106.12.79.145 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH Brute Force	2020-07-05 21:03:20
attack	Jun 14 05:43:20 pixelmemory sshd[3257978]: Invalid user admin from 106.12.79.145 port 42284 Jun 14 05:43:20 pixelmemory sshd[3257978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 Jun 14 05:43:20 pixelmemory sshd[3257978]: Invalid user admin from 106.12.79.145 port 42284 Jun 14 05:43:22 pixelmemory sshd[3257978]: Failed password for invalid user admin from 106.12.79.145 port 42284 ssh2 Jun 14 05:46:02 pixelmemory sshd[3260432]: Invalid user sqlite from 106.12.79.145 port 41218 ...	2020-06-15 01:47:13
attack	Jun 6 19:10:41 localhost sshd[1303186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 user=root Jun 6 19:10:42 localhost sshd[1303186]: Failed password for root from 106.12.79.145 port 35642 ssh2 ...	2020-06-06 20:35:20
attack	Jun 5 20:14:52 vps46666688 sshd[31781]: Failed password for root from 106.12.79.145 port 45088 ssh2 ...	2020-06-06 07:45:45
attackspambots	SSH Brute-Force attacks	2020-06-01 06:24:57
attack	$f2bV_matches	2020-05-15 03:02:52
attackspambots	SSH Brute-Force. Ports scanning.	2020-05-11 05:37:33
attack	srv02 Mass scanning activity detected Target: 15312 ..	2020-04-22 12:44:59
attackbots	Apr 7 09:33:12 ns382633 sshd\[19273\]: Invalid user monitor from 106.12.79.145 port 57934 Apr 7 09:33:12 ns382633 sshd\[19273\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 Apr 7 09:33:14 ns382633 sshd\[19273\]: Failed password for invalid user monitor from 106.12.79.145 port 57934 ssh2 Apr 7 09:52:20 ns382633 sshd\[25426\]: Invalid user admin from 106.12.79.145 port 58402 Apr 7 09:52:20 ns382633 sshd\[25426\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145	2020-04-07 19:43:17
attackspambots	Invalid user hqy from 106.12.79.145 port 37036	2020-03-29 21:13:53
attack	Mar 4 20:03:30 wbs sshd\[27792\]: Invalid user deploy from 106.12.79.145 Mar 4 20:03:30 wbs sshd\[27792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 Mar 4 20:03:31 wbs sshd\[27792\]: Failed password for invalid user deploy from 106.12.79.145 port 46306 ssh2 Mar 4 20:13:11 wbs sshd\[28716\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 user=root Mar 4 20:13:13 wbs sshd\[28716\]: Failed password for root from 106.12.79.145 port 55196 ssh2	2020-03-05 14:59:08
attackbots	Feb 23 14:37:36 legacy sshd[12272]: Failed password for root from 106.12.79.145 port 50410 ssh2 Feb 23 14:42:03 legacy sshd[12330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 Feb 23 14:42:04 legacy sshd[12330]: Failed password for invalid user jayendra from 106.12.79.145 port 46552 ssh2 ...	2020-02-24 04:35:36
attack	Jan 11 05:53:18 vps691689 sshd[32651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 Jan 11 05:53:20 vps691689 sshd[32651]: Failed password for invalid user pul from 106.12.79.145 port 60414 ssh2 ...	2020-01-11 13:08:51
attackspambots	Dec 17 08:09:00 newdogma sshd[16980]: Invalid user cash from 106.12.79.145 port 37994 Dec 17 08:09:00 newdogma sshd[16980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 Dec 17 08:09:02 newdogma sshd[16980]: Failed password for invalid user cash from 106.12.79.145 port 37994 ssh2 Dec 17 08:09:02 newdogma sshd[16980]: Received disconnect from 106.12.79.145 port 37994:11: Bye Bye [preauth] Dec 17 08:09:02 newdogma sshd[16980]: Disconnected from 106.12.79.145 port 37994 [preauth] Dec 17 08:27:33 newdogma sshd[17330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 user=r.r Dec 17 08:27:35 newdogma sshd[17330]: Failed password for r.r from 106.12.79.145 port 38140 ssh2 Dec 17 08:27:36 newdogma sshd[17330]: Received disconnect from 106.12.79.145 port 38140:11: Bye Bye [preauth] Dec 17 08:27:36 newdogma sshd[17330]: Disconnected from 106.12.79.145 port 38140 [preauth........ -------------------------------	2019-12-22 18:36:17
