106.12.117.75 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Port scan on 3 port(s): 2376 4244 5555	2020-10-01 06:00:10
attackspam	Port scan on 3 port(s): 2376 4244 5555	2020-09-30 22:19:23
attack	Port scan on 3 port(s): 2376 4244 5555	2020-09-30 14:51:18

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.117.62	attackbots	$f2bV_matches	2020-09-28 06:05:08
106.12.117.62	attackbots	$f2bV_matches	2020-09-27 22:26:47
106.12.117.62	attack	$f2bV_matches	2020-09-27 14:18:37
106.12.117.62	attack	Invalid user km from 106.12.117.62 port 57392	2020-08-31 06:58:07
106.12.117.62	attack	2020-08-10T05:57:06.497049centos sshd[20078]: Failed password for root from 106.12.117.62 port 56758 ssh2 2020-08-10T06:01:22.789126centos sshd[20772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.117.62 user=root 2020-08-10T06:01:24.999049centos sshd[20772]: Failed password for root from 106.12.117.62 port 46020 ssh2 ...	2020-08-10 12:55:48
106.12.117.62	attack	SSH Invalid Login	2020-08-01 06:08:21
106.12.117.62	attackbotsspam	Jul 20 22:42:28 * sshd[12132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.117.62 Jul 20 22:42:30 * sshd[12132]: Failed password for invalid user ttf from 106.12.117.62 port 45596 ssh2	2020-07-21 06:51:26
106.12.117.62	attackspambots	Jul 20 22:00:44 itv-usvr-02 sshd[14161]: Invalid user duw from 106.12.117.62 port 50262 Jul 20 22:00:44 itv-usvr-02 sshd[14161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.117.62 Jul 20 22:00:44 itv-usvr-02 sshd[14161]: Invalid user duw from 106.12.117.62 port 50262 Jul 20 22:00:46 itv-usvr-02 sshd[14161]: Failed password for invalid user duw from 106.12.117.62 port 50262 ssh2 Jul 20 22:05:57 itv-usvr-02 sshd[14342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.117.62 user=www-data Jul 20 22:05:59 itv-usvr-02 sshd[14342]: Failed password for www-data from 106.12.117.62 port 43122 ssh2	2020-07-21 01:25:44
106.12.117.62	attackbotsspam	Total attacks: 2	2020-07-12 02:04:48
106.12.117.62	attack	Failed password for invalid user prueba from 106.12.117.62 port 56040 ssh2	2020-07-10 07:01:10
106.12.117.62	attackbotsspam	Bruteforce detected by fail2ban	2020-07-07 01:49:25
106.12.117.62	attackspambots	Invalid user student2 from 106.12.117.62 port 38424	2020-06-12 20:08:07
106.12.117.62	attack	SSH Brute-Force. Ports scanning.	2020-06-12 04:53:49
106.12.117.195	attack	Jun 1 14:00:23 pi sshd[14861]: Failed password for root from 106.12.117.195 port 55260 ssh2	2020-06-07 04:47:13
106.12.117.195	attackbotsspam	Lines containing failures of 106.12.117.195 Jun 3 12:08:21 keyhelp sshd[32465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.117.195 user=r.r Jun 3 12:08:23 keyhelp sshd[32465]: Failed password for r.r from 106.12.117.195 port 35002 ssh2 Jun 3 12:08:23 keyhelp sshd[32465]: Received disconnect from 106.12.117.195 port 35002:11: Bye Bye [preauth] Jun 3 12:08:23 keyhelp sshd[32465]: Disconnected from authenticating user r.r 106.12.117.195 port 35002 [preauth] Jun 3 12:18:13 keyhelp sshd[1780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.117.195 user=r.r Jun 3 12:18:15 keyhelp sshd[1780]: Failed password for r.r from 106.12.117.195 port 43220 ssh2 Jun 3 12:18:15 keyhelp sshd[1780]: Received disconnect from 106.12.117.195 port 43220:11: Bye Bye [preauth] Jun 3 12:18:15 keyhelp sshd[1780]: Disconnected from authenticating user r.r 106.12.117.195 port 43220 [preauth] ........ ------------------------------	2020-06-04 03:35:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.117.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41380
