106.12.112.49 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	TCP (SYN) 106.12.112.49:48405 -> port 32198, len 44	2020-06-07 17:34:39
attack	TCP (SYN) 106.12.112.49:56848 -> port 5453, len 44	2020-06-04 18:34:05
attackspambots	2020-04-10T12:08:35.078540shield sshd\[28228\]: Invalid user sinusbot1 from 106.12.112.49 port 53486 2020-04-10T12:08:35.082218shield sshd\[28228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 2020-04-10T12:08:37.220294shield sshd\[28228\]: Failed password for invalid user sinusbot1 from 106.12.112.49 port 53486 ssh2 2020-04-10T12:10:24.721972shield sshd\[28491\]: Invalid user admin from 106.12.112.49 port 48468 2020-04-10T12:10:24.724540shield sshd\[28491\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49	2020-04-10 22:00:20
attackspam	Mar 30 06:25:18 haigwepa sshd[6433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Mar 30 06:25:20 haigwepa sshd[6433]: Failed password for invalid user deborah from 106.12.112.49 port 54494 ssh2 ...	2020-03-30 14:35:20
attackbotsspam	(sshd) Failed SSH login from 106.12.112.49 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 28 13:02:29 elude sshd[2727]: Invalid user astral from 106.12.112.49 port 48896 Mar 28 13:02:31 elude sshd[2727]: Failed password for invalid user astral from 106.12.112.49 port 48896 ssh2 Mar 28 13:17:46 elude sshd[3690]: Invalid user opg from 106.12.112.49 port 39612 Mar 28 13:17:48 elude sshd[3690]: Failed password for invalid user opg from 106.12.112.49 port 39612 ssh2 Mar 28 13:20:26 elude sshd[3841]: Invalid user jqt from 106.12.112.49 port 41658	2020-03-28 20:24:53
attackbotsspam	Mar 25 05:31:46 XXX sshd[51087]: Invalid user cloudadmin from 106.12.112.49 port 47498	2020-03-26 09:05:38
attackspam	Mar 21 04:42:24 vps sshd[15225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Mar 21 04:42:27 vps sshd[15225]: Failed password for invalid user jacey from 106.12.112.49 port 48774 ssh2 Mar 21 04:52:44 vps sshd[15739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 ...	2020-03-21 14:17:07
attackbots	2020-03-20T22:47:11.709929shield sshd\[1269\]: Invalid user tq from 106.12.112.49 port 53934 2020-03-20T22:47:11.714878shield sshd\[1269\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 2020-03-20T22:47:14.452325shield sshd\[1269\]: Failed password for invalid user tq from 106.12.112.49 port 53934 ssh2 2020-03-20T22:49:36.894385shield sshd\[1809\]: Invalid user email from 106.12.112.49 port 36362 2020-03-20T22:49:36.902206shield sshd\[1809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49	2020-03-21 09:52:44
attackspambots	Unauthorized connection attempt detected from IP address 106.12.112.49 to port 2220 [J]	2020-02-02 09:42:00
attackspam	Feb 1 14:43:31 vpn01 sshd[14309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Feb 1 14:43:32 vpn01 sshd[14309]: Failed password for invalid user ftpuser from 106.12.112.49 port 41088 ssh2 ...	2020-02-02 02:24:08
attackbots	Jan 30 04:07:41 eddieflores sshd\[11212\]: Invalid user laranya from 106.12.112.49 Jan 30 04:07:41 eddieflores sshd\[11212\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Jan 30 04:07:43 eddieflores sshd\[11212\]: Failed password for invalid user laranya from 106.12.112.49 port 46072 ssh2 Jan 30 04:11:54 eddieflores sshd\[11871\]: Invalid user radhika from 106.12.112.49 Jan 30 04:11:54 eddieflores sshd\[11871\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49	2020-01-30 22:27:52
