106.12.93.25 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	(sshd) Failed SSH login from 106.12.93.25 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 8 12:44:24 server sshd[3869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 user=root Oct 8 12:44:26 server sshd[3869]: Failed password for root from 106.12.93.25 port 55910 ssh2 Oct 8 12:53:20 server sshd[6265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 user=root Oct 8 12:53:22 server sshd[6265]: Failed password for root from 106.12.93.25 port 46842 ssh2 Oct 8 12:55:59 server sshd[6918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 user=root	2020-10-09 03:21:08
attack	2020-10-08T05:20:37.4012951495-001 sshd[51255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 user=root 2020-10-08T05:20:39.2904761495-001 sshd[51255]: Failed password for root from 106.12.93.25 port 45660 ssh2 2020-10-08T05:25:19.7330491495-001 sshd[51545]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 user=root 2020-10-08T05:25:22.0014101495-001 sshd[51545]: Failed password for root from 106.12.93.25 port 45264 ssh2 2020-10-08T05:29:56.9353131495-001 sshd[51766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 user=root 2020-10-08T05:29:59.2307791495-001 sshd[51766]: Failed password for root from 106.12.93.25 port 44852 ssh2 ...	2020-10-08 19:25:21
attackspam	2020-09-26T16:12:48.008601shield sshd\[27120\]: Invalid user kelly from 106.12.93.25 port 55344 2020-09-26T16:12:48.016086shield sshd\[27120\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 2020-09-26T16:12:50.124499shield sshd\[27120\]: Failed password for invalid user kelly from 106.12.93.25 port 55344 ssh2 2020-09-26T16:16:45.373765shield sshd\[28097\]: Invalid user postgres from 106.12.93.25 port 41818 2020-09-26T16:16:45.381610shield sshd\[28097\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25	2020-09-27 00:40:10
attack	Invalid user jenkins from 106.12.93.25 port 37766	2020-09-26 16:30:05
attackspam	SSH invalid-user multiple login attempts	2020-09-21 03:33:22
attackbotsspam	Invalid user mihai from 106.12.93.25 port 60692	2020-09-20 19:41:31
attackbotsspam	Aug 18 14:35:31 fhem-rasp sshd[6208]: Invalid user postgres from 106.12.93.25 port 42542 ...	2020-08-18 21:08:51
attack	Jul 28 13:06:36 Ubuntu-1404-trusty-64-minimal sshd\[10461\]: Invalid user parassandika from 106.12.93.25 Jul 28 13:06:36 Ubuntu-1404-trusty-64-minimal sshd\[10461\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 Jul 28 13:06:38 Ubuntu-1404-trusty-64-minimal sshd\[10461\]: Failed password for invalid user parassandika from 106.12.93.25 port 35396 ssh2 Jul 28 13:17:46 Ubuntu-1404-trusty-64-minimal sshd\[17460\]: Invalid user tgc from 106.12.93.25 Jul 28 13:17:46 Ubuntu-1404-trusty-64-minimal sshd\[17460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25	2020-07-28 20:04:32
attack	Jul 10 21:14:34 v22019038103785759 sshd\[13542\]: Invalid user znc from 106.12.93.25 port 34632 Jul 10 21:14:34 v22019038103785759 sshd\[13542\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 Jul 10 21:14:37 v22019038103785759 sshd\[13542\]: Failed password for invalid user znc from 106.12.93.25 port 34632 ssh2 Jul 10 21:20:12 v22019038103785759 sshd\[13749\]: Invalid user yanghp from 106.12.93.25 port 41384 Jul 10 21:20:12 v22019038103785759 sshd\[13749\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 ...	2020-07-11 05:03:36
attackbots	Jun 1 22:46:59 piServer sshd[14439]: Failed password for root from 106.12.93.25 port 39842 ssh2 Jun 1 22:50:21 piServer sshd[14745]: Failed password for root from 106.12.93.25 port 38300 ssh2 ...	2020-06-02 05:45:53
attack	DATE:2020-05-09 04:51:19, IP:106.12.93.25, PORT:ssh SSH brute force auth (docker-dc)	2020-05-09 16:02:57
