106.12.112.49 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	TCP (SYN) 106.12.112.49:48405 -> port 32198, len 44	2020-06-07 17:34:39
attack	TCP (SYN) 106.12.112.49:56848 -> port 5453, len 44	2020-06-04 18:34:05
attackspambots	2020-04-10T12:08:35.078540shield sshd\[28228\]: Invalid user sinusbot1 from 106.12.112.49 port 53486 2020-04-10T12:08:35.082218shield sshd\[28228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 2020-04-10T12:08:37.220294shield sshd\[28228\]: Failed password for invalid user sinusbot1 from 106.12.112.49 port 53486 ssh2 2020-04-10T12:10:24.721972shield sshd\[28491\]: Invalid user admin from 106.12.112.49 port 48468 2020-04-10T12:10:24.724540shield sshd\[28491\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49	2020-04-10 22:00:20
attackspam	Mar 30 06:25:18 haigwepa sshd[6433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Mar 30 06:25:20 haigwepa sshd[6433]: Failed password for invalid user deborah from 106.12.112.49 port 54494 ssh2 ...	2020-03-30 14:35:20
attackbotsspam	(sshd) Failed SSH login from 106.12.112.49 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 28 13:02:29 elude sshd[2727]: Invalid user astral from 106.12.112.49 port 48896 Mar 28 13:02:31 elude sshd[2727]: Failed password for invalid user astral from 106.12.112.49 port 48896 ssh2 Mar 28 13:17:46 elude sshd[3690]: Invalid user opg from 106.12.112.49 port 39612 Mar 28 13:17:48 elude sshd[3690]: Failed password for invalid user opg from 106.12.112.49 port 39612 ssh2 Mar 28 13:20:26 elude sshd[3841]: Invalid user jqt from 106.12.112.49 port 41658	2020-03-28 20:24:53
attackbotsspam	Mar 25 05:31:46 XXX sshd[51087]: Invalid user cloudadmin from 106.12.112.49 port 47498	2020-03-26 09:05:38
attackspam	Mar 21 04:42:24 vps sshd[15225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Mar 21 04:42:27 vps sshd[15225]: Failed password for invalid user jacey from 106.12.112.49 port 48774 ssh2 Mar 21 04:52:44 vps sshd[15739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 ...	2020-03-21 14:17:07
attackbots	2020-03-20T22:47:11.709929shield sshd\[1269\]: Invalid user tq from 106.12.112.49 port 53934 2020-03-20T22:47:11.714878shield sshd\[1269\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 2020-03-20T22:47:14.452325shield sshd\[1269\]: Failed password for invalid user tq from 106.12.112.49 port 53934 ssh2 2020-03-20T22:49:36.894385shield sshd\[1809\]: Invalid user email from 106.12.112.49 port 36362 2020-03-20T22:49:36.902206shield sshd\[1809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49	2020-03-21 09:52:44
attackspambots	Unauthorized connection attempt detected from IP address 106.12.112.49 to port 2220 [J]	2020-02-02 09:42:00
attackspam	Feb 1 14:43:31 vpn01 sshd[14309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Feb 1 14:43:32 vpn01 sshd[14309]: Failed password for invalid user ftpuser from 106.12.112.49 port 41088 ssh2 ...	2020-02-02 02:24:08
attackbots	Jan 30 04:07:41 eddieflores sshd\[11212\]: Invalid user laranya from 106.12.112.49 Jan 30 04:07:41 eddieflores sshd\[11212\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Jan 30 04:07:43 eddieflores sshd\[11212\]: Failed password for invalid user laranya from 106.12.112.49 port 46072 ssh2 Jan 30 04:11:54 eddieflores sshd\[11871\]: Invalid user radhika from 106.12.112.49 Jan 30 04:11:54 eddieflores sshd\[11871\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49	2020-01-30 22:27:52
attack	(sshd) Failed SSH login from 106.12.112.49 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jan 7 19:34:57 blur sshd[30122]: Invalid user tomcat from 106.12.112.49 port 40614 Jan 7 19:34:59 blur sshd[30122]: Failed password for invalid user tomcat from 106.12.112.49 port 40614 ssh2 Jan 7 19:45:53 blur sshd[32189]: Invalid user fop2 from 106.12.112.49 port 45724 Jan 7 19:45:55 blur sshd[32189]: Failed password for invalid user fop2 from 106.12.112.49 port 45724 ssh2 Jan 7 19:48:42 blur sshd[32656]: Invalid user week from 106.12.112.49 port 42258	2020-01-08 03:14:31
