106.12.12.7 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	SSH Brute Force	2020-04-29 13:23:14
attackspambots	Dec 12 09:27:16 124388 sshd[5562]: Failed password for invalid user sezen from 106.12.12.7 port 35384 ssh2 Dec 12 09:31:46 124388 sshd[5602]: Invalid user home from 106.12.12.7 port 47654 Dec 12 09:31:46 124388 sshd[5602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Dec 12 09:31:46 124388 sshd[5602]: Invalid user home from 106.12.12.7 port 47654 Dec 12 09:31:48 124388 sshd[5602]: Failed password for invalid user home from 106.12.12.7 port 47654 ssh2	2019-12-12 21:25:56
attackspam	Dec 2 18:55:53 ny01 sshd[15468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Dec 2 18:55:55 ny01 sshd[15468]: Failed password for invalid user ts3server from 106.12.12.7 port 56448 ssh2 Dec 2 19:02:01 ny01 sshd[16285]: Failed password for root from 106.12.12.7 port 32880 ssh2	2019-12-03 08:05:36
attackbotsspam	Nov 26 04:10:42 vibhu-HP-Z238-Microtower-Workstation sshd\[22513\]: Invalid user chilibeck from 106.12.12.7 Nov 26 04:10:42 vibhu-HP-Z238-Microtower-Workstation sshd\[22513\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Nov 26 04:10:44 vibhu-HP-Z238-Microtower-Workstation sshd\[22513\]: Failed password for invalid user chilibeck from 106.12.12.7 port 57566 ssh2 Nov 26 04:17:15 vibhu-HP-Z238-Microtower-Workstation sshd\[22763\]: Invalid user password from 106.12.12.7 Nov 26 04:17:15 vibhu-HP-Z238-Microtower-Workstation sshd\[22763\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 ...	2019-11-26 06:51:58
attackbots	Automatic report - Banned IP Access	2019-11-21 05:34:57
attackspambots	Nov 9 08:14:36 mail sshd[24681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Nov 9 08:14:38 mail sshd[24681]: Failed password for invalid user Success123 from 106.12.12.7 port 56586 ssh2 Nov 9 08:20:01 mail sshd[26666]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7	2019-11-09 19:15:26
attackbotsspam	SSH Brute-Force reported by Fail2Ban	2019-11-02 04:50:05
attackbots	2019-10-30T04:44:29.4940711495-001 sshd\[40119\]: Failed password for root from 106.12.12.7 port 46652 ssh2 2019-10-30T05:45:05.7670541495-001 sshd\[42401\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 user=root 2019-10-30T05:45:07.4898231495-001 sshd\[42401\]: Failed password for root from 106.12.12.7 port 43682 ssh2 2019-10-30T05:49:43.0923171495-001 sshd\[42600\]: Invalid user Pirkka from 106.12.12.7 port 53538 2019-10-30T05:49:43.0954891495-001 sshd\[42600\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 2019-10-30T05:49:45.6510911495-001 sshd\[42600\]: Failed password for invalid user Pirkka from 106.12.12.7 port 53538 ssh2 ...	2019-10-30 18:26:19
attackbots	Oct 24 06:38:48 sauna sshd[192850]: Failed password for root from 106.12.12.7 port 55762 ssh2 ...	2019-10-24 19:58:16
attackbotsspam	Repeated brute force against a port	2019-10-13 06:31:46
attackbotsspam	Oct 10 09:51:29 [munged] sshd[29004]: Failed password for root from 106.12.12.7 port 52860 ssh2	2019-10-10 16:13:04
attackbots	2019-09-29T21:54:55.481847abusebot.cloudsearch.cf sshd\[19209\]: Invalid user jim from 106.12.12.7 port 59970	2019-09-30 06:16:07
attackbots	Sep 28 23:09:29 server sshd\[26350\]: Invalid user 3edc from 106.12.12.7 port 40104 Sep 28 23:09:29 server sshd\[26350\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Sep 28 23:09:31 server sshd\[26350\]: Failed password for invalid user 3edc from 106.12.12.7 port 40104 ssh2 Sep 28 23:13:55 server sshd\[19187\]: Invalid user epmd from 106.12.12.7 port 50100 Sep 28 23:13:55 server sshd\[19187\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7	2019-09-29 04:34:28
attackbotsspam	Sep 27 05:38:18 apollo sshd\[6864\]: Invalid user tang from 106.12.12.7Sep 27 05:38:19 apollo sshd\[6864\]: Failed password for invalid user tang from 106.12.12.7 port 40622 ssh2Sep 27 05:48:14 apollo sshd\[6907\]: Invalid user cbrown from 106.12.12.7 ...	2019-09-27 17:59:46
attack	Sep 8 11:16:14 server01 sshd\[8540\]: Invalid user hadoop from 106.12.12.7 Sep 8 11:16:14 server01 sshd\[8540\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Sep 8 11:16:16 server01 sshd\[8540\]: Failed password for invalid user hadoop from 106.12.12.7 port 55106 ssh2 ...	2019-09-08 18:22:42
attack	Aug 25 15:31:19 mail1 sshd\[5809\]: Invalid user bukkit from 106.12.12.7 port 43796 Aug 25 15:31:19 mail1 sshd\[5809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Aug 25 15:31:22 mail1 sshd\[5809\]: Failed password for invalid user bukkit from 106.12.12.7 port 43796 ssh2 Aug 25 15:38:54 mail1 sshd\[9291\]: Invalid user admin from 106.12.12.7 port 38916 Aug 25 15:38:54 mail1 sshd\[9291\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 ...	2019-08-26 00:59:03

