106.12.125.241

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 12 23:39:26 localhost sshd[1152202]: Invalid user CVSROOT from 106.12.125.241 port 37014 ...	2020-10-12 23:39:48
attack	ssh brute force	2020-10-12 15:02:58
attackbots	Oct 9 09:47:45 ns382633 sshd\[20848\]: Invalid user administrator from 106.12.125.241 port 55126 Oct 9 09:47:45 ns382633 sshd\[20848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Oct 9 09:47:47 ns382633 sshd\[20848\]: Failed password for invalid user administrator from 106.12.125.241 port 55126 ssh2 Oct 9 09:53:23 ns382633 sshd\[21610\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 user=root Oct 9 09:53:25 ns382633 sshd\[21610\]: Failed password for root from 106.12.125.241 port 48080 ssh2	2020-10-09 17:42:14
attackspam	Aug 26 00:24:47 havingfunrightnow sshd[12417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Aug 26 00:24:49 havingfunrightnow sshd[12417]: Failed password for invalid user dominique from 106.12.125.241 port 54048 ssh2 Aug 26 00:32:17 havingfunrightnow sshd[12745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 ...	2020-08-26 08:09:38
attackbotsspam	Aug 24 23:18:20 ip106 sshd[6654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Aug 24 23:18:22 ip106 sshd[6654]: Failed password for invalid user ogpbot from 106.12.125.241 port 37044 ssh2 ...	2020-08-25 05:22:32
attackbots	Aug 24 05:52:55 rancher-0 sshd[1245058]: Invalid user ome from 106.12.125.241 port 60176 ...	2020-08-24 15:19:21
attack	Invalid user user from 106.12.125.241 port 37298	2020-08-22 17:33:31
attack	2020-08-13T22:36:50.568038vps773228.ovh.net sshd[11100]: Failed password for root from 106.12.125.241 port 42660 ssh2 2020-08-13T22:41:42.095960vps773228.ovh.net sshd[11178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 user=root 2020-08-13T22:41:43.985684vps773228.ovh.net sshd[11178]: Failed password for root from 106.12.125.241 port 49066 ssh2 2020-08-13T22:46:29.488071vps773228.ovh.net sshd[11257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 user=root 2020-08-13T22:46:31.443394vps773228.ovh.net sshd[11257]: Failed password for root from 106.12.125.241 port 55476 ssh2 ...	2020-08-14 04:52:52
attackbots	Aug 2 14:57:27 * sshd[21085]: Failed password for root from 106.12.125.241 port 48850 ssh2	2020-08-02 22:00:47
attack	detected by Fail2Ban	2020-08-01 19:16:13
attack	Jul 30 17:58:52 ny01 sshd[25782]: Failed password for root from 106.12.125.241 port 35648 ssh2 Jul 30 17:59:51 ny01 sshd[25881]: Failed password for root from 106.12.125.241 port 47460 ssh2	2020-07-31 06:44:04
attackspam	2020-07-08T14:51:13.639342upcloud.m0sh1x2.com sshd[19352]: Invalid user iresha from 106.12.125.241 port 54480	2020-07-08 23:02:54
attackspambots	2020-06-16T06:43:30+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-06-16 19:39:56
attackspambots	Ssh brute force	2020-05-20 08:02:56
attack	Apr 24 11:29:47 f sshd\[30668\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 user=root Apr 24 11:29:49 f sshd\[30668\]: Failed password for root from 106.12.125.241 port 43864 ssh2 Apr 24 11:56:04 f sshd\[31043\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 ...	2020-04-24 13:40:39
attack	ssh brute force	2020-03-31 13:49:48
