106.12.8.103 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-05-13T06:01:20.940615homeassistant sshd[7854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.103 user=root 2020-05-13T06:01:23.160158homeassistant sshd[7854]: Failed password for root from 106.12.8.103 port 36162 ssh2 ...	2020-05-13 19:02:58

类型

评论内容

时间

attack

2020-05-13T06:01:20.940615homeassistant sshd[7854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.103  user=root
2020-05-13T06:01:23.160158homeassistant sshd[7854]: Failed password for root from 106.12.8.103 port 36162 ssh2
...

2020-05-13 19:02:58

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.84.29	attack	Oct 12 16:50:53 markkoudstaal sshd[29040]: Failed password for root from 106.12.84.29 port 46464 ssh2 Oct 12 16:53:44 markkoudstaal sshd[29757]: Failed password for root from 106.12.84.29 port 42012 ssh2 ...	2020-10-12 23:37:02
106.12.84.29	attackbots	Oct 12 00:29:14 abendstille sshd\[18747\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.84.29 user=root Oct 12 00:29:16 abendstille sshd\[18747\]: Failed password for root from 106.12.84.29 port 45312 ssh2 Oct 12 00:32:47 abendstille sshd\[22801\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.84.29 user=root Oct 12 00:32:49 abendstille sshd\[22801\]: Failed password for root from 106.12.84.29 port 41814 ssh2 Oct 12 00:36:24 abendstille sshd\[26804\]: Invalid user bryan from 106.12.84.29 Oct 12 00:36:24 abendstille sshd\[26804\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.84.29 ...	2020-10-12 15:00:36
106.12.89.154	attackbots	DATE:2020-10-11 14:15:13, IP:106.12.89.154, PORT:ssh SSH brute force auth (docker-dc)	2020-10-12 05:48:23
106.12.89.184	attackspambots	Oct 11 20:23:11 jane sshd[22754]: Failed password for root from 106.12.89.184 port 47058 ssh2 ...	2020-10-12 03:00:52
106.12.89.154	attack	DATE:2020-10-11 14:15:13, IP:106.12.89.154, PORT:ssh SSH brute force auth (docker-dc)	2020-10-11 21:55:26
106.12.89.184	attackspam	Oct 11 07:01:25 shivevps sshd[27144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.89.184 Oct 11 07:01:27 shivevps sshd[27144]: Failed password for invalid user mila from 106.12.89.184 port 42646 ssh2 Oct 11 07:05:39 shivevps sshd[27287]: Invalid user 1 from 106.12.89.184 port 41436 ...	2020-10-11 18:52:46
106.12.89.154	attack	Invalid user test from 106.12.89.154 port 55030	2020-10-11 13:52:36
106.12.89.154	attackbots	Fail2Ban Ban Triggered	2020-10-11 07:15:39
106.12.84.83	attackspam	Brute%20Force%20SSH	2020-10-11 03:18:34
106.12.84.83	attackspambots	Brute%20Force%20SSH	2020-10-10 19:09:32
106.12.8.149	attack	Oct 10 08:31:48 web1 sshd[20600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 user=root Oct 10 08:31:50 web1 sshd[20600]: Failed password for root from 106.12.8.149 port 38996 ssh2 Oct 10 08:37:19 web1 sshd[22542]: Invalid user download from 106.12.8.149 port 51856 Oct 10 08:37:19 web1 sshd[22542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 Oct 10 08:37:19 web1 sshd[22542]: Invalid user download from 106.12.8.149 port 51856 Oct 10 08:37:21 web1 sshd[22542]: Failed password for invalid user download from 106.12.8.149 port 51856 ssh2 Oct 10 08:41:20 web1 sshd[23876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 user=root Oct 10 08:41:22 web1 sshd[23876]: Failed password for root from 106.12.8.149 port 51950 ssh2 Oct 10 08:45:08 web1 sshd[25176]: Invalid user library1 from 106.12.8.149 port 52084 ...	2020-10-10 05:56:24
106.12.8.149	attackbots	Oct 9 00:34:20 srv-ubuntu-dev3 sshd[50251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 user=root Oct 9 00:34:22 srv-ubuntu-dev3 sshd[50251]: Failed password for root from 106.12.8.149 port 59108 ssh2 Oct 9 00:38:10 srv-ubuntu-dev3 sshd[50752]: Invalid user test from 106.12.8.149 Oct 9 00:38:10 srv-ubuntu-dev3 sshd[50752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 Oct 9 00:38:10 srv-ubuntu-dev3 sshd[50752]: Invalid user test from 106.12.8.149 Oct 9 00:38:12 srv-ubuntu-dev3 sshd[50752]: Failed password for invalid user test from 106.12.8.149 port 59314 ssh2 Oct 9 00:41:53 srv-ubuntu-dev3 sshd[51190]: Invalid user ts from 106.12.8.149 Oct 9 00:41:53 srv-ubuntu-dev3 sshd[51190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 Oct 9 00:41:53 srv-ubuntu-dev3 sshd[51190]: Invalid user ts from 106.12.8.149 Oct 9 00: ...	2020-10-09 22:02:51
106.12.8.149	attackbotsspam	Oct 9 00:34:20 srv-ubuntu-dev3 sshd[50251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 user=root Oct 9 00:34:22 srv-ubuntu-dev3 sshd[50251]: Failed password for root from 106.12.8.149 port 59108 ssh2 Oct 9 00:38:10 srv-ubuntu-dev3 sshd[50752]: Invalid user test from 106.12.8.149 Oct 9 00:38:10 srv-ubuntu-dev3 sshd[50752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 Oct 9 00:38:10 srv-ubuntu-dev3 sshd[50752]: Invalid user test from 106.12.8.149 Oct 9 00:38:12 srv-ubuntu-dev3 sshd[50752]: Failed password for invalid user test from 106.12.8.149 port 59314 ssh2 Oct 9 00:41:53 srv-ubuntu-dev3 sshd[51190]: Invalid user ts from 106.12.8.149 Oct 9 00:41:53 srv-ubuntu-dev3 sshd[51190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.8.149 Oct 9 00:41:53 srv-ubuntu-dev3 sshd[51190]: Invalid user ts from 106.12.8.149 Oct 9 00: ...	2020-10-09 13:53:24
106.12.84.33	attackbots	Oct 7 22:17:48 ourumov-web sshd\[810\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.84.33 user=root Oct 7 22:17:50 ourumov-web sshd\[810\]: Failed password for root from 106.12.84.33 port 41932 ssh2 Oct 7 22:27:54 ourumov-web sshd\[1500\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.84.33 user=root ...	2020-10-08 04:45:00
106.12.89.173	attackbots	(sshd) Failed SSH login from 106.12.89.173 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 7 12:24:15 server sshd[4283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.89.173 user=root Oct 7 12:24:17 server sshd[4283]: Failed password for root from 106.12.89.173 port 38736 ssh2 Oct 7 12:40:26 server sshd[8583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.89.173 user=root Oct 7 12:40:28 server sshd[8583]: Failed password for root from 106.12.89.173 port 59056 ssh2 Oct 7 12:44:31 server sshd[9562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.89.173 user=root	2020-10-08 01:23:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.8.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62572
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.8.103.			IN	A

