106.12.20.195 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-10-14 01:58:18
attackspambots	ET SCAN NMAP -sS window 1024	2020-10-13 17:11:09
attackspambots	2020-09-02T11:00:41.687567mail.broermann.family sshd[29369]: Invalid user vbox from 106.12.20.195 port 48104 2020-09-02T11:00:41.693057mail.broermann.family sshd[29369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.195 2020-09-02T11:00:41.687567mail.broermann.family sshd[29369]: Invalid user vbox from 106.12.20.195 port 48104 2020-09-02T11:00:43.642534mail.broermann.family sshd[29369]: Failed password for invalid user vbox from 106.12.20.195 port 48104 ssh2 2020-09-02T11:05:11.278356mail.broermann.family sshd[29596]: Invalid user xavier from 106.12.20.195 port 55654 ...	2020-09-02 23:11:56
attackspam	Invalid user lxl from 106.12.20.195 port 43572	2020-09-02 14:49:35
attackspam	Sep 2 08:03:57 NG-HHDC-SVS-001 sshd[8927]: Invalid user dines from 106.12.20.195 ...	2020-09-02 07:50:58
attack	SSH Brute-force	2020-08-23 04:38:33
attackspam	$f2bV_matches	2020-08-19 14:13:05

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.206.3	attack	2020-10-11T18:28:41.446763abusebot-4.cloudsearch.cf sshd[809]: Invalid user dev from 106.12.206.3 port 43810 2020-10-11T18:28:41.452994abusebot-4.cloudsearch.cf sshd[809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.3 2020-10-11T18:28:41.446763abusebot-4.cloudsearch.cf sshd[809]: Invalid user dev from 106.12.206.3 port 43810 2020-10-11T18:28:43.722313abusebot-4.cloudsearch.cf sshd[809]: Failed password for invalid user dev from 106.12.206.3 port 43810 ssh2 2020-10-11T18:32:30.086648abusebot-4.cloudsearch.cf sshd[856]: Invalid user dev from 106.12.206.3 port 38066 2020-10-11T18:32:30.092646abusebot-4.cloudsearch.cf sshd[856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.3 2020-10-11T18:32:30.086648abusebot-4.cloudsearch.cf sshd[856]: Invalid user dev from 106.12.206.3 port 38066 2020-10-11T18:32:32.467190abusebot-4.cloudsearch.cf sshd[856]: Failed password for invalid user dev fr ...	2020-10-12 05:40:35
106.12.206.3	attack	Oct 11 15:08:42 marvibiene sshd[19158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.3 Oct 11 15:08:43 marvibiene sshd[19158]: Failed password for invalid user ftp from 106.12.206.3 port 55496 ssh2	2020-10-11 21:47:23
106.12.206.3	attackbots	Brute-force attempt banned	2020-10-11 13:44:15
106.12.206.3	attackspambots	Oct 11 00:51:26 * sshd[9011]: Failed password for root from 106.12.206.3 port 34016 ssh2	2020-10-11 07:07:48
106.12.205.108	attack	[f2b] sshd bruteforce, retries: 1	2020-10-10 06:42:10
106.12.202.192	attack	Oct 9 21:59:20 ns382633 sshd\[2843\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 user=root Oct 9 21:59:22 ns382633 sshd\[2843\]: Failed password for root from 106.12.202.192 port 48834 ssh2 Oct 9 22:02:13 ns382633 sshd\[3050\]: Invalid user shaun from 106.12.202.192 port 43654 Oct 9 22:02:13 ns382633 sshd\[3050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 Oct 9 22:02:15 ns382633 sshd\[3050\]: Failed password for invalid user shaun from 106.12.202.192 port 43654 ssh2	2020-10-10 05:50:56
106.12.207.236	attack	SSH_scan	2020-10-10 01:21:59
106.12.205.108	attack	[f2b] sshd bruteforce, retries: 1	2020-10-09 22:55:22
106.12.202.192	attackspambots	(sshd) Failed SSH login from 106.12.202.192 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 8 22:43:43 server sshd[27075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 user=root Oct 8 22:43:45 server sshd[27075]: Failed password for root from 106.12.202.192 port 45190 ssh2 Oct 8 22:47:26 server sshd[27543]: Invalid user system from 106.12.202.192 Oct 8 22:47:26 server sshd[27543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 Oct 8 22:47:28 server sshd[27543]: Failed password for invalid user system from 106.12.202.192 port 46584 ssh2	2020-10-09 21:57:37
106.12.205.108	attackbotsspam	SSH Brute-Force Attack	2020-10-09 14:45:29
106.12.202.192	attackspambots	(sshd) Failed SSH login from 106.12.202.192 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 8 22:43:43 server sshd[27075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 user=root Oct 8 22:43:45 server sshd[27075]: Failed password for root from 106.12.202.192 port 45190 ssh2 Oct 8 22:47:26 server sshd[27543]: Invalid user system from 106.12.202.192 Oct 8 22:47:26 server sshd[27543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 Oct 8 22:47:28 server sshd[27543]: Failed password for invalid user system from 106.12.202.192 port 46584 ssh2	2020-10-09 13:48:11
106.12.208.175	attack	"Remote Command Execution: Direct Unix Command Execution - Matched Data: echo found within ARGS:b4dboy: echo \x22xbshell\x22;"	2020-10-07 05:52:03
106.12.208.175	attackspam	"Remote Command Execution: Direct Unix Command Execution - Matched Data: echo found within ARGS:b4dboy: echo \x22xbshell\x22;"	2020-10-06 22:03:58
106.12.208.175	attack	"Remote Command Execution: Direct Unix Command Execution - Matched Data: echo found within ARGS:b4dboy: echo \x22xbshell\x22;"	2020-10-06 13:47:39
106.12.202.119	attackspambots	IP blocked	2020-10-06 02:30:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.20.195
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19146
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.20.195.			IN	A

