106.12.112.49 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	TCP (SYN) 106.12.112.49:48405 -> port 32198, len 44	2020-06-07 17:34:39
attack	TCP (SYN) 106.12.112.49:56848 -> port 5453, len 44	2020-06-04 18:34:05
attackspambots	2020-04-10T12:08:35.078540shield sshd\[28228\]: Invalid user sinusbot1 from 106.12.112.49 port 53486 2020-04-10T12:08:35.082218shield sshd\[28228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 2020-04-10T12:08:37.220294shield sshd\[28228\]: Failed password for invalid user sinusbot1 from 106.12.112.49 port 53486 ssh2 2020-04-10T12:10:24.721972shield sshd\[28491\]: Invalid user admin from 106.12.112.49 port 48468 2020-04-10T12:10:24.724540shield sshd\[28491\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49	2020-04-10 22:00:20
attackspam	Mar 30 06:25:18 haigwepa sshd[6433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Mar 30 06:25:20 haigwepa sshd[6433]: Failed password for invalid user deborah from 106.12.112.49 port 54494 ssh2 ...	2020-03-30 14:35:20
attackbotsspam	(sshd) Failed SSH login from 106.12.112.49 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 28 13:02:29 elude sshd[2727]: Invalid user astral from 106.12.112.49 port 48896 Mar 28 13:02:31 elude sshd[2727]: Failed password for invalid user astral from 106.12.112.49 port 48896 ssh2 Mar 28 13:17:46 elude sshd[3690]: Invalid user opg from 106.12.112.49 port 39612 Mar 28 13:17:48 elude sshd[3690]: Failed password for invalid user opg from 106.12.112.49 port 39612 ssh2 Mar 28 13:20:26 elude sshd[3841]: Invalid user jqt from 106.12.112.49 port 41658	2020-03-28 20:24:53
attackbotsspam	Mar 25 05:31:46 XXX sshd[51087]: Invalid user cloudadmin from 106.12.112.49 port 47498	2020-03-26 09:05:38
attackspam	Mar 21 04:42:24 vps sshd[15225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Mar 21 04:42:27 vps sshd[15225]: Failed password for invalid user jacey from 106.12.112.49 port 48774 ssh2 Mar 21 04:52:44 vps sshd[15739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 ...	2020-03-21 14:17:07
attackbots	2020-03-20T22:47:11.709929shield sshd\[1269\]: Invalid user tq from 106.12.112.49 port 53934 2020-03-20T22:47:11.714878shield sshd\[1269\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 2020-03-20T22:47:14.452325shield sshd\[1269\]: Failed password for invalid user tq from 106.12.112.49 port 53934 ssh2 2020-03-20T22:49:36.894385shield sshd\[1809\]: Invalid user email from 106.12.112.49 port 36362 2020-03-20T22:49:36.902206shield sshd\[1809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49	2020-03-21 09:52:44
attackspambots	Unauthorized connection attempt detected from IP address 106.12.112.49 to port 2220 [J]	2020-02-02 09:42:00
attackspam	Feb 1 14:43:31 vpn01 sshd[14309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Feb 1 14:43:32 vpn01 sshd[14309]: Failed password for invalid user ftpuser from 106.12.112.49 port 41088 ssh2 ...	2020-02-02 02:24:08
attackbots	Jan 30 04:07:41 eddieflores sshd\[11212\]: Invalid user laranya from 106.12.112.49 Jan 30 04:07:41 eddieflores sshd\[11212\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Jan 30 04:07:43 eddieflores sshd\[11212\]: Failed password for invalid user laranya from 106.12.112.49 port 46072 ssh2 Jan 30 04:11:54 eddieflores sshd\[11871\]: Invalid user radhika from 106.12.112.49 Jan 30 04:11:54 eddieflores sshd\[11871\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49	2020-01-30 22:27:52
attack	(sshd) Failed SSH login from 106.12.112.49 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jan 7 19:34:57 blur sshd[30122]: Invalid user tomcat from 106.12.112.49 port 40614 Jan 7 19:34:59 blur sshd[30122]: Failed password for invalid user tomcat from 106.12.112.49 port 40614 ssh2 Jan 7 19:45:53 blur sshd[32189]: Invalid user fop2 from 106.12.112.49 port 45724 Jan 7 19:45:55 blur sshd[32189]: Failed password for invalid user fop2 from 106.12.112.49 port 45724 ssh2 Jan 7 19:48:42 blur sshd[32656]: Invalid user week from 106.12.112.49 port 42258	2020-01-08 03:14:31
