106.12.79.145 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH Brute Force	2020-07-05 21:03:20
attack	Jun 14 05:43:20 pixelmemory sshd[3257978]: Invalid user admin from 106.12.79.145 port 42284 Jun 14 05:43:20 pixelmemory sshd[3257978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 Jun 14 05:43:20 pixelmemory sshd[3257978]: Invalid user admin from 106.12.79.145 port 42284 Jun 14 05:43:22 pixelmemory sshd[3257978]: Failed password for invalid user admin from 106.12.79.145 port 42284 ssh2 Jun 14 05:46:02 pixelmemory sshd[3260432]: Invalid user sqlite from 106.12.79.145 port 41218 ...	2020-06-15 01:47:13
attack	Jun 6 19:10:41 localhost sshd[1303186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 user=root Jun 6 19:10:42 localhost sshd[1303186]: Failed password for root from 106.12.79.145 port 35642 ssh2 ...	2020-06-06 20:35:20
attack	Jun 5 20:14:52 vps46666688 sshd[31781]: Failed password for root from 106.12.79.145 port 45088 ssh2 ...	2020-06-06 07:45:45
attackspambots	SSH Brute-Force attacks	2020-06-01 06:24:57
attack	$f2bV_matches	2020-05-15 03:02:52
attackspambots	SSH Brute-Force. Ports scanning.	2020-05-11 05:37:33
attack	srv02 Mass scanning activity detected Target: 15312 ..	2020-04-22 12:44:59
attackbots	Apr 7 09:33:12 ns382633 sshd\[19273\]: Invalid user monitor from 106.12.79.145 port 57934 Apr 7 09:33:12 ns382633 sshd\[19273\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 Apr 7 09:33:14 ns382633 sshd\[19273\]: Failed password for invalid user monitor from 106.12.79.145 port 57934 ssh2 Apr 7 09:52:20 ns382633 sshd\[25426\]: Invalid user admin from 106.12.79.145 port 58402 Apr 7 09:52:20 ns382633 sshd\[25426\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145	2020-04-07 19:43:17
attackspambots	Invalid user hqy from 106.12.79.145 port 37036	2020-03-29 21:13:53
attack	Mar 4 20:03:30 wbs sshd\[27792\]: Invalid user deploy from 106.12.79.145 Mar 4 20:03:30 wbs sshd\[27792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 Mar 4 20:03:31 wbs sshd\[27792\]: Failed password for invalid user deploy from 106.12.79.145 port 46306 ssh2 Mar 4 20:13:11 wbs sshd\[28716\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 user=root Mar 4 20:13:13 wbs sshd\[28716\]: Failed password for root from 106.12.79.145 port 55196 ssh2	2020-03-05 14:59:08
attackbots	Feb 23 14:37:36 legacy sshd[12272]: Failed password for root from 106.12.79.145 port 50410 ssh2 Feb 23 14:42:03 legacy sshd[12330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 Feb 23 14:42:04 legacy sshd[12330]: Failed password for invalid user jayendra from 106.12.79.145 port 46552 ssh2 ...	2020-02-24 04:35:36
attack	Jan 11 05:53:18 vps691689 sshd[32651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 Jan 11 05:53:20 vps691689 sshd[32651]: Failed password for invalid user pul from 106.12.79.145 port 60414 ssh2 ...	2020-01-11 13:08:51
attackspambots	Dec 17 08:09:00 newdogma sshd[16980]: Invalid user cash from 106.12.79.145 port 37994 Dec 17 08:09:00 newdogma sshd[16980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 Dec 17 08:09:02 newdogma sshd[16980]: Failed password for invalid user cash from 106.12.79.145 port 37994 ssh2 Dec 17 08:09:02 newdogma sshd[16980]: Received disconnect from 106.12.79.145 port 37994:11: Bye Bye [preauth] Dec 17 08:09:02 newdogma sshd[16980]: Disconnected from 106.12.79.145 port 37994 [preauth] Dec 17 08:27:33 newdogma sshd[17330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 user=r.r Dec 17 08:27:35 newdogma sshd[17330]: Failed password for r.r from 106.12.79.145 port 38140 ssh2 Dec 17 08:27:36 newdogma sshd[17330]: Received disconnect from 106.12.79.145 port 38140:11: Bye Bye [preauth] Dec 17 08:27:36 newdogma sshd[17330]: Disconnected from 106.12.79.145 port 38140 [preauth........ -------------------------------	2019-12-22 18:36:17
attackspam	Dec 21 09:48:39 vps647732 sshd[18307]: Failed password for root from 106.12.79.145 port 51912 ssh2 Dec 21 09:55:08 vps647732 sshd[18581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.145 ...	2019-12-21 17:08:31

