106.12.79.145 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH Brute Force	2020-07-05 21:03:20
attack	Jun 14 05:43:20 pixelmemory sshd[3257978]: Invalid user admin from 106.12.79.145 port 42284 Jun 14 05:43:20 pixelmemory sshd[3257978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 Jun 14 05:43:20 pixelmemory sshd[3257978]: Invalid user admin from 106.12.79.145 port 42284 Jun 14 05:43:22 pixelmemory sshd[3257978]: Failed password for invalid user admin from 106.12.79.145 port 42284 ssh2 Jun 14 05:46:02 pixelmemory sshd[3260432]: Invalid user sqlite from 106.12.79.145 port 41218 ...	2020-06-15 01:47:13
attack	Jun 6 19:10:41 localhost sshd[1303186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 user=root Jun 6 19:10:42 localhost sshd[1303186]: Failed password for root from 106.12.79.145 port 35642 ssh2 ...	2020-06-06 20:35:20
attack	Jun 5 20:14:52 vps46666688 sshd[31781]: Failed password for root from 106.12.79.145 port 45088 ssh2 ...	2020-06-06 07:45:45
attackspambots	SSH Brute-Force attacks	2020-06-01 06:24:57
attack	$f2bV_matches	2020-05-15 03:02:52
attackspambots	SSH Brute-Force. Ports scanning.	2020-05-11 05:37:33
attack	srv02 Mass scanning activity detected Target: 15312 ..	2020-04-22 12:44:59
attackbots	Apr 7 09:33:12 ns382633 sshd\[19273\]: Invalid user monitor from 106.12.79.145 port 57934 Apr 7 09:33:12 ns382633 sshd\[19273\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 Apr 7 09:33:14 ns382633 sshd\[19273\]: Failed password for invalid user monitor from 106.12.79.145 port 57934 ssh2 Apr 7 09:52:20 ns382633 sshd\[25426\]: Invalid user admin from 106.12.79.145 port 58402 Apr 7 09:52:20 ns382633 sshd\[25426\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145	2020-04-07 19:43:17
attackspambots	Invalid user hqy from 106.12.79.145 port 37036	2020-03-29 21:13:53
attack	Mar 4 20:03:30 wbs sshd\[27792\]: Invalid user deploy from 106.12.79.145 Mar 4 20:03:30 wbs sshd\[27792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 Mar 4 20:03:31 wbs sshd\[27792\]: Failed password for invalid user deploy from 106.12.79.145 port 46306 ssh2 Mar 4 20:13:11 wbs sshd\[28716\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 user=root Mar 4 20:13:13 wbs sshd\[28716\]: Failed password for root from 106.12.79.145 port 55196 ssh2	2020-03-05 14:59:08
attackbots	Feb 23 14:37:36 legacy sshd[12272]: Failed password for root from 106.12.79.145 port 50410 ssh2 Feb 23 14:42:03 legacy sshd[12330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 Feb 23 14:42:04 legacy sshd[12330]: Failed password for invalid user jayendra from 106.12.79.145 port 46552 ssh2 ...	2020-02-24 04:35:36
attack	Jan 11 05:53:18 vps691689 sshd[32651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 Jan 11 05:53:20 vps691689 sshd[32651]: Failed password for invalid user pul from 106.12.79.145 port 60414 ssh2 ...	2020-01-11 13:08:51
attackspambots	Dec 17 08:09:00 newdogma sshd[16980]: Invalid user cash from 106.12.79.145 port 37994 Dec 17 08:09:00 newdogma sshd[16980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 Dec 17 08:09:02 newdogma sshd[16980]: Failed password for invalid user cash from 106.12.79.145 port 37994 ssh2 Dec 17 08:09:02 newdogma sshd[16980]: Received disconnect from 106.12.79.145 port 37994:11: Bye Bye [preauth] Dec 17 08:09:02 newdogma sshd[16980]: Disconnected from 106.12.79.145 port 37994 [preauth] Dec 17 08:27:33 newdogma sshd[17330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 user=r.r Dec 17 08:27:35 newdogma sshd[17330]: Failed password for r.r from 106.12.79.145 port 38140 ssh2 Dec 17 08:27:36 newdogma sshd[17330]: Received disconnect from 106.12.79.145 port 38140:11: Bye Bye [preauth] Dec 17 08:27:36 newdogma sshd[17330]: Disconnected from 106.12.79.145 port 38140 [preauth........ -------------------------------	2019-12-22 18:36:17
attackspam	Dec 21 09:48:39 vps647732 sshd[18307]: Failed password for root from 106.12.79.145 port 51912 ssh2 Dec 21 09:55:08 vps647732 sshd[18581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 ...	2019-12-21 17:08:31