;; AUTHORITY SECTION:
.			301	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081802 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 19 14:12:58 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 195.20.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 195.20.12.106.in-addr.arpa.: NXDOMAIN

IP	类型	评论内容	时间
89.38.145.205	attack	SSH Bruteforce	2019-07-03 12:27:16
117.3.68.201	attack	445/tcp 445/tcp 445/tcp... [2019-06-11/07-03]4pkt,1pt.(tcp)	2019-07-03 12:35:25
209.141.47.26	attackspam	Reported by AbuseIPDB proxy server.	2019-07-03 12:48:18
41.141.250.244	attackspam	$f2bV_matches	2019-07-03 12:32:10
203.177.95.59	attack	445/tcp 445/tcp 445/tcp [2019-05-03/07-03]3pkt	2019-07-03 12:58:41
31.220.0.225	attackbotsspam	Brute SSH	2019-07-03 12:44:18
61.19.108.118	attackspambots	445/tcp 445/tcp 445/tcp... [2019-05-04/07-03]30pkt,1pt.(tcp)	2019-07-03 12:24:33
173.254.194.15	attackbotsspam	445/tcp 445/tcp 445/tcp... [2019-05-05/07-03]19pkt,1pt.(tcp)	2019-07-03 12:49:04
180.242.27.191	attack	Web App Attack	2019-07-03 12:18:17
27.72.157.18	attackbotsspam	445/tcp 445/tcp 445/tcp... [2019-06-25/07-03]4pkt,1pt.(tcp)	2019-07-03 12:42:55
128.199.133.249	attackbotsspam	Jul 3 03:55:51 work-partkepr sshd\[9025\]: Invalid user rfielding from 128.199.133.249 port 40481 Jul 3 03:55:51 work-partkepr sshd\[9025\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.133.249 ...	2019-07-03 12:42:24
168.187.46.189	attackbotsspam	445/tcp 445/tcp 445/tcp... [2019-05-07/07-03]10pkt,1pt.(tcp)	2019-07-03 12:29:48
94.182.191.23	attackspam	Jul 2 16:57:51 Ubuntu-1404-trusty-64-minimal sshd\[5962\]: Invalid user clamav from 94.182.191.23 Jul 2 16:57:51 Ubuntu-1404-trusty-64-minimal sshd\[5962\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.182.191.23 Jul 2 16:57:53 Ubuntu-1404-trusty-64-minimal sshd\[5962\]: Failed password for invalid user clamav from 94.182.191.23 port 40532 ssh2 Jul 3 05:56:23 Ubuntu-1404-trusty-64-minimal sshd\[24083\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.182.191.23 user=root Jul 3 05:56:26 Ubuntu-1404-trusty-64-minimal sshd\[24083\]: Failed password for root from 94.182.191.23 port 53230 ssh2	2019-07-03 12:20:18
113.141.64.224	attack	445/tcp 445/tcp 445/tcp... [2019-05-05/07-03]18pkt,1pt.(tcp)	2019-07-03 12:32:32
139.59.74.143	attackspam	Jul 3 06:16:58 core01 sshd\[2662\]: Invalid user celia from 139.59.74.143 port 44206 Jul 3 06:16:58 core01 sshd\[2662\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.74.143 ...	2019-07-03 12:40:29

最近上报的IP列表

217.65.137.188	146.238.148.230	61.80.22.44	69.152.128.42
161.35.119.161	30.234.14.124	125.214.50.55	83.138.195.158
188.166.226.25	34.141.241.41	172.81.239.224	51.15.107.145
182.161.66.219	133.46.67.137	1.55.167.73	10.169.1.255
181.46.124.48	111.241.174.228	5.205.232.90	107.175.158.13