106.12.113.155

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	"Unauthorized connection attempt on SSHD detected"	2020-10-12 01:40:30
attackspambots	$f2bV_matches	2020-10-11 17:32:02
attackspam	Sep 25 13:52:15 santamaria sshd\[13093\]: Invalid user admin from 106.12.113.155 Sep 25 13:52:15 santamaria sshd\[13093\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.155 Sep 25 13:52:17 santamaria sshd\[13093\]: Failed password for invalid user admin from 106.12.113.155 port 54590 ssh2 ...	2020-09-26 02:04:51
attack	Sep 25 05:12:27 scw-tender-jepsen sshd[15100]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.155 Sep 25 05:12:29 scw-tender-jepsen sshd[15100]: Failed password for invalid user test from 106.12.113.155 port 53236 ssh2	2020-09-25 17:45:26
attackspam	Aug 23 22:32:42 cosmoit sshd[11865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.155	2020-08-24 07:50:07
attack	2020-08-22T15:18:42.570345vps751288.ovh.net sshd\[29746\]: Invalid user dylan from 106.12.113.155 port 43260 2020-08-22T15:18:42.578272vps751288.ovh.net sshd\[29746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.155 2020-08-22T15:18:44.100112vps751288.ovh.net sshd\[29746\]: Failed password for invalid user dylan from 106.12.113.155 port 43260 ssh2 2020-08-22T15:25:02.019715vps751288.ovh.net sshd\[29808\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.155 user=root 2020-08-22T15:25:04.374703vps751288.ovh.net sshd\[29808\]: Failed password for root from 106.12.113.155 port 41574 ssh2	2020-08-23 00:36:48
attack	2020-07-30T06:08:24.768770shield sshd\[15790\]: Invalid user backup from 106.12.113.155 port 52114 2020-07-30T06:08:24.774992shield sshd\[15790\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.155 2020-07-30T06:08:26.317858shield sshd\[15790\]: Failed password for invalid user backup from 106.12.113.155 port 52114 ssh2 2020-07-30T06:13:24.798785shield sshd\[16745\]: Invalid user username from 106.12.113.155 port 45754 2020-07-30T06:13:24.808873shield sshd\[16745\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.155	2020-07-30 15:15:36
attackbots	Invalid user temp from 106.12.113.155 port 33336	2020-07-25 18:22:54
attack	SSH Brute-Force reported by Fail2Ban	2020-07-08 12:26:59
attack	Jun 30 07:20:58 sip sshd[21401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.155 Jun 30 07:21:00 sip sshd[21401]: Failed password for invalid user tracker from 106.12.113.155 port 47260 ssh2 Jun 30 07:29:19 sip sshd[24535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.155	2020-07-01 21:50:10
attack	bruteforce detected	2020-06-24 23:41:14

