106.12.8.249 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jan 2 11:31:51 dallas01 sshd[30059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Jan 2 11:31:54 dallas01 sshd[30059]: Failed password for invalid user nappy from 106.12.8.249 port 60232 ssh2 Jan 2 11:33:48 dallas01 sshd[31267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Jan 2 11:33:50 dallas01 sshd[31267]: Failed password for invalid user franciskong from 106.12.8.249 port 46248 ssh2	2020-01-28 01:43:22
attackspam	Unauthorized connection attempt detected from IP address 106.12.8.249 to port 2220 [J]	2020-01-14 19:01:23
attackbotsspam	Jan 2 16:28:36 sd-53420 sshd\[19448\]: Invalid user devarea from 106.12.8.249 Jan 2 16:28:36 sd-53420 sshd\[19448\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Jan 2 16:28:38 sd-53420 sshd\[19448\]: Failed password for invalid user devarea from 106.12.8.249 port 40616 ssh2 Jan 2 16:31:18 sd-53420 sshd\[20272\]: Invalid user farag from 106.12.8.249 Jan 2 16:31:18 sd-53420 sshd\[20272\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 ...	2020-01-03 06:46:05
attackbotsspam	$f2bV_matches	2019-12-18 15:38:00
attackspam	Dec 13 08:15:15 microserver sshd[44982]: Invalid user borjon from 106.12.8.249 port 38254 Dec 13 08:15:15 microserver sshd[44982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Dec 13 08:15:17 microserver sshd[44982]: Failed password for invalid user borjon from 106.12.8.249 port 38254 ssh2 Dec 13 08:22:20 microserver sshd[45962]: Invalid user monitor from 106.12.8.249 port 33028 Dec 13 08:22:20 microserver sshd[45962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Dec 13 08:36:32 microserver sshd[48210]: Invalid user monraz from 106.12.8.249 port 50592 Dec 13 08:36:32 microserver sshd[48210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Dec 13 08:36:34 microserver sshd[48210]: Failed password for invalid user monraz from 106.12.8.249 port 50592 ssh2 Dec 13 08:43:00 microserver sshd[49090]: Invalid user keiv from 106.12.8.249 port 45372 Dec 13 08	2019-12-13 23:04:55
attackbots	2019-12-09T06:39:43.493503abusebot-2.cloudsearch.cf sshd\[28555\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 user=root	2019-12-09 15:18:10
attackbots	Dec 8 18:03:22 MK-Soft-Root1 sshd[29287]: Failed password for root from 106.12.8.249 port 48552 ssh2 Dec 8 18:09:53 MK-Soft-Root1 sshd[30649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 ...	2019-12-09 01:50:39
attack	Nov 20 21:39:39 server sshd\[1515\]: Invalid user chandan from 106.12.8.249 Nov 20 21:39:39 server sshd\[1515\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Nov 20 21:39:41 server sshd\[1515\]: Failed password for invalid user chandan from 106.12.8.249 port 56002 ssh2 Nov 20 21:57:27 server sshd\[6404\]: Invalid user rpc from 106.12.8.249 Nov 20 21:57:27 server sshd\[6404\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 ...	2019-11-21 06:19:45
attack	$f2bV_matches	2019-11-14 08:11:23
attackbotsspam	Nov 1 11:36:15 nexus sshd[3977]: Invalid user tf from 106.12.8.249 port 53410 Nov 1 11:36:15 nexus sshd[3977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Nov 1 11:36:17 nexus sshd[3977]: Failed password for invalid user tf from 106.12.8.249 port 53410 ssh2 Nov 1 11:36:18 nexus sshd[3977]: Received disconnect from 106.12.8.249 port 53410:11: Bye Bye [preauth] Nov 1 11:36:18 nexus sshd[3977]: Disconnected from 106.12.8.249 port 53410 [preauth] Nov 6 02:56:48 nexus sshd[994]: Invalid user hostname from 106.12.8.249 port 50626 Nov 6 02:56:48 nexus sshd[994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Nov 6 02:56:50 nexus sshd[994]: Failed password for invalid user hostname from 106.12.8.249 port 50626 ssh2 Nov 6 02:56:50 nexus sshd[994]: Received disconnect from 106.12.8.249 port 50626:11: Bye Bye [preauth] Nov 6 02:56:50 nexus sshd[994]: Disconnecte........ -------------------------------	2019-11-06 16:55:32
attack	Nov 4 23:07:49 MK-Soft-VM6 sshd[25375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.249 Nov 4 23:07:51 MK-Soft-VM6 sshd[25375]: Failed password for invalid user rootme from 106.12.8.249 port 59598 ssh2 ...	2019-11-05 06:17:06