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.79.160	attackspam	Jul 11 03:27:38 ift sshd\[47062\]: Invalid user wwz from 106.12.79.160Jul 11 03:27:41 ift sshd\[47062\]: Failed password for invalid user wwz from 106.12.79.160 port 56026 ssh2Jul 11 03:31:33 ift sshd\[48444\]: Invalid user www from 106.12.79.160Jul 11 03:31:35 ift sshd\[48444\]: Failed password for invalid user www from 106.12.79.160 port 50702 ssh2Jul 11 03:33:27 ift sshd\[48763\]: Failed password for mail from 106.12.79.160 port 48046 ssh2 ...	2020-07-11 09:17:37
106.12.79.160	attackbots	SSH Brute-Force reported by Fail2Ban	2020-05-06 02:09:23
106.12.79.160	attackspambots	Apr 11 05:52:03 localhost sshd\[13642\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 user=root Apr 11 05:52:05 localhost sshd\[13642\]: Failed password for root from 106.12.79.160 port 37098 ssh2 Apr 11 05:56:27 localhost sshd\[13911\]: Invalid user deployer from 106.12.79.160 Apr 11 05:56:27 localhost sshd\[13911\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 Apr 11 05:56:29 localhost sshd\[13911\]: Failed password for invalid user deployer from 106.12.79.160 port 60695 ssh2 ...	2020-04-11 12:05:53
106.12.79.160	attackbotsspam	Apr 9 15:03:47 [host] sshd[11588]: Invalid user g Apr 9 15:03:47 [host] sshd[11588]: pam_unix(sshd: Apr 9 15:03:48 [host] sshd[11588]: Failed passwor	2020-04-09 21:31:10
106.12.79.160	attackspam	SSH Invalid Login	2020-04-08 08:12:45
106.12.79.160	attack	Apr 4 08:03:21 webhost01 sshd[26339]: Failed password for root from 106.12.79.160 port 33532 ssh2 Apr 4 08:08:51 webhost01 sshd[26434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 ...	2020-04-04 09:24:42
106.12.79.160	attackbotsspam	Mar 27 05:19:30 silence02 sshd[13576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 Mar 27 05:19:32 silence02 sshd[13576]: Failed password for invalid user kug from 106.12.79.160 port 34312 ssh2 Mar 27 05:24:00 silence02 sshd[13880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160	2020-03-27 12:34:26
106.12.79.160	attackspambots	Mar 13 05:19:02 eventyay sshd[31772]: Failed password for root from 106.12.79.160 port 43407 ssh2 Mar 13 05:23:03 eventyay sshd[31915]: Failed password for root from 106.12.79.160 port 37501 ssh2 ...	2020-03-13 13:55:54
106.12.79.160	attack	2020-03-07T13:34:53.952303randservbullet-proofcloud-66.localdomain sshd[21602]: Invalid user ssh from 106.12.79.160 port 39159 2020-03-07T13:34:53.957731randservbullet-proofcloud-66.localdomain sshd[21602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 2020-03-07T13:34:53.952303randservbullet-proofcloud-66.localdomain sshd[21602]: Invalid user ssh from 106.12.79.160 port 39159 2020-03-07T13:34:55.628029randservbullet-proofcloud-66.localdomain sshd[21602]: Failed password for invalid user ssh from 106.12.79.160 port 39159 ssh2 ...	2020-03-07 21:56:37
106.12.79.160	attackspam	Mar 2 14:27:00 mail sshd[23680]: Invalid user dingwei from 106.12.79.160 Mar 2 14:27:00 mail sshd[23680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 Mar 2 14:27:00 mail sshd[23680]: Invalid user dingwei from 106.12.79.160 Mar 2 14:27:03 mail sshd[23680]: Failed password for invalid user dingwei from 106.12.79.160 port 36824 ssh2 Mar 2 14:49:32 mail sshd[26558]: Invalid user msf_user from 106.12.79.160 ...	2020-03-03 03:42:59
106.12.79.160	attack	Unauthorized connection attempt detected from IP address 106.12.79.160 to port 2220 [J]	2020-01-15 03:34:55
106.12.79.160	attackbotsspam	Unauthorized connection attempt detected from IP address 106.12.79.160 to port 2220 [J]	2020-01-07 17:03:59
106.12.79.160	attackspam	Dec 23 15:54:07 ns381471 sshd[5771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 Dec 23 15:54:09 ns381471 sshd[5771]: Failed password for invalid user aria from 106.12.79.160 port 39770 ssh2	2019-12-24 05:37:23
106.12.79.160	attack	Dec 22 08:16:57 server sshd\[9760\]: Invalid user fifteen from 106.12.79.160 Dec 22 08:16:57 server sshd\[9760\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 Dec 22 08:16:59 server sshd\[9760\]: Failed password for invalid user fifteen from 106.12.79.160 port 35768 ssh2 Dec 23 01:12:12 server sshd\[24070\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.79.160 user=dbus Dec 23 01:12:13 server sshd\[24070\]: Failed password for dbus from 106.12.79.160 port 49574 ssh2 ...	2019-12-23 06:37:58
106.12.79.160	attackspam	ssh failed login	2019-12-21 13:52:13

