106.12.2.93 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-05 13:26:55

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.242.123	attackbotsspam	Oct 13 23:54:21 ip-172-31-16-56 sshd\[6082\]: Invalid user temp from 106.12.242.123\ Oct 13 23:54:23 ip-172-31-16-56 sshd\[6082\]: Failed password for invalid user temp from 106.12.242.123 port 48000 ssh2\ Oct 13 23:58:15 ip-172-31-16-56 sshd\[6134\]: Invalid user web from 106.12.242.123\ Oct 13 23:58:17 ip-172-31-16-56 sshd\[6134\]: Failed password for invalid user web from 106.12.242.123 port 46096 ssh2\ Oct 14 00:02:21 ip-172-31-16-56 sshd\[6162\]: Failed password for root from 106.12.242.123 port 44194 ssh2\	2020-10-14 08:35:05
106.12.25.96	attackbotsspam	Oct 13 21:44:58 mavik sshd[15180]: Failed password for root from 106.12.25.96 port 44686 ssh2 Oct 13 21:46:24 mavik sshd[15294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.25.96 user=root Oct 13 21:46:27 mavik sshd[15294]: Failed password for root from 106.12.25.96 port 37946 ssh2 Oct 13 21:47:53 mavik sshd[15342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.25.96 user=root Oct 13 21:47:54 mavik sshd[15342]: Failed password for root from 106.12.25.96 port 59428 ssh2 ...	2020-10-14 08:21:48
106.12.220.84	attack	Oct 13 23:50:41 pve1 sshd[8381]: Failed password for root from 106.12.220.84 port 48488 ssh2 ...	2020-10-14 06:57:34
106.12.20.195	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-10-14 01:58:18
106.12.20.195	attackspambots	ET SCAN NMAP -sS window 1024	2020-10-13 17:11:09
106.12.219.184	attack	Oct 12 16:35:54 mavik sshd[12611]: Invalid user test from 106.12.219.184 Oct 12 16:35:54 mavik sshd[12611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.219.184 Oct 12 16:35:56 mavik sshd[12611]: Failed password for invalid user test from 106.12.219.184 port 52482 ssh2 Oct 12 16:40:53 mavik sshd[13065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.219.184 user=root Oct 12 16:40:54 mavik sshd[13065]: Failed password for root from 106.12.219.184 port 49124 ssh2 ...	2020-10-13 04:35:34
106.12.216.155	attackspam	Hacking	2020-10-13 03:37:18
106.12.219.184	attackspambots	Invalid user patrick from 106.12.219.184 port 52698	2020-10-12 20:15:38
106.12.216.155	attackspambots	Hacking	2020-10-12 19:09:34
106.12.206.3	attack	2020-10-11T18:28:41.446763abusebot-4.cloudsearch.cf sshd[809]: Invalid user dev from 106.12.206.3 port 43810 2020-10-11T18:28:41.452994abusebot-4.cloudsearch.cf sshd[809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.3 2020-10-11T18:28:41.446763abusebot-4.cloudsearch.cf sshd[809]: Invalid user dev from 106.12.206.3 port 43810 2020-10-11T18:28:43.722313abusebot-4.cloudsearch.cf sshd[809]: Failed password for invalid user dev from 106.12.206.3 port 43810 ssh2 2020-10-11T18:32:30.086648abusebot-4.cloudsearch.cf sshd[856]: Invalid user dev from 106.12.206.3 port 38066 2020-10-11T18:32:30.092646abusebot-4.cloudsearch.cf sshd[856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.3 2020-10-11T18:32:30.086648abusebot-4.cloudsearch.cf sshd[856]: Invalid user dev from 106.12.206.3 port 38066 2020-10-11T18:32:32.467190abusebot-4.cloudsearch.cf sshd[856]: Failed password for invalid user dev fr ...	2020-10-12 05:40:35
106.12.215.238	attackbots	Oct 11 15:22:09 Tower sshd[22634]: Connection from 106.12.215.238 port 59798 on 192.168.10.220 port 22 rdomain "" Oct 11 15:22:11 Tower sshd[22634]: Invalid user brad from 106.12.215.238 port 59798 Oct 11 15:22:11 Tower sshd[22634]: error: Could not get shadow information for NOUSER Oct 11 15:22:11 Tower sshd[22634]: Failed password for invalid user brad from 106.12.215.238 port 59798 ssh2 Oct 11 15:22:11 Tower sshd[22634]: Received disconnect from 106.12.215.238 port 59798:11: Bye Bye [preauth] Oct 11 15:22:11 Tower sshd[22634]: Disconnected from invalid user brad 106.12.215.238 port 59798 [preauth]	2020-10-12 05:27:29
106.12.206.3	attack	Oct 11 15:08:42 marvibiene sshd[19158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.3 Oct 11 15:08:43 marvibiene sshd[19158]: Failed password for invalid user ftp from 106.12.206.3 port 55496 ssh2	2020-10-11 21:47:23
106.12.215.238	attackspam	Oct 11 06:54:02 staging sshd[298025]: Invalid user edgar from 106.12.215.238 port 35298 Oct 11 06:54:02 staging sshd[298025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.238 Oct 11 06:54:02 staging sshd[298025]: Invalid user edgar from 106.12.215.238 port 35298 Oct 11 06:54:04 staging sshd[298025]: Failed password for invalid user edgar from 106.12.215.238 port 35298 ssh2 ...	2020-10-11 21:33:39
106.12.206.3	attackbots	Brute-force attempt banned	2020-10-11 13:44:15
106.12.215.238	attack	Oct 11 04:46:16 staging sshd[296353]: Invalid user prueba1 from 106.12.215.238 port 34512 Oct 11 04:46:16 staging sshd[296353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.238 Oct 11 04:46:16 staging sshd[296353]: Invalid user prueba1 from 106.12.215.238 port 34512 Oct 11 04:46:18 staging sshd[296353]: Failed password for invalid user prueba1 from 106.12.215.238 port 34512 ssh2 ...	2020-10-11 13:30:25