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.113.204	attackbots	Oct 12 16:59:59 dignus sshd[1747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.204 Oct 12 17:00:00 dignus sshd[1747]: Failed password for invalid user flora from 106.12.113.204 port 56970 ssh2 Oct 12 17:04:35 dignus sshd[1795]: Invalid user IBM from 106.12.113.204 port 52478 Oct 12 17:04:35 dignus sshd[1795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.204 Oct 12 17:04:36 dignus sshd[1795]: Failed password for invalid user IBM from 106.12.113.204 port 52478 ssh2 ...	2020-10-13 00:33:43
106.12.113.204	attackbotsspam	Oct 12 11:10:59 lunarastro sshd[18972]: Failed password for root from 106.12.113.204 port 45396 ssh2	2020-10-12 15:57:11
106.12.113.111	attack	Port scan denied	2020-10-06 01:18:52
106.12.113.204	attackspambots	Time: Tue Sep 29 13:08:26 2020 +0200 IP: 106.12.113.204 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 29 12:59:57 mail-03 sshd[17740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.204 user=root Sep 29 13:00:00 mail-03 sshd[17740]: Failed password for root from 106.12.113.204 port 56366 ssh2 Sep 29 13:04:35 mail-03 sshd[17846]: Invalid user gpadmin from 106.12.113.204 port 53722 Sep 29 13:04:37 mail-03 sshd[17846]: Failed password for invalid user gpadmin from 106.12.113.204 port 53722 ssh2 Sep 29 13:08:22 mail-03 sshd[17883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.204 user=root	2020-09-30 00:41:40
106.12.113.223	attack	Failed password for invalid user ftpuser from 106.12.113.223 port 48598 ssh2	2020-09-11 01:29:36
106.12.113.223	attackbotsspam	Failed password for invalid user ftpuser from 106.12.113.223 port 48598 ssh2	2020-09-10 16:48:26
106.12.113.223	attackspam	Sep 9 18:47:41 inter-technics sshd[31396]: Invalid user Password from 106.12.113.223 port 47976 Sep 9 18:47:41 inter-technics sshd[31396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Sep 9 18:47:41 inter-technics sshd[31396]: Invalid user Password from 106.12.113.223 port 47976 Sep 9 18:47:43 inter-technics sshd[31396]: Failed password for invalid user Password from 106.12.113.223 port 47976 ssh2 Sep 9 18:50:23 inter-technics sshd[31602]: Invalid user monster2 from 106.12.113.223 port 38170 ...	2020-09-10 07:23:58
106.12.113.204	attackbotsspam	SSH Invalid Login	2020-08-23 07:25:32
106.12.113.223	attackbotsspam	Aug 22 12:17:33 django-0 sshd[9303]: Invalid user uday from 106.12.113.223 ...	2020-08-23 02:30:37
106.12.113.204	attackbotsspam	IP blocked	2020-08-21 22:58:53
106.12.113.204	attackspam	Invalid user ina from 106.12.113.204 port 60676	2020-08-17 20:04:40
106.12.113.27	attackbots	Aug 4 11:53:39 master sshd[22378]: Failed password for root from 106.12.113.27 port 56964 ssh2 Aug 4 12:01:12 master sshd[22981]: Failed password for root from 106.12.113.27 port 47486 ssh2 Aug 4 12:05:21 master sshd[23078]: Failed password for root from 106.12.113.27 port 36876 ssh2 Aug 4 12:09:36 master sshd[23176]: Failed password for root from 106.12.113.27 port 54484 ssh2 Aug 4 12:13:37 master sshd[23312]: Failed password for root from 106.12.113.27 port 43888 ssh2 Aug 4 12:17:31 master sshd[23417]: Failed password for root from 106.12.113.27 port 33264 ssh2	2020-08-05 00:33:31
106.12.113.27	attack	Aug 4 06:33:28 django-0 sshd[12990]: Failed password for root from 106.12.113.27 port 37666 ssh2 Aug 4 06:36:44 django-0 sshd[13080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.27 user=root Aug 4 06:36:45 django-0 sshd[13080]: Failed password for root from 106.12.113.27 port 46734 ssh2 ...	2020-08-04 14:38:29
106.12.113.27	attack	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-02 17:28:37
106.12.113.111	attackbotsspam	Port scan denied	2020-07-31 20:04:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.113.155
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13261
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.113.155.			IN	A

