106.12.8.249 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jan 2 11:31:51 dallas01 sshd[30059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Jan 2 11:31:54 dallas01 sshd[30059]: Failed password for invalid user nappy from 106.12.8.249 port 60232 ssh2 Jan 2 11:33:48 dallas01 sshd[31267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Jan 2 11:33:50 dallas01 sshd[31267]: Failed password for invalid user franciskong from 106.12.8.249 port 46248 ssh2	2020-01-28 01:43:22
attackspam	Unauthorized connection attempt detected from IP address 106.12.8.249 to port 2220 [J]	2020-01-14 19:01:23
attackbotsspam	Jan 2 16:28:36 sd-53420 sshd\[19448\]: Invalid user devarea from 106.12.8.249 Jan 2 16:28:36 sd-53420 sshd\[19448\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Jan 2 16:28:38 sd-53420 sshd\[19448\]: Failed password for invalid user devarea from 106.12.8.249 port 40616 ssh2 Jan 2 16:31:18 sd-53420 sshd\[20272\]: Invalid user farag from 106.12.8.249 Jan 2 16:31:18 sd-53420 sshd\[20272\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 ...	2020-01-03 06:46:05
attackbotsspam	$f2bV_matches	2019-12-18 15:38:00
attackspam	Dec 13 08:15:15 microserver sshd[44982]: Invalid user borjon from 106.12.8.249 port 38254 Dec 13 08:15:15 microserver sshd[44982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Dec 13 08:15:17 microserver sshd[44982]: Failed password for invalid user borjon from 106.12.8.249 port 38254 ssh2 Dec 13 08:22:20 microserver sshd[45962]: Invalid user monitor from 106.12.8.249 port 33028 Dec 13 08:22:20 microserver sshd[45962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Dec 13 08:36:32 microserver sshd[48210]: Invalid user monraz from 106.12.8.249 port 50592 Dec 13 08:36:32 microserver sshd[48210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Dec 13 08:36:34 microserver sshd[48210]: Failed password for invalid user monraz from 106.12.8.249 port 50592 ssh2 Dec 13 08:43:00 microserver sshd[49090]: Invalid user keiv from 106.12.8.249 port 45372 Dec 13 08	2019-12-13 23:04:55
attackbots	2019-12-09T06:39:43.493503abusebot-2.cloudsearch.cf sshd\[28555\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 user=root	2019-12-09 15:18:10
attackbots	Dec 8 18:03:22 MK-Soft-Root1 sshd[29287]: Failed password for root from 106.12.8.249 port 48552 ssh2 Dec 8 18:09:53 MK-Soft-Root1 sshd[30649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 ...	2019-12-09 01:50:39
attack	Nov 20 21:39:39 server sshd\[1515\]: Invalid user chandan from 106.12.8.249 Nov 20 21:39:39 server sshd\[1515\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Nov 20 21:39:41 server sshd\[1515\]: Failed password for invalid user chandan from 106.12.8.249 port 56002 ssh2 Nov 20 21:57:27 server sshd\[6404\]: Invalid user rpc from 106.12.8.249 Nov 20 21:57:27 server sshd\[6404\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 ...	2019-11-21 06:19:45
attack	$f2bV_matches	2019-11-14 08:11:23
attackbotsspam	Nov 1 11:36:15 nexus sshd[3977]: Invalid user tf from 106.12.8.249 port 53410 Nov 1 11:36:15 nexus sshd[3977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Nov 1 11:36:17 nexus sshd[3977]: Failed password for invalid user tf from 106.12.8.249 port 53410 ssh2 Nov 1 11:36:18 nexus sshd[3977]: Received disconnect from 106.12.8.249 port 53410:11: Bye Bye [preauth] Nov 1 11:36:18 nexus sshd[3977]: Disconnected from 106.12.8.249 port 53410 [preauth] Nov 6 02:56:48 nexus sshd[994]: Invalid user hostname from 106.12.8.249 port 50626 Nov 6 02:56:48 nexus sshd[994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Nov 6 02:56:50 nexus sshd[994]: Failed password for invalid user hostname from 106.12.8.249 port 50626 ssh2 Nov 6 02:56:50 nexus sshd[994]: Received disconnect from 106.12.8.249 port 50626:11: Bye Bye [preauth] Nov 6 02:56:50 nexus sshd[994]: Disconnecte........ -------------------------------	2019-11-06 16:55:32
