106.12.20.3 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 6 16:54:53 santamaria sshd\[1811\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 user=root Aug 6 16:54:54 santamaria sshd\[1811\]: Failed password for root from 106.12.20.3 port 53426 ssh2 Aug 6 16:59:32 santamaria sshd\[1838\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 user=root ...	2020-08-07 00:50:01
attackspambots	Aug 6 07:56:21 [host] sshd[8793]: pam_unix(sshd:a Aug 6 07:56:23 [host] sshd[8793]: Failed password Aug 6 07:59:29 [host] sshd[8843]: pam_unix(sshd:a	2020-08-06 15:12:05
attackspam	Aug 4 21:58:42 lukav-desktop sshd\[11348\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 user=root Aug 4 21:58:44 lukav-desktop sshd\[11348\]: Failed password for root from 106.12.20.3 port 34590 ssh2 Aug 4 22:02:43 lukav-desktop sshd\[11387\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 user=root Aug 4 22:02:45 lukav-desktop sshd\[11387\]: Failed password for root from 106.12.20.3 port 34932 ssh2 Aug 4 22:06:57 lukav-desktop sshd\[24210\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 user=root	2020-08-05 05:03:27
attackbots	Jul 14 08:48:05 sip sshd[934611]: Invalid user helpdesk from 106.12.20.3 port 48190 Jul 14 08:48:06 sip sshd[934611]: Failed password for invalid user helpdesk from 106.12.20.3 port 48190 ssh2 Jul 14 08:51:21 sip sshd[934685]: Invalid user wch from 106.12.20.3 port 55968 ...	2020-07-14 15:27:17
attackbotsspam	Jul 12 16:25:27 pkdns2 sshd\[26843\]: Invalid user arias from 106.12.20.3Jul 12 16:25:28 pkdns2 sshd\[26843\]: Failed password for invalid user arias from 106.12.20.3 port 53644 ssh2Jul 12 16:28:41 pkdns2 sshd\[26992\]: Invalid user oura from 106.12.20.3Jul 12 16:28:43 pkdns2 sshd\[26992\]: Failed password for invalid user oura from 106.12.20.3 port 56604 ssh2Jul 12 16:31:45 pkdns2 sshd\[27170\]: Invalid user wangyw from 106.12.20.3Jul 12 16:31:47 pkdns2 sshd\[27170\]: Failed password for invalid user wangyw from 106.12.20.3 port 59566 ssh2 ...	2020-07-12 23:18:04
attack	Jul 3 04:18:08 lnxded63 sshd[29786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 Jul 3 04:18:08 lnxded63 sshd[29786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 Jul 3 04:18:10 lnxded63 sshd[29786]: Failed password for invalid user deploy from 106.12.20.3 port 37378 ssh2	2020-07-03 20:35:23
attack	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-05-28 22:33:43
attackspam	Invalid user joh from 106.12.20.3 port 58580	2020-05-28 06:22:07
attackspam	May 27 12:54:58 cdc sshd[25152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 user=root May 27 12:54:59 cdc sshd[25152]: Failed password for invalid user root from 106.12.20.3 port 50438 ssh2	2020-05-27 22:19:24
attackspambots	May 11 06:32:33 piServer sshd[2619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 May 11 06:32:35 piServer sshd[2619]: Failed password for invalid user superman from 106.12.20.3 port 34238 ssh2 May 11 06:35:36 piServer sshd[3013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 ...	2020-05-11 12:47:14
attackbots	SSH Invalid Login	2020-04-25 08:24:58
attack	SSH Authentication Attempts Exceeded	2020-04-21 14:24:24
attackbotsspam	Apr 17 22:41:44 tuotantolaitos sshd[1390]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 Apr 17 22:41:45 tuotantolaitos sshd[1390]: Failed password for invalid user ubuntu from 106.12.20.3 port 42248 ssh2 ...	2020-04-18 03:58:48

