106.12.113.155

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	"Unauthorized connection attempt on SSHD detected"	2020-10-12 01:40:30
attackspambots	$f2bV_matches	2020-10-11 17:32:02
attackspam	Sep 25 13:52:15 santamaria sshd\[13093\]: Invalid user admin from 106.12.113.155 Sep 25 13:52:15 santamaria sshd\[13093\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.155 Sep 25 13:52:17 santamaria sshd\[13093\]: Failed password for invalid user admin from 106.12.113.155 port 54590 ssh2 ...	2020-09-26 02:04:51
attack	Sep 25 05:12:27 scw-tender-jepsen sshd[15100]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.155 Sep 25 05:12:29 scw-tender-jepsen sshd[15100]: Failed password for invalid user test from 106.12.113.155 port 53236 ssh2	2020-09-25 17:45:26
attackspam	Aug 23 22:32:42 cosmoit sshd[11865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.155	2020-08-24 07:50:07
attack	2020-08-22T15:18:42.570345vps751288.ovh.net sshd\[29746\]: Invalid user dylan from 106.12.113.155 port 43260 2020-08-22T15:18:42.578272vps751288.ovh.net sshd\[29746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.155 2020-08-22T15:18:44.100112vps751288.ovh.net sshd\[29746\]: Failed password for invalid user dylan from 106.12.113.155 port 43260 ssh2 2020-08-22T15:25:02.019715vps751288.ovh.net sshd\[29808\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.155 user=root 2020-08-22T15:25:04.374703vps751288.ovh.net sshd\[29808\]: Failed password for root from 106.12.113.155 port 41574 ssh2	2020-08-23 00:36:48
attack	2020-07-30T06:08:24.768770shield sshd\[15790\]: Invalid user backup from 106.12.113.155 port 52114 2020-07-30T06:08:24.774992shield sshd\[15790\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.155 2020-07-30T06:08:26.317858shield sshd\[15790\]: Failed password for invalid user backup from 106.12.113.155 port 52114 ssh2 2020-07-30T06:13:24.798785shield sshd\[16745\]: Invalid user username from 106.12.113.155 port 45754 2020-07-30T06:13:24.808873shield sshd\[16745\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.155	2020-07-30 15:15:36
attackbots	Invalid user temp from 106.12.113.155 port 33336	2020-07-25 18:22:54
attack	SSH Brute-Force reported by Fail2Ban	2020-07-08 12:26:59
attack	Jun 30 07:20:58 sip sshd[21401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.155 Jun 30 07:21:00 sip sshd[21401]: Failed password for invalid user tracker from 106.12.113.155 port 47260 ssh2 Jun 30 07:29:19 sip sshd[24535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.155	2020-07-01 21:50:10
attack	bruteforce detected	2020-06-24 23:41:14

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.113.204	attackbots	Oct 12 16:59:59 dignus sshd[1747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.204 Oct 12 17:00:00 dignus sshd[1747]: Failed password for invalid user flora from 106.12.113.204 port 56970 ssh2 Oct 12 17:04:35 dignus sshd[1795]: Invalid user IBM from 106.12.113.204 port 52478 Oct 12 17:04:35 dignus sshd[1795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.204 Oct 12 17:04:36 dignus sshd[1795]: Failed password for invalid user IBM from 106.12.113.204 port 52478 ssh2 ...	2020-10-13 00:33:43
106.12.113.204	attackbotsspam	Oct 12 11:10:59 lunarastro sshd[18972]: Failed password for root from 106.12.113.204 port 45396 ssh2	2020-10-12 15:57:11
106.12.113.111	attack	Port scan denied	2020-10-06 01:18:52
106.12.113.204	attackspambots	Time: Tue Sep 29 13:08:26 2020 +0200 IP: 106.12.113.204 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 29 12:59:57 mail-03 sshd[17740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.204 user=root Sep 29 13:00:00 mail-03 sshd[17740]: Failed password for root from 106.12.113.204 port 56366 ssh2 Sep 29 13:04:35 mail-03 sshd[17846]: Invalid user gpadmin from 106.12.113.204 port 53722 Sep 29 13:04:37 mail-03 sshd[17846]: Failed password for invalid user gpadmin from 106.12.113.204 port 53722 ssh2 Sep 29 13:08:22 mail-03 sshd[17883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.204 user=root	2020-09-30 00:41:40
106.12.113.223	attack	Failed password for invalid user ftpuser from 106.12.113.223 port 48598 ssh2	2020-09-11 01:29:36
106.12.113.223	attackbotsspam	Failed password for invalid user ftpuser from 106.12.113.223 port 48598 ssh2	2020-09-10 16:48:26
106.12.113.223	attackspam	Sep 9 18:47:41 inter-technics sshd[31396]: Invalid user Password from 106.12.113.223 port 47976 Sep 9 18:47:41 inter-technics sshd[31396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Sep 9 18:47:41 inter-technics sshd[31396]: Invalid user Password from 106.12.113.223 port 47976 Sep 9 18:47:43 inter-technics sshd[31396]: Failed password for invalid user Password from 106.12.113.223 port 47976 ssh2 Sep 9 18:50:23 inter-technics sshd[31602]: Invalid user monster2 from 106.12.113.223 port 38170 ...	2020-09-10 07:23:58
106.12.113.204	attackbotsspam	SSH Invalid Login	2020-08-23 07:25:32
106.12.113.223	attackbotsspam	Aug 22 12:17:33 django-0 sshd[9303]: Invalid user uday from 106.12.113.223 ...	2020-08-23 02:30:37
106.12.113.204	attackbotsspam	IP blocked	2020-08-21 22:58:53
106.12.113.204	attackspam	Invalid user ina from 106.12.113.204 port 60676	2020-08-17 20:04:40
106.12.113.27	attackbots	Aug 4 11:53:39 master sshd[22378]: Failed password for root from 106.12.113.27 port 56964 ssh2 Aug 4 12:01:12 master sshd[22981]: Failed password for root from 106.12.113.27 port 47486 ssh2 Aug 4 12:05:21 master sshd[23078]: Failed password for root from 106.12.113.27 port 36876 ssh2 Aug 4 12:09:36 master sshd[23176]: Failed password for root from 106.12.113.27 port 54484 ssh2 Aug 4 12:13:37 master sshd[23312]: Failed password for root from 106.12.113.27 port 43888 ssh2 Aug 4 12:17:31 master sshd[23417]: Failed password for root from 106.12.113.27 port 33264 ssh2	2020-08-05 00:33:31
106.12.113.27	attack	Aug 4 06:33:28 django-0 sshd[12990]: Failed password for root from 106.12.113.27 port 37666 ssh2 Aug 4 06:36:44 django-0 sshd[13080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.27 user=root Aug 4 06:36:45 django-0 sshd[13080]: Failed password for root from 106.12.113.27 port 46734 ssh2 ...	2020-08-04 14:38:29
106.12.113.27	attack	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-02 17:28:37
106.12.113.111	attackbotsspam	Port scan denied	2020-07-31 20:04:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.113.155
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13261
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.113.155.			IN	A

