106.12.92.107 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Nov 23 11:07:12 plusreed sshd[18114]: Invalid user root123467 from 106.12.92.107 ...	2019-11-24 02:49:54
attack	Nov 22 02:06:00 www sshd\[163440\]: Invalid user stack from 106.12.92.107 Nov 22 02:06:00 www sshd\[163440\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.107 Nov 22 02:06:01 www sshd\[163440\]: Failed password for invalid user stack from 106.12.92.107 port 45908 ssh2 ...	2019-11-22 08:09:11

类型

评论内容

时间

attackspam

Nov 23 11:07:12 plusreed sshd[18114]: Invalid user root123467 from 106.12.92.107
...

2019-11-24 02:49:54

attack

Nov 22 02:06:00 www sshd\[163440\]: Invalid user stack from 106.12.92.107
Nov 22 02:06:00 www sshd\[163440\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.107
Nov 22 02:06:01 www sshd\[163440\]: Failed password for invalid user stack from 106.12.92.107 port 45908 ssh2
...

2019-11-22 08:09:11

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.92.246	attackbotsspam	Aug 16 23:09:44 ns382633 sshd\[21466\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.246 user=root Aug 16 23:09:46 ns382633 sshd\[21466\]: Failed password for root from 106.12.92.246 port 44702 ssh2 Aug 16 23:17:25 ns382633 sshd\[23106\]: Invalid user ha from 106.12.92.246 port 49572 Aug 16 23:17:25 ns382633 sshd\[23106\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.246 Aug 16 23:17:26 ns382633 sshd\[23106\]: Failed password for invalid user ha from 106.12.92.246 port 49572 ssh2	2020-08-17 06:31:13
106.12.92.246	attack	Aug 10 03:23:52 vm0 sshd[14508]: Failed password for root from 106.12.92.246 port 54284 ssh2 Aug 10 09:02:48 vm0 sshd[27121]: Failed password for root from 106.12.92.246 port 48348 ssh2 ...	2020-08-10 16:31:58
106.12.92.246	attack	SSH Invalid Login	2020-07-24 06:11:00
106.12.92.246	attackbotsspam	Jun 8 06:04:23 piServer sshd[6630]: Failed password for root from 106.12.92.246 port 37786 ssh2 Jun 8 06:08:46 piServer sshd[7080]: Failed password for root from 106.12.92.246 port 34592 ssh2 ...	2020-06-08 19:22:47
106.12.92.246	attack	May 21 05:58:54 nextcloud sshd\[32081\]: Invalid user cdn from 106.12.92.246 May 21 05:58:54 nextcloud sshd\[32081\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.246 May 21 05:58:57 nextcloud sshd\[32081\]: Failed password for invalid user cdn from 106.12.92.246 port 60970 ssh2	2020-05-21 12:36:55
106.12.92.65	attack	May 15 14:17:05 ns382633 sshd\[20077\]: Invalid user ubuntu from 106.12.92.65 port 56210 May 15 14:17:05 ns382633 sshd\[20077\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.65 May 15 14:17:07 ns382633 sshd\[20077\]: Failed password for invalid user ubuntu from 106.12.92.65 port 56210 ssh2 May 15 14:23:23 ns382633 sshd\[21135\]: Invalid user webadmin from 106.12.92.65 port 33662 May 15 14:23:23 ns382633 sshd\[21135\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.65	2020-05-16 01:06:40
106.12.92.246	attackspam	...	2020-05-15 19:50:43
106.12.92.246	attackspam	SSH brute-force attempt	2020-05-14 02:07:30
106.12.92.246	attackspambots	SSH Brute Force	2020-04-29 13:05:17
106.12.92.246	attackspam	prod11 ...	2020-04-17 18:09:29
106.12.92.246	attackbotsspam	Apr 16 09:31:56 localhost sshd\[21203\]: Invalid user pool from 106.12.92.246 Apr 16 09:31:56 localhost sshd\[21203\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.246 Apr 16 09:31:59 localhost sshd\[21203\]: Failed password for invalid user pool from 106.12.92.246 port 52066 ssh2 Apr 16 09:34:59 localhost sshd\[21362\]: Invalid user share from 106.12.92.246 Apr 16 09:34:59 localhost sshd\[21362\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.246 ...	2020-04-16 19:32:59
106.12.92.65	attackbotsspam	Apr 16 00:29:09 vpn01 sshd[10618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.65 Apr 16 00:29:11 vpn01 sshd[10618]: Failed password for invalid user tena from 106.12.92.65 port 57546 ssh2 ...	2020-04-16 07:06:36
106.12.92.246	attackspambots	Invalid user test from 106.12.92.246 port 46348	2020-04-13 06:26:57
106.12.92.246	attackbotsspam	Invalid user UBNT from 106.12.92.246 port 53464	2020-04-11 07:23:32
106.12.92.70	attackspambots	Apr 5 05:47:50 minden010 sshd[26783]: Failed password for root from 106.12.92.70 port 59144 ssh2 Apr 5 05:52:22 minden010 sshd[28307]: Failed password for root from 106.12.92.70 port 36270 ssh2 ...	2020-04-05 13:34:53

