12.208.152.106

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): GTO 2000 Inc

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Unauthorized connection attempt detected from IP address 12.208.152.106 to port 2220 [J]	2020-02-02 02:56:51

相同子网IP讨论:

IP	类型	评论内容	时间
12.208.152.107	attack	Feb 9 06:08:40 haigwepa sshd[28852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=12.208.152.107 Feb 9 06:08:41 haigwepa sshd[28852]: Failed password for invalid user grd from 12.208.152.107 port 49885 ssh2 ...	2020-02-09 17:58:28
12.208.152.107	attackspam	Feb 8 00:06:11 legacy sshd[27138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=12.208.152.107 Feb 8 00:06:13 legacy sshd[27138]: Failed password for invalid user fof from 12.208.152.107 port 42764 ssh2 Feb 8 00:09:00 legacy sshd[27366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=12.208.152.107 ...	2020-02-08 07:11:56

类型

评论内容

时间

12.208.152.107

attack

Feb  9 06:08:40 haigwepa sshd[28852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=12.208.152.107 
Feb  9 06:08:41 haigwepa sshd[28852]: Failed password for invalid user grd from 12.208.152.107 port 49885 ssh2
...

2020-02-09 17:58:28

12.208.152.107

attackspam

Feb  8 00:06:11 legacy sshd[27138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=12.208.152.107
Feb  8 00:06:13 legacy sshd[27138]: Failed password for invalid user fof from 12.208.152.107 port 42764 ssh2
Feb  8 00:09:00 legacy sshd[27366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=12.208.152.107
...

2020-02-08 07:11:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 12.208.152.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11628
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;12.208.152.106.			IN	A

;; AUTHORITY SECTION:
.			417	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020101 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 02 02:56:48 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 106.152.208.12.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 106.152.208.12.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
183.134.104.148	attackbotsspam	Input Traffic from this IP, but critial abuseconfidencescore	2020-08-24 14:43:10
222.73.62.184	attack	Aug 24 10:53:01 itv-usvr-01 sshd[860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.73.62.184 user=root Aug 24 10:53:03 itv-usvr-01 sshd[860]: Failed password for root from 222.73.62.184 port 46834 ssh2	2020-08-24 15:15:22
139.99.192.189	attack	[2020-08-24 02:08:33] NOTICE[1185] chan_sip.c: Registration from '"322"' failed for '139.99.192.189:23369' - Wrong password [2020-08-24 02:08:33] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-24T02:08:33.794-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="322",SessionID="0x7f10c4239d98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/139.99.192.189/23369",Challenge="11cf6f0a",ReceivedChallenge="11cf6f0a",ReceivedHash="265c52b28983f18d23133d93ab72aca2" [2020-08-24 02:10:46] NOTICE[1185] chan_sip.c: Registration from '"323"' failed for '139.99.192.189:33802' - Wrong password [2020-08-24 02:10:46] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-24T02:10:46.457-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="323",SessionID="0x7f10c405a408",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/139. ...	2020-08-24 14:57:28
47.74.44.224	attack	Aug 24 00:53:14 ws24vmsma01 sshd[5587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.74.44.224 Aug 24 00:53:16 ws24vmsma01 sshd[5587]: Failed password for invalid user ct from 47.74.44.224 port 59240 ssh2 ...	2020-08-24 15:05:37
45.136.7.142	attackspambots	2020-08-23 22:53:27.408550-0500 localhost smtpd[54954]: NOQUEUE: reject: RCPT from unknown[45.136.7.142]: 450 4.7.25 Client host rejected: cannot find your hostname, [45.136.7.142]; from= to= proto=ESMTP helo=	2020-08-24 14:47:05
110.93.240.189	attackbots	Tried our host z.	2020-08-24 14:44:01
220.149.227.105	attack	Aug 24 07:55:15 ift sshd\[56398\]: Invalid user hwz from 220.149.227.105Aug 24 07:55:17 ift sshd\[56398\]: Failed password for invalid user hwz from 220.149.227.105 port 39274 ssh2Aug 24 07:59:25 ift sshd\[56878\]: Failed password for root from 220.149.227.105 port 42573 ssh2Aug 24 08:03:40 ift sshd\[57503\]: Invalid user isaque from 220.149.227.105Aug 24 08:03:43 ift sshd\[57503\]: Failed password for invalid user isaque from 220.149.227.105 port 45867 ssh2 ...	2020-08-24 14:37:18
142.93.34.169	attackbotsspam	142.93.34.169 - - [24/Aug/2020:05:43:57 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [24/Aug/2020:05:43:58 +0100] "POST /wp-login.php HTTP/1.1" 200 1949 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [24/Aug/2020:05:43:59 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-24 14:39:17
141.98.9.137	attackbots	Aug 24 02:47:24 www sshd\[9398\]: Invalid user operator from 141.98.9.137 Aug 24 02:47:40 www sshd\[9437\]: Invalid user support from 141.98.9.137 ...	2020-08-24 14:58:50
200.105.183.118	attackspambots	Aug 24 05:50:58 ns382633 sshd\[10316\]: Invalid user user from 200.105.183.118 port 4097 Aug 24 05:50:58 ns382633 sshd\[10316\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.105.183.118 Aug 24 05:51:01 ns382633 sshd\[10316\]: Failed password for invalid user user from 200.105.183.118 port 4097 ssh2 Aug 24 05:53:11 ns382633 sshd\[10516\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.105.183.118 user=root Aug 24 05:53:13 ns382633 sshd\[10516\]: Failed password for root from 200.105.183.118 port 12929 ssh2	2020-08-24 15:06:32
157.245.211.180	attackbotsspam	frenzy	2020-08-24 15:01:41
121.201.57.216	attackspambots	Aug 24 05:50:49 v22019038103785759 sshd\[25596\]: Invalid user student03 from 121.201.57.216 port 41788 Aug 24 05:50:49 v22019038103785759 sshd\[25596\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.201.57.216 Aug 24 05:50:51 v22019038103785759 sshd\[25596\]: Failed password for invalid user student03 from 121.201.57.216 port 41788 ssh2 Aug 24 05:53:56 v22019038103785759 sshd\[25812\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.201.57.216 user=root Aug 24 05:53:58 v22019038103785759 sshd\[25812\]: Failed password for root from 121.201.57.216 port 50490 ssh2 ...	2020-08-24 14:36:48
194.36.108.6	attack	4,32-14/10 [bc01/m10] PostRequest-Spammer scoring: zurich	2020-08-24 14:42:15
148.70.173.252	attackspambots	Aug 24 00:53:50 ws24vmsma01 sshd[42114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.173.252 Aug 24 00:53:52 ws24vmsma01 sshd[42114]: Failed password for invalid user trace from 148.70.173.252 port 10558 ssh2 ...	2020-08-24 14:40:44
35.221.201.240	attackbotsspam	$f2bV_matches	2020-08-24 14:55:42

最近上报的IP列表

117.213.254.11	164.4.50.103	221.164.229.161	183.120.255.133
61.2.150.61	68.62.246.178	221.17.47.137	78.1.65.68
202.186.72.185	200.124.48.100	175.216.115.198	216.110.7.195
164.53.113.159	83.106.140.1	153.248.94.242	2.93.106.76
69.50.246.30	133.152.57.175	43.28.179.214	107.3.41.105