attackbotsspam	Dec 28 07:00:38 ArkNodeAT sshd\[23107\]: Invalid user heier from 106.12.112.49 Dec 28 07:00:38 ArkNodeAT sshd\[23107\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Dec 28 07:00:40 ArkNodeAT sshd\[23107\]: Failed password for invalid user heier from 106.12.112.49 port 57924 ssh2	2019-12-28 14:25:41
attack	Dec 18 19:31:09 linuxvps sshd\[33061\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 user=root Dec 18 19:31:12 linuxvps sshd\[33061\]: Failed password for root from 106.12.112.49 port 49332 ssh2 Dec 18 19:35:55 linuxvps sshd\[36356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 user=root Dec 18 19:35:56 linuxvps sshd\[36356\]: Failed password for root from 106.12.112.49 port 41752 ssh2 Dec 18 19:40:31 linuxvps sshd\[39473\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 user=news	2019-12-19 08:42:46
attackbotsspam	Dec 9 20:18:23 localhost sshd\[779\]: Invalid user ying from 106.12.112.49 Dec 9 20:18:23 localhost sshd\[779\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Dec 9 20:18:25 localhost sshd\[779\]: Failed password for invalid user ying from 106.12.112.49 port 41486 ssh2 Dec 9 20:24:33 localhost sshd\[1085\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 user=root Dec 9 20:24:34 localhost sshd\[1085\]: Failed password for root from 106.12.112.49 port 48182 ssh2 ...	2019-12-10 05:04:12
attackspambots	Nov 24 05:02:40 tdfoods sshd\[17325\]: Invalid user aroon123 from 106.12.112.49 Nov 24 05:02:40 tdfoods sshd\[17325\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Nov 24 05:02:42 tdfoods sshd\[17325\]: Failed password for invalid user aroon123 from 106.12.112.49 port 59264 ssh2 Nov 24 05:11:50 tdfoods sshd\[18118\]: Invalid user 12345 from 106.12.112.49 Nov 24 05:11:50 tdfoods sshd\[18118\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49	2019-11-25 06:30:36
attackspambots	Invalid user jonas from 106.12.112.49 port 49466	2019-10-27 02:52:14
attackbots	ssh failed login	2019-10-25 07:59:06

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.112.120	attackbotsspam	Repeated brute force against a port	2020-10-08 00:05:44
106.12.112.120	attackspam	Repeated brute force against a port	2020-10-07 16:12:02
106.12.112.120	attackbotsspam	Aug 20 07:22:49 mail sshd\[43028\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.120 user=root ...	2020-08-20 19:27:14
106.12.112.120	attackspam	Aug 18 23:06:33 vps-51d81928 sshd[722562]: Invalid user odoo8 from 106.12.112.120 port 41384 Aug 18 23:06:33 vps-51d81928 sshd[722562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.120 Aug 18 23:06:33 vps-51d81928 sshd[722562]: Invalid user odoo8 from 106.12.112.120 port 41384 Aug 18 23:06:35 vps-51d81928 sshd[722562]: Failed password for invalid user odoo8 from 106.12.112.120 port 41384 ssh2 Aug 18 23:10:16 vps-51d81928 sshd[722688]: Invalid user testuser from 106.12.112.120 port 38634 ...	2020-08-19 07:13:54
106.12.112.120	attackbotsspam	2020-07-31T06:42[Censored Hostname] sshd[27312]: Failed password for root from 106.12.112.120 port 45968 ssh2 2020-07-31T06:47[Censored Hostname] sshd[30151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.120 user=root 2020-07-31T06:47[Censored Hostname] sshd[30151]: Failed password for root from 106.12.112.120 port 44120 ssh2[...]	2020-07-31 13:14:30
106.12.112.120	attackbots	Jul 29 14:28:21 ip106 sshd[2579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.120 Jul 29 14:28:23 ip106 sshd[2579]: Failed password for invalid user wanyao from 106.12.112.120 port 55544 ssh2 ...	2020-07-29 20:50:12