;; AUTHORITY SECTION:
.			487	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062400 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 24 23:41:04 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 155.113.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 155.113.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
100.24.255.182	attackbots	100.24.255.182 - - [28/Sep/2020:01:30:15 +0100] "POST /wp-login.php HTTP/1.1" 200 8183 "-" "Mozilla/5.0" 100.24.255.182 - - [28/Sep/2020:01:30:15 +0100] "POST /wp-login.php HTTP/1.1" 200 8346 "-" "Mozilla/5.0" 100.24.255.182 - - [28/Sep/2020:01:30:15 +0100] "POST /wp-login.php HTTP/1.1" 200 8334 "-" "Mozilla/5.0" ...	2020-09-28 18:02:39
106.54.140.165	attackbots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-28 18:15:51
36.90.161.240	attackbots	445/tcp [2020-09-27]1pkt	2020-09-28 17:56:49
45.158.199.156	attack	fail2ban	2020-09-28 17:38:37
113.31.105.250	attack	$f2bV_matches	2020-09-28 17:44:29
118.40.248.20	attack	(sshd) Failed SSH login from 118.40.248.20 (KR/South Korea/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 28 04:17:31 optimus sshd[20963]: Invalid user user from 118.40.248.20 Sep 28 04:17:31 optimus sshd[20963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.40.248.20 Sep 28 04:17:33 optimus sshd[20963]: Failed password for invalid user user from 118.40.248.20 port 35346 ssh2 Sep 28 04:23:21 optimus sshd[22923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.40.248.20 user=root Sep 28 04:23:23 optimus sshd[22923]: Failed password for root from 118.40.248.20 port 40406 ssh2	2020-09-28 17:39:23
115.58.192.67	attackspambots	20 attempts against mh-ssh on soil	2020-09-28 17:49:32
77.222.132.189	attackspambots	5x Failed Password	2020-09-28 18:12:01
222.190.145.130	attack	Sep 28 09:50:41 rocket sshd[23965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 Sep 28 09:50:43 rocket sshd[23965]: Failed password for invalid user desliga from 222.190.145.130 port 51853 ssh2 Sep 28 09:59:13 rocket sshd[24806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 ...	2020-09-28 17:58:01
195.245.152.246	attackspambots	445/tcp [2020-09-27]1pkt	2020-09-28 17:59:30
115.96.110.241	attackspam	23/tcp [2020-09-27]1pkt	2020-09-28 17:45:55
223.130.29.147	attack	23/tcp [2020-09-27]1pkt	2020-09-28 18:08:08
61.52.181.83	attackspambots	5060/udp [2020-09-27]1pkt	2020-09-28 17:40:24
182.117.26.8	attackbots	23/tcp [2020-09-27]1pkt	2020-09-28 17:53:28
192.241.214.20	attack	firewall-block, port(s): 109/tcp	2020-09-28 18:01:48

最近上报的IP列表

119.45.17.223	60.132.229.200	51.195.136.14	31.181.233.102
109.103.235.41	62.99.54.90	52.149.208.145	200.114.220.136
85.56.176.64	190.106.107.130	51.83.193.246	213.217.1.245
46.101.31.128	113.53.53.14	223.207.221.139	84.22.47.182
126.229.178.203	159.160.175.218	37.104.139.216	103.101.83.98