106.12.212.103

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-05-02 14:08:12,002 fail2ban.actions [1093]: NOTICE [sshd] Ban 106.12.212.103 2020-05-02 14:44:17,720 fail2ban.actions [1093]: NOTICE [sshd] Ban 106.12.212.103 2020-05-02 15:18:16,047 fail2ban.actions [1093]: NOTICE [sshd] Ban 106.12.212.103 2020-05-02 15:51:28,717 fail2ban.actions [1093]: NOTICE [sshd] Ban 106.12.212.103 2020-05-02 16:28:53,164 fail2ban.actions [1093]: NOTICE [sshd] Ban 106.12.212.103 ...	2020-05-03 00:45:26

类型

评论内容

时间

attack

2020-05-02 14:08:12,002 fail2ban.actions        [1093]: NOTICE  [sshd] Ban 106.12.212.103
2020-05-02 14:44:17,720 fail2ban.actions        [1093]: NOTICE  [sshd] Ban 106.12.212.103
2020-05-02 15:18:16,047 fail2ban.actions        [1093]: NOTICE  [sshd] Ban 106.12.212.103
2020-05-02 15:51:28,717 fail2ban.actions        [1093]: NOTICE  [sshd] Ban 106.12.212.103
2020-05-02 16:28:53,164 fail2ban.actions        [1093]: NOTICE  [sshd] Ban 106.12.212.103
...