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.20.195	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-10-14 01:58:18
106.12.20.195	attackspambots	ET SCAN NMAP -sS window 1024	2020-10-13 17:11:09
106.12.206.3	attack	2020-10-11T18:28:41.446763abusebot-4.cloudsearch.cf sshd[809]: Invalid user dev from 106.12.206.3 port 43810 2020-10-11T18:28:41.452994abusebot-4.cloudsearch.cf sshd[809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.3 2020-10-11T18:28:41.446763abusebot-4.cloudsearch.cf sshd[809]: Invalid user dev from 106.12.206.3 port 43810 2020-10-11T18:28:43.722313abusebot-4.cloudsearch.cf sshd[809]: Failed password for invalid user dev from 106.12.206.3 port 43810 ssh2 2020-10-11T18:32:30.086648abusebot-4.cloudsearch.cf sshd[856]: Invalid user dev from 106.12.206.3 port 38066 2020-10-11T18:32:30.092646abusebot-4.cloudsearch.cf sshd[856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.3 2020-10-11T18:32:30.086648abusebot-4.cloudsearch.cf sshd[856]: Invalid user dev from 106.12.206.3 port 38066 2020-10-11T18:32:32.467190abusebot-4.cloudsearch.cf sshd[856]: Failed password for invalid user dev fr ...	2020-10-12 05:40:35
106.12.206.3	attack	Oct 11 15:08:42 marvibiene sshd[19158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.3 Oct 11 15:08:43 marvibiene sshd[19158]: Failed password for invalid user ftp from 106.12.206.3 port 55496 ssh2	2020-10-11 21:47:23
106.12.206.3	attackbots	Brute-force attempt banned	2020-10-11 13:44:15
106.12.206.3	attackspambots	Oct 11 00:51:26 * sshd[9011]: Failed password for root from 106.12.206.3 port 34016 ssh2	2020-10-11 07:07:48
106.12.205.108	attack	[f2b] sshd bruteforce, retries: 1	2020-10-10 06:42:10
106.12.202.192	attack	Oct 9 21:59:20 ns382633 sshd\[2843\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 user=root Oct 9 21:59:22 ns382633 sshd\[2843\]: Failed password for root from 106.12.202.192 port 48834 ssh2 Oct 9 22:02:13 ns382633 sshd\[3050\]: Invalid user shaun from 106.12.202.192 port 43654 Oct 9 22:02:13 ns382633 sshd\[3050\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 Oct 9 22:02:15 ns382633 sshd\[3050\]: Failed password for invalid user shaun from 106.12.202.192 port 43654 ssh2	2020-10-10 05:50:56
106.12.207.236	attack	SSH_scan	2020-10-10 01:21:59
106.12.205.108	attack	[f2b] sshd bruteforce, retries: 1	2020-10-09 22:55:22
106.12.202.192	attackspambots	(sshd) Failed SSH login from 106.12.202.192 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 8 22:43:43 server sshd[27075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 user=root Oct 8 22:43:45 server sshd[27075]: Failed password for root from 106.12.202.192 port 45190 ssh2 Oct 8 22:47:26 server sshd[27543]: Invalid user system from 106.12.202.192 Oct 8 22:47:26 server sshd[27543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 Oct 8 22:47:28 server sshd[27543]: Failed password for invalid user system from 106.12.202.192 port 46584 ssh2	2020-10-09 21:57:37
106.12.205.108	attackbotsspam	SSH Brute-Force Attack	2020-10-09 14:45:29
106.12.202.192	attackspambots	(sshd) Failed SSH login from 106.12.202.192 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 8 22:43:43 server sshd[27075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 user=root Oct 8 22:43:45 server sshd[27075]: Failed password for root from 106.12.202.192 port 45190 ssh2 Oct 8 22:47:26 server sshd[27543]: Invalid user system from 106.12.202.192 Oct 8 22:47:26 server sshd[27543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 Oct 8 22:47:28 server sshd[27543]: Failed password for invalid user system from 106.12.202.192 port 46584 ssh2	2020-10-09 13:48:11
106.12.208.175	attack	"Remote Command Execution: Direct Unix Command Execution - Matched Data: echo found within ARGS:b4dboy: echo \x22xbshell\x22;"	2020-10-07 05:52:03
106.12.208.175	attackspam	"Remote Command Execution: Direct Unix Command Execution - Matched Data: echo found within ARGS:b4dboy: echo \x22xbshell\x22;"	2020-10-06 22:03:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.20.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50757
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.20.3.			IN	A

;; AUTHORITY SECTION:
.			153	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041702 1800 900 604800 86400