attackspam	Dec 21 09:48:39 vps647732 sshd[18307]: Failed password for root from 106.12.79.145 port 51912 ssh2 Dec 21 09:55:08 vps647732 sshd[18581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 ...	2019-12-21 17:08:31

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.79.160	attackspam	Jul 11 03:27:38 ift sshd\[47062\]: Invalid user wwz from 106.12.79.160Jul 11 03:27:41 ift sshd\[47062\]: Failed password for invalid user wwz from 106.12.79.160 port 56026 ssh2Jul 11 03:31:33 ift sshd\[48444\]: Invalid user www from 106.12.79.160Jul 11 03:31:35 ift sshd\[48444\]: Failed password for invalid user www from 106.12.79.160 port 50702 ssh2Jul 11 03:33:27 ift sshd\[48763\]: Failed password for mail from 106.12.79.160 port 48046 ssh2 ...	2020-07-11 09:17:37
106.12.79.160	attackbots	SSH Brute-Force reported by Fail2Ban	2020-05-06 02:09:23
106.12.79.160	attackspambots	Apr 11 05:52:03 localhost sshd\[13642\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 user=root Apr 11 05:52:05 localhost sshd\[13642\]: Failed password for root from 106.12.79.160 port 37098 ssh2 Apr 11 05:56:27 localhost sshd\[13911\]: Invalid user deployer from 106.12.79.160 Apr 11 05:56:27 localhost sshd\[13911\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 Apr 11 05:56:29 localhost sshd\[13911\]: Failed password for invalid user deployer from 106.12.79.160 port 60695 ssh2 ...	2020-04-11 12:05:53
106.12.79.160	attackbotsspam	Apr 9 15:03:47 [host] sshd[11588]: Invalid user g Apr 9 15:03:47 [host] sshd[11588]: pam_unix(sshd: Apr 9 15:03:48 [host] sshd[11588]: Failed passwor	2020-04-09 21:31:10
106.12.79.160	attackspam	SSH Invalid Login	2020-04-08 08:12:45
106.12.79.160	attack	Apr 4 08:03:21 webhost01 sshd[26339]: Failed password for root from 106.12.79.160 port 33532 ssh2 Apr 4 08:08:51 webhost01 sshd[26434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 ...	2020-04-04 09:24:42
106.12.79.160	attackbotsspam	Mar 27 05:19:30 silence02 sshd[13576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 Mar 27 05:19:32 silence02 sshd[13576]: Failed password for invalid user kug from 106.12.79.160 port 34312 ssh2 Mar 27 05:24:00 silence02 sshd[13880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160	2020-03-27 12:34:26
106.12.79.160	attackspambots	Mar 13 05:19:02 eventyay sshd[31772]: Failed password for root from 106.12.79.160 port 43407 ssh2 Mar 13 05:23:03 eventyay sshd[31915]: Failed password for root from 106.12.79.160 port 37501 ssh2 ...	2020-03-13 13:55:54
106.12.79.160	attack	2020-03-07T13:34:53.952303randservbullet-proofcloud-66.localdomain sshd[21602]: Invalid user ssh from 106.12.79.160 port 39159 2020-03-07T13:34:53.957731randservbullet-proofcloud-66.localdomain sshd[21602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 2020-03-07T13:34:53.952303randservbullet-proofcloud-66.localdomain sshd[21602]: Invalid user ssh from 106.12.79.160 port 39159 2020-03-07T13:34:55.628029randservbullet-proofcloud-66.localdomain sshd[21602]: Failed password for invalid user ssh from 106.12.79.160 port 39159 ssh2 ...	2020-03-07 21:56:37