attackbots	May 1 22:43:50 srv-ubuntu-dev3 sshd[36651]: Invalid user el from 106.12.93.25 May 1 22:43:50 srv-ubuntu-dev3 sshd[36651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 May 1 22:43:50 srv-ubuntu-dev3 sshd[36651]: Invalid user el from 106.12.93.25 May 1 22:43:52 srv-ubuntu-dev3 sshd[36651]: Failed password for invalid user el from 106.12.93.25 port 49576 ssh2 May 1 22:48:41 srv-ubuntu-dev3 sshd[37496]: Invalid user server from 106.12.93.25 May 1 22:48:41 srv-ubuntu-dev3 sshd[37496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 May 1 22:48:41 srv-ubuntu-dev3 sshd[37496]: Invalid user server from 106.12.93.25 May 1 22:48:43 srv-ubuntu-dev3 sshd[37496]: Failed password for invalid user server from 106.12.93.25 port 54408 ssh2 May 1 22:53:24 srv-ubuntu-dev3 sshd[38290]: Invalid user harlan from 106.12.93.25 ...	2020-05-02 05:32:08
attack	$f2bV_matches	2020-04-30 01:42:50
attack	SSH Brute Force	2020-04-29 13:03:02
attack	Apr 22 07:03:51 rotator sshd\[5562\]: Invalid user sa from 106.12.93.25Apr 22 07:03:53 rotator sshd\[5562\]: Failed password for invalid user sa from 106.12.93.25 port 57330 ssh2Apr 22 07:06:43 rotator sshd\[6353\]: Failed password for root from 106.12.93.25 port 35286 ssh2Apr 22 07:09:14 rotator sshd\[6397\]: Invalid user y from 106.12.93.25Apr 22 07:09:16 rotator sshd\[6397\]: Failed password for invalid user y from 106.12.93.25 port 41452 ssh2Apr 22 07:12:05 rotator sshd\[7184\]: Invalid user teste from 106.12.93.25 ...	2020-04-22 16:21:51
attack	Apr 20 01:12:18 web1 sshd\[304\]: Invalid user ubuntu from 106.12.93.25 Apr 20 01:12:18 web1 sshd\[304\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 Apr 20 01:12:21 web1 sshd\[304\]: Failed password for invalid user ubuntu from 106.12.93.25 port 40442 ssh2 Apr 20 01:17:35 web1 sshd\[869\]: Invalid user postgres from 106.12.93.25 Apr 20 01:17:35 web1 sshd\[869\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25	2020-04-20 19:49:00
attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2020-04-01 16:15:04
attackbots	Mar 27 23:59:16 icinga sshd[7898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 Mar 27 23:59:18 icinga sshd[7898]: Failed password for invalid user qze from 106.12.93.25 port 38430 ssh2 Mar 28 00:05:18 icinga sshd[17563]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 ...	2020-03-28 07:10:00
attackbots	Invalid user wq from 106.12.93.25 port 48692	2020-03-26 15:26:22
attack	Mar 22 17:40:04 163-172-32-151 sshd[9973]: Invalid user dod from 106.12.93.25 port 59982 ...	2020-03-23 02:15:19
attackspam	Dec 4 11:07:01 woltan sshd[28845]: Failed password for invalid user bb1 from 106.12.93.25 port 51200 ssh2	2020-03-21 04:10:01
attackspambots	SSH brute force	2020-03-14 09:23:00
attack	Feb 10 18:07:32 silence02 sshd[2640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 Feb 10 18:07:35 silence02 sshd[2640]: Failed password for invalid user ha from 106.12.93.25 port 34246 ssh2 Feb 10 18:11:05 silence02 sshd[2870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25	2020-02-11 04:50:37
attackbots	Unauthorized SSH login attempts	2020-01-31 15:28:48
attackbotsspam	Jan 29 22:20:57 lnxded64 sshd[28567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 Jan 29 22:20:57 lnxded64 sshd[28567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25	2020-01-30 05:21:28
attackbots	Unauthorized connection attempt detected from IP address 106.12.93.25 to port 2220 [J]	2020-01-19 22:40:25
attackspam	Unauthorized connection attempt detected from IP address 106.12.93.25 to port 2220 [J]	2020-01-19 06:33:10
attackspambots	Jan 6 15:27:36 meumeu sshd[10320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 Jan 6 15:27:38 meumeu sshd[10320]: Failed password for invalid user testing from 106.12.93.25 port 45250 ssh2 Jan 6 15:31:05 meumeu sshd[10810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 ...	2020-01-06 22:35:59
attackbots	SSH auth scanning - multiple failed logins	2019-12-25 08:14:00
attackspam	Dec 17 11:31:32 plusreed sshd[18756]: Invalid user ssh from 106.12.93.25 ...	2019-12-18 03:34:38

