106.12.145.126

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Invalid user hola from 106.12.145.126 port 47428	2020-04-18 13:57:11
attackbots	$f2bV_matches	2020-04-10 00:18:07
attack	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-04-08 06:04:19
attack	Apr 5 00:41:26 v22019038103785759 sshd\[6678\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.145.126 user=root Apr 5 00:41:28 v22019038103785759 sshd\[6678\]: Failed password for root from 106.12.145.126 port 52480 ssh2 Apr 5 00:45:52 v22019038103785759 sshd\[7030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.145.126 user=root Apr 5 00:45:54 v22019038103785759 sshd\[7030\]: Failed password for root from 106.12.145.126 port 51804 ssh2 Apr 5 00:50:28 v22019038103785759 sshd\[7429\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.145.126 user=root ...	2020-04-05 09:06:18
attackbotsspam	Apr 4 06:11:41 eventyay sshd[15935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.145.126 Apr 4 06:11:43 eventyay sshd[15935]: Failed password for invalid user linuxtest from 106.12.145.126 port 45708 ssh2 Apr 4 06:16:34 eventyay sshd[16121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.145.126 ...	2020-04-04 13:49:03
attackbotsspam	Invalid user qdyh from 106.12.145.126 port 40080	2020-03-27 08:21:24
attack	2020-03-18T06:36:16.424110ionos.janbro.de sshd[70348]: Invalid user ubuntu from 106.12.145.126 port 37252 2020-03-18T06:36:18.227194ionos.janbro.de sshd[70348]: Failed password for invalid user ubuntu from 106.12.145.126 port 37252 ssh2 2020-03-18T06:37:54.430925ionos.janbro.de sshd[70366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.145.126 user=root 2020-03-18T06:37:56.464161ionos.janbro.de sshd[70366]: Failed password for root from 106.12.145.126 port 58974 ssh2 2020-03-18T06:39:35.864702ionos.janbro.de sshd[70371]: Invalid user deluge from 106.12.145.126 port 52454 2020-03-18T06:39:36.032236ionos.janbro.de sshd[70371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.145.126 2020-03-18T06:39:35.864702ionos.janbro.de sshd[70371]: Invalid user deluge from 106.12.145.126 port 52454 2020-03-18T06:39:37.959369ionos.janbro.de sshd[70371]: Failed password for invalid user deluge from 106.12.1 ...	2020-03-18 18:21:58

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.145.1	attack	Automatic report - Banned IP Access	2020-08-21 23:11:39
106.12.145.194	attack	[Aegis] @ 2020-01-17 02:03:05 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2020-05-02 03:22:29
106.12.145.152	attackbotsspam	2019-08-11T07:26:41.305628Z 179cd6ea2e24 New connection: 106.12.145.152:49326 (172.17.0.3:2222) [session: 179cd6ea2e24] 2019-08-11T07:43:00.699306Z c5b120235759 New connection: 106.12.145.152:42874 (172.17.0.3:2222) [session: c5b120235759]	2019-08-12 02:14:11
106.12.145.152	attackspam	30.07.2019 09:34:41 SSH access blocked by firewall	2019-07-30 19:21:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.145.126
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52206
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.145.126.			IN	A

;; AUTHORITY SECTION:
.			509	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031800 1800 900 604800 86400