;; AUTHORITY SECTION:
.			381	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051300 1800 900 604800 86400

;; Query time: 99 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 13 19:02:45 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 103.8.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 103.8.12.106.in-addr.arpa.: NXDOMAIN

IP	类型	评论内容	时间
190.140.132.250	attackspambots	Unauthorized connection attempt detected from IP address 190.140.132.250 to port 8081 [J]	2020-01-29 03:29:01
217.5.227.203	attack	Unauthorized connection attempt detected from IP address 217.5.227.203 to port 2220 [J]	2020-01-29 03:26:03
180.76.102.136	attack	Unauthorized connection attempt detected from IP address 180.76.102.136 to port 2220 [J]	2020-01-29 03:03:39
123.192.67.97	attackbots	Unauthorized connection attempt detected from IP address 123.192.67.97 to port 5555 [J]	2020-01-29 03:10:18
5.71.237.131	attackspam	Unauthorized connection attempt detected from IP address 5.71.237.131 to port 81 [J]	2020-01-29 02:58:34
119.237.131.199	attackbots	Unauthorized connection attempt detected from IP address 119.237.131.199 to port 5555 [J]	2020-01-29 03:38:41
85.234.30.66	attack	Unauthorized connection attempt detected from IP address 85.234.30.66 to port 23 [J]	2020-01-29 03:17:21
188.166.31.205	attack	Jan 28 09:24:32 eddieflores sshd\[8886\]: Invalid user sridatta from 188.166.31.205 Jan 28 09:24:32 eddieflores sshd\[8886\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.31.205 Jan 28 09:24:34 eddieflores sshd\[8886\]: Failed password for invalid user sridatta from 188.166.31.205 port 55012 ssh2 Jan 28 09:27:44 eddieflores sshd\[9310\]: Invalid user pushpak from 188.166.31.205 Jan 28 09:27:44 eddieflores sshd\[9310\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.31.205	2020-01-29 03:29:57
188.191.7.20	attackspam	Unauthorized connection attempt detected from IP address 188.191.7.20 to port 5555 [J]	2020-01-29 03:29:36
220.133.79.1	attackspambots	Unauthorized connection attempt detected from IP address 220.133.79.1 to port 81 [J]	2020-01-29 02:59:40
177.124.179.223	attackspambots	Unauthorized connection attempt detected from IP address 177.124.179.223 to port 2220 [J]	2020-01-29 03:33:13
186.179.253.232	attackbots	Unauthorized connection attempt detected from IP address 186.179.253.232 to port 23 [J]	2020-01-29 03:02:07
123.124.71.106	attackbotsspam	Unauthorized connection attempt detected from IP address 123.124.71.106 to port 1433 [J]	2020-01-29 03:37:48
176.119.234.112	attack	Unauthorized connection attempt detected from IP address 176.119.234.112 to port 23 [J]	2020-01-29 03:34:03
2.179.111.222	attackspambots	Unauthorized connection attempt detected from IP address 2.179.111.222 to port 23 [J]	2020-01-29 03:23:43

最近上报的IP列表

186.46.73.249	91.218.98.212	104.168.202.239	109.104.241.62
92.86.118.153	64.225.19.225	202.62.13.222	59.127.185.182
118.173.230.61	157.245.141.209	36.82.99.23	51.235.113.163
101.51.220.129	61.216.68.12	125.167.13.107	238.44.161.184
183.89.211.13	3.124.204.251	117.6.85.152	188.68.232.22