106.12.75.245 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Jul 29 11:14:54 localhost sshd\[902\]: Invalid user wp-user from 106.12.75.245 port 35062 Jul 29 11:14:54 localhost sshd\[902\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.75.245 ...	2019-07-29 18:15:34
attackbots	2019-07-19T08:04:40.092584abusebot.cloudsearch.cf sshd\[15178\]: Invalid user design from 106.12.75.245 port 59882	2019-07-19 16:24:12
attackspam	Jul 18 14:22:30 mail sshd\[16548\]: Invalid user adam from 106.12.75.245 port 48814 Jul 18 14:22:30 mail sshd\[16548\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.75.245 Jul 18 14:22:32 mail sshd\[16548\]: Failed password for invalid user adam from 106.12.75.245 port 48814 ssh2 Jul 18 14:26:41 mail sshd\[17125\]: Invalid user jeremy from 106.12.75.245 port 53818 Jul 18 14:26:41 mail sshd\[17125\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.75.245	2019-07-18 20:43:51
attackbots	Jul 18 05:00:02 mail sshd\[8793\]: Invalid user ali from 106.12.75.245 port 45508 Jul 18 05:00:02 mail sshd\[8793\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.75.245 Jul 18 05:00:04 mail sshd\[8793\]: Failed password for invalid user ali from 106.12.75.245 port 45508 ssh2 Jul 18 05:03:45 mail sshd\[9729\]: Invalid user lambda from 106.12.75.245 port 50484 Jul 18 05:03:45 mail sshd\[9729\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.75.245	2019-07-18 11:12:22
attack	Jul 17 16:38:37 icinga sshd[7442]: Failed password for root from 106.12.75.245 port 51964 ssh2 ...	2019-07-17 23:04:45

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.75.43	attack	Aug 4 06:56:40 Tower sshd[41632]: refused connect from 163.172.133.23 (163.172.133.23) Aug 5 03:57:31 Tower sshd[41632]: Connection from 106.12.75.43 port 41724 on 192.168.10.220 port 22 rdomain "" Aug 5 03:57:33 Tower sshd[41632]: Failed password for root from 106.12.75.43 port 41724 ssh2 Aug 5 03:57:34 Tower sshd[41632]: Received disconnect from 106.12.75.43 port 41724:11: Bye Bye [preauth] Aug 5 03:57:34 Tower sshd[41632]: Disconnected from authenticating user root 106.12.75.43 port 41724 [preauth]	2020-08-05 17:02:49
106.12.75.43	attack	Jul 25 18:48:57 vps647732 sshd[8716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.75.43 Jul 25 18:48:59 vps647732 sshd[8716]: Failed password for invalid user sven from 106.12.75.43 port 58096 ssh2 ...	2020-07-26 02:10:43
106.12.75.43	attackbotsspam	Jul 19 02:55:28 firewall sshd[9042]: Invalid user kkm from 106.12.75.43 Jul 19 02:55:30 firewall sshd[9042]: Failed password for invalid user kkm from 106.12.75.43 port 46802 ssh2 Jul 19 02:58:41 firewall sshd[9099]: Invalid user minecraft from 106.12.75.43 ...	2020-07-19 15:33:47
106.12.75.43	attackbots	Jul 11 09:40:34 l03 sshd[32731]: Invalid user vilette from 106.12.75.43 port 51810 ...	2020-07-11 19:25:28
106.12.75.43	attackspambots	Invalid user alan from 106.12.75.43 port 52794	2020-06-20 12:48:06
106.12.75.60	attackspambots	$f2bV_matches	2020-05-16 05:29:21
106.12.75.60	attackbots	May 11 23:37:32 vpn01 sshd[15728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.75.60 May 11 23:37:35 vpn01 sshd[15728]: Failed password for invalid user test from 106.12.75.60 port 58938 ssh2 ...	2020-05-12 05:53:12
106.12.75.60	attackspam	ssh brute force	2020-05-07 14:58:10
106.12.75.175	attack	(sshd) Failed SSH login from 106.12.75.175 (CN/China/-): 5 in the last 3600 secs	2020-04-18 19:31:28