2020-05-03 00:45:26

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.212.89	attack	s2.hscode.pl - SSH Attack	2020-10-06 08:21:03
106.12.212.89	attackspambots	prod11 ...	2020-10-06 00:47:49
106.12.212.89	attackspam	Oct 5 09:40:03 ns382633 sshd\[26693\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.212.89 user=root Oct 5 09:40:04 ns382633 sshd\[26693\]: Failed password for root from 106.12.212.89 port 39068 ssh2 Oct 5 09:51:47 ns382633 sshd\[28234\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.212.89 user=root Oct 5 09:51:49 ns382633 sshd\[28234\]: Failed password for root from 106.12.212.89 port 43452 ssh2 Oct 5 09:55:26 ns382633 sshd\[28712\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.212.89 user=root	2020-10-05 16:46:55
106.12.212.89	attack	2020-09-30T19:10:56.688105abusebot-5.cloudsearch.cf sshd[10231]: Invalid user torrent from 106.12.212.89 port 36548 2020-09-30T19:10:56.695150abusebot-5.cloudsearch.cf sshd[10231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.212.89 2020-09-30T19:10:56.688105abusebot-5.cloudsearch.cf sshd[10231]: Invalid user torrent from 106.12.212.89 port 36548 2020-09-30T19:10:58.273162abusebot-5.cloudsearch.cf sshd[10231]: Failed password for invalid user torrent from 106.12.212.89 port 36548 ssh2 2020-09-30T19:15:22.553994abusebot-5.cloudsearch.cf sshd[10333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.212.89 user=root 2020-09-30T19:15:24.648979abusebot-5.cloudsearch.cf sshd[10333]: Failed password for root from 106.12.212.89 port 38440 ssh2 2020-09-30T19:19:25.503675abusebot-5.cloudsearch.cf sshd[10441]: Invalid user alice from 106.12.212.89 port 40326 ...	2020-10-01 04:42:56
106.12.212.89	attackspambots	Invalid user admin from 106.12.212.89 port 57300	2020-09-30 20:56:35
106.12.212.89	attack	Invalid user admin from 106.12.212.89 port 57300	2020-09-30 13:25:13
106.12.212.100	attackspambots	2020-09-21T09:18:26.617665vps773228.ovh.net sshd[20473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.212.100 user=root 2020-09-21T09:18:29.094302vps773228.ovh.net sshd[20473]: Failed password for root from 106.12.212.100 port 41940 ssh2 2020-09-21T09:23:10.090657vps773228.ovh.net sshd[20503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.212.100 user=root 2020-09-21T09:23:11.889856vps773228.ovh.net sshd[20503]: Failed password for root from 106.12.212.100 port 44840 ssh2 2020-09-21T09:27:56.123120vps773228.ovh.net sshd[20533]: Invalid user ftp_user from 106.12.212.100 port 47774 ...	2020-09-21 22:32:47
106.12.212.100	attackspambots	2020-09-21T08:03:51.427552vps773228.ovh.net sshd[19909]: Failed password for invalid user xguest from 106.12.212.100 port 51700 ssh2 2020-09-21T08:08:34.384230vps773228.ovh.net sshd[19965]: Invalid user nate from 106.12.212.100 port 54660 2020-09-21T08:08:34.400909vps773228.ovh.net sshd[19965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.212.100 2020-09-21T08:08:34.384230vps773228.ovh.net sshd[19965]: Invalid user nate from 106.12.212.100 port 54660 2020-09-21T08:08:36.390970vps773228.ovh.net sshd[19965]: Failed password for invalid user nate from 106.12.212.100 port 54660 ssh2 ...	2020-09-21 14:18:47
106.12.212.100	attackspam	Sep 20 17:52:51 ny01 sshd[27741]: Failed password for root from 106.12.212.100 port 60694 ssh2 Sep 20 17:57:00 ny01 sshd[28567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.212.100 Sep 20 17:57:02 ny01 sshd[28567]: Failed password for invalid user ftp_user from 106.12.212.100 port 37674 ssh2	2020-09-21 06:09:11
106.12.212.100	attackspam	SSH auth scanning - multiple failed logins	2020-09-07 16:28:08
106.12.212.100	attackspambots	SSH brute force	2020-09-07 08:52:05
106.12.212.89	attackspam	Aug 31 16:56:11 abendstille sshd\[17684\]: Invalid user www from 106.12.212.89 Aug 31 16:56:11 abendstille sshd\[17684\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.212.89 Aug 31 16:56:14 abendstille sshd\[17684\]: Failed password for invalid user www from 106.12.212.89 port 58512 ssh2 Aug 31 16:59:26 abendstille sshd\[20574\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.212.89 user=root Aug 31 16:59:28 abendstille sshd\[20574\]: Failed password for root from 106.12.212.89 port 33394 ssh2 ...	2020-09-01 00:16:21
106.12.212.100	attack	2020-08-31T03:58:18.874445shield sshd\[25942\]: Invalid user test from 106.12.212.100 port 39672 2020-08-31T03:58:18.943586shield sshd\[25942\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.212.100 2020-08-31T03:58:20.745876shield sshd\[25942\]: Failed password for invalid user test from 106.12.212.100 port 39672 ssh2 2020-08-31T04:00:46.951827shield sshd\[26185\]: Invalid user uftp from 106.12.212.100 port 40298 2020-08-31T04:00:46.959576shield sshd\[26185\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.212.100	2020-08-31 20:03:49
106.12.212.100	attackbotsspam	Invalid user mjt from 106.12.212.100 port 42348	2020-08-23 06:05:24
106.12.212.89	attack	Aug 20 10:42:46 itv-usvr-01 sshd[3822]: Invalid user brainy from 106.12.212.89 Aug 20 10:42:46 itv-usvr-01 sshd[3822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.212.89 Aug 20 10:42:46 itv-usvr-01 sshd[3822]: Invalid user brainy from 106.12.212.89 Aug 20 10:42:49 itv-usvr-01 sshd[3822]: Failed password for invalid user brainy from 106.12.212.89 port 40330 ssh2 Aug 20 10:52:20 itv-usvr-01 sshd[4233]: Invalid user teste from 106.12.212.89	2020-08-20 15:13:33

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.212.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41565
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.212.103.			IN	A