attack	detected by Fail2Ban	2019-11-03 14:18:09

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.84.29	attack	Oct 12 16:50:53 markkoudstaal sshd[29040]: Failed password for root from 106.12.84.29 port 46464 ssh2 Oct 12 16:53:44 markkoudstaal sshd[29757]: Failed password for root from 106.12.84.29 port 42012 ssh2 ...	2020-10-12 23:37:02
106.12.84.29	attackbots	Oct 12 00:29:14 abendstille sshd\[18747\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.84.29 user=root Oct 12 00:29:16 abendstille sshd\[18747\]: Failed password for root from 106.12.84.29 port 45312 ssh2 Oct 12 00:32:47 abendstille sshd\[22801\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.84.29 user=root Oct 12 00:32:49 abendstille sshd\[22801\]: Failed password for root from 106.12.84.29 port 41814 ssh2 Oct 12 00:36:24 abendstille sshd\[26804\]: Invalid user bryan from 106.12.84.29 Oct 12 00:36:24 abendstille sshd\[26804\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.84.29 ...	2020-10-12 15:00:36
106.12.89.154	attackbots	DATE:2020-10-11 14:15:13, IP:106.12.89.154, PORT:ssh SSH brute force auth (docker-dc)	2020-10-12 05:48:23
106.12.89.184	attackspambots	Oct 11 20:23:11 jane sshd[22754]: Failed password for root from 106.12.89.184 port 47058 ssh2 ...	2020-10-12 03:00:52
106.12.89.154	attack	DATE:2020-10-11 14:15:13, IP:106.12.89.154, PORT:ssh SSH brute force auth (docker-dc)	2020-10-11 21:55:26
106.12.89.184	attackspam	Oct 11 07:01:25 shivevps sshd[27144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.89.184 Oct 11 07:01:27 shivevps sshd[27144]: Failed password for invalid user mila from 106.12.89.184 port 42646 ssh2 Oct 11 07:05:39 shivevps sshd[27287]: Invalid user 1 from 106.12.89.184 port 41436 ...	2020-10-11 18:52:46
106.12.89.154	attack	Invalid user test from 106.12.89.154 port 55030	2020-10-11 13:52:36
106.12.89.154	attackbots	Fail2Ban Ban Triggered	2020-10-11 07:15:39
106.12.84.83	attackspam	Brute%20Force%20SSH	2020-10-11 03:18:34
106.12.84.83	attackspambots	Brute%20Force%20SSH	2020-10-10 19:09:32
106.12.8.149	attack	Oct 10 08:31:48 web1 sshd[20600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 user=root Oct 10 08:31:50 web1 sshd[20600]: Failed password for root from 106.12.8.149 port 38996 ssh2 Oct 10 08:37:19 web1 sshd[22542]: Invalid user download from 106.12.8.149 port 51856 Oct 10 08:37:19 web1 sshd[22542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 Oct 10 08:37:19 web1 sshd[22542]: Invalid user download from 106.12.8.149 port 51856 Oct 10 08:37:21 web1 sshd[22542]: Failed password for invalid user download from 106.12.8.149 port 51856 ssh2 Oct 10 08:41:20 web1 sshd[23876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 user=root Oct 10 08:41:22 web1 sshd[23876]: Failed password for root from 106.12.8.149 port 51950 ssh2 Oct 10 08:45:08 web1 sshd[25176]: Invalid user library1 from 106.12.8.149 port 52084 ...	2020-10-10 05:56:24
106.12.8.149	attackbots	Oct 9 00:34:20 srv-ubuntu-dev3 sshd[50251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 user=root Oct 9 00:34:22 srv-ubuntu-dev3 sshd[50251]: Failed password for root from 106.12.8.149 port 59108 ssh2 Oct 9 00:38:10 srv-ubuntu-dev3 sshd[50752]: Invalid user test from 106.12.8.149 Oct 9 00:38:10 srv-ubuntu-dev3 sshd[50752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 Oct 9 00:38:10 srv-ubuntu-dev3 sshd[50752]: Invalid user test from 106.12.8.149 Oct 9 00:38:12 srv-ubuntu-dev3 sshd[50752]: Failed password for invalid user test from 106.12.8.149 port 59314 ssh2 Oct 9 00:41:53 srv-ubuntu-dev3 sshd[51190]: Invalid user ts from 106.12.8.149 Oct 9 00:41:53 srv-ubuntu-dev3 sshd[51190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 Oct 9 00:41:53 srv-ubuntu-dev3 sshd[51190]: Invalid user ts from 106.12.8.149 Oct 9 00: ...	2020-10-09 22:02:51