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.2.93
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46102
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.2.93.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100500 1800 900 604800 86400

;; Query time: 88 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 05 13:26:51 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 93.2.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 93.2.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
47.146.149.72	attackbots	DATE:2019-07-22_05:02:30, IP:47.146.149.72, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-07-22 19:42:01
187.149.80.232	attack	" "	2019-07-22 19:43:35
78.100.18.81	attack	Jul 22 13:20:58 MK-Soft-Root1 sshd\[17120\]: Invalid user db from 78.100.18.81 port 58403 Jul 22 13:20:58 MK-Soft-Root1 sshd\[17120\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.100.18.81 Jul 22 13:21:01 MK-Soft-Root1 sshd\[17120\]: Failed password for invalid user db from 78.100.18.81 port 58403 ssh2 ...	2019-07-22 20:20:34
31.208.161.68	attackspambots	" "	2019-07-22 19:42:36
117.5.211.186	attackbots	Unauthorized connection attempt from IP address 117.5.211.186 on Port 445(SMB)	2019-07-22 20:06:42
113.175.84.232	attack	Unauthorized connection attempt from IP address 113.175.84.232 on Port 445(SMB)	2019-07-22 19:50:18
36.65.16.28	attack	Unauthorized connection attempt from IP address 36.65.16.28 on Port 445(SMB)	2019-07-22 19:48:05
178.22.220.28	attackbotsspam	WordPress XMLRPC scan :: 178.22.220.28 0.176 BYPASS [22/Jul/2019:13:01:59 1000] www.[censored_1] "POST /xmlrpc.php HTTP/1.1" 200 382 "https://www.[censored_1]/" "PHP/6.2.30"	2019-07-22 20:11:47
78.97.218.204	attackbotsspam	Jul 22 12:42:49 minden010 sshd[11707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.97.218.204 Jul 22 12:42:51 minden010 sshd[11707]: Failed password for invalid user john from 78.97.218.204 port 60410 ssh2 Jul 22 12:47:46 minden010 sshd[13402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.97.218.204 ...	2019-07-22 19:45:37
177.17.255.10	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-22 02:18:40,609 INFO [amun_request_handler] PortScan Detected on Port: 445 (177.17.255.10)	2019-07-22 20:18:21
89.210.73.104	attackbotsspam	Honeypot attack, port: 23, PTR: ppp089210073104.access.hol.gr.	2019-07-22 19:39:51
14.229.2.231	attack	Unauthorized connection attempt from IP address 14.229.2.231 on Port 445(SMB)	2019-07-22 20:07:44
106.75.65.85	attack	22.07.2019 05:45:06 Connection to port 119 blocked by firewall	2019-07-22 19:55:10
180.191.160.204	attack	Unauthorized connection attempt from IP address 180.191.160.204 on Port 445(SMB)	2019-07-22 20:04:57
111.248.91.9	attack	Unauthorized connection attempt from IP address 111.248.91.9 on Port 445(SMB)	2019-07-22 20:21:42

最近上报的IP列表

185.2.5.67	236.26.111.70	221.246.188.58	80.211.50.102
35.228.209.46	124.161.8.31	216.133.22.162	43.87.178.200
73.228.183.157	189.89.44.190	216.141.195.46	100.133.67.125
183.38.182.255	157.230.24.124	182.192.32.180	42.179.177.16
188.132.129.14	106.51.104.155	125.40.230.70	177.50.220.210