attack	(sshd) Failed SSH login from 106.12.112.49 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jan 7 19:34:57 blur sshd[30122]: Invalid user tomcat from 106.12.112.49 port 40614 Jan 7 19:34:59 blur sshd[30122]: Failed password for invalid user tomcat from 106.12.112.49 port 40614 ssh2 Jan 7 19:45:53 blur sshd[32189]: Invalid user fop2 from 106.12.112.49 port 45724 Jan 7 19:45:55 blur sshd[32189]: Failed password for invalid user fop2 from 106.12.112.49 port 45724 ssh2 Jan 7 19:48:42 blur sshd[32656]: Invalid user week from 106.12.112.49 port 42258	2020-01-08 03:14:31
attackbotsspam	Dec 28 07:00:38 ArkNodeAT sshd\[23107\]: Invalid user heier from 106.12.112.49 Dec 28 07:00:38 ArkNodeAT sshd\[23107\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Dec 28 07:00:40 ArkNodeAT sshd\[23107\]: Failed password for invalid user heier from 106.12.112.49 port 57924 ssh2	2019-12-28 14:25:41
attack	Dec 18 19:31:09 linuxvps sshd\[33061\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 user=root Dec 18 19:31:12 linuxvps sshd\[33061\]: Failed password for root from 106.12.112.49 port 49332 ssh2 Dec 18 19:35:55 linuxvps sshd\[36356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 user=root Dec 18 19:35:56 linuxvps sshd\[36356\]: Failed password for root from 106.12.112.49 port 41752 ssh2 Dec 18 19:40:31 linuxvps sshd\[39473\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 user=news	2019-12-19 08:42:46
attackbotsspam	Dec 9 20:18:23 localhost sshd\[779\]: Invalid user ying from 106.12.112.49 Dec 9 20:18:23 localhost sshd\[779\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Dec 9 20:18:25 localhost sshd\[779\]: Failed password for invalid user ying from 106.12.112.49 port 41486 ssh2 Dec 9 20:24:33 localhost sshd\[1085\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 user=root Dec 9 20:24:34 localhost sshd\[1085\]: Failed password for root from 106.12.112.49 port 48182 ssh2 ...	2019-12-10 05:04:12
attackspambots	Nov 24 05:02:40 tdfoods sshd\[17325\]: Invalid user aroon123 from 106.12.112.49 Nov 24 05:02:40 tdfoods sshd\[17325\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49 Nov 24 05:02:42 tdfoods sshd\[17325\]: Failed password for invalid user aroon123 from 106.12.112.49 port 59264 ssh2 Nov 24 05:11:50 tdfoods sshd\[18118\]: Invalid user 12345 from 106.12.112.49 Nov 24 05:11:50 tdfoods sshd\[18118\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.49	2019-11-25 06:30:36
attackspambots	Invalid user jonas from 106.12.112.49 port 49466	2019-10-27 02:52:14
attackbots	ssh failed login	2019-10-25 07:59:06

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.112.120	attackbotsspam	Repeated brute force against a port	2020-10-08 00:05:44
106.12.112.120	attackspam	Repeated brute force against a port	2020-10-07 16:12:02
106.12.112.120	attackbotsspam	Aug 20 07:22:49 mail sshd\[43028\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.120 user=root ...	2020-08-20 19:27:14
106.12.112.120	attackspam	Aug 18 23:06:33 vps-51d81928 sshd[722562]: Invalid user odoo8 from 106.12.112.120 port 41384 Aug 18 23:06:33 vps-51d81928 sshd[722562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.120 Aug 18 23:06:33 vps-51d81928 sshd[722562]: Invalid user odoo8 from 106.12.112.120 port 41384 Aug 18 23:06:35 vps-51d81928 sshd[722562]: Failed password for invalid user odoo8 from 106.12.112.120 port 41384 ssh2 Aug 18 23:10:16 vps-51d81928 sshd[722688]: Invalid user testuser from 106.12.112.120 port 38634 ...	2020-08-19 07:13:54
106.12.112.120	attackbotsspam	2020-07-31T06:42[Censored Hostname] sshd[27312]: Failed password for root from 106.12.112.120 port 45968 ssh2 2020-07-31T06:47[Censored Hostname] sshd[30151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.120 user=root 2020-07-31T06:47[Censored Hostname] sshd[30151]: Failed password for root from 106.12.112.120 port 44120 ssh2[...]	2020-07-31 13:14:30
