106.12.10.103 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jul 14 09:17:43 webhost01 sshd[31952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.103 Jul 14 09:17:45 webhost01 sshd[31952]: Failed password for invalid user test from 106.12.10.103 port 45890 ssh2 ...	2019-07-14 10:23:44
attackbotsspam	Jul 12 10:46:51 ip-172-31-1-72 sshd\[19745\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.103 user=root Jul 12 10:46:53 ip-172-31-1-72 sshd\[19745\]: Failed password for root from 106.12.10.103 port 33264 ssh2 Jul 12 10:49:55 ip-172-31-1-72 sshd\[19817\]: Invalid user developer from 106.12.10.103 Jul 12 10:49:55 ip-172-31-1-72 sshd\[19817\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.103 Jul 12 10:49:57 ip-172-31-1-72 sshd\[19817\]: Failed password for invalid user developer from 106.12.10.103 port 59894 ssh2	2019-07-12 20:19:07

类型

评论内容

时间

attack

Jul 14 09:17:43 webhost01 sshd[31952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.103
Jul 14 09:17:45 webhost01 sshd[31952]: Failed password for invalid user test from 106.12.10.103 port 45890 ssh2
...

2019-07-14 10:23:44

attackbotsspam

Jul 12 10:46:51 ip-172-31-1-72 sshd\[19745\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.103  user=root
Jul 12 10:46:53 ip-172-31-1-72 sshd\[19745\]: Failed password for root from 106.12.10.103 port 33264 ssh2
Jul 12 10:49:55 ip-172-31-1-72 sshd\[19817\]: Invalid user developer from 106.12.10.103
Jul 12 10:49:55 ip-172-31-1-72 sshd\[19817\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.103
Jul 12 10:49:57 ip-172-31-1-72 sshd\[19817\]: Failed password for invalid user developer from 106.12.10.103 port 59894 ssh2

2019-07-12 20:19:07

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.100.206	attackspam	SSH Brute Force	2020-10-14 05:58:54
106.12.105.130	attack	Oct 13 04:30:10 icinga sshd[23130]: Failed password for root from 106.12.105.130 port 37780 ssh2 Oct 13 04:36:25 icinga sshd[32721]: Failed password for root from 106.12.105.130 port 49692 ssh2 ...	2020-10-13 14:12:41
106.12.105.130	attackspam	Oct 13 04:08:30 mx sshd[1404596]: Failed password for root from 106.12.105.130 port 40144 ssh2 Oct 13 04:12:08 mx sshd[1404724]: Invalid user bind from 106.12.105.130 port 42846 Oct 13 04:12:08 mx sshd[1404724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.105.130 Oct 13 04:12:08 mx sshd[1404724]: Invalid user bind from 106.12.105.130 port 42846 Oct 13 04:12:10 mx sshd[1404724]: Failed password for invalid user bind from 106.12.105.130 port 42846 ssh2 ...	2020-10-13 06:55:25
106.12.102.54	attack	2020-10-11T21:51:51+0200 Failed SSH Authentication/Brute Force Attack. (Server 4)	2020-10-12 04:53:46
106.12.102.54	attackspambots	Oct 11 09:51:57 buvik sshd[14859]: Invalid user oracle from 106.12.102.54 Oct 11 09:51:57 buvik sshd[14859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.102.54 Oct 11 09:51:59 buvik sshd[14859]: Failed password for invalid user oracle from 106.12.102.54 port 37852 ssh2 ...	2020-10-11 20:58:15
106.12.102.54	attack	$f2bV_matches	2020-10-11 12:54:32
106.12.102.54	attackspambots	Invalid user mike from 106.12.102.54 port 49028	2020-10-11 06:17:28
106.12.10.21	attack	5x Failed Password	2020-10-11 00:32:24
106.12.10.21	attackspam	Oct 10 06:23:43 sshd\[15654\]: Invalid user informix from 106.12.10.21Oct 10 06:23:45 sshd\[15654\]: Failed password for invalid user informix from 106.12.10.21 port 59834 ssh2 ...	2020-10-10 16:20:16
106.12.100.206	attackspam	$f2bV_matches	2020-10-10 02:34:31
106.12.100.206	attackbots	(sshd) Failed SSH login from 106.12.100.206 (CN/China/-): 5 in the last 3600 secs	2020-10-09 18:19:41
106.12.108.170	attackspam	firewall-block, port(s): 3838/tcp	2020-10-09 04:25:26
106.12.108.170	attack	firewall-block, port(s): 3838/tcp	2020-10-08 20:34:38
106.12.108.170	attackspambots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-08 12:30:50
106.12.108.170	attackspambots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-08 07:52:13

