tang from 106.12.12.7 port 40622 ssh2Sep 27 05:48:14 apollo sshd\[6907\]: Invalid user cbrown from 106.12.12.7 ...	2019-09-27 17:59:46
attack	Sep 8 11:16:14 server01 sshd\[8540\]: Invalid user hadoop from 106.12.12.7 Sep 8 11:16:14 server01 sshd\[8540\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Sep 8 11:16:16 server01 sshd\[8540\]: Failed password for invalid user hadoop from 106.12.12.7 port 55106 ssh2 ...	2019-09-08 18:22:42
attack	Aug 25 15:31:19 mail1 sshd\[5809\]: Invalid user bukkit from 106.12.12.7 port 43796 Aug 25 15:31:19 mail1 sshd\[5809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Aug 25 15:31:22 mail1 sshd\[5809\]: Failed password for invalid user bukkit from 106.12.12.7 port 43796 ssh2 Aug 25 15:38:54 mail1 sshd\[9291\]: Invalid user admin from 106.12.12.7 port 38916 Aug 25 15:38:54 mail1 sshd\[9291\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 ...	2019-08-26 00:59:03

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.125.241	attack	Oct 12 23:39:26 localhost sshd[1152202]: Invalid user CVSROOT from 106.12.125.241 port 37014 ...	2020-10-12 23:39:48
106.12.125.241	attack	ssh brute force	2020-10-12 15:02:58
106.12.121.179	attackbotsspam	Brute-force attempt banned	2020-10-10 03:44:36
106.12.126.114	attackbots	ET SCAN NMAP -sS window 1024	2020-10-10 03:29:42
106.12.121.179	attack	sshd: Failed password for invalid user .... from 106.12.121.179 port 54966 ssh2 (8 attempts)	2020-10-09 19:40:25
106.12.126.114	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-09 19:22:57
106.12.125.241	attackbots	Oct 9 09:47:45 ns382633 sshd\[20848\]: Invalid user administrator from 106.12.125.241 port 55126 Oct 9 09:47:45 ns382633 sshd\[20848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Oct 9 09:47:47 ns382633 sshd\[20848\]: Failed password for invalid user administrator from 106.12.125.241 port 55126 ssh2 Oct 9 09:53:23 ns382633 sshd\[21610\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 user=root Oct 9 09:53:25 ns382633 sshd\[21610\]: Failed password for root from 106.12.125.241 port 48080 ssh2	2020-10-09 17:42:14
106.12.123.239	attackspam	Found on CINS badguys / proto=6 . srcport=56933 . dstport=3508 . (5380)	2020-10-09 04:11:23
106.12.123.239	attackspambots	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-08 20:19:28
106.12.123.239	attackspam	Failed password for invalid user samba from 106.12.123.239 port 42704 ssh2	2020-10-08 12:15:56
106.12.123.239	attackspambots	TCP (SYN) 106.12.123.239:53351 -> port 20725, len 44	2020-10-08 07:36:48
106.12.127.39	attackspam	Oct 6 00:16:59 dev0-dcde-rnet sshd[24466]: Failed password for root from 106.12.127.39 port 35302 ssh2 Oct 6 00:22:53 dev0-dcde-rnet sshd[24535]: Failed password for root from 106.12.127.39 port 54790 ssh2	2020-10-06 08:01:45
106.12.127.39	attackbotsspam	$f2bV_matches	2020-10-05 16:23:30
106.12.125.178	attack	2020-10-04T00:32:21.990228mail.standpoint.com.ua sshd[8726]: Invalid user admin from 106.12.125.178 port 57304 2020-10-04T00:32:21.992993mail.standpoint.com.ua sshd[8726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.178 2020-10-04T00:32:21.990228mail.standpoint.com.ua sshd[8726]: Invalid user admin from 106.12.125.178 port 57304 2020-10-04T00:32:23.391915mail.standpoint.com.ua sshd[8726]: Failed password for invalid user admin from 106.12.125.178 port 57304 ssh2 2020-10-04T00:33:47.893416mail.standpoint.com.ua sshd[8899]: Invalid user minecraft from 106.12.125.178 port 51324 ...	2020-10-04 07:12:02
106.12.125.178	attack	Oct 3 14:13:57 *** sshd[15317]: User root from 106.12.125.178 not allowed because not listed in AllowUsers	2020-10-03 23:26:07

