106.12.18.125 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Invalid user web from 106.12.18.125 port 47648	2020-10-10 23:13:02
attackspam	Oct 9 22:35:19 v2202009116398126984 sshd[2314200]: Invalid user test from 106.12.18.125 port 60694 ...	2020-10-10 15:03:17
attack	srv02 Mass scanning activity detected Target: 22685 ..	2020-10-09 06:32:30
attackbots	Oct 8 16:42:37 abendstille sshd\[1559\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.18.125 user=root Oct 8 16:42:38 abendstille sshd\[1559\]: Failed password for root from 106.12.18.125 port 34410 ssh2 Oct 8 16:47:15 abendstille sshd\[5851\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.18.125 user=root Oct 8 16:47:17 abendstille sshd\[5851\]: Failed password for root from 106.12.18.125 port 40710 ssh2 Oct 8 16:52:18 abendstille sshd\[10635\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.18.125 user=root ...	2020-10-08 22:53:44
attack	bruteforce, ssh, scan port	2020-10-08 14:48:37
attackbotsspam	Oct 3 01:05:21 gw1 sshd[18604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.18.125 Oct 3 01:05:23 gw1 sshd[18604]: Failed password for invalid user db2inst1 from 106.12.18.125 port 51866 ssh2 ...	2020-10-03 06:00:42
attackbots	Oct 2 11:44:06 sshd\[22711\]: User root from 106.12.18.125 not allowed because not listed in AllowUsersOct 2 11:44:08 sshd\[22711\]: Failed password for invalid user root from 106.12.18.125 port 54514 ssh2 ...	2020-10-03 01:27:18
attackspam	Oct 2 11:44:06 sshd\[22711\]: User root from 106.12.18.125 not allowed because not listed in AllowUsersOct 2 11:44:08 sshd\[22711\]: Failed password for invalid user root from 106.12.18.125 port 54514 ssh2 ...	2020-10-02 21:56:08
attack	Oct 2 11:44:06 sshd\[22711\]: User root from 106.12.18.125 not allowed because not listed in AllowUsersOct 2 11:44:08 sshd\[22711\]: Failed password for invalid user root from 106.12.18.125 port 54514 ssh2 ...	2020-10-02 18:27:50
attackspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-02 14:59:59
attackbotsspam	Found on 106.12.0.0/15 Dark List de / proto=6 . srcport=53604 . dstport=8435 . (2732)	2020-10-02 00:41:04
attack	srv02 Mass scanning activity detected Target: 8435 ..	2020-10-01 16:46:16
attackspam	Time: Sun Sep 27 11:28:58 2020 +0000 IP: 106.12.18.125 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 27 11:19:38 3 sshd[10480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.18.125 user=root Sep 27 11:19:40 3 sshd[10480]: Failed password for root from 106.12.18.125 port 51140 ssh2 Sep 27 11:25:44 3 sshd[24600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.18.125 user=root Sep 27 11:25:46 3 sshd[24600]: Failed password for root from 106.12.18.125 port 37704 ssh2 Sep 27 11:28:55 3 sshd[32285]: Invalid user svn from 106.12.18.125 port 45120	2020-09-29 04:04:16
attack	Sep 28 09:33:00 marvibiene sshd[21133]: Invalid user tester from 106.12.18.125 port 35770 Sep 28 09:33:00 marvibiene sshd[21133]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.18.125 Sep 28 09:33:00 marvibiene sshd[21133]: Invalid user tester from 106.12.18.125 port 35770 Sep 28 09:33:03 marvibiene sshd[21133]: Failed password for invalid user tester from 106.12.18.125 port 35770 ssh2	2020-09-28 20:18:05
attackspam	Sep 28 00:01:59 Tower sshd[36281]: Connection from 106.12.18.125 port 49330 on 192.168.10.220 port 22 rdomain "" Sep 28 00:02:04 Tower sshd[36281]: Invalid user cisco from 106.12.18.125 port 49330 Sep 28 00:02:04 Tower sshd[36281]: error: Could not get shadow information for NOUSER Sep 28 00:02:04 Tower sshd[36281]: Failed password for invalid user cisco from 106.12.18.125 port 49330 ssh2 Sep 28 00:02:04 Tower sshd[36281]: Received disconnect from 106.12.18.125 port 49330:11: Bye Bye [preauth] Sep 28 00:02:04 Tower sshd[36281]: Disconnected from invalid user cisco 106.12.18.125 port 49330 [preauth]	2020-09-28 12:22:51
attackspam	(sshd) Failed SSH login from 106.12.18.125 (CN/China/-): 5 in the last 3600 secs	2020-08-21 17:19:36
attack	Aug 18 14:26:06 dev0-dcde-rnet sshd[12161]: Failed password for root from 106.12.18.125 port 42170 ssh2 Aug 18 14:30:32 dev0-dcde-rnet sshd[12200]: Failed password for root from 106.12.18.125 port 43046 ssh2	2020-08-18 23:29:14
attack	Jul 4 13:51:37 rocket sshd[22948]: Failed password for root from 106.12.18.125 port 49462 ssh2 Jul 4 14:00:28 rocket sshd[23672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.18.125 ...	2020-07-04 21:34:01
attackspambots	Jun 28 07:34:12 piServer sshd[28826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.18.125 Jun 28 07:34:14 piServer sshd[28826]: Failed password for invalid user pages from 106.12.18.125 port 47884 ssh2 Jun 28 07:39:23 piServer sshd[29337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.18.125 ...	2020-06-28 14:00:38
attackbotsspam	06/17/2020-11:34:29.835847 106.12.18.125 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-18 00:09:38
attack	firewall-block, port(s): 30211/tcp	2020-05-24 01:04:23

