106.12.125.27 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Mar 1 17:27:27 webmail sshd[11846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.27 Mar 1 17:27:29 webmail sshd[11846]: Failed password for invalid user webuser from 106.12.125.27 port 59918 ssh2	2020-03-02 02:59:28
attack	2019-09-17T22:23:51.290729suse-nuc sshd[14707]: Invalid user spice from 106.12.125.27 port 36516 ...	2020-02-25 14:53:37
attackspambots	Invalid user postgres from 106.12.125.27 port 39620	2019-10-26 03:21:27
attack	Invalid user n from 106.12.125.27 port 43474	2019-10-25 14:18:10
attack	Oct 24 18:39:47 localhost sshd\[7688\]: Invalid user danc from 106.12.125.27 port 40712 Oct 24 18:39:47 localhost sshd\[7688\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.27 Oct 24 18:39:50 localhost sshd\[7688\]: Failed password for invalid user danc from 106.12.125.27 port 40712 ssh2 ...	2019-10-25 02:56:07
attackspam	Oct 21 06:48:52 www2 sshd\[8462\]: Invalid user kathi from 106.12.125.27Oct 21 06:48:54 www2 sshd\[8462\]: Failed password for invalid user kathi from 106.12.125.27 port 47208 ssh2Oct 21 06:55:26 www2 sshd\[9425\]: Invalid user yg from 106.12.125.27 ...	2019-10-21 12:32:34
attack	SSH bruteforce (Triggered fail2ban)	2019-10-19 19:27:57
attackbots	SSH Brute-Force reported by Fail2Ban	2019-10-18 05:33:28
attack	Oct 16 21:29:56 vmanager6029 sshd\[14908\]: Invalid user webster from 106.12.125.27 port 54638 Oct 16 21:29:56 vmanager6029 sshd\[14908\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.27 Oct 16 21:29:58 vmanager6029 sshd\[14908\]: Failed password for invalid user webster from 106.12.125.27 port 54638 ssh2	2019-10-17 03:32:35
attackbots	Oct 16 00:21:07 tdfoods sshd\[14162\]: Invalid user ts from 106.12.125.27 Oct 16 00:21:07 tdfoods sshd\[14162\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.27 Oct 16 00:21:09 tdfoods sshd\[14162\]: Failed password for invalid user ts from 106.12.125.27 port 55138 ssh2 Oct 16 00:27:30 tdfoods sshd\[14642\]: Invalid user support from 106.12.125.27 Oct 16 00:27:30 tdfoods sshd\[14642\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.27	2019-10-16 18:41:37
attackspambots	Invalid user testuser from 106.12.125.27 port 40682	2019-10-15 20:05:48
attack	SSH bruteforce (Triggered fail2ban)	2019-10-14 21:03:24
attackbots	2019-10-12T21:48:14.501492homeassistant sshd[29840]: Invalid user sysadmin from 106.12.125.27 port 59358 2019-10-12T21:48:14.512500homeassistant sshd[29840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.27 ...	2019-10-13 05:59:40
attack	Invalid user fm from 106.12.125.27 port 38844	2019-10-11 22:11:46
attackspambots	Invalid user fm from 106.12.125.27 port 38844	2019-10-10 20:37:13
attack	Invalid user technology from 106.12.125.27 port 48588	2019-10-05 20:19:40
attackspam	Oct 1 01:33:21 cp sshd[25758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.27 Oct 1 01:33:23 cp sshd[25758]: Failed password for invalid user alessandro from 106.12.125.27 port 35822 ssh2 Oct 1 01:39:37 cp sshd[29171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.27	2019-10-01 07:58:23
attackbots	Invalid user ncs from 106.12.125.27 port 33466	2019-09-29 14:49:17
attack	Sep 28 07:42:00 XXX sshd[2335]: Invalid user parker from 106.12.125.27 port 53206	2019-09-28 17:17:16
attackbotsspam	Invalid user radiusd from 106.12.125.27 port 45266	2019-09-17 20:06:01
attackbots	Invalid user scaner from 106.12.125.27 port 49394	2019-09-13 10:56:15
attackspambots	$f2bV_matches	2019-09-12 12:42:52
attack	Sep 5 21:43:17 mail sshd[8308]: Invalid user g from 106.12.125.27 ...	2019-09-07 17:05:28
attackspambots	Sep 5 14:44:52 debian sshd\[17204\]: Invalid user linux from 106.12.125.27 port 40790 Sep 5 14:44:52 debian sshd\[17204\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.27 Sep 5 14:44:53 debian sshd\[17204\]: Failed password for invalid user linux from 106.12.125.27 port 40790 ssh2 ...	2019-09-06 03:13:14
attack	Sep 3 03:31:54 vmd17057 sshd\[31161\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.27 user=bin Sep 3 03:31:56 vmd17057 sshd\[31161\]: Failed password for bin from 106.12.125.27 port 54016 ssh2 Sep 3 03:38:06 vmd17057 sshd\[32125\]: Invalid user sn0wcat from 106.12.125.27 port 41314 Sep 3 03:38:06 vmd17057 sshd\[32125\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.27 ...	2019-09-03 12:20:47
attackspambots	Invalid user sales from 106.12.125.27 port 46144	2019-08-30 13:40:06
attack	Aug 24 14:47:14 vpn01 sshd\[23180\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.27 user=root Aug 24 14:47:16 vpn01 sshd\[23180\]: Failed password for root from 106.12.125.27 port 39684 ssh2 Aug 24 15:01:37 vpn01 sshd\[23266\]: Invalid user boda from 106.12.125.27	2019-08-24 21:34:25
attackbots	2019-08-21T12:27:54.466133abusebot-6.cloudsearch.cf sshd\[16118\]: Invalid user k from 106.12.125.27 port 37072	2019-08-21 20:35:24
attackbots	Triggered by Fail2Ban at Ares web server	2019-08-21 07:23:20
attackbots	Invalid user export from 106.12.125.27 port 53122	2019-08-14 10:13:53