attackspam	(sshd) Failed SSH login from 106.12.125.241 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 29 14:16:25 amsweb01 sshd[13205]: Invalid user byq from 106.12.125.241 port 48244 Mar 29 14:16:27 amsweb01 sshd[13205]: Failed password for invalid user byq from 106.12.125.241 port 48244 ssh2 Mar 29 14:20:33 amsweb01 sshd[13801]: Invalid user co from 106.12.125.241 port 55926 Mar 29 14:20:35 amsweb01 sshd[13801]: Failed password for invalid user co from 106.12.125.241 port 55926 ssh2 Mar 29 14:21:47 amsweb01 sshd[13933]: Invalid user ewh from 106.12.125.241 port 37514	2020-03-29 20:48:14
attackbotsspam	Mar 11 04:36:53 *** sshd[3745]: Invalid user vboxuser from 106.12.125.241	2020-03-11 13:45:08
attackspam	Feb 28 15:58:37 silence02 sshd[15436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Feb 28 15:58:39 silence02 sshd[15436]: Failed password for invalid user teamspeak from 106.12.125.241 port 59046 ssh2 Feb 28 16:04:02 silence02 sshd[15744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241	2020-02-29 02:00:42
attackbotsspam	Feb 9 05:07:18 firewall sshd[5441]: Invalid user nmv from 106.12.125.241 Feb 9 05:07:20 firewall sshd[5441]: Failed password for invalid user nmv from 106.12.125.241 port 42522 ssh2 Feb 9 05:10:38 firewall sshd[5588]: Invalid user ldy from 106.12.125.241 ...	2020-02-09 16:22:56
attackbotsspam	Brute-force attempt banned	2020-02-09 02:15:06
attackbotsspam	"SSH brute force auth login attempt."	2020-01-23 19:15:22
attack	Lines containing failures of 106.12.125.241 Dec 30 14:36:27 nextcloud sshd[25298]: Invalid user radio from 106.12.125.241 port 47224 Dec 30 14:36:27 nextcloud sshd[25298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Dec 30 14:36:29 nextcloud sshd[25298]: Failed password for invalid user radio from 106.12.125.241 port 47224 ssh2 Dec 30 14:36:30 nextcloud sshd[25298]: Received disconnect from 106.12.125.241 port 47224:11: Bye Bye [preauth] Dec 30 14:36:30 nextcloud sshd[25298]: Disconnected from invalid user radio 106.12.125.241 port 47224 [preauth] Dec 30 14:45:25 nextcloud sshd[28276]: Invalid user danatan from 106.12.125.241 port 60210 Dec 30 14:45:25 nextcloud sshd[28276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.12.125.241	2019-12-30 22:44:15

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.125.178	attack	2020-10-04T00:32:21.990228mail.standpoint.com.ua sshd[8726]: Invalid user admin from 106.12.125.178 port 57304 2020-10-04T00:32:21.992993mail.standpoint.com.ua sshd[8726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.178 2020-10-04T00:32:21.990228mail.standpoint.com.ua sshd[8726]: Invalid user admin from 106.12.125.178 port 57304 2020-10-04T00:32:23.391915mail.standpoint.com.ua sshd[8726]: Failed password for invalid user admin from 106.12.125.178 port 57304 ssh2 2020-10-04T00:33:47.893416mail.standpoint.com.ua sshd[8899]: Invalid user minecraft from 106.12.125.178 port 51324 ...	2020-10-04 07:12:02
106.12.125.178	attack	Oct 3 14:13:57 *** sshd[15317]: User root from 106.12.125.178 not allowed because not listed in AllowUsers	2020-10-03 23:26:07
106.12.125.178	attackspambots	(sshd) Failed SSH login from 106.12.125.178 (CN/China/-): 5 in the last 3600 secs	2020-10-03 15:10:06
106.12.125.178	attackbots	B: Abusive ssh attack	2020-09-16 20:59:43
106.12.125.178	attackbots	Sep 16 06:59:03 localhost sshd\[1008\]: Invalid user keum from 106.12.125.178 Sep 16 06:59:03 localhost sshd\[1008\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.178 Sep 16 06:59:05 localhost sshd\[1008\]: Failed password for invalid user keum from 106.12.125.178 port 50956 ssh2 Sep 16 07:05:18 localhost sshd\[1679\]: Invalid user nicolas from 106.12.125.178 Sep 16 07:05:18 localhost sshd\[1679\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.178 ...	2020-09-16 13:30:36