;; Query time: 50 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 18 18:21:53 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 126.145.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 126.145.12.106.in-addr.arpa.: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
139.155.20.146	attackspambots	Jan 2 00:22:50 localhost sshd\[50892\]: Invalid user sajadior from 139.155.20.146 port 52084 Jan 2 00:22:50 localhost sshd\[50892\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.20.146 Jan 2 00:22:53 localhost sshd\[50892\]: Failed password for invalid user sajadior from 139.155.20.146 port 52084 ssh2 Jan 2 00:26:54 localhost sshd\[50951\]: Invalid user mypassword from 139.155.20.146 port 49896 Jan 2 00:26:54 localhost sshd\[50951\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.20.146 ...	2020-01-02 09:22:03
118.89.240.188	attackspam	Jan 2 00:31:44 localhost sshd\[51079\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.240.188 user=root Jan 2 00:31:46 localhost sshd\[51079\]: Failed password for root from 118.89.240.188 port 47910 ssh2 Jan 2 00:34:19 localhost sshd\[51145\]: Invalid user dulcia from 118.89.240.188 port 35930 Jan 2 00:34:19 localhost sshd\[51145\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.240.188 Jan 2 00:34:21 localhost sshd\[51145\]: Failed password for invalid user dulcia from 118.89.240.188 port 35930 ssh2 ...	2020-01-02 09:10:41
68.183.178.162	attackspambots	Jan 2 00:20:11 h2177944 sshd\[13754\]: Invalid user dushan from 68.183.178.162 port 34872 Jan 2 00:20:11 h2177944 sshd\[13754\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.178.162 Jan 2 00:20:13 h2177944 sshd\[13754\]: Failed password for invalid user dushan from 68.183.178.162 port 34872 ssh2 Jan 2 00:21:12 h2177944 sshd\[13809\]: Invalid user adee from 68.183.178.162 port 39188 ...	2020-01-02 09:20:25
207.107.67.67	attack	Jan 2 01:56:02 srv-ubuntu-dev3 sshd[116673]: Invalid user armend from 207.107.67.67 Jan 2 01:56:02 srv-ubuntu-dev3 sshd[116673]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.107.67.67 Jan 2 01:56:02 srv-ubuntu-dev3 sshd[116673]: Invalid user armend from 207.107.67.67 Jan 2 01:56:05 srv-ubuntu-dev3 sshd[116673]: Failed password for invalid user armend from 207.107.67.67 port 47300 ssh2 Jan 2 01:58:43 srv-ubuntu-dev3 sshd[116920]: Invalid user suvendu from 207.107.67.67 Jan 2 01:58:43 srv-ubuntu-dev3 sshd[116920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.107.67.67 Jan 2 01:58:43 srv-ubuntu-dev3 sshd[116920]: Invalid user suvendu from 207.107.67.67 Jan 2 01:58:45 srv-ubuntu-dev3 sshd[116920]: Failed password for invalid user suvendu from 207.107.67.67 port 47814 ssh2 Jan 2 02:01:30 srv-ubuntu-dev3 sshd[117123]: Invalid user edith from 207.107.67.67 ...	2020-01-02 09:13:16
54.36.238.211	attackbots	\[2020-01-01 19:45:49\] NOTICE\[2839\] chan_sip.c: Registration from '"30" \' failed for '54.36.238.211:5065' - Wrong password \[2020-01-01 19:45:49\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-01-01T19:45:49.807-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="30",SessionID="0x7f0fb402c7e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/54.36.238.211/5065",Challenge="448ed841",ReceivedChallenge="448ed841",ReceivedHash="9402414a50ee7cf56be889fa5cf3e99d" \[2020-01-01 19:45:50\] NOTICE\[2839\] chan_sip.c: Registration from '"30" \' failed for '54.36.238.211:5065' - Wrong password \[2020-01-01 19:45:50\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-01-01T19:45:50.006-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="30",SessionID="0x7f0fb411ab78",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/54.36.238.	2020-01-02 09:03:01
157.230.190.1	attackspam	2020-01-02T04:57:10.511551shield sshd\[5287\]: Invalid user sallimus from 157.230.190.1 port 48824 2020-01-02T04:57:10.515776shield sshd\[5287\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.190.1 2020-01-02T04:57:12.455862shield sshd\[5287\]: Failed password for invalid user sallimus from 157.230.190.1 port 48824 ssh2 2020-01-02T04:59:35.702349shield sshd\[5892\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.190.1 user=sshd 2020-01-02T04:59:37.883307shield sshd\[5892\]: Failed password for sshd from 157.230.190.1 port 42400 ssh2	2020-01-02 13:00:53
147.139.132.146	attackbotsspam	Jan 1 23:39:49 server sshd[37817]: Failed password for invalid user pracownik from 147.139.132.146 port 38630 ssh2 Jan 1 23:46:22 server sshd[38176]: Failed password for invalid user oracle from 147.139.132.146 port 50114 ssh2 Jan 1 23:50:46 server sshd[38423]: Failed password for root from 147.139.132.146 port 51552 ssh2	2020-01-02 09:22:28
200.29.108.214	attackspam	Jan 2 01:39:12 server sshd\[11921\]: Invalid user zbigniew from 200.29.108.214 Jan 2 01:39:12 server sshd\[11921\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=selvamotor.emcali.net.co Jan 2 01:39:14 server sshd\[11921\]: Failed password for invalid user zbigniew from 200.29.108.214 port 46753 ssh2 Jan 2 01:51:41 server sshd\[14597\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=selvamotor.emcali.net.co user=operator Jan 2 01:51:43 server sshd\[14597\]: Failed password for operator from 200.29.108.214 port 25633 ssh2 ...	2020-01-02 08:52:07
222.186.180.130	attack	Unauthorized connection attempt detected from IP address 222.186.180.130 to port 22	2020-01-02 08:56:40
59.127.172.234	attack	Jan 1 22:51:08 *** sshd[18104]: Invalid user osnes from 59.127.172.234	2020-01-02 09:12:11
183.235.220.232	attackspambots	Jan 2 01:14:02 legacy sshd[24458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.235.220.232 Jan 2 01:14:04 legacy sshd[24458]: Failed password for invalid user test from 183.235.220.232 port 32805 ssh2 Jan 2 01:16:16 legacy sshd[24562]: Failed password for root from 183.235.220.232 port 48916 ssh2 ...	2020-01-02 09:23:55
106.75.122.168	attack	2020-01-01T23:44:35.191861pl1.awoom.xyz sshd[22824]: Invalid user schlichting from 106.75.122.168 port 34292 2020-01-01T23:44:35.197194pl1.awoom.xyz sshd[22824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.122.168 2020-01-01T23:44:35.191861pl1.awoom.xyz sshd[22824]: Invalid user schlichting from 106.75.122.168 port 34292 2020-01-01T23:44:37.185177pl1.awoom.xyz sshd[22824]: Failed password for invalid user schlichting from 106.75.122.168 port 34292 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.75.122.168	2020-01-02 09:00:59
134.90.149.148	attackspambots	0,17-03/06 [bc01/m08] PostRequest-Spammer scoring: essen	2020-01-02 09:20:42
142.93.48.216	attackbots	Automatic report - XMLRPC Attack	2020-01-02 08:52:40
185.176.27.118	attack	Jan 2 02:09:16 mc1 kernel: \[2086136.156675\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.118 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=1467 PROTO=TCP SPT=43120 DPT=8835 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 2 02:11:52 mc1 kernel: \[2086292.189521\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.118 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=25608 PROTO=TCP SPT=43120 DPT=13427 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 2 02:13:14 mc1 kernel: \[2086373.834531\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.118 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=24464 PROTO=TCP SPT=43120 DPT=5951 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-01-02 09:16:39

最近上报的IP列表

14.219.91.151	128.232.194.101	34.81.193.214	107.80.176.177
78.207.22.205	236.135.136.211	239.141.62.17	137.10.235.1
188.34.178.117	62.210.29.142	173.55.157.224	13.227.209.190
61.191.55.33	192.70.121.169	178.128.53.79	60.167.22.138
42.127.104.179	181.64.176.95	53.232.216.113	190.200.46.107