106.12.75.175	attackspam	Apr 11 07:39:04 eventyay sshd[2155]: Failed password for root from 106.12.75.175 port 41600 ssh2 Apr 11 07:42:26 eventyay sshd[2268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.75.175 Apr 11 07:42:28 eventyay sshd[2268]: Failed password for invalid user glassfish from 106.12.75.175 port 52978 ssh2 ...	2020-04-11 13:44:20
106.12.75.175	attackbots	Apr 10 20:01:13 h1745522 sshd[9889]: Invalid user talhilya from 106.12.75.175 port 48988 Apr 10 20:01:13 h1745522 sshd[9889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.75.175 Apr 10 20:01:13 h1745522 sshd[9889]: Invalid user talhilya from 106.12.75.175 port 48988 Apr 10 20:01:14 h1745522 sshd[9889]: Failed password for invalid user talhilya from 106.12.75.175 port 48988 ssh2 Apr 10 20:05:30 h1745522 sshd[9980]: Invalid user jenkins from 106.12.75.175 port 45950 Apr 10 20:05:30 h1745522 sshd[9980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.75.175 Apr 10 20:05:30 h1745522 sshd[9980]: Invalid user jenkins from 106.12.75.175 port 45950 Apr 10 20:05:33 h1745522 sshd[9980]: Failed password for invalid user jenkins from 106.12.75.175 port 45950 ssh2 Apr 10 20:09:21 h1745522 sshd[10154]: Invalid user mysftp from 106.12.75.175 port 42940 ...	2020-04-11 02:15:28
106.12.75.175	attack	Apr 8 09:57:01 [HOSTNAME] sshd[25985]: Invalid user nithya from 106.12.75.175 port 56360 Apr 8 09:57:01 [HOSTNAME] sshd[25985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.75.175 Apr 8 09:57:03 [HOSTNAME] sshd[25985]: Failed password for invalid user nithya from 106.12.75.175 port 56360 ssh2 ...	2020-04-08 18:22:41
106.12.75.175	attackspambots	Invalid user eden from 106.12.75.175 port 54528	2020-04-05 15:06:45
106.12.75.175	attackbots	Apr 3 18:56:23 vlre-nyc-1 sshd\[20381\]: Invalid user lijinming from 106.12.75.175 Apr 3 18:56:23 vlre-nyc-1 sshd\[20381\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.75.175 Apr 3 18:56:25 vlre-nyc-1 sshd\[20381\]: Failed password for invalid user lijinming from 106.12.75.175 port 38690 ssh2 Apr 3 19:00:43 vlre-nyc-1 sshd\[20465\]: Invalid user ubuntu from 106.12.75.175 Apr 3 19:00:43 vlre-nyc-1 sshd\[20465\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.75.175 ...	2020-04-04 03:58:13
106.12.75.175	attackbots	$f2bV_matches	2020-04-03 04:20:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.75.245
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63004
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.75.245.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071301 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 14 12:50:36 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 245.75.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 245.75.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
106.12.114.35	attackspambots	Jun 6 06:11:54 Host-KEWR-E sshd[1698]: Disconnected from invalid user root 106.12.114.35 port 60658 [preauth] ...	2020-06-06 20:36:28
106.53.102.196	attackbotsspam	Jun 5 20:16:59 php1 sshd\[10703\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.102.196 user=root Jun 5 20:17:01 php1 sshd\[10703\]: Failed password for root from 106.53.102.196 port 34394 ssh2 Jun 5 20:20:18 php1 sshd\[10930\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.102.196 user=root Jun 5 20:20:20 php1 sshd\[10930\]: Failed password for root from 106.53.102.196 port 42352 ssh2 Jun 5 20:23:31 php1 sshd\[11179\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.102.196 user=root	2020-06-06 20:06:05