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.186.74	attackbots	Scanned 3 times in the last 24 hours on port 22	2020-10-14 08:21:22
106.12.182.38	attackspam	SSH Brute Force	2020-10-14 06:22:37
106.12.180.136	attack	Invalid user gpadmin from 106.12.180.136 port 59726	2020-10-11 05:25:02
106.12.180.136	attackspambots	Oct 10 14:22:55 hidden sshd[55589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.180.136 user=root Oct 10 14:22:57 hidden sshd[55589]: Failed password for hidden from 106.12.180.136 port 59650 ssh2 Oct 10 14:26:56 hidden sshd[57161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.180.136 user=root Oct 10 14:26:58 hidden sshd[57161]: Failed password for hidden from 106.12.180.136 port 47692 ssh2 Oct 10 14:35:22 hidden sshd[60207]: Invalid user r from 106.12.180.136 port 52006	2020-10-10 21:30:29
106.12.185.102	attackspambots	2020-10-06T14:58:50.842974hostname sshd[6386]: Failed password for root from 106.12.185.102 port 45744 ssh2 ...	2020-10-07 03:23:14
106.12.185.102	attack	$f2bV_matches	2020-10-06 19:24:27
106.12.183.209	attackbotsspam	Failed password for root from 106.12.183.209 port 60686 ssh2	2020-10-06 07:30:23
106.12.183.209	attack	Oct 5 17:29:37 pornomens sshd\[20055\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.183.209 user=root Oct 5 17:29:39 pornomens sshd\[20055\]: Failed password for root from 106.12.183.209 port 45424 ssh2 Oct 5 17:35:32 pornomens sshd\[20116\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.183.209 user=root ...	2020-10-05 23:47:01
106.12.183.209	attackbotsspam	SSH / Telnet Brute Force Attempts on Honeypot	2020-10-05 15:46:45
106.12.182.38	attackbotsspam	Fail2Ban Ban Triggered	2020-10-02 06:01:52
106.12.182.38	attackbots	Invalid user apache from 106.12.182.38 port 46882	2020-10-01 22:25:06
106.12.182.38	attackbotsspam	2020-10-01T12:04:12.759920hostname sshd[1340]: Invalid user oracle from 106.12.182.38 port 35050 2020-10-01T12:04:14.409071hostname sshd[1340]: Failed password for invalid user oracle from 106.12.182.38 port 35050 ssh2 2020-10-01T12:11:53.484232hostname sshd[4486]: Invalid user ami from 106.12.182.38 port 46150 ...	2020-10-01 14:44:03
106.12.185.18	attack	Sep 28 14:59:59 pve1 sshd[3250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.185.18 Sep 28 15:00:01 pve1 sshd[3250]: Failed password for invalid user nextcloud from 106.12.185.18 port 53088 ssh2 ...	2020-09-29 06:37:22
106.12.18.219	attackbotsspam	Sep 28 01:36:51 ns sshd[19139]: Connection from 106.12.18.219 port 41980 on 134.119.39.98 port 22 Sep 28 01:36:54 ns sshd[19139]: Invalid user simon from 106.12.18.219 port 41980 Sep 28 01:36:54 ns sshd[19139]: Failed password for invalid user simon from 106.12.18.219 port 41980 ssh2 Sep 28 01:36:54 ns sshd[19139]: Received disconnect from 106.12.18.219 port 41980:11: Bye Bye [preauth] Sep 28 01:36:54 ns sshd[19139]: Disconnected from 106.12.18.219 port 41980 [preauth] Sep 28 01:50:30 ns sshd[20458]: Connection from 106.12.18.219 port 43916 on 134.119.39.98 port 22 Sep 28 01:50:31 ns sshd[20458]: User r.r from 106.12.18.219 not allowed because not listed in AllowUsers Sep 28 01:50:31 ns sshd[20458]: Failed password for invalid user r.r from 106.12.18.219 port 43916 ssh2 Sep 28 01:50:31 ns sshd[20458]: Received disconnect from 106.12.18.219 port 43916:11: Bye Bye [preauth] Sep 28 01:50:31 ns sshd[20458]: Disconnected from 106.12.18.219 port 43916 [preauth] Sep 28 01:54:1........ -------------------------------	2020-09-29 00:59:09
106.12.185.18	attackbotsspam	Sep 28 14:59:59 pve1 sshd[3250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.185.18 Sep 28 15:00:01 pve1 sshd[3250]: Failed password for invalid user nextcloud from 106.12.185.18 port 53088 ssh2 ...	2020-09-28 23:04:23