106.12.112.120	attackspam	Jul 3 23:41:23 lnxweb61 sshd[1979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.120 Jul 3 23:41:23 lnxweb61 sshd[1979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.120	2020-07-04 06:02:20
106.12.112.120	attack	Jun 27 13:42:14 mail sshd[31312]: Failed password for invalid user transfer from 106.12.112.120 port 47368 ssh2 ...	2020-06-29 04:46:43
106.12.112.62	attackbots	2020-05-13T05:43:17.492647shield sshd\[19444\]: Invalid user postgres from 106.12.112.62 port 53398 2020-05-13T05:43:17.500866shield sshd\[19444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.62 2020-05-13T05:43:19.708856shield sshd\[19444\]: Failed password for invalid user postgres from 106.12.112.62 port 53398 ssh2 2020-05-13T05:47:05.538654shield sshd\[20372\]: Invalid user zhuhy from 106.12.112.62 port 42592 2020-05-13T05:47:05.547132shield sshd\[20372\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.62	2020-05-13 13:52:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.112.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64396
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.112.49.			IN	A

;; AUTHORITY SECTION:
.			393	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102001 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 21 13:33:12 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 49.112.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.112.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
208.82.118.236	attackspam	RU spamvertising/fraud - From: Ultra Wifi Pro - UBE 208.82.118.236 (EHLO newstart.club) Ndchost - Spam link mail.kraften.site = 185.56.88.154 Buzinessware FZCO – phishing redirect: a) spendlesslist.com = 104.144.63.165 ServerMania - Spam link #2 mail.kraften.site - phishing redirect: a) spendlesslist.com = 104.144.63.165 ServerMania b) safemailremove.com = 40.64.107.53 Microsoft Corporation - Spam link newstart.club = host not found Images - 151.101.120.193 Fastly - https://imgur.com/wmqfoW2.png = Ultra Wifi Pro ad - https://imgur.com/F6adfzn.png = Ultra Wifi Pro 73 Greentree Dr. #57 Dover DE 19904 – entity not found at listed address; BBB: Ultra HD Antennas & Ultra WiFi Pro – " this business is no longer in business "	2020-10-04 03:06:16
58.214.11.123	attackspambots	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-04 03:10:22
47.111.74.116	attackbots	Oct 2 23:21:01 xxxxxxx4 sshd[29277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.111.74.116 user=r.r Oct 2 23:21:03 xxxxxxx4 sshd[29277]: Failed password for r.r from 47.111.74.116 port 64820 ssh2 Oct 2 23:25:41 xxxxxxx4 sshd[29761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.111.74.116 user=r.r Oct 2 23:25:43 xxxxxxx4 sshd[29761]: Failed password for r.r from 47.111.74.116 port 15272 ssh2 Oct 2 23:27:14 xxxxxxx4 sshd[29834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.111.74.116 user=r.r Oct 2 23:27:17 xxxxxxx4 sshd[29834]: Failed password for r.r from 47.111.74.116 port 22374 ssh2 Oct 2 23:28:54 xxxxxxx4 sshd[29891]: Invalid user james from 47.111.74.116 port 29737 Oct 2 23:28:54 xxxxxxx4 sshd[29891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.111.74.116 Oct 2 23:28:55 x........ ------------------------------	2020-10-04 03:09:33
40.64.107.53	attack	RU spamvertising/fraud - From: Ultra Wifi Pro - UBE 208.82.118.236 (EHLO newstart.club) Ndchost - Spam link mail.kraften.site = 185.56.88.154 Buzinessware FZCO – phishing redirect: a) spendlesslist.com = 104.144.63.165 ServerMania - Spam link #2 mail.kraften.site - phishing redirect: a) spendlesslist.com = 104.144.63.165 ServerMania b) safemailremove.com = 40.64.107.53 Microsoft Corporation - Spam link newstart.club = host not found Images - 151.101.120.193 Fastly - https://imgur.com/wmqfoW2.png = Ultra Wifi Pro ad - https://imgur.com/F6adfzn.png = Ultra Wifi Pro 73 Greentree Dr. #57 Dover DE 19904 – entity not found at listed address; BBB: Ultra HD Antennas & Ultra WiFi Pro – " this business is no longer in business "	2020-10-04 02:44:42