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.92.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20591
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.92.107.			IN	A

;; AUTHORITY SECTION:
.			10800	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 100.100.2.136#53(100.100.2.136)
;; WHEN: Fri Nov 22 08:14:05 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 107.92.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.92.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.158.162.242	attackspambots	Jul 24 20:37:22 vps1 sshd[830]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.162.242 Jul 24 20:37:24 vps1 sshd[830]: Failed password for invalid user dev from 51.158.162.242 port 58014 ssh2 Jul 24 20:40:15 vps1 sshd[931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.162.242 Jul 24 20:40:18 vps1 sshd[931]: Failed password for invalid user samp from 51.158.162.242 port 36354 ssh2 Jul 24 20:43:06 vps1 sshd[988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.162.242 Jul 24 20:43:08 vps1 sshd[988]: Failed password for invalid user jin from 51.158.162.242 port 42928 ssh2 Jul 24 20:45:51 vps1 sshd[1034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.162.242 ...	2020-07-25 04:16:40
150.109.53.204	attack	2020-07-24T19:43:15+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-07-25 04:09:29
186.232.15.247	attackspam	Jul 24 08:47:07 mail.srvfarm.net postfix/smtpd[2132837]: warning: unknown[186.232.15.247]: SASL PLAIN authentication failed: Jul 24 08:47:07 mail.srvfarm.net postfix/smtpd[2132837]: lost connection after AUTH from unknown[186.232.15.247] Jul 24 08:51:35 mail.srvfarm.net postfix/smtps/smtpd[2140083]: warning: unknown[186.232.15.247]: SASL PLAIN authentication failed: Jul 24 08:51:36 mail.srvfarm.net postfix/smtps/smtpd[2140083]: lost connection after AUTH from unknown[186.232.15.247] Jul 24 08:51:57 mail.srvfarm.net postfix/smtps/smtpd[2140090]: warning: unknown[186.232.15.247]: SASL PLAIN authentication failed:	2020-07-25 04:24:42
138.197.151.129	attackbotsspam	Jul 24 22:01:48 ns37 sshd[6027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.151.129 Jul 24 22:01:50 ns37 sshd[6027]: Failed password for invalid user guest from 138.197.151.129 port 60228 ssh2 Jul 24 22:09:21 ns37 sshd[6520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.151.129	2020-07-25 04:10:54
138.36.44.55	attackspam	20/7/24@09:44:22: FAIL: Alarm-Network address from=138.36.44.55 20/7/24@09:44:22: FAIL: Alarm-Network address from=138.36.44.55 ...	2020-07-25 04:35:42
2.91.31.81	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-07-25 04:10:21
91.199.118.137	attackbots	Portscan or hack attempt detected by psad/fwsnort	2020-07-25 04:21:48
178.128.89.86	attack	Jul 24 21:38:14 ns392434 sshd[7854]: Invalid user ingrid from 178.128.89.86 port 37706 Jul 24 21:38:14 ns392434 sshd[7854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.89.86 Jul 24 21:38:14 ns392434 sshd[7854]: Invalid user ingrid from 178.128.89.86 port 37706 Jul 24 21:38:16 ns392434 sshd[7854]: Failed password for invalid user ingrid from 178.128.89.86 port 37706 ssh2 Jul 24 21:45:28 ns392434 sshd[8103]: Invalid user jayrock from 178.128.89.86 port 49196 Jul 24 21:45:28 ns392434 sshd[8103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.89.86 Jul 24 21:45:28 ns392434 sshd[8103]: Invalid user jayrock from 178.128.89.86 port 49196 Jul 24 21:45:30 ns392434 sshd[8103]: Failed password for invalid user jayrock from 178.128.89.86 port 49196 ssh2 Jul 24 21:50:14 ns392434 sshd[8312]: Invalid user ope from 178.128.89.86 port 34952	2020-07-25 04:47:20
49.235.192.120	attackspam	20 attempts against mh-ssh on cloud	2020-07-25 04:08:34
106.12.182.38	attackbots	Jul 24 19:16:30 vmd36147 sshd[20754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.182.38 Jul 24 19:16:33 vmd36147 sshd[20754]: Failed password for invalid user poster from 106.12.182.38 port 40750 ssh2 Jul 24 19:20:22 vmd36147 sshd[28921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.182.38 ...	2020-07-25 04:21:36