;; AUTHORITY SECTION:
.			404	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050200 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 03 00:45:14 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 103.212.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 103.212.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
116.237.76.200	attack	Apr 19 14:08:25 vpn01 sshd[29112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.237.76.200 Apr 19 14:08:27 vpn01 sshd[29112]: Failed password for invalid user postgres from 116.237.76.200 port 52208 ssh2 ...	2020-04-20 01:01:36
178.62.79.227	attackbots	Apr 19 15:47:37 ovpn sshd\[14142\]: Invalid user aa from 178.62.79.227 Apr 19 15:47:37 ovpn sshd\[14142\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.79.227 Apr 19 15:47:39 ovpn sshd\[14142\]: Failed password for invalid user aa from 178.62.79.227 port 47492 ssh2 Apr 19 16:02:07 ovpn sshd\[17494\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.79.227 user=root Apr 19 16:02:09 ovpn sshd\[17494\]: Failed password for root from 178.62.79.227 port 43108 ssh2	2020-04-20 00:43:22
45.148.122.101	attack	22 attempts against mh_ha-misbehave-ban on maple	2020-04-20 00:27:47
171.243.0.112	attackspam	Unauthorized connection attempt from IP address 171.243.0.112 on Port 445(SMB)	2020-04-20 00:46:32
113.188.160.132	attackbotsspam	Unauthorized connection attempt from IP address 113.188.160.132 on Port 445(SMB)	2020-04-20 00:52:19
51.141.99.198	attackbots	Brute-force attempt banned	2020-04-20 00:36:14
202.171.77.167	attack	(imapd) Failed IMAP login from 202.171.77.167 (NC/New Caledonia/202-171-77-167.h14.canl.nc): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 19 18:24:05 ir1 dovecot[566034]: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=202.171.77.167, lip=5.63.12.44, TLS: Connection closed, session=	2020-04-20 00:59:15
176.31.170.245	attack	Apr 19 18:07:32 prox sshd[22662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.170.245 Apr 19 18:07:34 prox sshd[22662]: Failed password for invalid user sn from 176.31.170.245 port 51814 ssh2	2020-04-20 00:36:47
189.170.205.198	attack	Unauthorized connection attempt from IP address 189.170.205.198 on Port 445(SMB)	2020-04-20 01:01:06
52.156.152.50	attackbotsspam	2020-04-19T13:45:05.749553v22018076590370373 sshd[32481]: Invalid user ubuntu from 52.156.152.50 port 34044 2020-04-19T13:45:05.757200v22018076590370373 sshd[32481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.156.152.50 2020-04-19T13:45:05.749553v22018076590370373 sshd[32481]: Invalid user ubuntu from 52.156.152.50 port 34044 2020-04-19T13:45:08.263039v22018076590370373 sshd[32481]: Failed password for invalid user ubuntu from 52.156.152.50 port 34044 ssh2 2020-04-19T14:01:08.007042v22018076590370373 sshd[9969]: Invalid user wn from 52.156.152.50 port 57418 ...	2020-04-20 00:58:34
115.114.27.25	attackspam	SSH Brute-Force Attack	2020-04-20 00:37:01
124.6.177.250	attackbotsspam	Unauthorized connection attempt from IP address 124.6.177.250 on Port 445(SMB)	2020-04-20 00:56:23
180.249.144.131	attackspam	Unauthorized connection attempt from IP address 180.249.144.131 on Port 445(SMB)	2020-04-20 00:28:09
45.222.74.230	attackspambots	Automatic report - Port Scan Attack	2020-04-20 00:31:34
185.216.140.252	attackbots	04/19/2020-11:20:43.330465 185.216.140.252 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-04-20 00:35:28

最近上报的IP列表

113.23.79.227	39.41.52.11	80.15.71.48	113.85.20.239
217.199.140.254	162.243.136.115	109.42.3.191	14.115.28.209
101.50.1.232	91.121.117.102	113.254.164.135	36.90.164.225
104.144.123.162	138.185.125.251	118.68.119.0	92.86.142.134
109.235.107.130	83.198.158.135	31.209.21.17	92.134.237.107