attack	Nov 4 23:07:49 MK-Soft-VM6 sshd[25375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Nov 4 23:07:51 MK-Soft-VM6 sshd[25375]: Failed password for invalid user rootme from 106.12.8.249 port 59598 ssh2 ...	2019-11-05 06:17:06
attack	detected by Fail2Ban	2019-11-03 14:18:09

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.84.29	attack	Oct 12 16:50:53 markkoudstaal sshd[29040]: Failed password for root from 106.12.84.29 port 46464 ssh2 Oct 12 16:53:44 markkoudstaal sshd[29757]: Failed password for root from 106.12.84.29 port 42012 ssh2 ...	2020-10-12 23:37:02
106.12.84.29	attackbots	Oct 12 00:29:14 abendstille sshd\[18747\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.84.29 user=root Oct 12 00:29:16 abendstille sshd\[18747\]: Failed password for root from 106.12.84.29 port 45312 ssh2 Oct 12 00:32:47 abendstille sshd\[22801\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.84.29 user=root Oct 12 00:32:49 abendstille sshd\[22801\]: Failed password for root from 106.12.84.29 port 41814 ssh2 Oct 12 00:36:24 abendstille sshd\[26804\]: Invalid user bryan from 106.12.84.29 Oct 12 00:36:24 abendstille sshd\[26804\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.84.29 ...	2020-10-12 15:00:36
106.12.89.154	attackbots	DATE:2020-10-11 14:15:13, IP:106.12.89.154, PORT:ssh SSH brute force auth (docker-dc)	2020-10-12 05:48:23
106.12.89.184	attackspambots	Oct 11 20:23:11 jane sshd[22754]: Failed password for root from 106.12.89.184 port 47058 ssh2 ...	2020-10-12 03:00:52
106.12.89.154	attack	DATE:2020-10-11 14:15:13, IP:106.12.89.154, PORT:ssh SSH brute force auth (docker-dc)	2020-10-11 21:55:26
106.12.89.184	attackspam	Oct 11 07:01:25 shivevps sshd[27144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.89.184 Oct 11 07:01:27 shivevps sshd[27144]: Failed password for invalid user mila from 106.12.89.184 port 42646 ssh2 Oct 11 07:05:39 shivevps sshd[27287]: Invalid user 1 from 106.12.89.184 port 41436 ...	2020-10-11 18:52:46
106.12.89.154	attack	Invalid user test from 106.12.89.154 port 55030	2020-10-11 13:52:36
106.12.89.154	attackbots	Fail2Ban Ban Triggered	2020-10-11 07:15:39
106.12.84.83	attackspam	Brute%20Force%20SSH	2020-10-11 03:18:34
106.12.84.83	attackspambots	Brute%20Force%20SSH	2020-10-10 19:09:32
106.12.8.149	attack	Oct 10 08:31:48 web1 sshd[20600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 user=root Oct 10 08:31:50 web1 sshd[20600]: Failed password for root from 106.12.8.149 port 38996 ssh2 Oct 10 08:37:19 web1 sshd[22542]: Invalid user download from 106.12.8.149 port 51856 Oct 10 08:37:19 web1 sshd[22542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 Oct 10 08:37:19 web1 sshd[22542]: Invalid user download from 106.12.8.149 port 51856 Oct 10 08:37:21 web1 sshd[22542]: Failed password for invalid user download from 106.12.8.149 port 51856 ssh2 Oct 10 08:41:20 web1 sshd[23876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 user=root Oct 10 08:41:22 web1 sshd[23876]: Failed password for root from 106.12.8.149 port 51950 ssh2 Oct 10 08:45:08 web1 sshd[25176]: Invalid user library1 from 106.12.8.149 port 52084 ...	2020-10-10 05:56:24