;; Query time: 84 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 18 03:58:44 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 3.20.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 3.20.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
46.105.244.17	attackbots	web-1 [ssh] SSH Attack	2019-11-13 08:09:08
58.87.92.153	attackbots	Nov 13 01:10:20 dedicated sshd[3488]: Invalid user tokend from 58.87.92.153 port 36704	2019-11-13 08:15:57
205.211.166.7	attackspam	Nov 13 01:17:13 pkdns2 sshd\[24201\]: Invalid user virna from 205.211.166.7Nov 13 01:17:15 pkdns2 sshd\[24201\]: Failed password for invalid user virna from 205.211.166.7 port 56074 ssh2Nov 13 01:20:50 pkdns2 sshd\[24364\]: Invalid user tchen from 205.211.166.7Nov 13 01:20:52 pkdns2 sshd\[24364\]: Failed password for invalid user tchen from 205.211.166.7 port 36456 ssh2Nov 13 01:24:20 pkdns2 sshd\[24504\]: Invalid user testwww123 from 205.211.166.7Nov 13 01:24:22 pkdns2 sshd\[24504\]: Failed password for invalid user testwww123 from 205.211.166.7 port 45070 ssh2 ...	2019-11-13 07:49:03
39.98.160.133	attack	3389BruteforceFW23	2019-11-13 07:51:26
185.176.27.246	attackbots	11/13/2019-00:40:56.193745 185.176.27.246 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-13 08:11:51
78.90.67.126	attackbotsspam	Nov 13 01:03:16 arianus sshd\[12630\]: Invalid user admin from 78.90.67.126 port 56298 ...	2019-11-13 08:17:23
211.174.227.230	attack	Nov 13 04:34:24 vibhu-HP-Z238-Microtower-Workstation sshd\[12926\]: Invalid user wolin from 211.174.227.230 Nov 13 04:34:24 vibhu-HP-Z238-Microtower-Workstation sshd\[12926\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.174.227.230 Nov 13 04:34:26 vibhu-HP-Z238-Microtower-Workstation sshd\[12926\]: Failed password for invalid user wolin from 211.174.227.230 port 42626 ssh2 Nov 13 04:38:46 vibhu-HP-Z238-Microtower-Workstation sshd\[13158\]: Invalid user sonatine from 211.174.227.230 Nov 13 04:38:46 vibhu-HP-Z238-Microtower-Workstation sshd\[13158\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.174.227.230 ...	2019-11-13 08:02:11
193.77.216.143	attack	Nov 13 03:35:18 gw1 sshd[28691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.77.216.143 Nov 13 03:35:20 gw1 sshd[28691]: Failed password for invalid user server from 193.77.216.143 port 41566 ssh2 ...	2019-11-13 07:47:40
142.93.174.47	attack	Nov 13 00:51:48 SilenceServices sshd[12952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.174.47 Nov 13 00:51:50 SilenceServices sshd[12952]: Failed password for invalid user XIAOXIAO123!@# from 142.93.174.47 port 43004 ssh2 Nov 13 00:55:20 SilenceServices sshd[16603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.174.47	2019-11-13 08:20:12
89.109.23.190	attack	Nov 12 13:47:03 sachi sshd\[19356\]: Invalid user tester from 89.109.23.190 Nov 12 13:47:03 sachi sshd\[19356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.109.23.190 Nov 12 13:47:05 sachi sshd\[19356\]: Failed password for invalid user tester from 89.109.23.190 port 33356 ssh2 Nov 12 13:50:58 sachi sshd\[19668\]: Invalid user alex from 89.109.23.190 Nov 12 13:50:58 sachi sshd\[19668\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.109.23.190	2019-11-13 07:52:27
62.74.228.118	attack	Nov 13 01:03:27 srv-ubuntu-dev3 sshd[44112]: Invalid user stura from 62.74.228.118 Nov 13 01:03:27 srv-ubuntu-dev3 sshd[44112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.74.228.118 Nov 13 01:03:27 srv-ubuntu-dev3 sshd[44112]: Invalid user stura from 62.74.228.118 Nov 13 01:03:29 srv-ubuntu-dev3 sshd[44112]: Failed password for invalid user stura from 62.74.228.118 port 42766 ssh2 Nov 13 01:07:49 srv-ubuntu-dev3 sshd[44467]: Invalid user foehl from 62.74.228.118 Nov 13 01:07:49 srv-ubuntu-dev3 sshd[44467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.74.228.118 Nov 13 01:07:49 srv-ubuntu-dev3 sshd[44467]: Invalid user foehl from 62.74.228.118 Nov 13 01:07:51 srv-ubuntu-dev3 sshd[44467]: Failed password for invalid user foehl from 62.74.228.118 port 51420 ssh2 Nov 13 01:12:29 srv-ubuntu-dev3 sshd[44966]: Invalid user guest222 from 62.74.228.118 ...	2019-11-13 08:15:44
124.41.240.149	attackspam	Automatic report - Banned IP Access	2019-11-13 08:13:27
183.247.214.197	attackspambots	" "	2019-11-13 07:57:37
69.70.67.146	attack	Nov 12 23:14:48 venus sshd\[24146\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.70.67.146 user=root Nov 12 23:14:49 venus sshd\[24146\]: Failed password for root from 69.70.67.146 port 58771 ssh2 Nov 12 23:18:05 venus sshd\[24185\]: Invalid user anthony from 69.70.67.146 port 22512 ...	2019-11-13 07:49:31
46.38.144.179	attackbotsspam	2019-11-13T00:38:51.051771mail01 postfix/smtpd[19451]: warning: unknown[46.38.144.179]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-13T00:38:58.054757mail01 postfix/smtpd[6985]: warning: unknown[46.38.144.179]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-13T00:39:14.078258mail01 postfix/smtpd[19491]: warning: unknown[46.38.144.179]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-13 07:41:17

最近上报的IP列表

122.51.93.233	195.81.99.10	195.154.176.103	37.49.230.141
142.93.132.119	34.87.63.134	184.161.92.167	50.236.44.26
16.88.89.213	80.211.53.68	27.34.6.128	40.132.4.75
28.83.236.254	49.235.216.127	128.199.72.96	124.65.181.78
13.65.201.223	125.219.48.53	216.245.195.18	222.247.5.68