106.12.94.5 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Mar 28 02:52:33 gw1 sshd[28286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.5 Mar 28 02:52:36 gw1 sshd[28286]: Failed password for invalid user yci from 106.12.94.5 port 58722 ssh2 ...	2020-03-28 06:10:47
attackbots	Invalid user mckenna from 106.12.94.5 port 55752	2020-03-25 15:51:02
attackbotsspam	Mar 8 03:11:08 srv01 sshd[4211]: Invalid user mc from 106.12.94.5 port 42018 Mar 8 03:11:08 srv01 sshd[4211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.5 Mar 8 03:11:08 srv01 sshd[4211]: Invalid user mc from 106.12.94.5 port 42018 Mar 8 03:11:11 srv01 sshd[4211]: Failed password for invalid user mc from 106.12.94.5 port 42018 ssh2 Mar 8 03:13:28 srv01 sshd[4401]: Invalid user couchdb from 106.12.94.5 port 43958 ...	2020-03-08 10:23:55
attackbots	Mar 2 19:10:29 web1 sshd\[24521\]: Invalid user gerrit2 from 106.12.94.5 Mar 2 19:10:29 web1 sshd\[24521\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.5 Mar 2 19:10:30 web1 sshd\[24521\]: Failed password for invalid user gerrit2 from 106.12.94.5 port 39814 ssh2 Mar 2 19:14:34 web1 sshd\[25283\]: Invalid user liwei from 106.12.94.5 Mar 2 19:14:34 web1 sshd\[25283\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.5	2020-03-03 13:25:45
attackspam	sshd jail - ssh hack attempt	2020-02-15 14:52:19
attack	Unauthorized connection attempt detected from IP address 106.12.94.5 to port 2220 [J]	2020-01-23 19:10:52
attackspam	Jan 11 09:10:04 server sshd\[32378\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.5 user=root Jan 11 09:10:05 server sshd\[32378\]: Failed password for root from 106.12.94.5 port 57750 ssh2 Jan 11 09:33:50 server sshd\[6069\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.5 user=root Jan 11 09:33:52 server sshd\[6069\]: Failed password for root from 106.12.94.5 port 57640 ssh2 Jan 11 09:36:52 server sshd\[7017\]: Invalid user delete from 106.12.94.5 ...	2020-01-11 15:52:58
attackbotsspam	Invalid user haarberg from 106.12.94.5 port 33118	2019-12-27 06:19:32
attackspam	Dec 20 18:13:23 ns381471 sshd[26632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.5 Dec 20 18:13:25 ns381471 sshd[26632]: Failed password for invalid user dunbar from 106.12.94.5 port 57538 ssh2	2019-12-21 01:18:28
attack	Repeated brute force against a port	2019-12-17 23:26:52
attackspambots	Dec 16 16:43:01 vtv3 sshd[22901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.5 Dec 16 16:43:03 vtv3 sshd[22901]: Failed password for invalid user abdelsalaam from 106.12.94.5 port 47324 ssh2 Dec 16 16:50:34 vtv3 sshd[26882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.5 Dec 16 17:05:29 vtv3 sshd[1737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.5 Dec 16 17:05:31 vtv3 sshd[1737]: Failed password for invalid user design2 from 106.12.94.5 port 41498 ssh2 Dec 16 17:13:21 vtv3 sshd[5144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.5 Dec 16 17:37:22 vtv3 sshd[16840]: Failed password for root from 106.12.94.5 port 33786 ssh2 Dec 16 17:45:30 vtv3 sshd[20823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.5 Dec 16 17:45:32 vtv3 sshd[20823]: Failed	2019-12-16 23:34:41
attackbots	Dec 9 16:16:10 srv01 sshd[21220]: Invalid user lorensen from 106.12.94.5 port 59406 Dec 9 16:16:10 srv01 sshd[21220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.5 Dec 9 16:16:10 srv01 sshd[21220]: Invalid user lorensen from 106.12.94.5 port 59406 Dec 9 16:16:13 srv01 sshd[21220]: Failed password for invalid user lorensen from 106.12.94.5 port 59406 ssh2 Dec 9 16:23:38 srv01 sshd[21883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.5 user=root Dec 9 16:23:40 srv01 sshd[21883]: Failed password for root from 106.12.94.5 port 58010 ssh2 ...	2019-12-10 05:08:21

