106.12.7.75 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Dec 22 07:48:58 hpm sshd\[32508\]: Invalid user test from 106.12.7.75 Dec 22 07:48:58 hpm sshd\[32508\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75 Dec 22 07:49:00 hpm sshd\[32508\]: Failed password for invalid user test from 106.12.7.75 port 49860 ssh2 Dec 22 07:54:29 hpm sshd\[598\]: Invalid user kolbu from 106.12.7.75 Dec 22 07:54:29 hpm sshd\[598\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75	2019-12-23 06:26:05
attack	Dec 22 00:29:06 ny01 sshd[2104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75 Dec 22 00:29:08 ny01 sshd[2104]: Failed password for invalid user hardcore from 106.12.7.75 port 59092 ssh2 Dec 22 00:36:24 ny01 sshd[2871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75	2019-12-22 14:06:23
attackbots	$f2bV_matches	2019-12-16 19:15:21
attackspam	Dec 13 20:22:29 php1 sshd\[7680\]: Invalid user gilray from 106.12.7.75 Dec 13 20:22:29 php1 sshd\[7680\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75 Dec 13 20:22:31 php1 sshd\[7680\]: Failed password for invalid user gilray from 106.12.7.75 port 53842 ssh2 Dec 13 20:29:58 php1 sshd\[8620\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75 user=root Dec 13 20:29:59 php1 sshd\[8620\]: Failed password for root from 106.12.7.75 port 52266 ssh2	2019-12-14 14:42:40
attackspam	$f2bV_matches	2019-12-12 08:39:23
attackbots	$f2bV_matches	2019-12-08 21:29:09
attack	Nov 28 08:35:06 vtv3 sshd[24605]: Failed password for root from 106.12.7.75 port 34254 ssh2 Nov 28 08:42:08 vtv3 sshd[28141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75 Nov 28 08:42:10 vtv3 sshd[28141]: Failed password for invalid user sets from 106.12.7.75 port 38454 ssh2 Nov 28 08:55:52 vtv3 sshd[2277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75 Nov 28 08:55:54 vtv3 sshd[2277]: Failed password for invalid user fujiko from 106.12.7.75 port 46792 ssh2 Nov 28 09:02:51 vtv3 sshd[5191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75 Nov 28 09:16:56 vtv3 sshd[11555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75 Nov 28 09:16:58 vtv3 sshd[11555]: Failed password for invalid user masini from 106.12.7.75 port 59332 ssh2 Nov 28 09:24:07 vtv3 sshd[14470]: Failed password for root from 106.12.7.75	2019-11-28 18:54:29
attack	Invalid user cisco from 106.12.7.75 port 43312	2019-10-22 07:43:50
attackspambots	Oct 21 05:50:44 v22018076622670303 sshd\[5893\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75 user=root Oct 21 05:50:46 v22018076622670303 sshd\[5893\]: Failed password for root from 106.12.7.75 port 50642 ssh2 Oct 21 05:55:21 v22018076622670303 sshd\[5916\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75 user=root ...	2019-10-21 12:35:04
attack	Oct 15 23:11:40 pkdns2 sshd\[48181\]: Invalid user asdfgh1234 from 106.12.7.75Oct 15 23:11:42 pkdns2 sshd\[48181\]: Failed password for invalid user asdfgh1234 from 106.12.7.75 port 48712 ssh2Oct 15 23:16:14 pkdns2 sshd\[48411\]: Invalid user zhejiang520 from 106.12.7.75Oct 15 23:16:16 pkdns2 sshd\[48411\]: Failed password for invalid user zhejiang520 from 106.12.7.75 port 59368 ssh2Oct 15 23:20:39 pkdns2 sshd\[48633\]: Invalid user rry from 106.12.7.75Oct 15 23:20:41 pkdns2 sshd\[48633\]: Failed password for invalid user rry from 106.12.7.75 port 41782 ssh2 ...	2019-10-16 07:47:34
attackbots	Sep 27 20:18:16 php1 sshd\[30892\]: Invalid user hn from 106.12.7.75 Sep 27 20:18:16 php1 sshd\[30892\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75 Sep 27 20:18:18 php1 sshd\[30892\]: Failed password for invalid user hn from 106.12.7.75 port 33848 ssh2 Sep 27 20:22:48 php1 sshd\[31442\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75 user=irc Sep 27 20:22:49 php1 sshd\[31442\]: Failed password for irc from 106.12.7.75 port 37270 ssh2	2019-09-28 14:35:59
