106.12.125.241

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 12 23:39:26 localhost sshd[1152202]: Invalid user CVSROOT from 106.12.125.241 port 37014 ...	2020-10-12 23:39:48
attack	ssh brute force	2020-10-12 15:02:58
attackbots	Oct 9 09:47:45 ns382633 sshd\[20848\]: Invalid user administrator from 106.12.125.241 port 55126 Oct 9 09:47:45 ns382633 sshd\[20848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Oct 9 09:47:47 ns382633 sshd\[20848\]: Failed password for invalid user administrator from 106.12.125.241 port 55126 ssh2 Oct 9 09:53:23 ns382633 sshd\[21610\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 user=root Oct 9 09:53:25 ns382633 sshd\[21610\]: Failed password for root from 106.12.125.241 port 48080 ssh2	2020-10-09 17:42:14
attackspam	Aug 26 00:24:47 havingfunrightnow sshd[12417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Aug 26 00:24:49 havingfunrightnow sshd[12417]: Failed password for invalid user dominique from 106.12.125.241 port 54048 ssh2 Aug 26 00:32:17 havingfunrightnow sshd[12745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 ...	2020-08-26 08:09:38
attackbotsspam	Aug 24 23:18:20 ip106 sshd[6654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Aug 24 23:18:22 ip106 sshd[6654]: Failed password for invalid user ogpbot from 106.12.125.241 port 37044 ssh2 ...	2020-08-25 05:22:32
attackbots	Aug 24 05:52:55 rancher-0 sshd[1245058]: Invalid user ome from 106.12.125.241 port 60176 ...	2020-08-24 15:19:21
attack	Invalid user user from 106.12.125.241 port 37298	2020-08-22 17:33:31
attack	2020-08-13T22:36:50.568038vps773228.ovh.net sshd[11100]: Failed password for root from 106.12.125.241 port 42660 ssh2 2020-08-13T22:41:42.095960vps773228.ovh.net sshd[11178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 user=root 2020-08-13T22:41:43.985684vps773228.ovh.net sshd[11178]: Failed password for root from 106.12.125.241 port 49066 ssh2 2020-08-13T22:46:29.488071vps773228.ovh.net sshd[11257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 user=root 2020-08-13T22:46:31.443394vps773228.ovh.net sshd[11257]: Failed password for root from 106.12.125.241 port 55476 ssh2 ...	2020-08-14 04:52:52
attackbots	Aug 2 14:57:27 * sshd[21085]: Failed password for root from 106.12.125.241 port 48850 ssh2	2020-08-02 22:00:47
attack	detected by Fail2Ban	2020-08-01 19:16:13
attack	Jul 30 17:58:52 ny01 sshd[25782]: Failed password for root from 106.12.125.241 port 35648 ssh2 Jul 30 17:59:51 ny01 sshd[25881]: Failed password for root from 106.12.125.241 port 47460 ssh2	2020-07-31 06:44:04
attackspam	2020-07-08T14:51:13.639342upcloud.m0sh1x2.com sshd[19352]: Invalid user iresha from 106.12.125.241 port 54480	2020-07-08 23:02:54
attackspambots	2020-06-16T06:43:30+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-06-16 19:39:56
attackspambots	Ssh brute force	2020-05-20 08:02:56
attack	Apr 24 11:29:47 f sshd\[30668\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 user=root Apr 24 11:29:49 f sshd\[30668\]: Failed password for root from 106.12.125.241 port 43864 ssh2 Apr 24 11:56:04 f sshd\[31043\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 ...	2020-04-24 13:40:39
attack	ssh brute force	2020-03-31 13:49:48
attackspam	(sshd) Failed SSH login from 106.12.125.241 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 29 14:16:25 amsweb01 sshd[13205]: Invalid user byq from 106.12.125.241 port 48244 Mar 29 14:16:27 amsweb01 sshd[13205]: Failed password for invalid user byq from 106.12.125.241 port 48244 ssh2 Mar 29 14:20:33 amsweb01 sshd[13801]: Invalid user co from 106.12.125.241 port 55926 Mar 29 14:20:35 amsweb01 sshd[13801]: Failed password for invalid user co from 106.12.125.241 port 55926 ssh2 Mar 29 14:21:47 amsweb01 sshd[13933]: Invalid user ewh from 106.12.125.241 port 37514	2020-03-29 20:48:14
