120.92.132.106

Basic Info

City: unknown

Region: Beijing

Country: China

Internet Service Provider: Beijing Kingsoft Cloud Internet Technology Co. Ltd.

Hostname: unknown

Organization: China Telecom (Group)

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Automatic report - Banned IP Access	2019-09-02 17:58:52
attackbotsspam	Aug 28 06:12:46 ns341937 sshd[1277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.132.106 Aug 28 06:12:49 ns341937 sshd[1277]: Failed password for invalid user ftpuser from 120.92.132.106 port 19042 ssh2 Aug 28 06:24:21 ns341937 sshd[3331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.132.106 ...	2019-08-28 17:08:14
attackbotsspam	Jul 29 11:21:27 dedicated sshd[18039]: Invalid user csu from 120.92.132.106 port 47172	2019-07-29 20:57:56

Type

Details

Datetime

attackspambots

Automatic report - Banned IP Access

2019-09-02 17:58:52

attackbotsspam

Aug 28 06:12:46 ns341937 sshd[1277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.132.106
Aug 28 06:12:49 ns341937 sshd[1277]: Failed password for invalid user ftpuser from 120.92.132.106 port 19042 ssh2
Aug 28 06:24:21 ns341937 sshd[3331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.132.106
...

2019-08-28 17:08:14

attackbotsspam

Jul 29 11:21:27 dedicated sshd[18039]: Invalid user csu from 120.92.132.106 port 47172

2019-07-29 20:57:56

Comments on same subnet:

