106.12.92.107 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Nov 23 11:07:12 plusreed sshd[18114]: Invalid user root123467 from 106.12.92.107 ...	2019-11-24 02:49:54
attack	Nov 22 02:06:00 www sshd\[163440\]: Invalid user stack from 106.12.92.107 Nov 22 02:06:00 www sshd\[163440\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.107 Nov 22 02:06:01 www sshd\[163440\]: Failed password for invalid user stack from 106.12.92.107 port 45908 ssh2 ...	2019-11-22 08:09:11

类型

评论内容

时间

attackspam

Nov 23 11:07:12 plusreed sshd[18114]: Invalid user root123467 from 106.12.92.107
...

2019-11-24 02:49:54

attack

Nov 22 02:06:00 www sshd\[163440\]: Invalid user stack from 106.12.92.107
Nov 22 02:06:00 www sshd\[163440\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.107
Nov 22 02:06:01 www sshd\[163440\]: Failed password for invalid user stack from 106.12.92.107 port 45908 ssh2
...

2019-11-22 08:09:11

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.92.246	attackbotsspam	Aug 16 23:09:44 ns382633 sshd\[21466\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.246 user=root Aug 16 23:09:46 ns382633 sshd\[21466\]: Failed password for root from 106.12.92.246 port 44702 ssh2 Aug 16 23:17:25 ns382633 sshd\[23106\]: Invalid user ha from 106.12.92.246 port 49572 Aug 16 23:17:25 ns382633 sshd\[23106\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.246 Aug 16 23:17:26 ns382633 sshd\[23106\]: Failed password for invalid user ha from 106.12.92.246 port 49572 ssh2	2020-08-17 06:31:13
106.12.92.246	attack	Aug 10 03:23:52 vm0 sshd[14508]: Failed password for root from 106.12.92.246 port 54284 ssh2 Aug 10 09:02:48 vm0 sshd[27121]: Failed password for root from 106.12.92.246 port 48348 ssh2 ...	2020-08-10 16:31:58
106.12.92.246	attack	SSH Invalid Login	2020-07-24 06:11:00
106.12.92.246	attackbotsspam	Jun 8 06:04:23 piServer sshd[6630]: Failed password for root from 106.12.92.246 port 37786 ssh2 Jun 8 06:08:46 piServer sshd[7080]: Failed password for root from 106.12.92.246 port 34592 ssh2 ...	2020-06-08 19:22:47
106.12.92.246	attack	May 21 05:58:54 nextcloud sshd\[32081\]: Invalid user cdn from 106.12.92.246 May 21 05:58:54 nextcloud sshd\[32081\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.246 May 21 05:58:57 nextcloud sshd\[32081\]: Failed password for invalid user cdn from 106.12.92.246 port 60970 ssh2	2020-05-21 12:36:55
106.12.92.65	attack	May 15 14:17:05 ns382633 sshd\[20077\]: Invalid user ubuntu from 106.12.92.65 port 56210 May 15 14:17:05 ns382633 sshd\[20077\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.65 May 15 14:17:07 ns382633 sshd\[20077\]: Failed password for invalid user ubuntu from 106.12.92.65 port 56210 ssh2 May 15 14:23:23 ns382633 sshd\[21135\]: Invalid user webadmin from 106.12.92.65 port 33662 May 15 14:23:23 ns382633 sshd\[21135\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.65	2020-05-16 01:06:40
106.12.92.246	attackspam	...	2020-05-15 19:50:43
106.12.92.246	attackspam	SSH brute-force attempt	2020-05-14 02:07:30
106.12.92.246	attackspambots	SSH Brute Force	2020-04-29 13:05:17
106.12.92.246	attackspam	prod11 ...	2020-04-17 18:09:29
106.12.92.246	attackbotsspam	Apr 16 09:31:56 localhost sshd\[21203\]: Invalid user pool from 106.12.92.246 Apr 16 09:31:56 localhost sshd\[21203\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.246 Apr 16 09:31:59 localhost sshd\[21203\]: Failed password for invalid user pool from 106.12.92.246 port 52066 ssh2 Apr 16 09:34:59 localhost sshd\[21362\]: Invalid user share from 106.12.92.246 Apr 16 09:34:59 localhost sshd\[21362\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.246 ...	2020-04-16 19:32:59
106.12.92.65	attackbotsspam	Apr 16 00:29:09 vpn01 sshd[10618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.65 Apr 16 00:29:11 vpn01 sshd[10618]: Failed password for invalid user tena from 106.12.92.65 port 57546 ssh2 ...	2020-04-16 07:06:36
106.12.92.246	attackspambots	Invalid user test from 106.12.92.246 port 46348	2020-04-13 06:26:57
106.12.92.246	attackbotsspam	Invalid user UBNT from 106.12.92.246 port 53464	2020-04-11 07:23:32
106.12.92.70	attackspambots	Apr 5 05:47:50 minden010 sshd[26783]: Failed password for root from 106.12.92.70 port 59144 ssh2 Apr 5 05:52:22 minden010 sshd[28307]: Failed password for root from 106.12.92.70 port 36270 ssh2 ...	2020-04-05 13:34:53

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.92.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20591
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.92.107.			IN	A