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.125.241	attack	Oct 12 23:39:26 localhost sshd[1152202]: Invalid user CVSROOT from 106.12.125.241 port 37014 ...	2020-10-12 23:39:48
106.12.125.241	attack	ssh brute force	2020-10-12 15:02:58
106.12.125.241	attackbots	Oct 9 09:47:45 ns382633 sshd\[20848\]: Invalid user administrator from 106.12.125.241 port 55126 Oct 9 09:47:45 ns382633 sshd\[20848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Oct 9 09:47:47 ns382633 sshd\[20848\]: Failed password for invalid user administrator from 106.12.125.241 port 55126 ssh2 Oct 9 09:53:23 ns382633 sshd\[21610\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 user=root Oct 9 09:53:25 ns382633 sshd\[21610\]: Failed password for root from 106.12.125.241 port 48080 ssh2	2020-10-09 17:42:14
106.12.125.178	attack	2020-10-04T00:32:21.990228mail.standpoint.com.ua sshd[8726]: Invalid user admin from 106.12.125.178 port 57304 2020-10-04T00:32:21.992993mail.standpoint.com.ua sshd[8726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.178 2020-10-04T00:32:21.990228mail.standpoint.com.ua sshd[8726]: Invalid user admin from 106.12.125.178 port 57304 2020-10-04T00:32:23.391915mail.standpoint.com.ua sshd[8726]: Failed password for invalid user admin from 106.12.125.178 port 57304 ssh2 2020-10-04T00:33:47.893416mail.standpoint.com.ua sshd[8899]: Invalid user minecraft from 106.12.125.178 port 51324 ...	2020-10-04 07:12:02
106.12.125.178	attack	Oct 3 14:13:57 *** sshd[15317]: User root from 106.12.125.178 not allowed because not listed in AllowUsers	2020-10-03 23:26:07
106.12.125.178	attackspambots	(sshd) Failed SSH login from 106.12.125.178 (CN/China/-): 5 in the last 3600 secs	2020-10-03 15:10:06
106.12.125.178	attackbots	B: Abusive ssh attack	2020-09-16 20:59:43
106.12.125.178	attackbots	Sep 16 06:59:03 localhost sshd\[1008\]: Invalid user keum from 106.12.125.178 Sep 16 06:59:03 localhost sshd\[1008\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.178 Sep 16 06:59:05 localhost sshd\[1008\]: Failed password for invalid user keum from 106.12.125.178 port 50956 ssh2 Sep 16 07:05:18 localhost sshd\[1679\]: Invalid user nicolas from 106.12.125.178 Sep 16 07:05:18 localhost sshd\[1679\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.178 ...	2020-09-16 13:30:36
106.12.125.178	attackbots	$f2bV_matches	2020-09-16 05:15:29
106.12.125.241	attackspam	Aug 26 00:24:47 havingfunrightnow sshd[12417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Aug 26 00:24:49 havingfunrightnow sshd[12417]: Failed password for invalid user dominique from 106.12.125.241 port 54048 ssh2 Aug 26 00:32:17 havingfunrightnow sshd[12745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 ...	2020-08-26 08:09:38
106.12.125.241	attackbotsspam	Aug 24 23:18:20 ip106 sshd[6654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Aug 24 23:18:22 ip106 sshd[6654]: Failed password for invalid user ogpbot from 106.12.125.241 port 37044 ssh2 ...	2020-08-25 05:22:32
106.12.125.241	attackbots	Aug 24 05:52:55 rancher-0 sshd[1245058]: Invalid user ome from 106.12.125.241 port 60176 ...	2020-08-24 15:19:21
106.12.125.241	attack	Invalid user user from 106.12.125.241 port 37298	2020-08-22 17:33:31
106.12.125.241	attack	2020-08-13T22:36:50.568038vps773228.ovh.net sshd[11100]: Failed password for root from 106.12.125.241 port 42660 ssh2 2020-08-13T22:41:42.095960vps773228.ovh.net sshd[11178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 user=root 2020-08-13T22:41:43.985684vps773228.ovh.net sshd[11178]: Failed password for root from 106.12.125.241 port 49066 ssh2 2020-08-13T22:46:29.488071vps773228.ovh.net sshd[11257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 user=root 2020-08-13T22:46:31.443394vps773228.ovh.net sshd[11257]: Failed password for root from 106.12.125.241 port 55476 ssh2 ...	2020-08-14 04:52:52
106.12.125.241	attackbots	Aug 2 14:57:27 * sshd[21085]: Failed password for root from 106.12.125.241 port 48850 ssh2	2020-08-02 22:00:47