IP	Type	Details	Datetime
120.92.132.121	attack	Aug 19 00:58:18 onepixel sshd[236696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.132.121 Aug 19 00:58:18 onepixel sshd[236696]: Invalid user darrell from 120.92.132.121 port 64098 Aug 19 00:58:20 onepixel sshd[236696]: Failed password for invalid user darrell from 120.92.132.121 port 64098 ssh2 Aug 19 01:03:09 onepixel sshd[239465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.132.121 user=root Aug 19 01:03:10 onepixel sshd[239465]: Failed password for root from 120.92.132.121 port 63782 ssh2	2020-08-19 09:12:36
120.92.132.121	attack	Aug 18 04:53:52 localhost sshd[29778]: Invalid user b1 from 120.92.132.121 port 40712 Aug 18 04:53:52 localhost sshd[29778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.132.121 Aug 18 04:53:52 localhost sshd[29778]: Invalid user b1 from 120.92.132.121 port 40712 Aug 18 04:53:54 localhost sshd[29778]: Failed password for invalid user b1 from 120.92.132.121 port 40712 ssh2 Aug 18 05:00:17 localhost sshd[30533]: Invalid user hduser from 120.92.132.121 port 42584 ...	2020-08-18 13:17:31
120.92.132.121	attack	Invalid user chuck from 120.92.132.121 port 54540	2020-08-17 19:54:03
120.92.132.76	attack	$f2bV_matches	2020-02-25 22:01:32
120.92.132.76	attack	$f2bV_matches	2020-02-23 02:58:52
120.92.132.76	attackspam	Feb 12 13:35:00 rama sshd[151609]: Invalid user confluence from 120.92.132.76 Feb 12 13:35:00 rama sshd[151609]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.132.76 Feb 12 13:35:03 rama sshd[151609]: Failed password for invalid user confluence from 120.92.132.76 port 46850 ssh2 Feb 12 13:35:03 rama sshd[151609]: Received disconnect from 120.92.132.76: 11: Bye Bye [preauth] Feb 12 13:51:24 rama sshd[156428]: Invalid user ecommerce from 120.92.132.76 Feb 12 13:51:24 rama sshd[156428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.132.76 Feb 12 13:51:27 rama sshd[156428]: Failed password for invalid user ecommerce from 120.92.132.76 port 57426 ssh2 Feb 12 13:51:27 rama sshd[156428]: Received disconnect from 120.92.132.76: 11: Bye Bye [preauth] Feb 12 13:53:53 rama sshd[156851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.13........ -------------------------------	2020-02-13 01:05:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.92.132.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18388
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.92.132.106.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 26 02:01:49 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 106.132.92.120.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 106.132.92.120.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
79.188.68.90	attackbotsspam	Jun 28 08:06:04 ns3367391 sshd\[8387\]: Invalid user police from 79.188.68.90 port 41085 Jun 28 08:06:07 ns3367391 sshd\[8387\]: Failed password for invalid user police from 79.188.68.90 port 41085 ssh2 ...	2019-06-28 14:34:47
91.134.140.32	attackbots	Jun 28 07:17:49 herz-der-gamer sshd[1790]: Invalid user test from 91.134.140.32 port 45172 Jun 28 07:17:49 herz-der-gamer sshd[1790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.140.32 Jun 28 07:17:49 herz-der-gamer sshd[1790]: Invalid user test from 91.134.140.32 port 45172 Jun 28 07:17:51 herz-der-gamer sshd[1790]: Failed password for invalid user test from 91.134.140.32 port 45172 ssh2 ...	2019-06-28 13:58:11
193.194.89.146	attackspambots	Jun 28 07:17:27 xb3 sshd[27337]: Failed password for invalid user hxeadm from 193.194.89.146 port 41386 ssh2 Jun 28 07:17:27 xb3 sshd[27337]: Received disconnect from 193.194.89.146: 11: Bye Bye [preauth] Jun 28 07:19:35 xb3 sshd[32693]: Failed password for invalid user nationale from 193.194.89.146 port 35082 ssh2 Jun 28 07:19:35 xb3 sshd[32693]: Received disconnect from 193.194.89.146: 11: Bye Bye [preauth] Jun 28 07:21:09 xb3 sshd[24709]: Failed password for invalid user test from 193.194.89.146 port 52584 ssh2 Jun 28 07:21:09 xb3 sshd[24709]: Received disconnect from 193.194.89.146: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=193.194.89.146	2019-06-28 14:22:41
113.161.125.23	attackspam	Jun 28 08:17:22 srv-4 sshd\[11361\]: Invalid user nong from 113.161.125.23 Jun 28 08:17:22 srv-4 sshd\[11361\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.125.23 Jun 28 08:17:25 srv-4 sshd\[11361\]: Failed password for invalid user nong from 113.161.125.23 port 54664 ssh2 ...	2019-06-28 14:16:28
87.100.243.117	attack	$f2bV_matches	2019-06-28 14:33:05
142.4.204.85	attackspam	18,61-12/18 concatform PostRequest-Spammer scoring: maputo01_x2b	2019-06-28 14:15:28
104.236.25.157	attackbotsspam	Jun 28 07:17:46 vpn01 sshd\[27615\]: Invalid user rafael from 104.236.25.157 Jun 28 07:17:46 vpn01 sshd\[27615\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.25.157 Jun 28 07:17:48 vpn01 sshd\[27615\]: Failed password for invalid user rafael from 104.236.25.157 port 56602 ssh2	2019-06-28 14:01:33
81.169.144.135	bots	81.169.144.135 - - [28/Jun/2019:14:08:58 +0800] "POST /check-ip/167.100.109.52 HTTP/1.1" 301 194 "en.asytech.cn/check-ip/167.100.109.52" "Mozilla/5.0 (Windows NT 6.1; rv:66.0) Gecko/20100101 Firefox/66.0" 81.169.144.135 - - [28/Jun/2019:14:09:00 +0800] "POST /check-ip/167.100.108.205 HTTP/1.1" 301 194 "en.asytech.cn/check-ip/167.100.108.205" "Mozilla/5.0 (Windows NT 6.1; rv:66.0) Gecko/20100101 Firefox/66.0"	2019-06-28 14:30:51
171.244.18.14	attackspam	Jun 27 19:04:12 vpn01 sshd\[23021\]: Invalid user test2 from 171.244.18.14 Jun 27 19:04:12 vpn01 sshd\[23021\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.244.18.14 Jun 27 19:04:14 vpn01 sshd\[23021\]: Failed password for invalid user test2 from 171.244.18.14 port 37690 ssh2	2019-06-28 01:17:16
87.134.42.111	attackbots	Jun 28 08:18:00 srv-4 sshd\[11429\]: Invalid user estelle from 87.134.42.111 Jun 28 08:18:00 srv-4 sshd\[11429\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.134.42.111 Jun 28 08:18:02 srv-4 sshd\[11429\]: Failed password for invalid user estelle from 87.134.42.111 port 42836 ssh2 ...	2019-06-28 13:52:11
106.12.12.86	attackspambots	Jun 28 11:07:56 tanzim-HP-Z238-Microtower-Workstation sshd\[11229\]: Invalid user ehasco from 106.12.12.86 Jun 28 11:07:56 tanzim-HP-Z238-Microtower-Workstation sshd\[11229\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.86 Jun 28 11:07:58 tanzim-HP-Z238-Microtower-Workstation sshd\[11229\]: Failed password for invalid user ehasco from 106.12.12.86 port 40128 ssh2 ...	2019-06-28 14:30:53
46.189.75.100	attackbots	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-06-28 14:13:46
185.53.91.50	attackbotsspam	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-06-28 13:57:01
200.231.152.206	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-26 08:47:43,377 INFO [shellcode_manager] (200.231.152.206) no match, writing hexdump (4bba938ace79bfdcbd231ee399e2f7d7 :14808) - SMB (Unknown)	2019-06-28 01:16:42
183.136.213.97	attackspambots	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-06-28 14:18:32

Recently Reported IPs

209.107.205.205	114.211.67.181	216.218.185.162	125.188.150.183
49.0.2.20	62.102.52.254	177.19.60.9	182.160.236.73
24.111.73.255	138.128.122.19	192.154.181.125	216.10.146.215
8.188.230.251	83.4.114.54	157.73.156.214	129.63.147.148
88.86.203.79	2a02:560:422a:6700:ecf5:3c49:8634:4bef	164.160.85.179	115.122.188.10