attackspam	Sep 23 03:21:37 tdfoods sshd\[5233\]: Invalid user luat from 106.12.7.75 Sep 23 03:21:37 tdfoods sshd\[5233\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75 Sep 23 03:21:39 tdfoods sshd\[5233\]: Failed password for invalid user luat from 106.12.7.75 port 54380 ssh2 Sep 23 03:26:00 tdfoods sshd\[5596\]: Invalid user xa from 106.12.7.75 Sep 23 03:26:00 tdfoods sshd\[5596\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75	2019-09-24 02:20:01
attackbotsspam	Automated report - ssh fail2ban: Sep 20 18:48:38 authentication failure Sep 20 18:48:41 wrong password, user=hhj, port=36558, ssh2 Sep 20 18:53:03 authentication failure	2019-09-21 01:17:05
attackspambots	Sep 10 05:56:10 eddieflores sshd\[4307\]: Invalid user p@ssw0rd123 from 106.12.7.75 Sep 10 05:56:10 eddieflores sshd\[4307\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75 Sep 10 05:56:12 eddieflores sshd\[4307\]: Failed password for invalid user p@ssw0rd123 from 106.12.7.75 port 38856 ssh2 Sep 10 06:01:17 eddieflores sshd\[4798\]: Invalid user 12345 from 106.12.7.75 Sep 10 06:01:17 eddieflores sshd\[4798\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75	2019-09-11 04:09:44
attackbotsspam	Aug 30 11:39:57 mail sshd\[20949\]: Failed password for invalid user 123456 from 106.12.7.75 port 49522 ssh2 Aug 30 11:43:15 mail sshd\[21574\]: Invalid user iv from 106.12.7.75 port 51902 Aug 30 11:43:15 mail sshd\[21574\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75 Aug 30 11:43:17 mail sshd\[21574\]: Failed password for invalid user iv from 106.12.7.75 port 51902 ssh2 Aug 30 11:46:42 mail sshd\[22131\]: Invalid user 123456 from 106.12.7.75 port 54266	2019-08-30 18:19:44
attackspambots	Aug 21 17:44:15 dedicated sshd[20532]: Invalid user money from 106.12.7.75 port 36698	2019-08-22 06:08:57
attack	2019-08-11T10:57:15.986400abusebot-2.cloudsearch.cf sshd\[31261\]: Invalid user fep from 106.12.7.75 port 41946	2019-08-11 19:59:40
attackspam	Aug 10 17:28:08 *** sshd[29174]: User postfix from 106.12.7.75 not allowed because not listed in AllowUsers	2019-08-11 01:50:19
attackspambots	Jul 28 06:56:06 dedicated sshd[17995]: Invalid user delvo from 106.12.7.75 port 57390	2019-07-28 12:58:14
attack	2019-07-25T03:14:16.485450abusebot-6.cloudsearch.cf sshd\[12723\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.7.75 user=root	2019-07-25 11:26:10

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.72.135	attack	SSH brutforce	2020-10-14 09:01:19
106.12.77.50	attackspam	Oct 12 14:24:20 inter-technics sshd[20975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.77.50 user=root Oct 12 14:24:22 inter-technics sshd[20975]: Failed password for root from 106.12.77.50 port 46468 ssh2 Oct 12 14:28:26 inter-technics sshd[21195]: Invalid user sheba from 106.12.77.50 port 41216 Oct 12 14:28:26 inter-technics sshd[21195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.77.50 Oct 12 14:28:26 inter-technics sshd[21195]: Invalid user sheba from 106.12.77.50 port 41216 Oct 12 14:28:28 inter-technics sshd[21195]: Failed password for invalid user sheba from 106.12.77.50 port 41216 ssh2 ...	2020-10-13 03:15:50
106.12.70.118	attackspambots	"Unauthorized connection attempt on SSHD detected"	2020-10-13 01:42:33
106.12.77.50	attack	$f2bV_matches	2020-10-12 18:43:36
106.12.70.118	attackbots	ssh brute force	2020-10-12 17:05:07
106.12.78.40	attack	2020-10-10T07:23:30.389558server.espacesoutien.com sshd[12386]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.78.40 user=root 2020-10-10T07:23:32.358597server.espacesoutien.com sshd[12386]: Failed password for root from 106.12.78.40 port 44810 ssh2 2020-10-10T07:27:25.730201server.espacesoutien.com sshd[13026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.78.40 user=root 2020-10-10T07:27:27.292879server.espacesoutien.com sshd[13026]: Failed password for root from 106.12.78.40 port 37046 ssh2 ...	2020-10-10 16:02:13