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.94.186	attack	2020-10-11T21:52:07+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-10-12 06:15:19
106.12.94.186	attackbots	prod8 ...	2020-10-11 14:21:11
106.12.94.186	attackbots	Oct 11 02:23:35 dignus sshd[29518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.186 user=root Oct 11 02:23:37 dignus sshd[29518]: Failed password for root from 106.12.94.186 port 39088 ssh2 Oct 11 02:26:37 dignus sshd[29554]: Invalid user samba from 106.12.94.186 port 55956 Oct 11 02:26:37 dignus sshd[29554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.186 Oct 11 02:26:40 dignus sshd[29554]: Failed password for invalid user samba from 106.12.94.186 port 55956 ssh2 ...	2020-10-11 07:44:57
106.12.94.119	attackspambots	Oct 6 19:19:36 sshgateway sshd\[30815\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.119 user=root Oct 6 19:19:39 sshgateway sshd\[30815\]: Failed password for root from 106.12.94.119 port 52962 ssh2 Oct 6 19:29:35 sshgateway sshd\[30863\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.119 user=root	2020-10-07 05:52:17
106.12.94.119	attack	(sshd) Failed SSH login from 106.12.94.119 (US/United States/California/San Jose/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 6 06:28:21 atlas sshd[21747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.119 user=root Oct 6 06:28:22 atlas sshd[21747]: Failed password for root from 106.12.94.119 port 39454 ssh2 Oct 6 06:35:30 atlas sshd[23701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.119 user=root Oct 6 06:35:31 atlas sshd[23701]: Failed password for root from 106.12.94.119 port 53766 ssh2 Oct 6 06:38:58 atlas sshd[24369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.119 user=root	2020-10-06 22:04:24
106.12.94.119	attackbotsspam	Oct 5 15:07:08 UTC__SANYALnet-Labs__cac14 sshd[16087]: Connection from 106.12.94.119 port 45806 on 64.137.176.112 port 22 Oct 5 15:07:12 UTC__SANYALnet-Labs__cac14 sshd[16087]: User r.r from 106.12.94.119 not allowed because not listed in AllowUsers Oct 5 15:07:12 UTC__SANYALnet-Labs__cac14 sshd[16087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.119 user=r.r Oct 5 15:07:14 UTC__SANYALnet-Labs__cac14 sshd[16087]: Failed password for invalid user r.r from 106.12.94.119 port 45806 ssh2 Oct 5 15:07:15 UTC__SANYALnet-Labs__cac14 sshd[16087]: Received disconnect from 106.12.94.119: 11: Bye Bye [preauth] Oct 5 15:23:44 UTC__SANYALnet-Labs__cac14 sshd[16441]: Connection from 106.12.94.119 port 35906 on 64.137.176.112 port 22 Oct 5 15:23:47 UTC__SANYALnet-Labs__cac14 sshd[16441]: User r.r from 106.12.94.119 not allowed because not listed in AllowUsers Oct 5 15:23:47 UTC__SANYALnet-Labs__cac14 sshd[16441]: pam_unix(s........ -------------------------------	2020-10-06 13:48:12
106.12.94.65	attackspambots	Sep 26 17:54:31 vps-51d81928 sshd[398316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.65 user=root Sep 26 17:54:33 vps-51d81928 sshd[398316]: Failed password for root from 106.12.94.65 port 46898 ssh2 Sep 26 17:56:00 vps-51d81928 sshd[398343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.65 user=root Sep 26 17:56:02 vps-51d81928 sshd[398343]: Failed password for root from 106.12.94.65 port 38506 ssh2 Sep 26 17:56:43 vps-51d81928 sshd[398349]: Invalid user user2 from 106.12.94.65 port 48430 ...	2020-09-27 02:52:42
106.12.94.65	attackbotsspam	Invalid user yun from 106.12.94.65 port 54072	2020-09-26 18:49:32