106.12.8.149	attackbotsspam	Oct 9 00:34:20 srv-ubuntu-dev3 sshd[50251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 user=root Oct 9 00:34:22 srv-ubuntu-dev3 sshd[50251]: Failed password for root from 106.12.8.149 port 59108 ssh2 Oct 9 00:38:10 srv-ubuntu-dev3 sshd[50752]: Invalid user test from 106.12.8.149 Oct 9 00:38:10 srv-ubuntu-dev3 sshd[50752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 Oct 9 00:38:10 srv-ubuntu-dev3 sshd[50752]: Invalid user test from 106.12.8.149 Oct 9 00:38:12 srv-ubuntu-dev3 sshd[50752]: Failed password for invalid user test from 106.12.8.149 port 59314 ssh2 Oct 9 00:41:53 srv-ubuntu-dev3 sshd[51190]: Invalid user ts from 106.12.8.149 Oct 9 00:41:53 srv-ubuntu-dev3 sshd[51190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 Oct 9 00:41:53 srv-ubuntu-dev3 sshd[51190]: Invalid user ts from 106.12.8.149 Oct 9 00: ...	2020-10-09 13:53:24
106.12.84.33	attackbots	Oct 7 22:17:48 ourumov-web sshd\[810\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.84.33 user=root Oct 7 22:17:50 ourumov-web sshd\[810\]: Failed password for root from 106.12.84.33 port 41932 ssh2 Oct 7 22:27:54 ourumov-web sshd\[1500\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.84.33 user=root ...	2020-10-08 04:45:00
106.12.89.173	attackbots	(sshd) Failed SSH login from 106.12.89.173 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 7 12:24:15 server sshd[4283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.89.173 user=root Oct 7 12:24:17 server sshd[4283]: Failed password for root from 106.12.89.173 port 38736 ssh2 Oct 7 12:40:26 server sshd[8583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.89.173 user=root Oct 7 12:40:28 server sshd[8583]: Failed password for root from 106.12.89.173 port 59056 ssh2 Oct 7 12:44:31 server sshd[9562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.89.173 user=root	2020-10-08 01:23:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.8.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1289
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.8.249.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110300 1800 900 604800 86400

;; Query time: 131 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 03 14:18:03 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 249.8.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 249.8.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
95.174.125.16	attackspambots	unauthorized connection attempt	2020-02-19 15:04:24
27.78.167.160	attack	unauthorized connection attempt	2020-02-19 14:53:11
85.105.254.100	attackspambots	unauthorized connection attempt	2020-02-19 15:04:48
36.226.130.58	attackbotsspam	unauthorized connection attempt	2020-02-19 14:45:58
1.55.140.161	attackspambots	Automatic report - Port Scan Attack	2020-02-19 14:37:15
222.139.29.134	attackspam	unauthorized connection attempt	2020-02-19 15:09:12
184.105.247.219	attackbots	Honeypot hit.	2020-02-19 15:10:02
177.102.133.171	attackspambots	unauthorized connection attempt	2020-02-19 15:10:32
116.109.243.110	attackbots	unauthorized connection attempt	2020-02-19 14:48:53
187.56.142.110	attackbots	unauthorized connection attempt	2020-02-19 15:15:04
58.220.135.196	attack	unauthorized connection attempt	2020-02-19 14:45:00
42.232.170.182	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-19 14:57:24
36.97.156.78	attackbotsspam	unauthorized connection attempt	2020-02-19 14:46:36
42.57.132.230	attack	Port 23 (Telnet) access denied	2020-02-19 15:08:24
118.200.41.3	attackbots	Feb 18 20:15:24 hpm sshd\[4510\]: Invalid user jira from 118.200.41.3 Feb 18 20:15:24 hpm sshd\[4510\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.200.41.3 Feb 18 20:15:26 hpm sshd\[4510\]: Failed password for invalid user jira from 118.200.41.3 port 40498 ssh2 Feb 18 20:18:43 hpm sshd\[4805\]: Invalid user asterisk from 118.200.41.3 Feb 18 20:18:43 hpm sshd\[4805\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.200.41.3	2020-02-19 15:03:08

最近上报的IP列表

108.192.79.164	64.117.206.91	162.55.125.187	34.76.224.94
139.122.205.48	72.248.185.100	161.251.123.15	182.183.98.198
89.69.108.210	184.10.113.178	150.102.117.6	125.136.62.167
84.183.144.160	35.217.247.71	31.40.111.83	191.8.50.184
190.3.194.237	176.214.106.183	31.78.211.114	2.88.25.77