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.93.251	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-10-08T18:51:56Z and 2020-10-08T18:59:22Z	2020-10-09 07:21:10
106.12.93.251	attack	2020-10-08T12:41:48.909871abusebot-6.cloudsearch.cf sshd[16901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.251 user=root 2020-10-08T12:41:50.937589abusebot-6.cloudsearch.cf sshd[16901]: Failed password for root from 106.12.93.251 port 57000 ssh2 2020-10-08T12:43:50.611323abusebot-6.cloudsearch.cf sshd[16907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.251 user=root 2020-10-08T12:43:52.719640abusebot-6.cloudsearch.cf sshd[16907]: Failed password for root from 106.12.93.251 port 48388 ssh2 2020-10-08T12:45:52.219122abusebot-6.cloudsearch.cf sshd[16921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.251 user=root 2020-10-08T12:45:54.076280abusebot-6.cloudsearch.cf sshd[16921]: Failed password for root from 106.12.93.251 port 39770 ssh2 2020-10-08T12:47:54.237845abusebot-6.cloudsearch.cf sshd[16932]: pam_unix(sshd:auth): authe ...	2020-10-08 23:50:17
106.12.93.251	attack	Oct 8 08:27:08 vps sshd[1036]: Failed password for root from 106.12.93.251 port 45086 ssh2 Oct 8 08:41:45 vps sshd[2061]: Failed password for root from 106.12.93.251 port 48818 ssh2 ...	2020-10-08 15:45:43
106.12.93.251	attack	Time: Tue Sep 29 19:50:49 2020 +0000 IP: 106.12.93.251 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 29 19:31:34 sshd[28246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.251 user=root Sep 29 19:31:36 sshd[28246]: Failed password for root from 106.12.93.251 port 52772 ssh2 Sep 29 19:46:25 sshd[29404]: Invalid user pirate from 106.12.93.251 port 55244 Sep 29 19:46:28 sshd[29404]: Failed password for invalid user pirate from 106.12.93.251 port 55244 ssh2 Sep 29 19:50:48 sshd[29723]: Invalid user customer from 106.12.93.251 port 53422	2020-09-30 04:01:52
106.12.93.251	attack	Sep 29 10:57:19 nextcloud sshd\[9245\]: Invalid user mot from 106.12.93.251 Sep 29 10:57:19 nextcloud sshd\[9245\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.251 Sep 29 10:57:22 nextcloud sshd\[9245\]: Failed password for invalid user mot from 106.12.93.251 port 59118 ssh2	2020-09-29 20:08:53
106.12.93.251	attack	Sep 29 02:20:21 ajax sshd[6572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.251 Sep 29 02:20:23 ajax sshd[6572]: Failed password for invalid user nagios3 from 106.12.93.251 port 45486 ssh2	2020-09-29 12:16:33
106.12.93.251	attackbots	Aug 25 02:30:04 NPSTNNYC01T sshd[8837]: Failed password for root from 106.12.93.251 port 51036 ssh2 Aug 25 02:32:46 NPSTNNYC01T sshd[9448]: Failed password for root from 106.12.93.251 port 50546 ssh2 ...	2020-08-25 16:07:51
106.12.93.251	attackbotsspam	Aug 20 00:27:47 PorscheCustomer sshd[19964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.251 Aug 20 00:27:49 PorscheCustomer sshd[19964]: Failed password for invalid user john from 106.12.93.251 port 34512 ssh2 Aug 20 00:31:56 PorscheCustomer sshd[20217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.251 ...	2020-08-20 06:47:10
106.12.93.251	attackspam	Tried sshing with brute force.	2020-08-19 13:08:29
106.12.93.251	attackspam	Aug 15 21:07:18 inter-technics sshd[27061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.251 user=root Aug 15 21:07:20 inter-technics sshd[27061]: Failed password for root from 106.12.93.251 port 39544 ssh2 Aug 15 21:10:40 inter-technics sshd[27368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.251 user=root Aug 15 21:10:43 inter-technics sshd[27368]: Failed password for root from 106.12.93.251 port 57786 ssh2 Aug 15 21:13:44 inter-technics sshd[27547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.251 user=root Aug 15 21:13:46 inter-technics sshd[27547]: Failed password for root from 106.12.93.251 port 47788 ssh2 ...	2020-08-16 03:49:23
106.12.93.251	attackbotsspam	sshd jail - ssh hack attempt	2020-07-28 04:22:34
106.12.93.251	attackspam	$f2bV_matches	2020-07-26 03:58:56
