106.12.20.3 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 6 16:54:53 santamaria sshd\[1811\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 user=root Aug 6 16:54:54 santamaria sshd\[1811\]: Failed password for root from 106.12.20.3 port 53426 ssh2 Aug 6 16:59:32 santamaria sshd\[1838\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 user=root ...	2020-08-07 00:50:01
attackspambots	Aug 6 07:56:21 [host] sshd[8793]: pam_unix(sshd:a Aug 6 07:56:23 [host] sshd[8793]: Failed password Aug 6 07:59:29 [host] sshd[8843]: pam_unix(sshd:a	2020-08-06 15:12:05
attackspam	Aug 4 21:58:42 lukav-desktop sshd\[11348\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 user=root Aug 4 21:58:44 lukav-desktop sshd\[11348\]: Failed password for root from 106.12.20.3 port 34590 ssh2 Aug 4 22:02:43 lukav-desktop sshd\[11387\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 user=root Aug 4 22:02:45 lukav-desktop sshd\[11387\]: Failed password for root from 106.12.20.3 port 34932 ssh2 Aug 4 22:06:57 lukav-desktop sshd\[24210\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 user=root	2020-08-05 05:03:27
attackbots	Jul 14 08:48:05 sip sshd[934611]: Invalid user helpdesk from 106.12.20.3 port 48190 Jul 14 08:48:06 sip sshd[934611]: Failed password for invalid user helpdesk from 106.12.20.3 port 48190 ssh2 Jul 14 08:51:21 sip sshd[934685]: Invalid user wch from 106.12.20.3 port 55968 ...	2020-07-14 15:27:17
attackbotsspam	Jul 12 16:25:27 pkdns2 sshd\[26843\]: Invalid user arias from 106.12.20.3Jul 12 16:25:28 pkdns2 sshd\[26843\]: Failed password for invalid user arias from 106.12.20.3 port 53644 ssh2Jul 12 16:28:41 pkdns2 sshd\[26992\]: Invalid user oura from 106.12.20.3Jul 12 16:28:43 pkdns2 sshd\[26992\]: Failed password for invalid user oura from 106.12.20.3 port 56604 ssh2Jul 12 16:31:45 pkdns2 sshd\[27170\]: Invalid user wangyw from 106.12.20.3Jul 12 16:31:47 pkdns2 sshd\[27170\]: Failed password for invalid user wangyw from 106.12.20.3 port 59566 ssh2 ...	2020-07-12 23:18:04
attack	Jul 3 04:18:08 lnxded63 sshd[29786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 Jul 3 04:18:08 lnxded63 sshd[29786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 Jul 3 04:18:10 lnxded63 sshd[29786]: Failed password for invalid user deploy from 106.12.20.3 port 37378 ssh2	2020-07-03 20:35:23
attack	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-05-28 22:33:43
attackspam	Invalid user joh from 106.12.20.3 port 58580	2020-05-28 06:22:07
attackspam	May 27 12:54:58 cdc sshd[25152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 user=root May 27 12:54:59 cdc sshd[25152]: Failed password for invalid user root from 106.12.20.3 port 50438 ssh2	2020-05-27 22:19:24
attackspambots	May 11 06:32:33 piServer sshd[2619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 May 11 06:32:35 piServer sshd[2619]: Failed password for invalid user superman from 106.12.20.3 port 34238 ssh2 May 11 06:35:36 piServer sshd[3013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 ...	2020-05-11 12:47:14
attackbots	SSH Invalid Login	2020-04-25 08:24:58
attack	SSH Authentication Attempts Exceeded	2020-04-21 14:24:24
attackbotsspam	Apr 17 22:41:44 tuotantolaitos sshd[1390]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 Apr 17 22:41:45 tuotantolaitos sshd[1390]: Failed password for invalid user ubuntu from 106.12.20.3 port 42248 ssh2 ...	2020-04-18 03:58:48

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.20.195	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-10-14 01:58:18