106.12.8.149	attackbots	Oct 9 00:34:20 srv-ubuntu-dev3 sshd[50251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 user=root Oct 9 00:34:22 srv-ubuntu-dev3 sshd[50251]: Failed password for root from 106.12.8.149 port 59108 ssh2 Oct 9 00:38:10 srv-ubuntu-dev3 sshd[50752]: Invalid user test from 106.12.8.149 Oct 9 00:38:10 srv-ubuntu-dev3 sshd[50752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 Oct 9 00:38:10 srv-ubuntu-dev3 sshd[50752]: Invalid user test from 106.12.8.149 Oct 9 00:38:12 srv-ubuntu-dev3 sshd[50752]: Failed password for invalid user test from 106.12.8.149 port 59314 ssh2 Oct 9 00:41:53 srv-ubuntu-dev3 sshd[51190]: Invalid user ts from 106.12.8.149 Oct 9 00:41:53 srv-ubuntu-dev3 sshd[51190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 Oct 9 00:41:53 srv-ubuntu-dev3 sshd[51190]: Invalid user ts from 106.12.8.149 Oct 9 00: ...	2020-10-09 22:02:51
106.12.8.149	attackbotsspam	Oct 9 00:34:20 srv-ubuntu-dev3 sshd[50251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 user=root Oct 9 00:34:22 srv-ubuntu-dev3 sshd[50251]: Failed password for root from 106.12.8.149 port 59108 ssh2 Oct 9 00:38:10 srv-ubuntu-dev3 sshd[50752]: Invalid user test from 106.12.8.149 Oct 9 00:38:10 srv-ubuntu-dev3 sshd[50752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 Oct 9 00:38:10 srv-ubuntu-dev3 sshd[50752]: Invalid user test from 106.12.8.149 Oct 9 00:38:12 srv-ubuntu-dev3 sshd[50752]: Failed password for invalid user test from 106.12.8.149 port 59314 ssh2 Oct 9 00:41:53 srv-ubuntu-dev3 sshd[51190]: Invalid user ts from 106.12.8.149 Oct 9 00:41:53 srv-ubuntu-dev3 sshd[51190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 Oct 9 00:41:53 srv-ubuntu-dev3 sshd[51190]: Invalid user ts from 106.12.8.149 Oct 9 00: ...	2020-10-09 13:53:24
106.12.84.33	attackbots	Oct 7 22:17:48 ourumov-web sshd\[810\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.84.33 user=root Oct 7 22:17:50 ourumov-web sshd\[810\]: Failed password for root from 106.12.84.33 port 41932 ssh2 Oct 7 22:27:54 ourumov-web sshd\[1500\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.84.33 user=root ...	2020-10-08 04:45:00
106.12.89.173	attackbots	(sshd) Failed SSH login from 106.12.89.173 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 7 12:24:15 server sshd[4283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.89.173 user=root Oct 7 12:24:17 server sshd[4283]: Failed password for root from 106.12.89.173 port 38736 ssh2 Oct 7 12:40:26 server sshd[8583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.89.173 user=root Oct 7 12:40:28 server sshd[8583]: Failed password for root from 106.12.89.173 port 59056 ssh2 Oct 7 12:44:31 server sshd[9562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.89.173 user=root	2020-10-08 01:23:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.8.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1289
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.8.249.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110300 1800 900 604800 86400

;; Query time: 131 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 03 14:18:03 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 249.8.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 249.8.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