106.12.93.251	attack	odoo8 ...	2020-07-18 02:44:08
106.12.93.251	attackspam	3x Failed Password	2020-07-05 15:16:41
106.12.93.251	attack	SSH Brute Force	2020-06-29 05:53:03

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.93.25
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52628
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.93.25.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 07 18:32:45 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 25.93.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 25.93.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
157.230.18.33	attackbots	Jun 16 23:46:11 server sshd\[50458\]: Invalid user titi from 157.230.18.33 Jun 16 23:46:11 server sshd\[50458\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.18.33 Jun 16 23:46:13 server sshd\[50458\]: Failed password for invalid user titi from 157.230.18.33 port 54142 ssh2 ...	2019-07-12 01:29:44
187.87.14.20	attack	Brute force attempt	2019-07-12 00:57:41
159.203.179.230	attackspambots	Jun 23 09:56:28 server sshd\[23396\]: Invalid user herve from 159.203.179.230 Jun 23 09:56:28 server sshd\[23396\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.179.230 Jun 23 09:56:30 server sshd\[23396\]: Failed password for invalid user herve from 159.203.179.230 port 59634 ssh2 ...	2019-07-12 00:37:31
209.105.243.230	attackbots	Jul 10 03:07:04 server sshd\[237500\]: Invalid user logic from 209.105.243.230 Jul 10 03:07:04 server sshd\[237500\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.105.243.230 Jul 10 03:07:06 server sshd\[237500\]: Failed password for invalid user logic from 209.105.243.230 port 35820 ssh2 ...	2019-07-12 01:10:20
202.150.50.14	attackbotsspam	Erecitle Peenis Plils	2019-07-12 00:39:58
111.231.227.135	attackspam	Joomla Vuln	2019-07-12 01:34:41
159.203.143.58	attackbotsspam	May 4 11:08:32 server sshd\[80139\]: Invalid user Basisk from 159.203.143.58 May 4 11:08:32 server sshd\[80139\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.143.58 May 4 11:08:34 server sshd\[80139\]: Failed password for invalid user Basisk from 159.203.143.58 port 47356 ssh2 ...	2019-07-12 00:38:44
153.36.232.49	attack	Jul 11 18:31:12 * sshd[17020]: Failed password for root from 153.36.232.49 port 39823 ssh2	2019-07-12 00:34:04
88.247.194.79	attackspambots	Honeypot attack, port: 23, PTR: 88.247.194.79.static.ttnet.com.tr.	2019-07-12 01:31:21
157.230.223.236	attack	Jun 27 07:38:57 server sshd\[88391\]: Invalid user alix from 157.230.223.236 Jun 27 07:38:57 server sshd\[88391\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.223.236 Jun 27 07:38:59 server sshd\[88391\]: Failed password for invalid user alix from 157.230.223.236 port 40540 ssh2 ...	2019-07-12 01:21:49
157.230.230.181	attack	Jun 25 08:11:45 server sshd\[141359\]: Invalid user rd from 157.230.230.181 Jun 25 08:11:45 server sshd\[141359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.230.181 Jun 25 08:11:47 server sshd\[141359\]: Failed password for invalid user rd from 157.230.230.181 port 58926 ssh2 ...	2019-07-12 01:15:19
176.31.101.204	attack	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	2019-07-12 00:45:41
61.190.124.188	attackbots	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-12 01:29:06
177.130.137.133	attack	Brute force attempt	2019-07-12 01:04:54
157.92.26.222	attack	Jul 2 07:21:08 server sshd\[121386\]: Invalid user raissa from 157.92.26.222 Jul 2 07:21:08 server sshd\[121386\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.92.26.222 Jul 2 07:21:10 server sshd\[121386\]: Failed password for invalid user raissa from 157.92.26.222 port 51302 ssh2 ...	2019-07-12 01:01:20

最近上报的IP列表

43.32.113.97	65.138.232.229	114.86.45.183	223.244.100.201
6.88.1.188	75.20.39.185	78.46.71.112	37.120.150.157
64.211.179.198	5.39.37.10	121.7.159.147	222.186.56.8
79.78.62.109	67.42.247.36	5.141.71.75	198.38.94.78
171.242.32.112	123.8.178.24	117.93.143.166	103.69.169.202