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.10.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22690
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.10.103.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 07 07:04:28 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 103.10.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 103.10.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
68.183.48.172	attack	Unauthorized connection attempt detected from IP address 68.183.48.172 to port 2220 [J]	2020-01-05 17:01:27
69.162.68.54	attack	Mar 12 06:29:56 vpn sshd[7791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.162.68.54 Mar 12 06:29:58 vpn sshd[7791]: Failed password for invalid user cacti from 69.162.68.54 port 41442 ssh2 Mar 12 06:35:06 vpn sshd[7809]: Failed password for root from 69.162.68.54 port 50678 ssh2	2020-01-05 16:38:40
68.183.31.11	attack	Nov 20 17:26:54 vpn sshd[3719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.11 Nov 20 17:26:55 vpn sshd[3719]: Failed password for invalid user ts3 from 68.183.31.11 port 43958 ssh2 Nov 20 17:34:46 vpn sshd[3740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.11	2020-01-05 17:03:03
69.247.144.228	attackbotsspam	Mar 16 07:15:47 vpn sshd[1131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.247.144.228 Mar 16 07:15:49 vpn sshd[1131]: Failed password for invalid user ubnt from 69.247.144.228 port 50716 ssh2 Mar 16 07:15:50 vpn sshd[1131]: Failed password for invalid user ubnt from 69.247.144.228 port 50716 ssh2 Mar 16 07:15:53 vpn sshd[1131]: Failed password for invalid user ubnt from 69.247.144.228 port 50716 ssh2	2020-01-05 16:31:41
193.112.44.102	attackspam	Unauthorized connection attempt detected from IP address 193.112.44.102 to port 2220 [J]	2020-01-05 17:00:20
69.142.92.134	attackbots	Jan 25 23:12:45 vpn sshd[9543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.142.92.134 Jan 25 23:12:47 vpn sshd[9543]: Failed password for invalid user sonya from 69.142.92.134 port 53304 ssh2 Jan 25 23:17:25 vpn sshd[9551]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.142.92.134	2020-01-05 16:40:26
69.236.120.97	attackbotsspam	Mar 3 00:13:01 vpn sshd[21473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.236.120.97 Mar 3 00:13:03 vpn sshd[21473]: Failed password for invalid user ym from 69.236.120.97 port 43890 ssh2 Mar 3 00:18:53 vpn sshd[21493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.236.120.97	2020-01-05 16:32:14
187.188.169.123	attackbotsspam	Unauthorized connection attempt detected from IP address 187.188.169.123 to port 2220 [J]	2020-01-05 16:48:30
69.129.193.239	attackbotsspam	Dec 18 04:50:17 vpn sshd[24040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.129.193.239 Dec 18 04:50:17 vpn sshd[24042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.129.193.239 Dec 18 04:50:19 vpn sshd[24040]: Failed password for invalid user pi from 69.129.193.239 port 54988 ssh2	2020-01-05 16:43:30
68.183.93.55	attackbotsspam	Feb 26 01:43:02 vpn sshd[22170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.93.55 Feb 26 01:43:04 vpn sshd[22170]: Failed password for invalid user ubnt from 68.183.93.55 port 34624 ssh2 Feb 26 01:50:09 vpn sshd[22188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.93.55	2020-01-05 16:53:49
69.1.50.243	attack	Mar 18 02:54:50 vpn sshd[31166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.1.50.243 user=root Mar 18 02:54:52 vpn sshd[31166]: Failed password for root from 69.1.50.243 port 47768 ssh2 Mar 18 02:54:55 vpn sshd[31166]: Failed password for root from 69.1.50.243 port 47768 ssh2 Mar 18 02:55:03 vpn sshd[31167]: Invalid user admin from 69.1.50.243 Mar 18 02:55:03 vpn sshd[31167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.1.50.243	2020-01-05 16:44:22
68.183.239.207	attackspambots	Dec 24 08:56:14 vpn sshd[23874]: Failed password for mysql from 68.183.239.207 port 49380 ssh2 Dec 24 09:01:03 vpn sshd[23913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.239.207 Dec 24 09:01:04 vpn sshd[23913]: Failed password for invalid user site02 from 68.183.239.207 port 42308 ssh2	2020-01-05 17:02:30
69.51.13.243	attackspam	Mar 21 03:04:49 vpn sshd[1125]: Failed password for root from 69.51.13.243 port 41592 ssh2 Mar 21 03:09:13 vpn sshd[1133]: Failed password for root from 69.51.13.243 port 46676 ssh2	2020-01-05 16:28:34
63.143.53.138	attackbots	\[2020-01-05 04:01:49\] NOTICE\[2839\] chan_sip.c: Registration from '"444" \' failed for '63.143.53.138:5432' - Wrong password \[2020-01-05 04:01:49\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-01-05T04:01:49.562-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="444",SessionID="0x7f0fb447f838",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/63.143.53.138/5432",Challenge="6ff0eb8f",ReceivedChallenge="6ff0eb8f",ReceivedHash="c66642aefdfcbc36807e3729c91f65a8" \[2020-01-05 04:01:49\] NOTICE\[2839\] chan_sip.c: Registration from '"444" \' failed for '63.143.53.138:5432' - Wrong password \[2020-01-05 04:01:49\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-01-05T04:01:49.638-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="444",SessionID="0x7f0fb4073278",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/63.1	2020-01-05 17:02:12
45.125.66.18	attackspam	Rude login attack (2 tries in 1d)	2020-01-05 16:41:49

最近上报的IP列表

138.186.23.1	185.210.244.88	103.111.29.58	213.60.147.139
125.89.95.133	36.91.50.251	190.254.23.187	118.25.44.66
217.147.25.170	192.241.220.228	188.131.179.44	92.252.241.30
118.68.34.204	138.204.122.14	98.153.109.186	194.56.72.6
73.149.230.85	120.5.137.28	191.255.66.122	189.161.235.59