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.125.27
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18337
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.125.27.			IN	A

;; AUTHORITY SECTION:
.			3386	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019033102 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 01 10:00:18 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 27.125.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 27.125.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
221.195.189.144	attackspam	389. On May 17 2020 experienced a Brute Force SSH login attempt -> 2 unique times by 221.195.189.144.	2020-05-20 22:41:31
176.236.56.130	attackbots	Attempted connection to port 445.	2020-05-20 23:19:23
51.75.208.177	attack	(sshd) Failed SSH login from 51.75.208.177 (FR/France/ip177.ip-51-75-208.eu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 20 14:47:45 amsweb01 sshd[9928]: Invalid user twu from 51.75.208.177 port 45250 May 20 14:47:47 amsweb01 sshd[9928]: Failed password for invalid user twu from 51.75.208.177 port 45250 ssh2 May 20 14:52:10 amsweb01 sshd[10226]: Invalid user jkl from 51.75.208.177 port 56028 May 20 14:52:12 amsweb01 sshd[10226]: Failed password for invalid user jkl from 51.75.208.177 port 56028 ssh2 May 20 14:55:40 amsweb01 sshd[10643]: Invalid user bzv from 51.75.208.177 port 43602	2020-05-20 22:33:39
218.92.0.138	attackbots	2020-05-20T14:34:23.611113shield sshd\[22264\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.138 user=root 2020-05-20T14:34:25.304610shield sshd\[22264\]: Failed password for root from 218.92.0.138 port 40098 ssh2 2020-05-20T14:34:28.006893shield sshd\[22264\]: Failed password for root from 218.92.0.138 port 40098 ssh2 2020-05-20T14:34:31.779231shield sshd\[22264\]: Failed password for root from 218.92.0.138 port 40098 ssh2 2020-05-20T14:34:35.265890shield sshd\[22264\]: Failed password for root from 218.92.0.138 port 40098 ssh2	2020-05-20 22:57:29
222.186.30.112	attack	May 20 16:49:13 dev0-dcde-rnet sshd[15578]: Failed password for root from 222.186.30.112 port 12620 ssh2 May 20 16:49:22 dev0-dcde-rnet sshd[15580]: Failed password for root from 222.186.30.112 port 52201 ssh2	2020-05-20 22:52:35
139.59.69.76	attackspambots	$f2bV_matches	2020-05-20 22:55:32
218.79.155.48	attack	372. On May 17 2020 experienced a Brute Force SSH login attempt -> 2 unique times by 218.79.155.48.	2020-05-20 23:00:59
145.255.173.159	attackspam	xmlrpc attack	2020-05-20 22:38:12
218.92.0.172	attack	May 20 16:25:05 abendstille sshd\[726\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.172 user=root May 20 16:25:06 abendstille sshd\[705\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.172 user=root May 20 16:25:07 abendstille sshd\[726\]: Failed password for root from 218.92.0.172 port 9485 ssh2 May 20 16:25:09 abendstille sshd\[705\]: Failed password for root from 218.92.0.172 port 39008 ssh2 May 20 16:25:10 abendstille sshd\[726\]: Failed password for root from 218.92.0.172 port 9485 ssh2 ...	2020-05-20 22:50:16
197.46.49.98	attackbots	Attempted connection to port 445.	2020-05-20 23:12:00
203.202.232.70	attackbots	1589960734 - 05/20/2020 09:45:34 Host: 203.202.232.70/203.202.232.70 Port: 445 TCP Blocked	2020-05-20 22:45:53
74.230.8.12	attackspambots	Chat Spam	2020-05-20 22:51:33
91.77.160.195	attackspambots	SSH brutforce	2020-05-20 22:36:12
77.49.120.106	attackspambots	Attempted connection to port 23.	2020-05-20 23:03:01
89.223.100.79	spambotsattackproxy	robber	2020-05-20 22:56:05

最近上报的IP列表

116.228.197.246	1.175.158.240	119.146.148.46	192.34.60.83
203.219.66.170	91.121.203.177	92.118.37.81	148.70.63.163
78.140.7.239	139.59.41.154	115.159.47.147	222.153.173.148
78.94.36.59	58.87.79.172	37.115.187.223	189.10.44.219
46.101.119.15	139.59.13.223	157.230.142.190	120.29.149.154