;; AUTHORITY SECTION:
.			487	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062400 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 24 23:41:04 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 155.113.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 155.113.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
195.3.146.88	attackspambots	Jan 26 00:02:49 h2177944 kernel: \[3191627.613228\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=195.3.146.88 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=17097 PROTO=TCP SPT=54396 DPT=3381 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 26 00:02:49 h2177944 kernel: \[3191627.613242\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=195.3.146.88 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=17097 PROTO=TCP SPT=54396 DPT=3381 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 26 00:04:43 h2177944 kernel: \[3191741.305726\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=195.3.146.88 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=34871 PROTO=TCP SPT=54396 DPT=3368 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 26 00:04:43 h2177944 kernel: \[3191741.305742\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=195.3.146.88 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=34871 PROTO=TCP SPT=54396 DPT=3368 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 26 00:04:58 h2177944 kernel: \[3191756.948308\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=195.3.146.88 DST=85.214.117.9 LEN=	2020-01-26 07:12:39
222.186.169.192	attack	Jan 25 18:44:12 NPSTNNYC01T sshd[7581]: Failed password for root from 222.186.169.192 port 58628 ssh2 Jan 25 18:44:26 NPSTNNYC01T sshd[7581]: error: maximum authentication attempts exceeded for root from 222.186.169.192 port 58628 ssh2 [preauth] Jan 25 18:44:32 NPSTNNYC01T sshd[7610]: Failed password for root from 222.186.169.192 port 28520 ssh2 ...	2020-01-26 07:48:45
64.225.39.199	attackspambots	2020-01-25T21:11:00Z - RDP login failed multiple times. (64.225.39.199)	2020-01-26 07:25:13
139.59.90.40	attackspambots	Invalid user server from 139.59.90.40 port 43729	2020-01-26 07:28:36
193.29.13.20	attackbots	firewall-block, port(s): 3392/tcp, 3393/tcp	2020-01-26 07:50:32
120.136.167.74	attackspambots	Unauthorized connection attempt detected from IP address 120.136.167.74 to port 2220 [J]	2020-01-26 07:50:50
80.241.222.246	attack	RDP Brute-Force (honeypot 4)	2020-01-26 07:46:49
222.186.42.4	attack	Jan 26 00:12:36 vmanager6029 sshd\[8302\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.4 user=root Jan 26 00:12:38 vmanager6029 sshd\[8302\]: Failed password for root from 222.186.42.4 port 14990 ssh2 Jan 26 00:12:42 vmanager6029 sshd\[8302\]: Failed password for root from 222.186.42.4 port 14990 ssh2	2020-01-26 07:16:45
165.22.108.156	attack	Unauthorized connection attempt detected from IP address 165.22.108.156 to port 2220 [J]	2020-01-26 07:52:45
185.220.101.58	attack	Unauthorized connection attempt detected, IP banned.	2020-01-26 07:36:44
107.77.234.137	attackspam	Chat Spam	2020-01-26 07:27:18
49.235.250.69	attackbots	Jan 25 13:01:53 eddieflores sshd\[3615\]: Invalid user user01 from 49.235.250.69 Jan 25 13:01:53 eddieflores sshd\[3615\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.250.69 Jan 25 13:01:55 eddieflores sshd\[3615\]: Failed password for invalid user user01 from 49.235.250.69 port 56978 ssh2 Jan 25 13:05:08 eddieflores sshd\[4015\]: Invalid user sage from 49.235.250.69 Jan 25 13:05:08 eddieflores sshd\[4015\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.250.69	2020-01-26 07:14:48
87.246.7.18	attackspambots	2020-01-25T22:11:14.571611MailD postfix/smtpd[4990]: warning: unknown[87.246.7.18]: SASL LOGIN authentication failed: authentication failure 2020-01-25T22:11:14.873022MailD postfix/smtpd[4990]: warning: unknown[87.246.7.18]: SASL LOGIN authentication failed: authentication failure 2020-01-25T22:11:15.167141MailD postfix/smtpd[4990]: warning: unknown[87.246.7.18]: SASL LOGIN authentication failed: authentication failure	2020-01-26 07:15:58
103.115.120.249	attackspam	Port scan on 5 port(s): 1883 2087 8112 10243 23424	2020-01-26 07:45:58
138.68.171.25	attackspam	Jan 26 00:21:08 vmd17057 sshd\[26122\]: Invalid user user from 138.68.171.25 port 39406 Jan 26 00:21:08 vmd17057 sshd\[26122\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.171.25 Jan 26 00:21:09 vmd17057 sshd\[26122\]: Failed password for invalid user user from 138.68.171.25 port 39406 ssh2 ...	2020-01-26 07:29:07

最近上报的IP列表

119.45.17.223	60.132.229.200	51.195.136.14	31.181.233.102
109.103.235.41	62.99.54.90	52.149.208.145	200.114.220.136
85.56.176.64	190.106.107.130	51.83.193.246	213.217.1.245
46.101.31.128	113.53.53.14	223.207.221.139	84.22.47.182
126.229.178.203	159.160.175.218	37.104.139.216	103.101.83.98