106.12.125.178	attackbots	$f2bV_matches	2020-09-16 05:15:29
106.12.125.140	attackbots	Apr 16 06:22:22 srv01 sshd[25683]: Invalid user ubuntu from 106.12.125.140 port 48634 Apr 16 06:22:22 srv01 sshd[25683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.140 Apr 16 06:22:22 srv01 sshd[25683]: Invalid user ubuntu from 106.12.125.140 port 48634 Apr 16 06:22:24 srv01 sshd[25683]: Failed password for invalid user ubuntu from 106.12.125.140 port 48634 ssh2 Apr 16 06:25:24 srv01 sshd[27621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.140 user=root Apr 16 06:25:26 srv01 sshd[27621]: Failed password for root from 106.12.125.140 port 33338 ssh2 ...	2020-04-16 14:26:43
106.12.125.140	attackspam	2020-04-10T20:35:51.100064 sshd[888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.140 2020-04-10T20:35:51.084712 sshd[888]: Invalid user super from 106.12.125.140 port 36382 2020-04-10T20:35:53.471469 sshd[888]: Failed password for invalid user super from 106.12.125.140 port 36382 ssh2 2020-04-10T22:36:00.291575 sshd[3191]: Invalid user backup from 106.12.125.140 port 42420 ...	2020-04-11 05:15:58
106.12.125.27	attackspam	Mar 1 17:27:27 webmail sshd[11846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.27 Mar 1 17:27:29 webmail sshd[11846]: Failed password for invalid user webuser from 106.12.125.27 port 59918 ssh2	2020-03-02 02:59:28
106.12.125.27	attack	2019-09-17T22:23:51.290729suse-nuc sshd[14707]: Invalid user spice from 106.12.125.27 port 36516 ...	2020-02-25 14:53:37
106.12.125.140	attack	Jan 11 05:54:06 herz-der-gamer sshd[27962]: Invalid user obl from 106.12.125.140 port 50966 Jan 11 05:54:06 herz-der-gamer sshd[27962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.140 Jan 11 05:54:06 herz-der-gamer sshd[27962]: Invalid user obl from 106.12.125.140 port 50966 Jan 11 05:54:08 herz-der-gamer sshd[27962]: Failed password for invalid user obl from 106.12.125.140 port 50966 ssh2 ...	2020-01-11 16:10:41
106.12.125.140	attackspambots	Invalid user natsuko from 106.12.125.140 port 35004	2020-01-02 14:21:13
106.12.125.140	attackbotsspam	Dec 26 23:19:26 sshgateway sshd\[22473\]: Invalid user ftpuser from 106.12.125.140 Dec 26 23:19:26 sshgateway sshd\[22473\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.140 Dec 26 23:19:29 sshgateway sshd\[22473\]: Failed password for invalid user ftpuser from 106.12.125.140 port 47988 ssh2	2019-12-27 07:21:20
106.12.125.140	attackbotsspam	SSH Bruteforce attempt	2019-12-22 18:50:18
106.12.125.140	attackspam	Dec 6 13:26:58 web1 sshd\[16952\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.140 user=root Dec 6 13:27:00 web1 sshd\[16952\]: Failed password for root from 106.12.125.140 port 35046 ssh2 Dec 6 13:33:19 web1 sshd\[17666\]: Invalid user oti from 106.12.125.140 Dec 6 13:33:19 web1 sshd\[17666\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.140 Dec 6 13:33:21 web1 sshd\[17666\]: Failed password for invalid user oti from 106.12.125.140 port 40850 ssh2	2019-12-07 07:39:14

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.125.241
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56784
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.125.241.			IN	A

;; AUTHORITY SECTION:
.			273	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019123000 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 30 22:44:10 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 241.125.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 241.125.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
216.244.66.248	attackbots	20 attempts against mh-misbehave-ban on pluto	2020-06-29 17:54:27
27.78.14.83	attackbotsspam	SSHD brute force attack detected by fail2ban	2020-06-29 17:59:17
37.59.60.115	attackspam	Automatic report - XMLRPC Attack	2020-06-29 17:50:55
212.91.190.135	attackbotsspam	Unauthorized connection attempt detected from IP address 212.91.190.135 to port 80	2020-06-29 18:24:20
45.179.189.201	attackspam	(smtpauth) Failed SMTP AUTH login from 45.179.189.201 (BR/Brazil/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-06-29 08:21:43 plain authenticator failed for ([45.179.189.201]) [45.179.189.201]: 535 Incorrect authentication data (set_id=marketin@toliddaru.ir)	2020-06-29 17:53:02
139.199.32.22	attackbotsspam	Jun 29 05:51:50 zulu412 sshd\[4428\]: Invalid user test from 139.199.32.22 port 53192 Jun 29 05:51:50 zulu412 sshd\[4428\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.22 Jun 29 05:51:52 zulu412 sshd\[4428\]: Failed password for invalid user test from 139.199.32.22 port 53192 ssh2 ...	2020-06-29 17:50:11
89.39.89.18	attack	Jun 29 09:02:37 prod4 sshd\[31356\]: Invalid user luca from 89.39.89.18 Jun 29 09:02:39 prod4 sshd\[31356\]: Failed password for invalid user luca from 89.39.89.18 port 48986 ssh2 Jun 29 09:06:09 prod4 sshd\[1109\]: Invalid user di from 89.39.89.18 ...	2020-06-29 18:13:54
191.243.176.130	attackspambots	k+ssh-bruteforce	2020-06-29 17:42:57
52.188.155.148	attackbots	Jun 29 12:04:38 prod4 sshd\[521\]: Failed password for root from 52.188.155.148 port 33444 ssh2 Jun 29 12:09:47 prod4 sshd\[2908\]: Invalid user ch from 52.188.155.148 Jun 29 12:09:48 prod4 sshd\[2908\]: Failed password for invalid user ch from 52.188.155.148 port 36510 ssh2 ...	2020-06-29 18:20:21
186.4.242.37	attack	Unauthorized SSH login attempts	2020-06-29 18:26:33
192.241.227.80	attack	Host Scan	2020-06-29 18:21:04
112.85.42.87	attack	Unauthorized connection attempt detected from IP address 112.85.42.87 to port 22	2020-06-29 18:15:02
192.241.222.90	attackbots	Unauthorized connection attempt detected from IP address 192.241.222.90 to port 7002 [T]	2020-06-29 18:19:59
14.20.89.236	attack	06/28/2020-23:51:54.671301 14.20.89.236 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-06-29 17:49:48
212.70.149.82	attackspam	Jun 29 11:49:52 mail postfix/smtpd\[4034\]: warning: unknown\[212.70.149.82\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 29 11:50:20 mail postfix/smtpd\[4034\]: warning: unknown\[212.70.149.82\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 29 12:20:53 mail postfix/smtpd\[4334\]: warning: unknown\[212.70.149.82\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 29 12:21:21 mail postfix/smtpd\[4334\]: warning: unknown\[212.70.149.82\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-06-29 18:24:46

最近上报的IP列表

183.81.122.249	218.212.221.202	78.155.42.148	36.37.81.34
186.95.2.71	62.210.162.148	83.171.114.82	113.209.194.202
83.97.20.204	52.48.42.218	187.167.69.122	92.40.120.109
42.59.93.177	201.16.145.37	195.244.32.132	52.39.133.133
188.2.235.203	182.73.247.90	157.37.16.92	2.134.37.244