206.189.235.233	attackbotsspam	$f2bV_matches	2020-06-06 20:21:30
96.125.164.246	attack	Jun 6 13:47:38 srv2 sshd\[14478\]: Invalid user 91.238.176.131 from 96.125.164.246 port 56228 Jun 6 13:50:20 srv2 sshd\[14522\]: Invalid user 91.149.48.102 from 96.125.164.246 port 57140 Jun 6 13:53:02 srv2 sshd\[14554\]: Invalid user 91.146.100.98 from 96.125.164.246 port 55856	2020-06-06 20:04:52
159.203.27.146	attackspambots	Jun 6 14:12:11 OPSO sshd\[21986\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.27.146 user=root Jun 6 14:12:13 OPSO sshd\[21986\]: Failed password for root from 159.203.27.146 port 43266 ssh2 Jun 6 14:14:59 OPSO sshd\[22130\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.27.146 user=root Jun 6 14:15:00 OPSO sshd\[22130\]: Failed password for root from 159.203.27.146 port 33630 ssh2 Jun 6 14:17:41 OPSO sshd\[22650\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.27.146 user=root	2020-06-06 20:30:54
37.187.105.36	attackbots	Jun 6 09:56:00 marvibiene sshd[4593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.105.36 user=root Jun 6 09:56:02 marvibiene sshd[4593]: Failed password for root from 37.187.105.36 port 48590 ssh2 Jun 6 10:08:54 marvibiene sshd[4714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.105.36 user=root Jun 6 10:08:56 marvibiene sshd[4714]: Failed password for root from 37.187.105.36 port 56786 ssh2 ...	2020-06-06 19:57:39
35.195.238.142	attack	Invalid user backup from 35.195.238.142 port 51900	2020-06-06 20:19:42
181.48.46.195	attack	Jun 6 05:41:45 web8 sshd\[622\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.46.195 user=root Jun 6 05:41:48 web8 sshd\[622\]: Failed password for root from 181.48.46.195 port 53087 ssh2 Jun 6 05:45:00 web8 sshd\[2631\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.46.195 user=root Jun 6 05:45:02 web8 sshd\[2631\]: Failed password for root from 181.48.46.195 port 49346 ssh2 Jun 6 05:48:19 web8 sshd\[4371\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.46.195 user=root	2020-06-06 20:08:48
111.231.231.87	attackspam	Repeated brute force against a port	2020-06-06 20:00:24
45.227.255.206	attackspambots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-06-06T10:57:24Z and 2020-06-06T11:06:33Z	2020-06-06 20:22:00
114.67.239.220	attack	Jun 6 10:05:11 melroy-server sshd[28236]: Failed password for root from 114.67.239.220 port 44440 ssh2 ...	2020-06-06 20:34:22
106.54.128.79	attack	2020-06-06 09:35:57,603 fail2ban.actions: WARNING [ssh] Ban 106.54.128.79	2020-06-06 20:09:09
50.66.177.24	attack	Unauthorized connection attempt detected from IP address 50.66.177.24 to port 22	2020-06-06 20:28:28
106.52.146.124	attack	SSH bruteforce	2020-06-06 20:06:48
179.27.71.18	attackbotsspam	(sshd) Failed SSH login from 179.27.71.18 (UY/Uruguay/r179-27-71-18.ir-static.adinet.com.uy): 5 in the last 3600 secs	2020-06-06 20:25:29

最近上报的IP列表

119.131.178.138	27.104.42.77	200.233.207.76	104.206.119.241
72.189.68.246	34.225.152.16	174.127.79.155	185.28.174.27
14.171.30.16	86.131.161.234	74.218.54.109	14.231.36.78
5.15.140.230	114.78.147.142	51.158.77.90	153.177.75.30
46.238.51.205	124.191.80.210	91.110.196.136	250.12.114.183