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.117.75.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020093000 1800 900 604800 86400

;; Query time: 74 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 30 14:51:13 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 75.117.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 75.117.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
77.247.110.200	attack	\[2019-10-08 01:55:18\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-08T01:55:18.576-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="993001441904911097",SessionID="0x7fc3acc3d768",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.200/61886",ACLName="no_extension_match" \[2019-10-08 01:55:47\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-08T01:55:47.532-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="755003441904911097",SessionID="0x7fc3ac636978",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.200/63129",ACLName="no_extension_match" \[2019-10-08 01:56:06\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-08T01:56:06.654-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0086005441904911097",SessionID="0x7fc3ac5226d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.200/62482",AC	2019-10-08 14:14:45
114.108.155.239	attack	LAMP,DEF POST /admin/Token3d677ed1.asp	2019-10-08 14:26:03
80.22.196.98	attack	Oct 8 12:43:48 webhost01 sshd[29076]: Failed password for root from 80.22.196.98 port 54840 ssh2 ...	2019-10-08 14:07:51
14.215.46.94	attackbots	Oct 8 08:14:56 cp sshd[7647]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.215.46.94 Oct 8 08:14:56 cp sshd[7647]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.215.46.94 Oct 8 08:14:58 cp sshd[7647]: Failed password for invalid user oracle from 14.215.46.94 port 62932 ssh2 Oct 8 08:14:58 cp sshd[7647]: Failed password for invalid user oracle from 14.215.46.94 port 62932 ssh2	2019-10-08 14:34:22
112.48.132.196	attackbots	Oct 8 06:00:18 andromeda postfix/smtpd\[33402\]: warning: unknown\[112.48.132.196\]: SASL LOGIN authentication failed: authentication failure Oct 8 06:00:26 andromeda postfix/smtpd\[33402\]: warning: unknown\[112.48.132.196\]: SASL LOGIN authentication failed: authentication failure Oct 8 06:00:29 andromeda postfix/smtpd\[33402\]: warning: unknown\[112.48.132.196\]: SASL LOGIN authentication failed: authentication failure Oct 8 06:00:34 andromeda postfix/smtpd\[33402\]: warning: unknown\[112.48.132.196\]: SASL LOGIN authentication failed: authentication failure Oct 8 06:00:40 andromeda postfix/smtpd\[30488\]: warning: unknown\[112.48.132.196\]: SASL LOGIN authentication failed: authentication failure	2019-10-08 14:28:24
147.135.255.107	attackspambots	Oct 8 06:50:13 www sshd\[59346\]: Invalid user sex from 147.135.255.107Oct 8 06:50:15 www sshd\[59346\]: Failed password for invalid user sex from 147.135.255.107 port 57294 ssh2Oct 8 06:57:06 www sshd\[59461\]: Invalid user paintball1 from 147.135.255.107 ...	2019-10-08 14:07:32
46.251.239.31	attackbots	2019-10-08T05:30:38.161038abusebot-5.cloudsearch.cf sshd\[31454\]: Invalid user ripley from 46.251.239.31 port 57668	2019-10-08 13:57:40
93.145.35.210	attack	Tue Oct 8 06:58:17 2019 \[pid 22939\] \[lexgold\] FTP response: Client "93.145.35.210", "530 Permission denied." Tue Oct 8 06:58:19 2019 \[pid 22941\] \[lexgold\] FTP response: Client "93.145.35.210", "530 Permission denied." Tue Oct 8 06:58:21 2019 \[pid 22946\] \[lexgold\] FTP response: Client "93.145.35.210", "530 Permission denied."	2019-10-08 13:51:52