106.12.94.186	attack	Aug 23 12:12:17 pornomens sshd\[18104\]: Invalid user igor from 106.12.94.186 port 50704 Aug 23 12:12:17 pornomens sshd\[18104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.186 Aug 23 12:12:20 pornomens sshd\[18104\]: Failed password for invalid user igor from 106.12.94.186 port 50704 ssh2 ...	2020-08-23 18:24:00
106.12.94.65	attackbotsspam	Aug 18 20:46:08 abendstille sshd\[23799\]: Invalid user admin from 106.12.94.65 Aug 18 20:46:08 abendstille sshd\[23799\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.65 Aug 18 20:46:10 abendstille sshd\[23799\]: Failed password for invalid user admin from 106.12.94.65 port 46954 ssh2 Aug 18 20:48:51 abendstille sshd\[26421\]: Invalid user wget from 106.12.94.65 Aug 18 20:48:51 abendstille sshd\[26421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.65 ...	2020-08-19 03:12:10
106.12.94.186	attackspambots	Aug 16 12:40:45 onepixel sshd[2394075]: Failed password for invalid user zd from 106.12.94.186 port 43794 ssh2 Aug 16 12:44:17 onepixel sshd[2396134]: Invalid user mew from 106.12.94.186 port 57894 Aug 16 12:44:17 onepixel sshd[2396134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.186 Aug 16 12:44:17 onepixel sshd[2396134]: Invalid user mew from 106.12.94.186 port 57894 Aug 16 12:44:19 onepixel sshd[2396134]: Failed password for invalid user mew from 106.12.94.186 port 57894 ssh2	2020-08-16 20:49:43
106.12.94.186	attackbotsspam	Aug 16 05:56:24 db sshd[21419]: User root from 106.12.94.186 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 13:35:41
106.12.94.186	attackspambots	Aug 16 01:29:16 hell sshd[11816]: Failed password for root from 106.12.94.186 port 43022 ssh2 ...	2020-08-16 07:52:30
106.12.94.65	attackbots	Aug 14 22:33:12 prod4 sshd\[21236\]: Failed password for root from 106.12.94.65 port 40266 ssh2 Aug 14 22:37:10 prod4 sshd\[22567\]: Failed password for root from 106.12.94.65 port 44656 ssh2 Aug 14 22:41:06 prod4 sshd\[23845\]: Failed password for root from 106.12.94.65 port 49052 ssh2 ...	2020-08-15 07:47:04
106.12.94.186	attack	Aug 12 16:09:20 OPSO sshd\[6117\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.186 user=root Aug 12 16:09:22 OPSO sshd\[6117\]: Failed password for root from 106.12.94.186 port 39282 ssh2 Aug 12 16:12:53 OPSO sshd\[6800\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.186 user=root Aug 12 16:12:55 OPSO sshd\[6800\]: Failed password for root from 106.12.94.186 port 46948 ssh2 Aug 12 16:16:27 OPSO sshd\[7530\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.186 user=root	2020-08-12 22:34:12

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.94.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20700
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.94.5.			IN	A

;; AUTHORITY SECTION:
.			583	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120902 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 10 05:08:18 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 5.94.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 5.94.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
123.235.36.26	attackspambots	Invalid user ian from 123.235.36.26 port 13753	2020-05-02 20:05:09
89.97.218.142	attack	May 2 10:36:36 *** sshd[7405]: Invalid user mri from 89.97.218.142	2020-05-02 19:59:35
167.71.137.237	attackbotsspam	Automatic report - XMLRPC Attack	2020-05-02 20:02:34
82.118.236.186	attack	SSH brutforce	2020-05-02 20:01:32
106.75.9.141	attackspam	invalid login attempt (suman)	2020-05-02 19:31:57