attackbotsspam	Mar 11 04:36:53 *** sshd[3745]: Invalid user vboxuser from 106.12.125.241	2020-03-11 13:45:08
attackspam	Feb 28 15:58:37 silence02 sshd[15436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Feb 28 15:58:39 silence02 sshd[15436]: Failed password for invalid user teamspeak from 106.12.125.241 port 59046 ssh2 Feb 28 16:04:02 silence02 sshd[15744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241	2020-02-29 02:00:42
attackbotsspam	Feb 9 05:07:18 firewall sshd[5441]: Invalid user nmv from 106.12.125.241 Feb 9 05:07:20 firewall sshd[5441]: Failed password for invalid user nmv from 106.12.125.241 port 42522 ssh2 Feb 9 05:10:38 firewall sshd[5588]: Invalid user ldy from 106.12.125.241 ...	2020-02-09 16:22:56
attackbotsspam	Brute-force attempt banned	2020-02-09 02:15:06
attackbotsspam	"SSH brute force auth login attempt."	2020-01-23 19:15:22
attack	Lines containing failures of 106.12.125.241 Dec 30 14:36:27 nextcloud sshd[25298]: Invalid user radio from 106.12.125.241 port 47224 Dec 30 14:36:27 nextcloud sshd[25298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Dec 30 14:36:29 nextcloud sshd[25298]: Failed password for invalid user radio from 106.12.125.241 port 47224 ssh2 Dec 30 14:36:30 nextcloud sshd[25298]: Received disconnect from 106.12.125.241 port 47224:11: Bye Bye [preauth] Dec 30 14:36:30 nextcloud sshd[25298]: Disconnected from invalid user radio 106.12.125.241 port 47224 [preauth] Dec 30 14:45:25 nextcloud sshd[28276]: Invalid user danatan from 106.12.125.241 port 60210 Dec 30 14:45:25 nextcloud sshd[28276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.12.125.241	2019-12-30 22:44:15

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.125.178	attack	2020-10-04T00:32:21.990228mail.standpoint.com.ua sshd[8726]: Invalid user admin from 106.12.125.178 port 57304 2020-10-04T00:32:21.992993mail.standpoint.com.ua sshd[8726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.178 2020-10-04T00:32:21.990228mail.standpoint.com.ua sshd[8726]: Invalid user admin from 106.12.125.178 port 57304 2020-10-04T00:32:23.391915mail.standpoint.com.ua sshd[8726]: Failed password for invalid user admin from 106.12.125.178 port 57304 ssh2 2020-10-04T00:33:47.893416mail.standpoint.com.ua sshd[8899]: Invalid user minecraft from 106.12.125.178 port 51324 ...	2020-10-04 07:12:02
106.12.125.178	attack	Oct 3 14:13:57 *** sshd[15317]: User root from 106.12.125.178 not allowed because not listed in AllowUsers	2020-10-03 23:26:07
106.12.125.178	attackspambots	(sshd) Failed SSH login from 106.12.125.178 (CN/China/-): 5 in the last 3600 secs	2020-10-03 15:10:06
106.12.125.178	attackbots	B: Abusive ssh attack	2020-09-16 20:59:43
106.12.125.178	attackbots	Sep 16 06:59:03 localhost sshd\[1008\]: Invalid user keum from 106.12.125.178 Sep 16 06:59:03 localhost sshd\[1008\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.178 Sep 16 06:59:05 localhost sshd\[1008\]: Failed password for invalid user keum from 106.12.125.178 port 50956 ssh2 Sep 16 07:05:18 localhost sshd\[1679\]: Invalid user nicolas from 106.12.125.178 Sep 16 07:05:18 localhost sshd\[1679\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.178 ...	2020-09-16 13:30:36
106.12.125.178	attackbots	$f2bV_matches	2020-09-16 05:15:29