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.79.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32687
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.79.145.			IN	A

;; AUTHORITY SECTION:
.			587	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122100 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 21 17:08:25 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 145.79.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 145.79.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
106.12.6.217	attackbotsspam	Unauthorized connection attempt detected from IP address 106.12.6.217 to port 2220 [J]	2020-01-13 17:40:08
193.70.14.116	attackspam	ET SCAN Sipvicious Scan - port: 5060 proto: UDP cat: Attempted Information Leak	2020-01-13 17:49:00
115.75.80.23	attackspambots	20/1/13@00:33:15: FAIL: Alarm-Network address from=115.75.80.23 20/1/13@00:33:15: FAIL: Alarm-Network address from=115.75.80.23 ...	2020-01-13 17:35:50
184.82.10.63	attack	Honeypot attack, port: 445, PTR: 184-82-10-0.24.public.erhq-mser.myaisfibre.com.	2020-01-13 17:23:27
94.194.245.213	attackspam	unauthorized connection attempt	2020-01-13 17:27:00
93.135.178.132	attack	Jan 13 06:24:17 silence02 sshd[16781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.135.178.132 Jan 13 06:24:18 silence02 sshd[16781]: Failed password for invalid user developer from 93.135.178.132 port 55410 ssh2 Jan 13 06:31:21 silence02 sshd[17022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.135.178.132	2020-01-13 17:33:33
115.159.235.76	attackspambots	Jan 13 07:28:25 vtv3 sshd[810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.235.76 Jan 13 07:28:28 vtv3 sshd[810]: Failed password for invalid user martin from 115.159.235.76 port 32256 ssh2 Jan 13 07:32:05 vtv3 sshd[2762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.235.76 Jan 13 07:46:00 vtv3 sshd[9252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.235.76 Jan 13 07:46:01 vtv3 sshd[9252]: Failed password for invalid user eric from 115.159.235.76 port 61979 ssh2 Jan 13 07:49:43 vtv3 sshd[10656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.235.76 Jan 13 08:00:20 vtv3 sshd[16040]: Failed password for root from 115.159.235.76 port 60596 ssh2 Jan 13 08:03:32 vtv3 sshd[17253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.235.76 Jan 13 08:03:33 vtv3 sshd[17	2020-01-13 17:21:26
112.85.42.176	attackspam	Jan 10 01:54:29 git-ovh sshd[27419]: Failed password for root from 112.85.42.176 port 24928 ssh2 Jan 10 01:54:34 git-ovh sshd[27419]: Failed password for root from 112.85.42.176 port 24928 ssh2 ...	2020-01-13 17:17:00
103.245.198.98	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-13 17:54:04
154.73.103.106	attackbotsspam	unauthorized connection attempt	2020-01-13 17:28:31
14.251.200.205	attackbots	Honeypot attack, port: 445, PTR: static.vnpt.vn.	2020-01-13 17:32:21
104.192.163.119	attack	Unauthorized connection attempt detected from IP address 104.192.163.119 to port 2220 [J]	2020-01-13 17:41:22
115.75.177.169	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2020-01-13 17:46:42
86.57.181.174	attack	Honeypot attack, port: 445, PTR: m1club.ru.	2020-01-13 17:42:22
222.186.30.35	attackspambots	Jan 13 04:37:50 onepro4 sshd[4817]: Failed password for root from 222.186.30.35 port 10618 ssh2 Jan 13 04:37:53 onepro4 sshd[4817]: Failed password for root from 222.186.30.35 port 10618 ssh2 Jan 13 04:37:55 onepro4 sshd[4817]: Failed password for root from 222.186.30.35 port 10618 ssh2	2020-01-13 17:39:16

最近上报的IP列表

183.60.205.26	43.226.148.238	101.36.179.159	206.189.233.20
141.98.80.122	158.69.121.204	180.124.243.17	42.118.234.141
37.122.4.217	217.146.67.63	122.51.212.198	31.167.67.2
87.117.180.78	191.249.103.135	5.178.87.175	80.84.57.93
27.200.135.104	118.70.13.23	77.42.84.9	195.171.90.17