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.125.241	attack	Oct 12 23:39:26 localhost sshd[1152202]: Invalid user CVSROOT from 106.12.125.241 port 37014 ...	2020-10-12 23:39:48
106.12.125.241	attack	ssh brute force	2020-10-12 15:02:58
106.12.121.179	attackbotsspam	Brute-force attempt banned	2020-10-10 03:44:36
106.12.126.114	attackbots	ET SCAN NMAP -sS window 1024	2020-10-10 03:29:42
106.12.121.179	attack	sshd: Failed password for invalid user .... from 106.12.121.179 port 54966 ssh2 (8 attempts)	2020-10-09 19:40:25
106.12.126.114	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-09 19:22:57
106.12.125.241	attackbots	Oct 9 09:47:45 ns382633 sshd\[20848\]: Invalid user administrator from 106.12.125.241 port 55126 Oct 9 09:47:45 ns382633 sshd\[20848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Oct 9 09:47:47 ns382633 sshd\[20848\]: Failed password for invalid user administrator from 106.12.125.241 port 55126 ssh2 Oct 9 09:53:23 ns382633 sshd\[21610\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 user=root Oct 9 09:53:25 ns382633 sshd\[21610\]: Failed password for root from 106.12.125.241 port 48080 ssh2	2020-10-09 17:42:14
106.12.123.239	attackspam	Found on CINS badguys / proto=6 . srcport=56933 . dstport=3508 . (5380)	2020-10-09 04:11:23
106.12.123.239	attackspambots	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-08 20:19:28
106.12.123.239	attackspam	Failed password for invalid user samba from 106.12.123.239 port 42704 ssh2	2020-10-08 12:15:56
106.12.123.239	attackspambots	TCP (SYN) 106.12.123.239:53351 -> port 20725, len 44	2020-10-08 07:36:48
106.12.127.39	attackspam	Oct 6 00:16:59 dev0-dcde-rnet sshd[24466]: Failed password for root from 106.12.127.39 port 35302 ssh2 Oct 6 00:22:53 dev0-dcde-rnet sshd[24535]: Failed password for root from 106.12.127.39 port 54790 ssh2	2020-10-06 08:01:45
106.12.127.39	attackbotsspam	$f2bV_matches	2020-10-05 16:23:30
106.12.125.178	attack	2020-10-04T00:32:21.990228mail.standpoint.com.ua sshd[8726]: Invalid user admin from 106.12.125.178 port 57304 2020-10-04T00:32:21.992993mail.standpoint.com.ua sshd[8726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.178 2020-10-04T00:32:21.990228mail.standpoint.com.ua sshd[8726]: Invalid user admin from 106.12.125.178 port 57304 2020-10-04T00:32:23.391915mail.standpoint.com.ua sshd[8726]: Failed password for invalid user admin from 106.12.125.178 port 57304 ssh2 2020-10-04T00:33:47.893416mail.standpoint.com.ua sshd[8899]: Invalid user minecraft from 106.12.125.178 port 51324 ...	2020-10-04 07:12:02
106.12.125.178	attack	Oct 3 14:13:57 *** sshd[15317]: User root from 106.12.125.178 not allowed because not listed in AllowUsers	2020-10-03 23:26:07

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.12.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6351
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.12.7.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 26 00:58:53 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 7.12.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 7.12.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
103.228.112.192	attackbots	SSH Brute Force	2020-04-29 13:56:47
177.37.29.5	attackspam	Automatic report - Port Scan Attack	2020-04-29 13:28:12
195.154.133.163	attackbotsspam	195.154.133.163 - - [29/Apr/2020:09:35:41 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2" ...	2020-04-29 13:52:50
103.55.91.51	attackbots	SSH Brute Force	2020-04-29 13:44:09
139.199.229.228	attackbots	Apr 29 07:05:13 minden010 sshd[32188]: Failed password for root from 139.199.229.228 port 56132 ssh2 Apr 29 07:08:17 minden010 sshd[1323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.229.228 Apr 29 07:08:18 minden010 sshd[1323]: Failed password for invalid user admin from 139.199.229.228 port 33750 ssh2 ...	2020-04-29 13:43:40
104.236.215.68	attack	SSH Brute Force	2020-04-29 13:33:12
106.12.14.183	attack	SSH Brute Force	2020-04-29 13:20:24
106.12.128.114	attackbotsspam	SSH Brute Force	2020-04-29 13:22:21
103.91.54.100	attackspambots	SSH Brute Force	2020-04-29 13:39:57
104.248.150.150	attackbotsspam	SSH Brute Force	2020-04-29 13:30:36
104.236.94.202	attack	SSH Brute Force	2020-04-29 13:31:08
103.74.123.83	attackspambots	SSH Brute Force	2020-04-29 13:42:04
104.248.7.148	attack	SSH Brute Force	2020-04-29 13:27:37
223.240.86.204	attack	Apr 29 07:17:23 meumeu sshd[27920]: Failed password for root from 223.240.86.204 port 60108 ssh2 Apr 29 07:19:30 meumeu sshd[28219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.240.86.204 Apr 29 07:19:32 meumeu sshd[28219]: Failed password for invalid user pio from 223.240.86.204 port 45904 ssh2 ...	2020-04-29 13:45:24
103.87.25.201	attack	SSH Brute Force	2020-04-29 13:40:20

最近上报的IP列表

85.66.131.184	88.195.55.249	46.226.143.149	110.242.118.255
156.215.137.141	196.235.69.135	209.103.250.185	202.195.80.56
145.234.81.52	131.65.143.111	62.252.196.52	113.93.123.141
109.167.98.27	123.32.38.175	92.45.73.95	40.81.188.85
122.11.119.140	165.9.78.33	56.204.74.210	204.253.237.33