162.244.77.140	attackbots	2020-10-03T20:21:08.300337ks3355764 sshd[27304]: Invalid user test from 162.244.77.140 port 60020 2020-10-03T20:21:10.339530ks3355764 sshd[27304]: Failed password for invalid user test from 162.244.77.140 port 60020 ssh2 ...	2020-10-04 02:59:26
101.80.0.67	attackspambots	Oct 3 11:36:06 v22019038103785759 sshd\[13645\]: Invalid user pavbras from 101.80.0.67 port 52178 Oct 3 11:36:06 v22019038103785759 sshd\[13645\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.80.0.67 Oct 3 11:36:08 v22019038103785759 sshd\[13645\]: Failed password for invalid user pavbras from 101.80.0.67 port 52178 ssh2 Oct 3 11:39:47 v22019038103785759 sshd\[13935\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.80.0.67 user=root Oct 3 11:39:49 v22019038103785759 sshd\[13935\]: Failed password for root from 101.80.0.67 port 51650 ssh2 ...	2020-10-04 03:15:52
116.24.67.158	attackbotsspam	Oct 2 12:56:07 zulu1842 sshd[25874]: Invalid user dropbox from 116.24.67.158 Oct 2 12:56:07 zulu1842 sshd[25874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.24.67.158 Oct 2 12:56:08 zulu1842 sshd[25874]: Failed password for invalid user dropbox from 116.24.67.158 port 41712 ssh2 Oct 2 12:56:08 zulu1842 sshd[25874]: Received disconnect from 116.24.67.158: 11: Bye Bye [preauth] Oct 2 12:58:56 zulu1842 sshd[26137]: Invalid user nano from 116.24.67.158 Oct 2 12:58:56 zulu1842 sshd[26137]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.24.67.158 Oct 2 12:58:58 zulu1842 sshd[26137]: Failed password for invalid user nano from 116.24.67.158 port 47878 ssh2 Oct 2 12:58:58 zulu1842 sshd[26137]: Received disconnect from 116.24.67.158: 11: Bye Bye [preauth] Oct 2 13:01:08 zulu1842 sshd[26323]: Invalid user jason from 116.24.67.158 Oct 2 13:01:08 zulu1842 sshd[26323]: pam_unix(s........ -------------------------------	2020-10-04 03:13:31
199.195.253.117	attack	script kiddie	2020-10-04 02:57:07
83.221.107.60	attackbotsspam	Oct 3 16:14:38 rush sshd[11045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.221.107.60 Oct 3 16:14:40 rush sshd[11045]: Failed password for invalid user user from 83.221.107.60 port 60596 ssh2 Oct 3 16:18:55 rush sshd[11080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.221.107.60 ...	2020-10-04 02:48:25
45.145.67.200	attack	RDPBruteGam24	2020-10-04 02:47:01
92.222.75.80	attackspam	fail2ban: brute force SSH detected	2020-10-04 03:16:12
91.218.246.26	attack	2020-10-02 22:12:42.724754-0500 localhost screensharingd[5170]: Authentication: FAILED :: User Name: N/A :: Viewer Address: 91.218.246.26 :: Type: VNC DES	2020-10-04 03:07:42
116.196.81.216	attackbots	Oct 3 12:27:55 abendstille sshd\[13881\]: Invalid user marcel from 116.196.81.216 Oct 3 12:27:55 abendstille sshd\[13881\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.216 Oct 3 12:27:58 abendstille sshd\[13881\]: Failed password for invalid user marcel from 116.196.81.216 port 58196 ssh2 Oct 3 12:30:13 abendstille sshd\[16434\]: Invalid user james from 116.196.81.216 Oct 3 12:30:13 abendstille sshd\[16434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.216 ...	2020-10-04 02:56:35
159.203.168.167	attack	Invalid user builder from 159.203.168.167 port 37520	2020-10-04 03:13:07
109.70.100.44	attack	Bad bot/spoofed identity	2020-10-04 02:53:12

最近上报的IP列表

39.82.43.227	171.181.194.200	91.5.177.20	129.211.230.193
88.156.21.59	96.225.184.238	25.61.228.148	37.50.74.146
0.179.83.0	151.230.38.131	151.222.99.238	200.8.71.35
95.112.137.113	8.56.86.170	222.112.65.214	177.71.145.215
148.70.113.96	103.126.172.6	2001:e68:5067:9ce:1e5f:2bff:fe37:84f0	65.243.228.40