106.12.20.195	attackspambots	ET SCAN NMAP -sS window 1024	2020-10-13 17:11:09
106.12.206.3	attack	2020-10-11T18:28:41.446763abusebot-4.cloudsearch.cf sshd[809]: Invalid user dev from 106.12.206.3 port 43810 2020-10-11T18:28:41.452994abusebot-4.cloudsearch.cf sshd[809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.3 2020-10-11T18:28:41.446763abusebot-4.cloudsearch.cf sshd[809]: Invalid user dev from 106.12.206.3 port 43810 2020-10-11T18:28:43.722313abusebot-4.cloudsearch.cf sshd[809]: Failed password for invalid user dev from 106.12.206.3 port 43810 ssh2 2020-10-11T18:32:30.086648abusebot-4.cloudsearch.cf sshd[856]: Invalid user dev from 106.12.206.3 port 38066 2020-10-11T18:32:30.092646abusebot-4.cloudsearch.cf sshd[856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.3 2020-10-11T18:32:30.086648abusebot-4.cloudsearch.cf sshd[856]: Invalid user dev from 106.12.206.3 port 38066 2020-10-11T18:32:32.467190abusebot-4.cloudsearch.cf sshd[856]: Failed password for invalid user dev fr ...	2020-10-12 05:40:35
106.12.206.3	attack	Oct 11 15:08:42 marvibiene sshd[19158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.3 Oct 11 15:08:43 marvibiene sshd[19158]: Failed password for invalid user ftp from 106.12.206.3 port 55496 ssh2	2020-10-11 21:47:23
106.12.206.3	attackbots	Brute-force attempt banned	2020-10-11 13:44:15
106.12.206.3	attackspambots	Oct 11 00:51:26 * sshd[9011]: Failed password for root from 106.12.206.3 port 34016 ssh2	2020-10-11 07:07:48
106.12.205.108	attack	[f2b] sshd bruteforce, retries: 1	2020-10-10 06:42:10
106.12.202.192	attack	Oct 9 21:59:20 ns382633 sshd\[2843\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 user=root Oct 9 21:59:22 ns382633 sshd\[2843\]: Failed password for root from 106.12.202.192 port 48834 ssh2 Oct 9 22:02:13 ns382633 sshd\[3050\]: Invalid user shaun from 106.12.202.192 port 43654 Oct 9 22:02:13 ns382633 sshd\[3050\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 Oct 9 22:02:15 ns382633 sshd\[3050\]: Failed password for invalid user shaun from 106.12.202.192 port 43654 ssh2	2020-10-10 05:50:56
106.12.207.236	attack	SSH_scan	2020-10-10 01:21:59
106.12.205.108	attack	[f2b] sshd bruteforce, retries: 1	2020-10-09 22:55:22
106.12.202.192	attackspambots	(sshd) Failed SSH login from 106.12.202.192 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 8 22:43:43 server sshd[27075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 user=root Oct 8 22:43:45 server sshd[27075]: Failed password for root from 106.12.202.192 port 45190 ssh2 Oct 8 22:47:26 server sshd[27543]: Invalid user system from 106.12.202.192 Oct 8 22:47:26 server sshd[27543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 Oct 8 22:47:28 server sshd[27543]: Failed password for invalid user system from 106.12.202.192 port 46584 ssh2	2020-10-09 21:57:37
106.12.205.108	attackbotsspam	SSH Brute-Force Attack	2020-10-09 14:45:29
106.12.202.192	attackspambots	(sshd) Failed SSH login from 106.12.202.192 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 8 22:43:43 server sshd[27075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 user=root Oct 8 22:43:45 server sshd[27075]: Failed password for root from 106.12.202.192 port 45190 ssh2 Oct 8 22:47:26 server sshd[27543]: Invalid user system from 106.12.202.192 Oct 8 22:47:26 server sshd[27543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 Oct 8 22:47:28 server sshd[27543]: Failed password for invalid user system from 106.12.202.192 port 46584 ssh2	2020-10-09 13:48:11