;; AUTHORITY SECTION:
.			10800	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 100.100.2.136#53(100.100.2.136)
;; WHEN: Fri Nov 22 08:14:05 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 107.92.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.92.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
31.3.152.128	attackbotsspam	\[2019-06-23 08:20:11\] NOTICE\[9010\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '31.3.152.128:1010' \(callid: 1684936645-1762993814-1646604005\) - Failed to authenticate \[2019-06-23 08:20:11\] SECURITY\[3671\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-06-23T08:20:11.886+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="\",SessionID="1684936645-1762993814-1646604005",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/31.3.152.128/1010",Challenge="1561270811/dcacfc207407bde0df2a445e2fc71b24",Response="55137db6a5d96bde4059df6f270612d7",ExpectedResponse="" \[2019-06-23 08:20:11\] NOTICE\[6698\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '31.3.152.128:1010' \(callid: 1684936645-1762993814-1646604005\) - Failed to authenticate \[2019-06-23 08:20:11\] SECURITY\[3671\] res_security_log.c: SecurityEvent="ChallengeResponseFail	2019-06-23 14:48:05
35.222.163.124	attack	[munged]::443 35.222.163.124 - - [23/Jun/2019:07:34:28 +0200] "POST /[munged]: HTTP/1.1" 200 6178 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 35.222.163.124 - - [23/Jun/2019:07:34:32 +0200] "POST /[munged]: HTTP/1.1" 200 6184 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 35.222.163.124 - - [23/Jun/2019:07:34:32 +0200] "POST /[munged]: HTTP/1.1" 200 6184 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-06-23 14:27:57
66.153.194.203	attackbotsspam	ports scanning	2019-06-23 14:33:56
205.209.174.222	attackspambots	slow and persistent scanner	2019-06-23 14:22:00
202.190.181.177	attackbotsspam	Jun 23 02:09:36 tux-35-217 sshd\[8191\]: Invalid user riak from 202.190.181.177 port 33782 Jun 23 02:09:36 tux-35-217 sshd\[8191\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.190.181.177 Jun 23 02:09:37 tux-35-217 sshd\[8191\]: Failed password for invalid user riak from 202.190.181.177 port 33782 ssh2 Jun 23 02:11:15 tux-35-217 sshd\[8228\]: Invalid user dante from 202.190.181.177 port 50290 Jun 23 02:11:15 tux-35-217 sshd\[8228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.190.181.177 ...	2019-06-23 14:35:46
41.39.175.150	attack	Automatic report - Web App Attack	2019-06-23 14:15:47
140.143.203.168	attackspambots	Jun 23 02:56:50 core01 sshd\[29134\]: Invalid user ftptest from 140.143.203.168 port 37576 Jun 23 02:56:50 core01 sshd\[29134\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.203.168 ...	2019-06-23 14:18:46
177.95.26.94	attackspambots	" "	2019-06-23 14:48:40
120.10.145.190	attackbotsspam	23/tcp [2019-06-22]1pkt	2019-06-23 14:54:11
47.198.224.40	attackspam	Jun 22 23:28:05 gcems sshd\[28565\]: Invalid user admin@root from 47.198.224.40 port 59612 Jun 22 23:28:05 gcems sshd\[28565\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.198.224.40 Jun 22 23:28:07 gcems sshd\[28565\]: Failed password for invalid user admin@root from 47.198.224.40 port 59612 ssh2 Jun 22 23:32:16 gcems sshd\[28703\]: Invalid user ip from 47.198.224.40 port 48840 Jun 22 23:32:16 gcems sshd\[28703\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.198.224.40 ...	2019-06-23 14:55:15
88.100.39.117	attackspam	Jun 23 05:13:56 web sshd\[8954\]: Invalid user fn from 88.100.39.117 Jun 23 05:13:56 web sshd\[8954\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.39.broadband5.iol.cz Jun 23 05:13:58 web sshd\[8954\]: Failed password for invalid user fn from 88.100.39.117 port 41525 ssh2 Jun 23 05:15:13 web sshd\[8960\]: Invalid user sa from 88.100.39.117 Jun 23 05:15:13 web sshd\[8960\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.39.broadband5.iol.cz ...	2019-06-23 14:12:36
121.42.52.27	attack	php WP PHPmyadamin ABUSE blocked for 12h	2019-06-23 14:05:29
185.176.27.18	attackbots	Port scan attempt detected by AWS-CCS, CTS, India	2019-06-23 14:34:59
183.99.225.177	attack	23/tcp [2019-06-22]1pkt	2019-06-23 14:22:21
182.253.1.213	attackspam	Jun 23 02:55:30 core01 sshd\[28765\]: Invalid user yong from 182.253.1.213 port 55594 Jun 23 02:55:30 core01 sshd\[28765\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.253.1.213 ...	2019-06-23 14:12:05

最近上报的IP列表

108.170.141.75	124.114.177.237	5.36.76.61	220.191.12.226
110.164.91.50	251.246.247.154	60.247.36.110	192.168.0.37
123.180.5.60	79.215.109.67	91.107.11.110	6.53.63.57
5.53.125.31	35.205.54.255	180.241.218.31	209.90.63.86
123.223.112.180	119.40.113.3	62.228.3.112	51.89.52.208