106.12.125.140	attackbots	Apr 16 06:22:22 srv01 sshd[25683]: Invalid user ubuntu from 106.12.125.140 port 48634 Apr 16 06:22:22 srv01 sshd[25683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.140 Apr 16 06:22:22 srv01 sshd[25683]: Invalid user ubuntu from 106.12.125.140 port 48634 Apr 16 06:22:24 srv01 sshd[25683]: Failed password for invalid user ubuntu from 106.12.125.140 port 48634 ssh2 Apr 16 06:25:24 srv01 sshd[27621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.140 user=root Apr 16 06:25:26 srv01 sshd[27621]: Failed password for root from 106.12.125.140 port 33338 ssh2 ...	2020-04-16 14:26:43
106.12.125.140	attackspam	2020-04-10T20:35:51.100064 sshd[888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.140 2020-04-10T20:35:51.084712 sshd[888]: Invalid user super from 106.12.125.140 port 36382 2020-04-10T20:35:53.471469 sshd[888]: Failed password for invalid user super from 106.12.125.140 port 36382 ssh2 2020-04-10T22:36:00.291575 sshd[3191]: Invalid user backup from 106.12.125.140 port 42420 ...	2020-04-11 05:15:58
106.12.125.27	attackspam	Mar 1 17:27:27 webmail sshd[11846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.27 Mar 1 17:27:29 webmail sshd[11846]: Failed password for invalid user webuser from 106.12.125.27 port 59918 ssh2	2020-03-02 02:59:28
106.12.125.27	attack	2019-09-17T22:23:51.290729suse-nuc sshd[14707]: Invalid user spice from 106.12.125.27 port 36516 ...	2020-02-25 14:53:37
106.12.125.140	attack	Jan 11 05:54:06 herz-der-gamer sshd[27962]: Invalid user obl from 106.12.125.140 port 50966 Jan 11 05:54:06 herz-der-gamer sshd[27962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.140 Jan 11 05:54:06 herz-der-gamer sshd[27962]: Invalid user obl from 106.12.125.140 port 50966 Jan 11 05:54:08 herz-der-gamer sshd[27962]: Failed password for invalid user obl from 106.12.125.140 port 50966 ssh2 ...	2020-01-11 16:10:41
106.12.125.140	attackspambots	Invalid user natsuko from 106.12.125.140 port 35004	2020-01-02 14:21:13
106.12.125.140	attackbotsspam	Dec 26 23:19:26 sshgateway sshd\[22473\]: Invalid user ftpuser from 106.12.125.140 Dec 26 23:19:26 sshgateway sshd\[22473\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.140 Dec 26 23:19:29 sshgateway sshd\[22473\]: Failed password for invalid user ftpuser from 106.12.125.140 port 47988 ssh2	2019-12-27 07:21:20
106.12.125.140	attackbotsspam	SSH Bruteforce attempt	2019-12-22 18:50:18
106.12.125.140	attackspam	Dec 6 13:26:58 web1 sshd\[16952\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.140 user=root Dec 6 13:27:00 web1 sshd\[16952\]: Failed password for root from 106.12.125.140 port 35046 ssh2 Dec 6 13:33:19 web1 sshd\[17666\]: Invalid user oti from 106.12.125.140 Dec 6 13:33:19 web1 sshd\[17666\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.140 Dec 6 13:33:21 web1 sshd\[17666\]: Failed password for invalid user oti from 106.12.125.140 port 40850 ssh2	2019-12-07 07:39:14

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.125.241
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56784
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.125.241.			IN	A

;; AUTHORITY SECTION:
.			273	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019123000 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 30 22:44:10 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 241.125.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 241.125.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
51.79.149.34	attackspam	Automatic report - XMLRPC Attack	2020-06-16 06:54:11
138.204.227.14	attack	06/15/2020-16:42:18.562336 138.204.227.14 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-06-16 07:19:10