106.12.72.135	attack	Oct 9 12:45:48 shivevps sshd[1299]: Failed password for invalid user hefty from 106.12.72.135 port 37908 ssh2 Oct 9 12:49:32 shivevps sshd[1431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.72.135 user=root Oct 9 12:49:34 shivevps sshd[1431]: Failed password for root from 106.12.72.135 port 58264 ssh2 ...	2020-10-10 01:56:53
106.12.77.50	attack	Lines containing failures of 106.12.77.50 Oct 5 20:22:12 nextcloud sshd[6125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.77.50 user=r.r Oct 5 20:22:15 nextcloud sshd[6125]: Failed password for r.r from 106.12.77.50 port 47310 ssh2 Oct 5 20:22:15 nextcloud sshd[6125]: Received disconnect from 106.12.77.50 port 47310:11: Bye Bye [preauth] Oct 5 20:22:15 nextcloud sshd[6125]: Disconnected from authenticating user r.r 106.12.77.50 port 47310 [preauth] Oct 5 20:37:31 nextcloud sshd[8209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.77.50 user=r.r Oct 5 20:37:33 nextcloud sshd[8209]: Failed password for r.r from 106.12.77.50 port 53436 ssh2 Oct 5 20:37:33 nextcloud sshd[8209]: Received disconnect from 106.12.77.50 port 53436:11: Bye Bye [preauth] Oct 5 20:37:33 nextcloud sshd[8209]: Disconnected from authenticating user r.r 106.12.77.50 port 53436 [preauth] Oct 5 ........ ------------------------------	2020-10-09 07:01:21
106.12.71.159	attackspam	Oct 8 20:06:24 host1 sshd[1594409]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.71.159 user=root Oct 8 20:06:26 host1 sshd[1594409]: Failed password for root from 106.12.71.159 port 56632 ssh2 ...	2020-10-09 04:58:23
106.12.77.50	attackspambots	Lines containing failures of 106.12.77.50 Oct 5 20:22:12 nextcloud sshd[6125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.77.50 user=r.r Oct 5 20:22:15 nextcloud sshd[6125]: Failed password for r.r from 106.12.77.50 port 47310 ssh2 Oct 5 20:22:15 nextcloud sshd[6125]: Received disconnect from 106.12.77.50 port 47310:11: Bye Bye [preauth] Oct 5 20:22:15 nextcloud sshd[6125]: Disconnected from authenticating user r.r 106.12.77.50 port 47310 [preauth] Oct 5 20:37:31 nextcloud sshd[8209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.77.50 user=r.r Oct 5 20:37:33 nextcloud sshd[8209]: Failed password for r.r from 106.12.77.50 port 53436 ssh2 Oct 5 20:37:33 nextcloud sshd[8209]: Received disconnect from 106.12.77.50 port 53436:11: Bye Bye [preauth] Oct 5 20:37:33 nextcloud sshd[8209]: Disconnected from authenticating user r.r 106.12.77.50 port 53436 [preauth] Oct 5 ........ ------------------------------	2020-10-08 23:26:39
106.12.71.159	attackbots	(sshd) Failed SSH login from 106.12.71.159 (CN/China/-): 5 in the last 3600 secs	2020-10-08 21:10:57
106.12.77.50	attackspambots	SSH login attempts.	2020-10-08 15:22:36
106.12.71.159	attackspam	Oct 7 22:46:48 h2829583 sshd[21228]: Failed password for root from 106.12.71.159 port 41988 ssh2	2020-10-08 13:05:38
106.12.71.159	attackbots	Oct 7 22:46:48 h2829583 sshd[21228]: Failed password for root from 106.12.71.159 port 41988 ssh2	2020-10-08 08:26:34
106.12.72.135	attackspam	Oct 7 17:00:29 mellenthin sshd[15878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.72.135 user=root Oct 7 17:00:31 mellenthin sshd[15878]: Failed password for invalid user root from 106.12.72.135 port 53146 ssh2	2020-10-08 00:42:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.7.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65353
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.7.75.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 25 11:26:02 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 75.7.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 75.7.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