222.29.159.167	attackspam	May 2 13:39:54 sso sshd[18358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.29.159.167 May 2 13:39:56 sso sshd[18358]: Failed password for invalid user dip from 222.29.159.167 port 58504 ssh2 ...	2020-05-02 19:51:38
149.202.164.82	attackspam	SSH brute-force: detected 8 distinct usernames within a 24-hour window.	2020-05-02 19:52:24
104.244.75.104	attack	Port scan(s) denied	2020-05-02 19:43:32
37.17.170.140	attackspam	May 1 01:27:51 nxxxxxxx sshd[32388]: Invalid user daniel from 37.17.170.140 May 1 01:27:53 nxxxxxxx sshd[32388]: Failed password for invalid user daniel from 37.17.170.140 port 54080 ssh2 May 1 01:31:44 nxxxxxxx sshd[338]: Invalid user nicole from 37.17.170.140 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.17.170.140	2020-05-02 20:02:52
134.122.111.162	attackbots	Brute force SMTP login attempted. ...	2020-05-02 19:48:11
113.173.135.177	attack	2020-05-0205:46:551jUj78-0008IT-Ld\<=info@whatsup2013.chH=\(localhost\)[113.172.169.128]:53200P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3216id=8c6ec9c0cbe035c6e51bedbeb561587457bd07b235@whatsup2013.chT="Iamjustcrazyaboutyou"forkylemullins9796@gmail.comterrymendietta5@gmail.com2020-05-0205:44:201jUj4c-0008AY-Ex\<=info@whatsup2013.chH=\(localhost\)[113.173.53.163]:38213P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3144id=82e254070c270d05999c2a866195bfa3fe544a@whatsup2013.chT="I'mexcitedaboutyou"forhemjak1414@gmail.comghettodiego05@gmail.com2020-05-0205:43:571jUj4G-00088N-Sd\<=info@whatsup2013.chH=\(localhost\)[14.167.234.82]:48510P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3141id=8001b7e4efc4eee67a7fc96582765c407a8e63@whatsup2013.chT="Flymetothemoon"forvenuvallabha44@gmail.comdannyhicks1968dh@gmail.com2020-05-0205:43:431jUj43-00087R-6h\<=info@whatsup2013.chH=\(local	2020-05-02 19:54:50
14.188.1.21	attackbotsspam	1588391285 - 05/02/2020 05:48:05 Host: 14.188.1.21/14.188.1.21 Port: 445 TCP Blocked	2020-05-02 19:35:14
195.154.184.196	attackbotsspam	May 1 23:16:28 web9 sshd\[17862\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.154.184.196 user=root May 1 23:16:31 web9 sshd\[17862\]: Failed password for root from 195.154.184.196 port 51092 ssh2 May 1 23:20:07 web9 sshd\[18433\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.154.184.196 user=root May 1 23:20:09 web9 sshd\[18433\]: Failed password for root from 195.154.184.196 port 33526 ssh2 May 1 23:24:00 web9 sshd\[19016\]: Invalid user gittest from 195.154.184.196 May 1 23:24:00 web9 sshd\[19016\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.154.184.196	2020-05-02 19:41:45
101.78.209.39	attack	May 2 09:53:38 inter-technics sshd[28074]: Invalid user boomi from 101.78.209.39 port 41431 May 2 09:53:38 inter-technics sshd[28074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.209.39 May 2 09:53:38 inter-technics sshd[28074]: Invalid user boomi from 101.78.209.39 port 41431 May 2 09:53:41 inter-technics sshd[28074]: Failed password for invalid user boomi from 101.78.209.39 port 41431 ssh2 May 2 09:56:31 inter-technics sshd[28741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.209.39 user=root May 2 09:56:33 inter-technics sshd[28741]: Failed password for root from 101.78.209.39 port 59055 ssh2 ...	2020-05-02 19:53:22
118.25.55.180	attackbotsspam	Fail2Ban Ban Triggered	2020-05-02 19:51:26

最近上报的IP列表

31.36.160.243	207.144.153.224	191.75.3.4	241.56.66.0
131.139.233.14	187.4.116.173	31.170.225.172	240.13.13.61
237.247.246.39	71.167.6.81	223.16.151.204	193.218.52.219
115.49.179.204	188.108.156.41	180.176.110.7	167.234.199.62
111.162.2.48	96.23.16.213	158.83.139.178	82.116.74.56