attackbotsspam	Dec 28 07:00:38 ArkNodeAT sshd\[23107\]: Invalid user heier from 106.12.112.49 Dec 28 07:00:38 ArkNodeAT sshd\[23107\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Dec 28 07:00:40 ArkNodeAT sshd\[23107\]: Failed password for invalid user heier from 106.12.112.49 port 57924 ssh2	2019-12-28 14:25:41
attack	Dec 18 19:31:09 linuxvps sshd\[33061\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 user=root Dec 18 19:31:12 linuxvps sshd\[33061\]: Failed password for root from 106.12.112.49 port 49332 ssh2 Dec 18 19:35:55 linuxvps sshd\[36356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 user=root Dec 18 19:35:56 linuxvps sshd\[36356\]: Failed password for root from 106.12.112.49 port 41752 ssh2 Dec 18 19:40:31 linuxvps sshd\[39473\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 user=news	2019-12-19 08:42:46
attackbotsspam	Dec 9 20:18:23 localhost sshd\[779\]: Invalid user ying from 106.12.112.49 Dec 9 20:18:23 localhost sshd\[779\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Dec 9 20:18:25 localhost sshd\[779\]: Failed password for invalid user ying from 106.12.112.49 port 41486 ssh2 Dec 9 20:24:33 localhost sshd\[1085\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 user=root Dec 9 20:24:34 localhost sshd\[1085\]: Failed password for root from 106.12.112.49 port 48182 ssh2 ...	2019-12-10 05:04:12
attackspambots	Nov 24 05:02:40 tdfoods sshd\[17325\]: Invalid user aroon123 from 106.12.112.49 Nov 24 05:02:40 tdfoods sshd\[17325\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Nov 24 05:02:42 tdfoods sshd\[17325\]: Failed password for invalid user aroon123 from 106.12.112.49 port 59264 ssh2 Nov 24 05:11:50 tdfoods sshd\[18118\]: Invalid user 12345 from 106.12.112.49 Nov 24 05:11:50 tdfoods sshd\[18118\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49	2019-11-25 06:30:36
attackspambots	Invalid user jonas from 106.12.112.49 port 49466	2019-10-27 02:52:14
attackbots	ssh failed login	2019-10-25 07:59:06

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.112.120	attackbotsspam	Repeated brute force against a port	2020-10-08 00:05:44
106.12.112.120	attackspam	Repeated brute force against a port	2020-10-07 16:12:02
106.12.112.120	attackbotsspam	Aug 20 07:22:49 mail sshd\[43028\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.120 user=root ...	2020-08-20 19:27:14
106.12.112.120	attackspam	Aug 18 23:06:33 vps-51d81928 sshd[722562]: Invalid user odoo8 from 106.12.112.120 port 41384 Aug 18 23:06:33 vps-51d81928 sshd[722562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.120 Aug 18 23:06:33 vps-51d81928 sshd[722562]: Invalid user odoo8 from 106.12.112.120 port 41384 Aug 18 23:06:35 vps-51d81928 sshd[722562]: Failed password for invalid user odoo8 from 106.12.112.120 port 41384 ssh2 Aug 18 23:10:16 vps-51d81928 sshd[722688]: Invalid user testuser from 106.12.112.120 port 38634 ...	2020-08-19 07:13:54
106.12.112.120	attackbotsspam	2020-07-31T06:42[Censored Hostname] sshd[27312]: Failed password for root from 106.12.112.120 port 45968 ssh2 2020-07-31T06:47[Censored Hostname] sshd[30151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.120 user=root 2020-07-31T06:47[Censored Hostname] sshd[30151]: Failed password for root from 106.12.112.120 port 44120 ssh2[...]	2020-07-31 13:14:30
106.12.112.120	attackbots	Jul 29 14:28:21 ip106 sshd[2579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.120 Jul 29 14:28:23 ip106 sshd[2579]: Failed password for invalid user wanyao from 106.12.112.120 port 55544 ssh2 ...	2020-07-29 20:50:12
106.12.112.120	attackspam	Jul 3 23:41:23 lnxweb61 sshd[1979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.120 Jul 3 23:41:23 lnxweb61 sshd[1979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.120	2020-07-04 06:02:20
106.12.112.120	attack	Jun 27 13:42:14 mail sshd[31312]: Failed password for invalid user transfer from 106.12.112.120 port 47368 ssh2 ...	2020-06-29 04:46:43