106.12.208.175	attack	"Remote Command Execution: Direct Unix Command Execution - Matched Data: echo found within ARGS:b4dboy: echo \x22xbshell\x22;"	2020-10-07 05:52:03
106.12.208.175	attackspam	"Remote Command Execution: Direct Unix Command Execution - Matched Data: echo found within ARGS:b4dboy: echo \x22xbshell\x22;"	2020-10-06 22:03:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.20.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50757
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.20.3.			IN	A

;; AUTHORITY SECTION:
.			153	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041702 1800 900 604800 86400

;; Query time: 84 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 18 03:58:44 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 3.20.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 3.20.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
37.209.40.219	attackbots	May 5 18:00:12 internal-server-tf sshd\[3328\]: Invalid user pi from 37.209.40.219May 5 18:00:12 internal-server-tf sshd\[3330\]: Invalid user pi from 37.209.40.219 ...	2020-05-06 03:27:34
90.189.117.121	attackspambots	2020-05-05T13:56:13.0280041495-001 sshd[41671]: Invalid user tidb from 90.189.117.121 port 40742 2020-05-05T13:56:15.3250511495-001 sshd[41671]: Failed password for invalid user tidb from 90.189.117.121 port 40742 ssh2 2020-05-05T14:03:45.4486651495-001 sshd[42010]: Invalid user admin123 from 90.189.117.121 port 48606 2020-05-05T14:03:45.4559821495-001 sshd[42010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.189.117.121 2020-05-05T14:03:45.4486651495-001 sshd[42010]: Invalid user admin123 from 90.189.117.121 port 48606 2020-05-05T14:03:47.1315791495-001 sshd[42010]: Failed password for invalid user admin123 from 90.189.117.121 port 48606 ssh2 ...	2020-05-06 03:23:04
5.9.13.171	attackspam	[portscan] Port scan	2020-05-06 03:21:26
106.12.31.99	attackbotsspam	May 5 15:10:30 ny01 sshd[21908]: Failed password for root from 106.12.31.99 port 39750 ssh2 May 5 15:15:27 ny01 sshd[22515]: Failed password for root from 106.12.31.99 port 47164 ssh2	2020-05-06 03:34:13
185.118.48.206	attack	May 6 00:18:41 gw1 sshd[21047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.118.48.206 May 6 00:18:43 gw1 sshd[21047]: Failed password for invalid user ec2-user from 185.118.48.206 port 32816 ssh2 ...	2020-05-06 03:23:51
88.12.135.244	attack	Automatic report - Port Scan Attack	2020-05-06 03:49:54
51.15.46.184	attackbots	2020-05-05T21:01:48.587573vps773228.ovh.net sshd[26958]: Invalid user po7dev from 51.15.46.184 port 38122 2020-05-05T21:01:50.441268vps773228.ovh.net sshd[26958]: Failed password for invalid user po7dev from 51.15.46.184 port 38122 ssh2 2020-05-05T21:05:20.227847vps773228.ovh.net sshd[27073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.46.184 user=root 2020-05-05T21:05:21.827674vps773228.ovh.net sshd[27073]: Failed password for root from 51.15.46.184 port 45724 ssh2 2020-05-05T21:08:58.305045vps773228.ovh.net sshd[27121]: Invalid user zlj from 51.15.46.184 port 53320 ...	2020-05-06 03:24:04
185.50.149.3	attackspam	Apr 14 20:19:00 WHD8 postfix/smtpd\[100364\]: warning: unknown\[185.50.149.3\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 14 20:19:00 WHD8 postfix/smtpd\[100362\]: warning: unknown\[185.50.149.3\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 14 20:19:03 WHD8 postfix/smtpd\[100366\]: warning: unknown\[185.50.149.3\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-05-06 03:56:14