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.79.160	attackspam	Jul 11 03:27:38 ift sshd\[47062\]: Invalid user wwz from 106.12.79.160Jul 11 03:27:41 ift sshd\[47062\]: Failed password for invalid user wwz from 106.12.79.160 port 56026 ssh2Jul 11 03:31:33 ift sshd\[48444\]: Invalid user www from 106.12.79.160Jul 11 03:31:35 ift sshd\[48444\]: Failed password for invalid user www from 106.12.79.160 port 50702 ssh2Jul 11 03:33:27 ift sshd\[48763\]: Failed password for mail from 106.12.79.160 port 48046 ssh2 ...	2020-07-11 09:17:37
106.12.79.160	attackbots	SSH Brute-Force reported by Fail2Ban	2020-05-06 02:09:23
106.12.79.160	attackspambots	Apr 11 05:52:03 localhost sshd\[13642\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 user=root Apr 11 05:52:05 localhost sshd\[13642\]: Failed password for root from 106.12.79.160 port 37098 ssh2 Apr 11 05:56:27 localhost sshd\[13911\]: Invalid user deployer from 106.12.79.160 Apr 11 05:56:27 localhost sshd\[13911\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 Apr 11 05:56:29 localhost sshd\[13911\]: Failed password for invalid user deployer from 106.12.79.160 port 60695 ssh2 ...	2020-04-11 12:05:53
106.12.79.160	attackbotsspam	Apr 9 15:03:47 [host] sshd[11588]: Invalid user g Apr 9 15:03:47 [host] sshd[11588]: pam_unix(sshd: Apr 9 15:03:48 [host] sshd[11588]: Failed passwor	2020-04-09 21:31:10
106.12.79.160	attackspam	SSH Invalid Login	2020-04-08 08:12:45
106.12.79.160	attack	Apr 4 08:03:21 webhost01 sshd[26339]: Failed password for root from 106.12.79.160 port 33532 ssh2 Apr 4 08:08:51 webhost01 sshd[26434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 ...	2020-04-04 09:24:42
106.12.79.160	attackbotsspam	Mar 27 05:19:30 silence02 sshd[13576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 Mar 27 05:19:32 silence02 sshd[13576]: Failed password for invalid user kug from 106.12.79.160 port 34312 ssh2 Mar 27 05:24:00 silence02 sshd[13880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160	2020-03-27 12:34:26
106.12.79.160	attackspambots	Mar 13 05:19:02 eventyay sshd[31772]: Failed password for root from 106.12.79.160 port 43407 ssh2 Mar 13 05:23:03 eventyay sshd[31915]: Failed password for root from 106.12.79.160 port 37501 ssh2 ...	2020-03-13 13:55:54
106.12.79.160	attack	2020-03-07T13:34:53.952303randservbullet-proofcloud-66.localdomain sshd[21602]: Invalid user ssh from 106.12.79.160 port 39159 2020-03-07T13:34:53.957731randservbullet-proofcloud-66.localdomain sshd[21602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 2020-03-07T13:34:53.952303randservbullet-proofcloud-66.localdomain sshd[21602]: Invalid user ssh from 106.12.79.160 port 39159 2020-03-07T13:34:55.628029randservbullet-proofcloud-66.localdomain sshd[21602]: Failed password for invalid user ssh from 106.12.79.160 port 39159 ssh2 ...	2020-03-07 21:56:37
106.12.79.160	attackspam	Mar 2 14:27:00 mail sshd[23680]: Invalid user dingwei from 106.12.79.160 Mar 2 14:27:00 mail sshd[23680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 Mar 2 14:27:00 mail sshd[23680]: Invalid user dingwei from 106.12.79.160 Mar 2 14:27:03 mail sshd[23680]: Failed password for invalid user dingwei from 106.12.79.160 port 36824 ssh2 Mar 2 14:49:32 mail sshd[26558]: Invalid user msf_user from 106.12.79.160 ...	2020-03-03 03:42:59
106.12.79.160	attack	Unauthorized connection attempt detected from IP address 106.12.79.160 to port 2220 [J]	2020-01-15 03:34:55
106.12.79.160	attackbotsspam	Unauthorized connection attempt detected from IP address 106.12.79.160 to port 2220 [J]	2020-01-07 17:03:59
106.12.79.160	attackspam	Dec 23 15:54:07 ns381471 sshd[5771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 Dec 23 15:54:09 ns381471 sshd[5771]: Failed password for invalid user aria from 106.12.79.160 port 39770 ssh2	2019-12-24 05:37:23
106.12.79.160	attack	Dec 22 08:16:57 server sshd\[9760\]: Invalid user fifteen from 106.12.79.160 Dec 22 08:16:57 server sshd\[9760\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 Dec 22 08:16:59 server sshd\[9760\]: Failed password for invalid user fifteen from 106.12.79.160 port 35768 ssh2 Dec 23 01:12:12 server sshd\[24070\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 user=dbus Dec 23 01:12:13 server sshd\[24070\]: Failed password for dbus from 106.12.79.160 port 49574 ssh2 ...	2019-12-23 06:37:58
106.12.79.160	attackspam	ssh failed login	2019-12-21 13:52:13