196.0.86.162	attackbotsspam	Jul 24 08:41:19 mail.srvfarm.net postfix/smtpd[2132839]: warning: unknown[196.0.86.162]: SASL PLAIN authentication failed: Jul 24 08:41:19 mail.srvfarm.net postfix/smtpd[2132839]: lost connection after AUTH from unknown[196.0.86.162] Jul 24 08:45:32 mail.srvfarm.net postfix/smtps/smtpd[2139161]: warning: unknown[196.0.86.162]: SASL PLAIN authentication failed: Jul 24 08:45:32 mail.srvfarm.net postfix/smtps/smtpd[2139161]: lost connection after AUTH from unknown[196.0.86.162] Jul 24 08:49:19 mail.srvfarm.net postfix/smtpd[2140132]: warning: unknown[196.0.86.162]: SASL PLAIN authentication failed:	2020-07-25 04:23:32
122.51.175.20	attackspambots	2020-07-24T20:30:16.264684abusebot-7.cloudsearch.cf sshd[17336]: Invalid user philipp from 122.51.175.20 port 37012 2020-07-24T20:30:16.268403abusebot-7.cloudsearch.cf sshd[17336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.175.20 2020-07-24T20:30:16.264684abusebot-7.cloudsearch.cf sshd[17336]: Invalid user philipp from 122.51.175.20 port 37012 2020-07-24T20:30:18.343506abusebot-7.cloudsearch.cf sshd[17336]: Failed password for invalid user philipp from 122.51.175.20 port 37012 ssh2 2020-07-24T20:34:34.158107abusebot-7.cloudsearch.cf sshd[17440]: Invalid user user5 from 122.51.175.20 port 50964 2020-07-24T20:34:34.162708abusebot-7.cloudsearch.cf sshd[17440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.175.20 2020-07-24T20:34:34.158107abusebot-7.cloudsearch.cf sshd[17440]: Invalid user user5 from 122.51.175.20 port 50964 2020-07-24T20:34:36.324480abusebot-7.cloudsearch.cf sshd[17440]: ...	2020-07-25 04:36:14
177.87.68.150	attackbots	Jul 24 08:15:51 mail.srvfarm.net postfix/smtps/smtpd[2130877]: warning: unknown[177.87.68.150]: SASL PLAIN authentication failed: Jul 24 08:15:51 mail.srvfarm.net postfix/smtps/smtpd[2130877]: lost connection after AUTH from unknown[177.87.68.150] Jul 24 08:18:29 mail.srvfarm.net postfix/smtpd[2131130]: warning: unknown[177.87.68.150]: SASL PLAIN authentication failed: Jul 24 08:18:30 mail.srvfarm.net postfix/smtpd[2131130]: lost connection after AUTH from unknown[177.87.68.150] Jul 24 08:21:01 mail.srvfarm.net postfix/smtpd[2132841]: warning: unknown[177.87.68.150]: SASL PLAIN authentication failed:	2020-07-25 04:26:00
43.228.226.108	attackspam	Jul 24 07:57:00 mail.srvfarm.net postfix/smtps/smtpd[2116059]: warning: unknown[43.228.226.108]: SASL PLAIN authentication failed: Jul 24 07:57:00 mail.srvfarm.net postfix/smtps/smtpd[2116059]: lost connection after AUTH from unknown[43.228.226.108] Jul 24 07:59:23 mail.srvfarm.net postfix/smtps/smtpd[2116877]: warning: unknown[43.228.226.108]: SASL PLAIN authentication failed: Jul 24 07:59:23 mail.srvfarm.net postfix/smtps/smtpd[2116877]: lost connection after AUTH from unknown[43.228.226.108] Jul 24 08:05:07 mail.srvfarm.net postfix/smtpd[2115632]: warning: unknown[43.228.226.108]: SASL PLAIN authentication failed:	2020-07-25 04:29:32
200.66.117.224	attackspam	Jul 24 07:47:24 mail.srvfarm.net postfix/smtps/smtpd[2116868]: warning: unknown[200.66.117.224]: SASL PLAIN authentication failed: Jul 24 07:47:25 mail.srvfarm.net postfix/smtps/smtpd[2116868]: lost connection after AUTH from unknown[200.66.117.224] Jul 24 07:47:33 mail.srvfarm.net postfix/smtps/smtpd[2116832]: warning: unknown[200.66.117.224]: SASL PLAIN authentication failed: Jul 24 07:47:34 mail.srvfarm.net postfix/smtps/smtpd[2116832]: lost connection after AUTH from unknown[200.66.117.224] Jul 24 07:53:42 mail.srvfarm.net postfix/smtpd[2115628]: warning: unknown[200.66.117.224]: SASL PLAIN authentication failed:	2020-07-25 04:30:12

最近上报的IP列表

108.170.141.75	124.114.177.237	5.36.76.61	220.191.12.226
110.164.91.50	251.246.247.154	60.247.36.110	192.168.0.37
123.180.5.60	79.215.109.67	91.107.11.110	6.53.63.57
5.53.125.31	35.205.54.255	180.241.218.31	209.90.63.86
123.223.112.180	119.40.113.3	62.228.3.112	51.89.52.208