222.186.175.216	attackbotsspam	Dec 1 08:11:42 hanapaa sshd\[19736\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.216 user=root Dec 1 08:11:44 hanapaa sshd\[19736\]: Failed password for root from 222.186.175.216 port 58082 ssh2 Dec 1 08:12:01 hanapaa sshd\[19765\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.216 user=root Dec 1 08:12:03 hanapaa sshd\[19765\]: Failed password for root from 222.186.175.216 port 19712 ssh2 Dec 1 08:12:07 hanapaa sshd\[19765\]: Failed password for root from 222.186.175.216 port 19712 ssh2	2019-12-02 02:13:06
222.186.175.154	attack	Dec 1 18:16:02 thevastnessof sshd[5316]: Failed password for root from 222.186.175.154 port 6356 ssh2 ...	2019-12-02 02:16:09
197.155.111.135	attack	$f2bV_matches	2019-12-02 02:04:55
69.94.131.103	attackbots	Postfix DNSBL listed. Trying to send SPAM.	2019-12-02 02:22:19
165.22.198.38	attackbotsspam	port scan/probe/communication attempt; port 23	2019-12-02 02:42:06
185.176.27.2	attack	12/01/2019-19:19:23.643622 185.176.27.2 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-12-02 02:36:01
123.21.230.207	attack	Lines containing failures of 123.21.230.207 Dec 1 15:31:48 omfg postfix/smtpd[10693]: connect from unknown[123.21.230.207] Dec 1 15:31:50 omfg postfix/smtpd[10693]: Anonymous TLS connection established from unknown[123.21.230.207]: TLSv1.2 whostnameh cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bhostnames) Dec x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=123.21.230.207	2019-12-02 02:33:56
77.235.21.147	attack	Dec 1 17:40:04 srv01 sshd[5029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.235.21.147 user=mail Dec 1 17:40:06 srv01 sshd[5029]: Failed password for mail from 77.235.21.147 port 40114 ssh2 Dec 1 17:43:45 srv01 sshd[5199]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.235.21.147 user=news Dec 1 17:43:47 srv01 sshd[5199]: Failed password for news from 77.235.21.147 port 47690 ssh2 Dec 1 17:47:19 srv01 sshd[5472]: Invalid user delker from 77.235.21.147 port 55500 ...	2019-12-02 02:40:03
181.177.250.9	attack	12/01/2019-09:41:12.248641 181.177.250.9 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-12-02 02:20:56
223.204.82.48	attack	firewall-block, port(s): 26/tcp	2019-12-02 02:32:58
61.160.82.82	attackbots	Dec 1 18:05:18 icinga sshd[23085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.160.82.82 Dec 1 18:05:19 icinga sshd[23085]: Failed password for invalid user cayley from 61.160.82.82 port 37323 ssh2 ...	2019-12-02 02:11:32
14.11.36.2	attackspambots	Dec 1 15:41:23 hell sshd[14998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.11.36.2 Dec 1 15:41:23 hell sshd[15000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.11.36.2 ...	2019-12-02 02:12:05
89.35.39.180	attackbots	WordPress wp-login brute force :: 89.35.39.180 0.152 - [01/Dec/2019:17:38:38 0000] www.[censored_1] "POST /wp-login.php HTTP/1.1" 200 2042 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.90 Safari/537.36 2345Explorer/9.3.2.17331" "HTTP/1.1"	2019-12-02 02:38:55
175.176.193.234	attackspam	Unauthorized access or intrusion attempt detected from Thor banned IP	2019-12-02 02:19:55
222.186.180.6	attackbots	Dec 1 15:06:45 firewall sshd[9354]: Failed password for root from 222.186.180.6 port 61680 ssh2 Dec 1 15:06:48 firewall sshd[9354]: Failed password for root from 222.186.180.6 port 61680 ssh2 Dec 1 15:06:52 firewall sshd[9354]: Failed password for root from 222.186.180.6 port 61680 ssh2 ...	2019-12-02 02:08:58

最近上报的IP列表

45.67.57.28	125.26.132.137	173.234.153.122	91.67.35.152
66.70.130.146	54.38.55.227	76.118.24.164	198.58.122.84
129.211.22.196	101.79.166.108	134.73.76.209	80.213.255.129
151.16.22.92	84.236.30.228	185.11.69.2	14.236.21.199
192.99.55.200	189.250.162.110	112.134.105.58	182.23.208.214