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.79.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32687
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.79.145.			IN	A

;; AUTHORITY SECTION:
.			587	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122100 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 21 17:08:25 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 145.79.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 145.79.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
111.229.78.120	attack	2020-08-25 04:12:50,034 fail2ban.actions [1312]: NOTICE [sshd] Ban 111.229.78.120 2020-08-25 04:28:50,339 fail2ban.actions [1312]: NOTICE [sshd] Ban 111.229.78.120 2020-08-25 04:44:57,219 fail2ban.actions [1312]: NOTICE [sshd] Ban 111.229.78.120 2020-08-25 05:01:03,098 fail2ban.actions [1312]: NOTICE [sshd] Ban 111.229.78.120 2020-08-25 05:17:26,672 fail2ban.actions [1312]: NOTICE [sshd] Ban 111.229.78.120 ...	2020-09-04 17:07:33
37.224.12.65	attackspam	Unauthorized connection attempt from IP address 37.224.12.65 on Port 445(SMB)	2020-09-04 16:30:43
102.182.216.90	attackbotsspam	Unauthorized connection attempt from IP address 102.182.216.90 on Port 445(SMB)	2020-09-04 16:56:46
200.85.183.189	attackspambots	Unauthorized connection attempt from IP address 200.85.183.189 on Port 445(SMB)	2020-09-04 16:59:58
176.194.193.81	attackbots	Attempted connection to port 445.	2020-09-04 16:38:01
103.143.152.34	attackbots	Port Scan ...	2020-09-04 16:56:05
122.114.70.12	attack	Sep 4 11:03:34 journals sshd\[36112\]: Invalid user rafal from 122.114.70.12 Sep 4 11:03:34 journals sshd\[36112\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.70.12 Sep 4 11:03:36 journals sshd\[36112\]: Failed password for invalid user rafal from 122.114.70.12 port 37350 ssh2 Sep 4 11:08:26 journals sshd\[36631\]: Invalid user marie from 122.114.70.12 Sep 4 11:08:26 journals sshd\[36631\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.70.12 ...	2020-09-04 16:37:17
152.101.127.221	attackbots	Unauthorized connection attempt from IP address 152.101.127.221 on Port 445(SMB)	2020-09-04 16:57:25
139.99.238.150	attack	Invalid user radius from 139.99.238.150 port 40340	2020-09-04 16:48:13
94.158.125.10	attack	Unauthorized connection attempt from IP address 94.158.125.10 on Port 445(SMB)	2020-09-04 17:04:21
157.48.142.238	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-04 17:05:26
211.118.226.133	attack	Port Scan ...	2020-09-04 16:46:58
120.52.146.211	attackspam	Sep 4 10:15:36 server sshd[35975]: Failed password for invalid user developer from 120.52.146.211 port 60778 ssh2 Sep 4 10:19:56 server sshd[37901]: Failed password for invalid user tmy from 120.52.146.211 port 60520 ssh2 Sep 4 10:24:21 server sshd[40172]: Failed password for root from 120.52.146.211 port 60256 ssh2	2020-09-04 16:52:19
110.36.238.146	attackspambots	Attempted connection to port 445.	2020-09-04 16:45:49
91.204.248.42	attack	Invalid user ajay from 91.204.248.42 port 39688	2020-09-04 16:50:56

最近上报的IP列表

183.60.205.26	43.226.148.238	101.36.179.159	206.189.233.20
141.98.80.122	158.69.121.204	180.124.243.17	42.118.234.141
37.122.4.217	217.146.67.63	122.51.212.198	31.167.67.2
87.117.180.78	191.249.103.135	5.178.87.175	80.84.57.93
27.200.135.104	118.70.13.23	77.42.84.9	195.171.90.17