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.12.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6351
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.12.7.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 26 00:58:53 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 7.12.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 7.12.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
180.179.227.201	attackspam	Jul 15 23:35:43 mail sshd\[15479\]: Invalid user chuan from 180.179.227.201 port 52702 Jul 15 23:35:43 mail sshd\[15479\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.179.227.201 Jul 15 23:35:45 mail sshd\[15479\]: Failed password for invalid user chuan from 180.179.227.201 port 52702 ssh2 Jul 15 23:40:59 mail sshd\[16836\]: Invalid user yd from 180.179.227.201 port 48972 Jul 15 23:40:59 mail sshd\[16836\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.179.227.201	2019-07-16 05:42:44
151.80.207.9	attackspambots	Jul 15 23:02:54 SilenceServices sshd[26016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.207.9 Jul 15 23:02:56 SilenceServices sshd[26016]: Failed password for invalid user cr from 151.80.207.9 port 51670 ssh2 Jul 15 23:07:23 SilenceServices sshd[29042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.207.9	2019-07-16 05:15:02
182.162.101.80	attackspam	2019-07-15T21:15:03.365901abusebot-5.cloudsearch.cf sshd\[26347\]: Invalid user ita from 182.162.101.80 port 55068	2019-07-16 05:15:38
198.23.189.18	attack	Jul 15 23:22:20 mail sshd\[12382\]: Invalid user cmveng from 198.23.189.18 port 39664 Jul 15 23:22:20 mail sshd\[12382\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.23.189.18 Jul 15 23:22:22 mail sshd\[12382\]: Failed password for invalid user cmveng from 198.23.189.18 port 39664 ssh2 Jul 15 23:27:01 mail sshd\[13394\]: Invalid user ys from 198.23.189.18 port 39095 Jul 15 23:27:01 mail sshd\[13394\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.23.189.18	2019-07-16 05:41:51
99.174.241.173	attackspambots	Automatic report - Port Scan Attack	2019-07-16 05:19:24
186.119.119.236	attackbots	445/tcp 445/tcp 445/tcp... [2019-05-17/07-15]12pkt,1pt.(tcp)	2019-07-16 05:19:56
191.53.193.249	attackbotsspam	Brute force attempt	2019-07-16 05:21:12
188.216.72.228	attackbotsspam	445/tcp 445/tcp 445/tcp [2019-06-04/07-15]3pkt	2019-07-16 05:21:38
134.209.59.66	attack	Jul 15 23:32:13 mail sshd\[14628\]: Invalid user mk from 134.209.59.66 port 54470 Jul 15 23:32:13 mail sshd\[14628\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.59.66 Jul 15 23:32:15 mail sshd\[14628\]: Failed password for invalid user mk from 134.209.59.66 port 54470 ssh2 Jul 15 23:37:01 mail sshd\[15735\]: Invalid user gaurav from 134.209.59.66 port 53688 Jul 15 23:37:01 mail sshd\[15735\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.59.66	2019-07-16 05:43:19
121.183.114.63	attackbotsspam	2019-07-15T21:18:57.520124abusebot.cloudsearch.cf sshd\[25291\]: Invalid user upload from 121.183.114.63 port 43572	2019-07-16 05:26:45
117.218.208.172	attack	445/tcp 445/tcp [2019-07-09/15]2pkt	2019-07-16 05:09:17
50.196.74.123	attackspambots	RDP Bruteforce	2019-07-16 05:29:37
186.46.61.214	attackspambots	wordpress exploit scan ...	2019-07-16 05:27:03
43.250.186.66	attack	SMB Server BruteForce Attack	2019-07-16 05:37:05
121.242.61.197	attackbotsspam	445/tcp 445/tcp 445/tcp... [2019-05-17/07-15]4pkt,1pt.(tcp)	2019-07-16 05:45:09

最近上报的IP列表

85.66.131.184	88.195.55.249	46.226.143.149	110.242.118.255
156.215.137.141	196.235.69.135	209.103.250.185	202.195.80.56
145.234.81.52	131.65.143.111	62.252.196.52	113.93.123.141
109.167.98.27	123.32.38.175	92.45.73.95	40.81.188.85
122.11.119.140	165.9.78.33	56.204.74.210	204.253.237.33