119.52.253.2	attack	2019-10-08T04:38:35.294080abusebot-4.cloudsearch.cf sshd\[22191\]: Invalid user www from 119.52.253.2 port 55036	2019-10-08 14:25:18
77.247.110.199	attackspambots	\[2019-10-08 01:46:25\] NOTICE\[1887\] chan_sip.c: Registration from '\' failed for '77.247.110.199:50544' - Wrong password \[2019-10-08 01:46:25\] SECURITY\[1898\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-08T01:46:25.114-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2450",SessionID="0x7fc3acc3d768",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.199/50544",Challenge="39558747",ReceivedChallenge="39558747",ReceivedHash="813987cf1e80da93fd9ff13f5d01c6ac" \[2019-10-08 01:46:25\] NOTICE\[1887\] chan_sip.c: Registration from '\' failed for '77.247.110.199:50545' - Wrong password \[2019-10-08 01:46:25\] SECURITY\[1898\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-08T01:46:25.114-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2450",SessionID="0x7fc3ac2ed548",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.199/505	2019-10-08 14:01:09
61.37.82.220	attack	2019-10-08T05:05:05.579604abusebot-4.cloudsearch.cf sshd\[22311\]: Invalid user Testing@2017 from 61.37.82.220 port 53304	2019-10-08 14:03:09
152.136.116.121	attackspambots	Oct 8 07:54:47 meumeu sshd[30559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.116.121 Oct 8 07:54:48 meumeu sshd[30559]: Failed password for invalid user Centos!@# from 152.136.116.121 port 57852 ssh2 Oct 8 08:00:21 meumeu sshd[31585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.116.121 ...	2019-10-08 14:16:36
62.7.90.34	attack	2019-10-08T04:28:53.303017abusebot-7.cloudsearch.cf sshd\[14120\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.7.90.34 user=root	2019-10-08 14:24:49
222.186.175.220	attackspam	Oct 8 02:23:01 xtremcommunity sshd\[303702\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.220 user=root Oct 8 02:23:03 xtremcommunity sshd\[303702\]: Failed password for root from 222.186.175.220 port 31296 ssh2 Oct 8 02:23:07 xtremcommunity sshd\[303702\]: Failed password for root from 222.186.175.220 port 31296 ssh2 Oct 8 02:23:12 xtremcommunity sshd\[303702\]: Failed password for root from 222.186.175.220 port 31296 ssh2 Oct 8 02:23:16 xtremcommunity sshd\[303702\]: Failed password for root from 222.186.175.220 port 31296 ssh2 ...	2019-10-08 14:30:52
1.59.92.85	attackspam	Oct 7 07:18:17 localhost kernel: [4184916.839186] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=1.59.92.85 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=9721 PROTO=TCP SPT=34562 DPT=52869 WINDOW=15361 RES=0x00 SYN URGP=0 Oct 7 07:18:17 localhost kernel: [4184916.839208] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=1.59.92.85 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=9721 PROTO=TCP SPT=34562 DPT=52869 SEQ=758669438 ACK=0 WINDOW=15361 RES=0x00 SYN URGP=0 Oct 7 23:57:24 localhost kernel: [4244863.642401] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=1.59.92.85 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=13155 PROTO=TCP SPT=24289 DPT=52869 WINDOW=15361 RES=0x00 SYN URGP=0 Oct 7 23:57:24 localhost kernel: [4244863.642422] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=1.59.92.85 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=50	2019-10-08 13:56:49

最近上报的IP列表

219.242.101.179	220.144.233.125	47.215.221.3	194.0.170.238
49.234.100.188	218.5.40.107	253.251.189.224	195.191.12.33
1.195.160.108	65.3.254.36	103.145.13.227	80.28.187.29
123.171.6.137	157.245.243.236	27.213.115.223	179.191.239.225
187.107.68.86	146.148.112.54	51.83.136.117	101.200.219.18