106.12.20.195 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-10-14 01:58:18
attackspambots	ET SCAN NMAP -sS window 1024	2020-10-13 17:11:09
attackspambots	2020-09-02T11:00:41.687567mail.broermann.family sshd[29369]: Invalid user vbox from 106.12.20.195 port 48104 2020-09-02T11:00:41.693057mail.broermann.family sshd[29369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.195 2020-09-02T11:00:41.687567mail.broermann.family sshd[29369]: Invalid user vbox from 106.12.20.195 port 48104 2020-09-02T11:00:43.642534mail.broermann.family sshd[29369]: Failed password for invalid user vbox from 106.12.20.195 port 48104 ssh2 2020-09-02T11:05:11.278356mail.broermann.family sshd[29596]: Invalid user xavier from 106.12.20.195 port 55654 ...	2020-09-02 23:11:56
attackspam	Invalid user lxl from 106.12.20.195 port 43572	2020-09-02 14:49:35
attackspam	Sep 2 08:03:57 NG-HHDC-SVS-001 sshd[8927]: Invalid user dines from 106.12.20.195 ...	2020-09-02 07:50:58
attack	SSH Brute-force	2020-08-23 04:38:33
attackspam	$f2bV_matches	2020-08-19 14:13:05

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.206.3	attack	2020-10-11T18:28:41.446763abusebot-4.cloudsearch.cf sshd[809]: Invalid user dev from 106.12.206.3 port 43810 2020-10-11T18:28:41.452994abusebot-4.cloudsearch.cf sshd[809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.3 2020-10-11T18:28:41.446763abusebot-4.cloudsearch.cf sshd[809]: Invalid user dev from 106.12.206.3 port 43810 2020-10-11T18:28:43.722313abusebot-4.cloudsearch.cf sshd[809]: Failed password for invalid user dev from 106.12.206.3 port 43810 ssh2 2020-10-11T18:32:30.086648abusebot-4.cloudsearch.cf sshd[856]: Invalid user dev from 106.12.206.3 port 38066 2020-10-11T18:32:30.092646abusebot-4.cloudsearch.cf sshd[856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.3 2020-10-11T18:32:30.086648abusebot-4.cloudsearch.cf sshd[856]: Invalid user dev from 106.12.206.3 port 38066 2020-10-11T18:32:32.467190abusebot-4.cloudsearch.cf sshd[856]: Failed password for invalid user dev fr ...	2020-10-12 05:40:35
106.12.206.3	attack	Oct 11 15:08:42 marvibiene sshd[19158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.3 Oct 11 15:08:43 marvibiene sshd[19158]: Failed password for invalid user ftp from 106.12.206.3 port 55496 ssh2	2020-10-11 21:47:23
106.12.206.3	attackbots	Brute-force attempt banned	2020-10-11 13:44:15
106.12.206.3	attackspambots	Oct 11 00:51:26 * sshd[9011]: Failed password for root from 106.12.206.3 port 34016 ssh2	2020-10-11 07:07:48
106.12.205.108	attack	[f2b] sshd bruteforce, retries: 1	2020-10-10 06:42:10
106.12.202.192	attack	Oct 9 21:59:20 ns382633 sshd\[2843\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 user=root Oct 9 21:59:22 ns382633 sshd\[2843\]: Failed password for root from 106.12.202.192 port 48834 ssh2 Oct 9 22:02:13 ns382633 sshd\[3050\]: Invalid user shaun from 106.12.202.192 port 43654 Oct 9 22:02:13 ns382633 sshd\[3050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 Oct 9 22:02:15 ns382633 sshd\[3050\]: Failed password for invalid user shaun from 106.12.202.192 port 43654 ssh2	2020-10-10 05:50:56
106.12.207.236	attack	SSH_scan	2020-10-10 01:21:59
106.12.205.108	attack	[f2b] sshd bruteforce, retries: 1	2020-10-09 22:55:22
106.12.202.192	attackspambots	(sshd) Failed SSH login from 106.12.202.192 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 8 22:43:43 server sshd[27075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 user=root Oct 8 22:43:45 server sshd[27075]: Failed password for root from 106.12.202.192 port 45190 ssh2 Oct 8 22:47:26 server sshd[27543]: Invalid user system from 106.12.202.192 Oct 8 22:47:26 server sshd[27543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 Oct 8 22:47:28 server sshd[27543]: Failed password for invalid user system from 106.12.202.192 port 46584 ssh2	2020-10-09 21:57:37
106.12.205.108	attackbotsspam	SSH Brute-Force Attack	2020-10-09 14:45:29
106.12.202.192	attackspambots	(sshd) Failed SSH login from 106.12.202.192 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 8 22:43:43 server sshd[27075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 user=root Oct 8 22:43:45 server sshd[27075]: Failed password for root from 106.12.202.192 port 45190 ssh2 Oct 8 22:47:26 server sshd[27543]: Invalid user system from 106.12.202.192 Oct 8 22:47:26 server sshd[27543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 Oct 8 22:47:28 server sshd[27543]: Failed password for invalid user system from 106.12.202.192 port 46584 ssh2	2020-10-09 13:48:11
106.12.208.175	attack	"Remote Command Execution: Direct Unix Command Execution - Matched Data: echo found within ARGS:b4dboy: echo \x22xbshell\x22;"	2020-10-07 05:52:03
106.12.208.175	attackspam	"Remote Command Execution: Direct Unix Command Execution - Matched Data: echo found within ARGS:b4dboy: echo \x22xbshell\x22;"	2020-10-06 22:03:58
106.12.208.175	attack	"Remote Command Execution: Direct Unix Command Execution - Matched Data: echo found within ARGS:b4dboy: echo \x22xbshell\x22;"	2020-10-06 13:47:39
106.12.202.119	attackspambots	IP blocked	2020-10-06 02:30:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.20.195
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19146
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.20.195.			IN	A