106.12.79.160	attackspam	Mar 2 14:27:00 mail sshd[23680]: Invalid user dingwei from 106.12.79.160 Mar 2 14:27:00 mail sshd[23680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 Mar 2 14:27:00 mail sshd[23680]: Invalid user dingwei from 106.12.79.160 Mar 2 14:27:03 mail sshd[23680]: Failed password for invalid user dingwei from 106.12.79.160 port 36824 ssh2 Mar 2 14:49:32 mail sshd[26558]: Invalid user msf_user from 106.12.79.160 ...	2020-03-03 03:42:59
106.12.79.160	attack	Unauthorized connection attempt detected from IP address 106.12.79.160 to port 2220 [J]	2020-01-15 03:34:55
106.12.79.160	attackbotsspam	Unauthorized connection attempt detected from IP address 106.12.79.160 to port 2220 [J]	2020-01-07 17:03:59
106.12.79.160	attackspam	Dec 23 15:54:07 ns381471 sshd[5771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 Dec 23 15:54:09 ns381471 sshd[5771]: Failed password for invalid user aria from 106.12.79.160 port 39770 ssh2	2019-12-24 05:37:23
106.12.79.160	attack	Dec 22 08:16:57 server sshd\[9760\]: Invalid user fifteen from 106.12.79.160 Dec 22 08:16:57 server sshd\[9760\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 Dec 22 08:16:59 server sshd\[9760\]: Failed password for invalid user fifteen from 106.12.79.160 port 35768 ssh2 Dec 23 01:12:12 server sshd\[24070\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 user=dbus Dec 23 01:12:13 server sshd\[24070\]: Failed password for dbus from 106.12.79.160 port 49574 ssh2 ...	2019-12-23 06:37:58
106.12.79.160	attackspam	ssh failed login	2019-12-21 13:52:13

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.79.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32687
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.79.145.			IN	A

;; AUTHORITY SECTION:
.			587	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122100 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 21 17:08:25 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 145.79.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 145.79.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
78.100.189.88	attackspam	Jul 25 05:32:07 * sshd[19704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.100.189.88 Jul 25 05:32:10 * sshd[19704]: Failed password for invalid user office from 78.100.189.88 port 51156 ssh2	2019-07-25 11:42:32
190.242.47.26	attack	port scan and connect, tcp 3306 (mysql)	2019-07-25 11:22:35
144.34.221.47	attackbots	Jul 25 05:28:37 server sshd\[20039\]: Invalid user payroll from 144.34.221.47 port 40770 Jul 25 05:28:37 server sshd\[20039\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.34.221.47 Jul 25 05:28:39 server sshd\[20039\]: Failed password for invalid user payroll from 144.34.221.47 port 40770 ssh2 Jul 25 05:33:13 server sshd\[8082\]: Invalid user trading from 144.34.221.47 port 36710 Jul 25 05:33:13 server sshd\[8082\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.34.221.47	2019-07-25 10:52:17
77.126.77.164	attackbotsspam	firewall-block, port(s): 23/tcp	2019-07-25 11:23:47
218.5.244.218	attack	2019-07-25T05:08:07.336357cavecanem sshd[23360]: Invalid user webadmin from 218.5.244.218 port 45081 2019-07-25T05:08:07.338846cavecanem sshd[23360]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.5.244.218 2019-07-25T05:08:07.336357cavecanem sshd[23360]: Invalid user webadmin from 218.5.244.218 port 45081 2019-07-25T05:08:09.057322cavecanem sshd[23360]: Failed password for invalid user webadmin from 218.5.244.218 port 45081 ssh2 2019-07-25T05:12:46.450550cavecanem sshd[29357]: Invalid user jira from 218.5.244.218 port 65230 2019-07-25T05:12:46.454788cavecanem sshd[29357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.5.244.218 2019-07-25T05:12:46.450550cavecanem sshd[29357]: Invalid user jira from 218.5.244.218 port 65230 2019-07-25T05:12:48.809064cavecanem sshd[29357]: Failed password for invalid user jira from 218.5.244.218 port 65230 ssh2 2019-07-25T05:17:11.608282cavecanem sshd[2890]: Invali ...	2019-07-25 11:28:37