91.106.193.72	attackspam	Aug 17 16:59:48 * sshd[28169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.106.193.72 Aug 17 16:59:50 * sshd[28169]: Failed password for invalid user e from 91.106.193.72 port 51640 ssh2	2020-08-17 23:25:48
42.118.242.189	attackbots	Aug 17 16:11:53 sso sshd[8561]: Failed password for root from 42.118.242.189 port 58054 ssh2 Aug 17 16:16:35 sso sshd[9120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.242.189 ...	2020-08-17 23:06:45
85.97.201.58	attackspam	Telnetd brute force attack detected by fail2ban	2020-08-17 23:22:44
177.105.35.51	attack	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-17 23:00:09
146.88.240.4	attack	UDP 146.88.240.4:60255 -> port 53, len 63	2020-08-17 22:54:27
222.186.180.130	attackbotsspam	Aug 17 20:28:55 gw1 sshd[24852]: Failed password for root from 222.186.180.130 port 13256 ssh2 ...	2020-08-17 23:29:44
185.127.24.55	attackbots	2020-08-17 23:02:30 fixed_login authenticator failed for (localhost.localdomain) [185.127.24.55]: 535 Incorrect authentication data (set_id=anthony@thepuddles.net.nz) 2020-08-17 23:49:44 fixed_login authenticator failed for (localhost.localdomain) [185.127.24.55]: 535 Incorrect authentication data (set_id=anthony@thepuddles.net.nz) 2020-08-18 00:28:58 fixed_login authenticator failed for (localhost.localdomain) [185.127.24.55]: 535 Incorrect authentication data (set_id=anthony@thepuddles.net.nz) ...	2020-08-17 23:11:27
91.121.86.22	attackbotsspam	Aug 17 16:52:53 prox sshd[23704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.86.22 Aug 17 16:52:55 prox sshd[23704]: Failed password for invalid user 14 from 91.121.86.22 port 36486 ssh2	2020-08-17 22:56:10
106.53.254.96	attack	(sshd) Failed SSH login from 106.53.254.96 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 17 15:32:05 grace sshd[2261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.254.96 user=root Aug 17 15:32:07 grace sshd[2261]: Failed password for root from 106.53.254.96 port 43290 ssh2 Aug 17 15:38:04 grace sshd[3565]: Invalid user cgp from 106.53.254.96 port 41558 Aug 17 15:38:06 grace sshd[3565]: Failed password for invalid user cgp from 106.53.254.96 port 41558 ssh2 Aug 17 15:40:36 grace sshd[4281]: Invalid user user from 106.53.254.96 port 36434	2020-08-17 23:04:21
75.98.141.90	attackspam	Unauthorized IMAP connection attempt	2020-08-17 23:21:13
95.213.202.227	attack	Aug 17 15:40:12 l02a sshd[4836]: Invalid user ginseng from 95.213.202.227 Aug 17 15:40:12 l02a sshd[4836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.213.202.227 Aug 17 15:40:12 l02a sshd[4836]: Invalid user ginseng from 95.213.202.227 Aug 17 15:40:14 l02a sshd[4836]: Failed password for invalid user ginseng from 95.213.202.227 port 59232 ssh2	2020-08-17 22:49:26
114.248.140.17	attackspambots	Port probing on unauthorized port 23	2020-08-17 22:56:58
160.16.101.81	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-17T11:55:38Z and 2020-08-17T12:07:04Z	2020-08-17 23:16:40
198.46.189.106	attack	Aug 17 15:07:39 rancher-0 sshd[1127464]: Invalid user ctw from 198.46.189.106 port 48184 ...	2020-08-17 22:52:43
201.159.122.227	attack	Port probing on unauthorized port 8080	2020-08-17 23:20:23

最近上报的IP列表

108.192.79.164	64.117.206.91	162.55.125.187	34.76.224.94
139.122.205.48	72.248.185.100	161.251.123.15	182.183.98.198
89.69.108.210	184.10.113.178	150.102.117.6	125.136.62.167
84.183.144.160	35.217.247.71	31.40.111.83	191.8.50.184
190.3.194.237	176.214.106.183	31.78.211.114	2.88.25.77