35.202.44.49	attack	May 5 18:24:24 game-panel sshd[8889]: Failed password for root from 35.202.44.49 port 58340 ssh2 May 5 18:28:19 game-panel sshd[9053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.202.44.49 May 5 18:28:21 game-panel sshd[9053]: Failed password for invalid user cs16 from 35.202.44.49 port 42694 ssh2	2020-05-06 03:21:13
114.67.113.90	attackbots	May 5 21:20:01 haigwepa sshd[11764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.113.90 May 5 21:20:03 haigwepa sshd[11764]: Failed password for invalid user test3 from 114.67.113.90 port 41737 ssh2 ...	2020-05-06 03:43:37
217.133.58.148	attackspam	May 5 19:52:22 Ubuntu-1404-trusty-64-minimal sshd\[27037\]: Invalid user usu from 217.133.58.148 May 5 19:52:22 Ubuntu-1404-trusty-64-minimal sshd\[27037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.133.58.148 May 5 19:52:24 Ubuntu-1404-trusty-64-minimal sshd\[27037\]: Failed password for invalid user usu from 217.133.58.148 port 58103 ssh2 May 5 19:56:32 Ubuntu-1404-trusty-64-minimal sshd\[28841\]: Invalid user manu from 217.133.58.148 May 5 19:56:32 Ubuntu-1404-trusty-64-minimal sshd\[28841\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.133.58.148	2020-05-06 03:35:36
195.54.167.17	attackbots	May 5 20:26:00 debian-2gb-nbg1-2 kernel: \[10962053.469458\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.167.17 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=23332 PROTO=TCP SPT=43468 DPT=28470 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-06 03:44:51
193.35.48.51	attackbotsspam	Feb 14 11:46:55 WHD8 postfix/smtpd\[24316\]: warning: unknown\[193.35.48.51\]: SASL PLAIN authentication failed: Feb 14 11:47:20 WHD8 postfix/smtpd\[24345\]: warning: unknown\[193.35.48.51\]: SASL PLAIN authentication failed: Feb 14 19:56:03 WHD8 postfix/smtpd\[92542\]: warning: unknown\[193.35.48.51\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 14 19:56:26 WHD8 postfix/smtpd\[94152\]: warning: unknown\[193.35.48.51\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 14 20:38:00 WHD8 postfix/smtpd\[98934\]: warning: unknown\[193.35.48.51\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 14 20:38:25 WHD8 postfix/smtpd\[98934\]: warning: unknown\[193.35.48.51\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 14 20:38:53 WHD8 postfix/smtpd\[96099\]: warning: unknown\[193.35.48.51\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 14 20:39:14 WHD8 postfix/smtpd\[99904\]: warning: unknown\[193.35.48.51\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 14 21:13:26 WH ...	2020-05-06 03:53:53
185.50.149.8	attack	Apr 28 22:47:02 WHD8 postfix/smtpd\[44048\]: warning: unknown\[185.50.149.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 28 22:50:16 WHD8 postfix/smtpd\[44044\]: warning: unknown\[185.50.149.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 28 22:50:46 WHD8 postfix/smtpd\[44012\]: warning: unknown\[185.50.149.8\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-05-06 03:54:59
218.92.0.178	attack	May 5 21:32:10 mellenthin sshd[27813]: Failed none for invalid user root from 218.92.0.178 port 39055 ssh2 May 5 21:32:11 mellenthin sshd[27813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.178 user=root	2020-05-06 03:44:28

最近上报的IP列表

122.51.93.233	195.81.99.10	195.154.176.103	37.49.230.141
142.93.132.119	34.87.63.134	184.161.92.167	50.236.44.26
16.88.89.213	80.211.53.68	27.34.6.128	40.132.4.75
28.83.236.254	49.235.216.127	128.199.72.96	124.65.181.78
13.65.201.223	125.219.48.53	216.245.195.18	222.247.5.68