45.67.57.28	attack	Jul 25 05:22:47 legacy sshd[29968]: Failed password for root from 45.67.57.28 port 36754 ssh2 Jul 25 05:28:30 legacy sshd[30203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.67.57.28 Jul 25 05:28:32 legacy sshd[30203]: Failed password for invalid user tommy from 45.67.57.28 port 33770 ssh2 ...	2019-07-25 11:36:09
134.175.141.166	attackbots	ssh failed login	2019-07-25 11:46:35
101.231.74.146	attack	Jul 25 05:14:33 OPSO sshd\[6600\]: Invalid user ranjit from 101.231.74.146 port 47648 Jul 25 05:14:33 OPSO sshd\[6600\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.231.74.146 Jul 25 05:14:35 OPSO sshd\[6600\]: Failed password for invalid user ranjit from 101.231.74.146 port 47648 ssh2 Jul 25 05:18:55 OPSO sshd\[7401\]: Invalid user hn from 101.231.74.146 port 36566 Jul 25 05:18:55 OPSO sshd\[7401\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.231.74.146	2019-07-25 11:35:30
46.101.163.220	attackbotsspam	FTP Brute-Force reported by Fail2Ban	2019-07-25 11:15:40
35.202.213.31	attack	Port scan on 1 port(s): 3389	2019-07-25 11:29:13
165.22.139.53	attack	Jul 25 04:59:27 OPSO sshd\[3091\]: Invalid user enter from 165.22.139.53 port 44782 Jul 25 04:59:27 OPSO sshd\[3091\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.139.53 Jul 25 04:59:29 OPSO sshd\[3091\]: Failed password for invalid user enter from 165.22.139.53 port 44782 ssh2 Jul 25 05:04:04 OPSO sshd\[4281\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.139.53 user=admin Jul 25 05:04:06 OPSO sshd\[4281\]: Failed password for admin from 165.22.139.53 port 40932 ssh2	2019-07-25 11:19:26
216.218.206.71	attackspam	firewall-block, port(s): 137/udp	2019-07-25 11:10:52
198.58.122.84	attackspam	Jul 25 04:30:18 localhost sshd\[11540\]: Invalid user gene from 198.58.122.84 port 33680 Jul 25 04:30:18 localhost sshd\[11540\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.58.122.84 Jul 25 04:30:21 localhost sshd\[11540\]: Failed password for invalid user gene from 198.58.122.84 port 33680 ssh2	2019-07-25 11:44:29
54.200.109.65	attack	Time: Wed Jul 24 16:55:42 2019 -0400 IP: 54.200.109.65 (US/United States/ec2-54-200-109-65.us-west-2.compute.amazonaws.com) Connections: 415 Blocked: Too many connections you asshat	2019-07-25 11:34:30
175.143.127.73	attackspambots	Jul 25 04:41:20 mail sshd\[26951\]: Invalid user test from 175.143.127.73 port 56521 Jul 25 04:41:20 mail sshd\[26951\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.143.127.73 Jul 25 04:41:21 mail sshd\[26951\]: Failed password for invalid user test from 175.143.127.73 port 56521 ssh2 Jul 25 04:47:04 mail sshd\[27643\]: Invalid user sysadmin from 175.143.127.73 port 53875 Jul 25 04:47:04 mail sshd\[27643\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.143.127.73	2019-07-25 11:08:50

最近上报的IP列表

183.60.205.26	43.226.148.238	101.36.179.159	206.189.233.20
141.98.80.122	158.69.121.204	180.124.243.17	42.118.234.141
37.122.4.217	217.146.67.63	122.51.212.198	31.167.67.2
87.117.180.78	191.249.103.135	5.178.87.175	80.84.57.93
27.200.135.104	118.70.13.23	77.42.84.9	195.171.90.17