106.12.112.62	attackbots	2020-05-13T05:43:17.492647shield sshd\[19444\]: Invalid user postgres from 106.12.112.62 port 53398 2020-05-13T05:43:17.500866shield sshd\[19444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.62 2020-05-13T05:43:19.708856shield sshd\[19444\]: Failed password for invalid user postgres from 106.12.112.62 port 53398 ssh2 2020-05-13T05:47:05.538654shield sshd\[20372\]: Invalid user zhuhy from 106.12.112.62 port 42592 2020-05-13T05:47:05.547132shield sshd\[20372\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.62	2020-05-13 13:52:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.112.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64396
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.112.49.			IN	A

;; AUTHORITY SECTION:
.			393	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102001 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 21 13:33:12 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 49.112.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.112.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
42.119.193.13	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-05-29 08:18:19
185.6.139.5	attackbotsspam	28.05.2020 22:06:40 - Wordpress fail Detected by ELinOX-ALM	2020-05-29 08:03:34
106.13.168.31	attack	prod6 ...	2020-05-29 08:19:38
118.24.24.154	attack	Invalid user dyanne from 118.24.24.154 port 50010	2020-05-29 08:25:13
188.119.39.84	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-29 08:11:40
206.81.12.209	attack	Invalid user elizabethhalper from 206.81.12.209 port 60320	2020-05-29 08:17:18
192.3.34.154	attackspambots	Hi, Hi, The IP 192.3.34.154 has just been banned by after 5 attempts against postfix. Here is more information about 192.3.34.154 : ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=192.3.34.154	2020-05-29 08:12:03
122.224.217.43	attack	May 29 01:22:13 ns382633 sshd\[23937\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.224.217.43 user=root May 29 01:22:15 ns382633 sshd\[23937\]: Failed password for root from 122.224.217.43 port 48832 ssh2 May 29 01:27:06 ns382633 sshd\[24847\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.224.217.43 user=root May 29 01:27:08 ns382633 sshd\[24847\]: Failed password for root from 122.224.217.43 port 53778 ssh2 May 29 01:30:45 ns382633 sshd\[25589\]: Invalid user guest2 from 122.224.217.43 port 49514 May 29 01:30:45 ns382633 sshd\[25589\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.224.217.43	2020-05-29 08:03:57
40.92.254.78	attackspambots	persona non grata	2020-05-29 08:30:20
27.71.206.80	attackspambots	Honeypot attack, port: 445, PTR: localhost.	2020-05-29 08:25:44
114.47.6.174	attackspambots	Honeypot attack, port: 445, PTR: 114-47-6-174.dynamic-ip.hinet.net.	2020-05-29 08:14:48
101.21.112.132	spamattack	Attempted email hijack	2020-05-29 08:48:52
92.114.18.12	attack	Honeypot attack, port: 445, PTR: 12.mobinnet.net.	2020-05-29 08:08:57
162.223.91.148	attack	May 28 05:44:11 h2040555 sshd[27467]: reveeclipse mapping checking getaddrinfo for ussrv.colopart.com [162.223.91.148] failed - POSSIBLE BREAK-IN ATTEMPT! May 28 05:44:11 h2040555 sshd[27467]: Invalid user admin from 162.223.91.148 May 28 05:44:11 h2040555 sshd[27467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.223.91.148 May 28 05:44:13 h2040555 sshd[27467]: Failed password for invalid user admin from 162.223.91.148 port 50016 ssh2 May 28 05:44:13 h2040555 sshd[27467]: Received disconnect from 162.223.91.148: 11: Bye Bye [preauth] May 28 05:56:53 h2040555 sshd[27675]: reveeclipse mapping checking getaddrinfo for ussrv.colopart.com [162.223.91.148] failed - POSSIBLE BREAK-IN ATTEMPT! May 28 05:56:53 h2040555 sshd[27675]: Invalid user areknet from 162.223.91.148 May 28 05:56:53 h2040555 sshd[27675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.223.91.148 May 28 05:56:55 h204........ -------------------------------	2020-05-29 08:24:26
120.151.222.78	attack	Invalid user pcap from 120.151.222.78 port 35310	2020-05-29 07:57:11

最近上报的IP列表

39.82.43.227	171.181.194.200	91.5.177.20	129.211.230.193
88.156.21.59	96.225.184.238	25.61.228.148	37.50.74.146
0.179.83.0	151.230.38.131	151.222.99.238	200.8.71.35
95.112.137.113	8.56.86.170	222.112.65.214	177.71.145.215
148.70.113.96	103.126.172.6	2001:e68:5067:9ce:1e5f:2bff:fe37:84f0	65.243.228.40