;; AUTHORITY SECTION:
.			301	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081802 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 19 14:12:58 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 195.20.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 195.20.12.106.in-addr.arpa.: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
27.109.137.135	attackspam	Scan detected and blocked 2020.03.08 22:32:34	2020-03-09 06:55:48
46.161.27.150	attackspam	03/08/2020-18:52:44.475958 46.161.27.150 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 44	2020-03-09 07:22:29
157.245.198.83	attack	8545/tcp 8545/tcp 8545/tcp... [2020-01-08/03-08]246pkt,1pt.(tcp)	2020-03-09 07:31:30
49.83.118.97	attackspambots	suspicious action Sun, 08 Mar 2020 18:32:09 -0300	2020-03-09 07:15:47
35.196.8.137	attackbots	$f2bV_matches	2020-03-09 07:09:55
106.13.125.84	attackspambots	Mar 9 00:32:09 lukav-desktop sshd\[24421\]: Invalid user yang from 106.13.125.84 Mar 9 00:32:09 lukav-desktop sshd\[24421\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.125.84 Mar 9 00:32:11 lukav-desktop sshd\[24421\]: Failed password for invalid user yang from 106.13.125.84 port 40398 ssh2 Mar 9 00:34:19 lukav-desktop sshd\[24437\]: Invalid user ftpuser from 106.13.125.84 Mar 9 00:34:19 lukav-desktop sshd\[24437\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.125.84	2020-03-09 07:18:24
51.178.82.214	attack	php WP PHPmyadamin ABUSE blocked for 12h	2020-03-09 07:21:14
120.70.103.27	attackbotsspam	Mar 8 12:12:30 tdfoods sshd\[3096\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.103.27 user=root Mar 8 12:12:31 tdfoods sshd\[3096\]: Failed password for root from 120.70.103.27 port 35367 ssh2 Mar 8 12:16:08 tdfoods sshd\[3387\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.103.27 user=root Mar 8 12:16:10 tdfoods sshd\[3387\]: Failed password for root from 120.70.103.27 port 35287 ssh2 Mar 8 12:19:51 tdfoods sshd\[3684\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.103.27 user=root	2020-03-09 07:11:08
122.51.83.175	attackspambots	SASL PLAIN auth failed: ruser=...	2020-03-09 07:15:05
112.126.100.76	attack	Mar 8 22:32:02 ns41 sshd[24672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.126.100.76	2020-03-09 07:19:35
91.212.38.226	attack	91.212.38.226 was recorded 8 times by 7 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 8, 34, 85	2020-03-09 06:57:21
192.241.218.35	attackspam	21/tcp 7777/tcp 512/tcp... [2020-02-17/03-08]15pkt,15pt.(tcp)	2020-03-09 07:20:26
69.204.41.143	attack	Repeated RDP login failures. Last user: Recepcao	2020-03-09 07:17:31
185.143.221.171	attackbots	Mar 9 00:12:24 debian-2gb-nbg1-2 kernel: \[5968298.579557\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.143.221.171 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=6091 PROTO=TCP SPT=50011 DPT=38883 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-09 07:13:49
103.145.253.145	attackspam	SASL broute force	2020-03-09 07:31:49

最近上报的IP列表

217.65.137.188	146.238.148.230	61.80.22.44	69.152.128.42
161.35.119.161	30.234.14.124	125.214.50.55	83.138.195.158
188.166.226.25	34.141.241.41	172.81.239.224	51.15.107.145
182.161.66.219	133.46.67.137	1.55.167.73	10.169.1.255
181.46.124.48	111.241.174.228	5.205.232.90	107.175.158.13