106.12.112.120	attackbots	Jul 29 14:28:21 ip106 sshd[2579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.120 Jul 29 14:28:23 ip106 sshd[2579]: Failed password for invalid user wanyao from 106.12.112.120 port 55544 ssh2 ...	2020-07-29 20:50:12
106.12.112.120	attackspam	Jul 3 23:41:23 lnxweb61 sshd[1979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.120 Jul 3 23:41:23 lnxweb61 sshd[1979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.120	2020-07-04 06:02:20
106.12.112.120	attack	Jun 27 13:42:14 mail sshd[31312]: Failed password for invalid user transfer from 106.12.112.120 port 47368 ssh2 ...	2020-06-29 04:46:43
106.12.112.62	attackbots	2020-05-13T05:43:17.492647shield sshd\[19444\]: Invalid user postgres from 106.12.112.62 port 53398 2020-05-13T05:43:17.500866shield sshd\[19444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.62 2020-05-13T05:43:19.708856shield sshd\[19444\]: Failed password for invalid user postgres from 106.12.112.62 port 53398 ssh2 2020-05-13T05:47:05.538654shield sshd\[20372\]: Invalid user zhuhy from 106.12.112.62 port 42592 2020-05-13T05:47:05.547132shield sshd\[20372\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.112.62	2020-05-13 13:52:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.112.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64396
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.112.49.			IN	A

;; AUTHORITY SECTION:
.			393	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102001 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 21 13:33:12 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 49.112.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.112.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
71.6.158.166	attack	404 NOT FOUND	2020-03-17 22:55:24
46.184.61.226	attack	Unauthorized connection attempt detected from IP address 46.184.61.226 to port 23	2020-03-17 22:56:44
113.190.195.222	attackbotsspam	Unauthorized connection attempt detected from IP address 113.190.195.222 to port 445	2020-03-17 22:45:03
156.221.217.50	attackbotsspam	Unauthorized connection attempt detected from IP address 156.221.217.50 to port 23	2020-03-17 22:40:22
185.234.217.182	attack	Unauthorized connection attempt detected from IP address 185.234.217.182 to port 443	2020-03-17 22:31:09
78.130.212.2	attackspam	Unauthorized connection attempt detected from IP address 78.130.212.2 to port 1433	2020-03-17 22:52:55
14.50.216.69	attack	Unauthorized connection attempt detected from IP address 14.50.216.69 to port 23	2020-03-17 22:59:51
14.35.19.181	attack	Unauthorized connection attempt detected from IP address 14.35.19.181 to port 23	2020-03-17 23:00:24
41.42.231.105	attack	Unauthorized connection attempt detected from IP address 41.42.231.105 to port 23	2020-03-17 22:58:36
49.51.8.188	attackbots	Unauthorized connection attempt detected from IP address 49.51.8.188 to port 280	2020-03-17 22:13:35
74.82.47.3	attackspam	SSH login attempts.	2020-03-17 22:54:26
187.102.14.46	attack	Unauthorized connection attempt detected from IP address 187.102.14.46 to port 23	2020-03-17 22:30:19
45.9.148.124	attackspambots	Unauthorized connection attempt detected from IP address 45.9.148.124 to port 5990	2020-03-17 22:15:40
197.39.166.241	attack	Unauthorized connection attempt detected from IP address 197.39.166.241 to port 23	2020-03-17 22:26:14
104.206.128.26	attackbots	Unauthorized connection attempt detected from IP address 104.206.128.26 to port 81	2020-03-17 22:48:10

最近上报的IP列表

39.82.43.227	171.181.194.200	91.5.177.20	129.211.230.193
88.156.21.59	96.225.184.238	25.61.228.148	37.50.74.146
0.179.83.0	151.230.38.131	151.222.99.238	200.8.71.35
95.112.137.113	8.56.86.170	222.112.65.214	177.71.145.215
148.70.113.96	103.126.172.6	2001:e68:5067:9ce:1e5f:2bff:fe37:84f0	65.243.228.40