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.18.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44046
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.18.125.			IN	A

;; AUTHORITY SECTION:
.			539	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041302 1800 900 604800 86400

;; Query time: 334 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 14 10:38:17 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 125.18.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 125.18.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
1.55.64.4	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 14-10-2019 04:55:17.	2019-10-14 14:20:33
222.186.175.215	attackspam	Oct 14 08:08:06 apollo sshd\[10449\]: Failed password for root from 222.186.175.215 port 51492 ssh2Oct 14 08:08:10 apollo sshd\[10449\]: Failed password for root from 222.186.175.215 port 51492 ssh2Oct 14 08:08:15 apollo sshd\[10449\]: Failed password for root from 222.186.175.215 port 51492 ssh2 ...	2019-10-14 14:21:17
192.42.116.28	attackbots	$f2bV_matches	2019-10-14 14:16:54
51.158.106.54	attackspam	Automatic report - XMLRPC Attack	2019-10-14 13:49:30
219.85.170.41	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 14-10-2019 04:55:20.	2019-10-14 14:12:59
110.14.204.91	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 14-10-2019 04:55:17.	2019-10-14 14:20:00
106.12.205.227	attackspambots	Oct 14 08:16:18 hosting sshd[28125]: Invalid user Admin#111 from 106.12.205.227 port 58900 ...	2019-10-14 13:50:41
114.32.218.77	attack	(sshd) Failed SSH login from 114.32.218.77 (TW/Taiwan/114-32-218-77.HINET-IP.hinet.net): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 14 03:51:16 andromeda sshd[21531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.32.218.77 user=root Oct 14 03:51:18 andromeda sshd[21531]: Failed password for root from 114.32.218.77 port 42208 ssh2 Oct 14 03:56:04 andromeda sshd[22023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.32.218.77 user=root	2019-10-14 13:49:16
192.99.44.183	attack	2019-10-14T05:51:40.036735abusebot-8.cloudsearch.cf sshd\[20816\]: Invalid user oracle from 192.99.44.183 port 47056	2019-10-14 14:07:40
183.2.168.219	attackspambots	Oct 14 06:20:24 localhost sshd\[14305\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.2.168.219 user=root Oct 14 06:20:26 localhost sshd\[14305\]: Failed password for root from 183.2.168.219 port 59052 ssh2 Oct 14 06:25:33 localhost sshd\[14939\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.2.168.219 user=root	2019-10-14 13:51:43
95.56.12.155	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 14-10-2019 04:55:22.	2019-10-14 14:09:28
98.4.160.39	attack	Oct 14 11:17:17 areeb-Workstation sshd[20733]: Failed password for root from 98.4.160.39 port 33400 ssh2 ...	2019-10-14 13:54:15
220.164.193.238	attackspambots	Automatic report - Banned IP Access	2019-10-14 13:54:29
212.110.128.74	attackspambots	Oct 14 05:06:01 anodpoucpklekan sshd[52776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.110.128.74 user=root Oct 14 05:06:03 anodpoucpklekan sshd[52776]: Failed password for root from 212.110.128.74 port 45120 ssh2 ...	2019-10-14 14:03:00
45.32.22.18	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-14 13:46:09

最近上报的IP列表

47.201.211.23	53.222.245.30	173.52.121.181	251.43.239.50
124.109.115.14	183.88.243.216	186.240.84.39	150.93.1.178
239.217.215.12	222.53.112.25	200.219.244.66	178.128.211.250
106.75.7.27	90.78.12.207	111.51.65.36	118.127.110.54
41.79.65.154	35.200.227.76	75.157.110.192	167.99.147.58