209.97.134.58	attackspam	Jun 15 22:12:46 ws26vmsma01 sshd[82935]: Failed password for root from 209.97.134.58 port 50494 ssh2 ...	2020-06-16 07:14:43
196.43.231.123	attack	[ssh] SSH attack	2020-06-16 07:17:02
164.52.11.94	attack	Jun 15 22:42:31 host sshd[26492]: Invalid user jimmy from 164.52.11.94 port 59766 ...	2020-06-16 07:09:21
139.59.249.255	attackbots	228. On Jun 15 2020 experienced a Brute Force SSH login attempt -> 1 unique times by 139.59.249.255.	2020-06-16 06:57:54
51.15.190.82	attack	855. On Jun 15 2020 experienced a Brute Force SSH login attempt -> 9 unique times by 51.15.190.82.	2020-06-16 06:58:06
79.11.236.77	attackbotsspam	Jun 15 22:42:40 mout sshd[22801]: Invalid user aura from 79.11.236.77 port 50320 Jun 15 22:42:42 mout sshd[22801]: Failed password for invalid user aura from 79.11.236.77 port 50320 ssh2 Jun 15 22:42:43 mout sshd[22801]: Disconnected from invalid user aura 79.11.236.77 port 50320 [preauth]	2020-06-16 06:52:08
51.222.13.37	attackbotsspam	Jun 16 04:12:55 dhoomketu sshd[778266]: Invalid user teamspeak from 51.222.13.37 port 42342 Jun 16 04:12:55 dhoomketu sshd[778266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.222.13.37 Jun 16 04:12:55 dhoomketu sshd[778266]: Invalid user teamspeak from 51.222.13.37 port 42342 Jun 16 04:12:57 dhoomketu sshd[778266]: Failed password for invalid user teamspeak from 51.222.13.37 port 42342 ssh2 Jun 16 04:16:17 dhoomketu sshd[778317]: Invalid user rohit from 51.222.13.37 port 42764 ...	2020-06-16 06:59:35
188.3.124.105	attackspam	Automatic report - XMLRPC Attack	2020-06-16 07:21:08
198.46.188.145	attackbotsspam	Jun 16 00:47:52 vps sshd[844347]: Invalid user sinus from 198.46.188.145 port 36102 Jun 16 00:47:52 vps sshd[844347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.46.188.145 Jun 16 00:47:55 vps sshd[844347]: Failed password for invalid user sinus from 198.46.188.145 port 36102 ssh2 Jun 16 00:51:35 vps sshd[862338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.46.188.145 user=root Jun 16 00:51:37 vps sshd[862338]: Failed password for root from 198.46.188.145 port 36148 ssh2 ...	2020-06-16 07:03:29
213.184.249.95	attackspambots	Jun 15 22:28:45 ip-172-31-61-156 sshd[26124]: Failed password for invalid user ar from 213.184.249.95 port 46654 ssh2 Jun 15 22:28:43 ip-172-31-61-156 sshd[26124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.184.249.95 Jun 15 22:28:43 ip-172-31-61-156 sshd[26124]: Invalid user ar from 213.184.249.95 Jun 15 22:28:45 ip-172-31-61-156 sshd[26124]: Failed password for invalid user ar from 213.184.249.95 port 46654 ssh2 Jun 15 22:32:01 ip-172-31-61-156 sshd[26305]: Invalid user sdn from 213.184.249.95 ...	2020-06-16 07:20:40
103.80.36.34	attack	40. On Jun 15 2020 experienced a Brute Force SSH login attempt -> 48 unique times by 103.80.36.34.	2020-06-16 07:15:33
222.186.175.169	attackspam	Jun 16 01:00:33 eventyay sshd[21773]: Failed password for root from 222.186.175.169 port 21998 ssh2 Jun 16 01:00:47 eventyay sshd[21773]: error: maximum authentication attempts exceeded for root from 222.186.175.169 port 21998 ssh2 [preauth] Jun 16 01:00:52 eventyay sshd[21775]: Failed password for root from 222.186.175.169 port 39346 ssh2 ...	2020-06-16 07:10:03
106.52.248.175	attackspam	DATE:2020-06-16 00:28:26, IP:106.52.248.175, PORT:ssh SSH brute force auth (docker-dc)	2020-06-16 07:13:25

最近上报的IP列表

183.81.122.249	218.212.221.202	78.155.42.148	36.37.81.34
186.95.2.71	62.210.162.148	83.171.114.82	113.209.194.202
83.97.20.204	52.48.42.218	187.167.69.122	92.40.120.109
42.59.93.177	201.16.145.37	195.244.32.132	52.39.133.133
188.2.235.203	182.73.247.90	157.37.16.92	2.134.37.244