106.12.49.158 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Mar 10 13:33:24 lock-38 sshd[8936]: Failed password for invalid user oikawa from 106.12.49.158 port 35960 ssh2 Mar 10 13:58:08 lock-38 sshd[9118]: Failed password for invalid user developer from 106.12.49.158 port 55644 ssh2 ...	2020-03-12 01:58:04
attackbots	Mar 9 23:21:01 mout sshd[12351]: Invalid user charles from 106.12.49.158 port 48346	2020-03-10 07:44:06
attackbots	$f2bV_matches	2020-03-10 03:11:12
attackbotsspam	$f2bV_matches	2020-03-07 17:54:09
attack	Feb 9 14:52:16 haigwepa sshd[16802]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.158 Feb 9 14:52:18 haigwepa sshd[16802]: Failed password for invalid user kcw from 106.12.49.158 port 60090 ssh2 ...	2020-02-09 23:22:58
attackspambots	Unauthorized connection attempt detected from IP address 106.12.49.158 to port 2220 [J]	2020-01-19 04:01:27

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.49.118	attack	Jun 8 13:53:54 roki-contabo sshd\[7336\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 user=root Jun 8 13:53:56 roki-contabo sshd\[7336\]: Failed password for root from 106.12.49.118 port 45396 ssh2 Jun 8 13:58:38 roki-contabo sshd\[7451\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 user=root Jun 8 13:58:40 roki-contabo sshd\[7451\]: Failed password for root from 106.12.49.118 port 32852 ssh2 Jun 8 14:01:31 roki-contabo sshd\[7530\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 user=root ...	2020-06-09 04:19:30
106.12.49.118	attackspambots	2020-06-04T15:58:23.5808851495-001 sshd[4202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 user=root 2020-06-04T15:58:25.2741011495-001 sshd[4202]: Failed password for root from 106.12.49.118 port 33728 ssh2 2020-06-04T16:01:20.6117241495-001 sshd[4394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 user=root 2020-06-04T16:01:22.6057411495-001 sshd[4394]: Failed password for root from 106.12.49.118 port 46298 ssh2 2020-06-04T16:04:12.5568491495-001 sshd[4507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 user=root 2020-06-04T16:04:14.4958551495-001 sshd[4507]: Failed password for root from 106.12.49.118 port 58860 ssh2 ...	2020-06-05 05:53:41
106.12.49.118	attack	2020-05-31T06:15:49.2340911240 sshd\[27657\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 user=root 2020-05-31T06:15:51.1874811240 sshd\[27657\]: Failed password for root from 106.12.49.118 port 39406 ssh2 2020-05-31T06:23:00.9397651240 sshd\[28021\]: Invalid user samantha from 106.12.49.118 port 53566 2020-05-31T06:23:00.9443561240 sshd\[28021\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 ...	2020-05-31 17:20:52
106.12.49.118	attackspam	$f2bV_matches	2020-05-25 07:58:27
106.12.49.118	attackbotsspam	SSH Brute Force	2020-04-29 13:08:42
106.12.49.118	attackspam	Invalid user play from 106.12.49.118 port 51248	2020-04-29 06:35:37
106.12.49.118	attack	Apr 19 10:00:52 ns382633 sshd\[9853\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 user=root Apr 19 10:00:54 ns382633 sshd\[9853\]: Failed password for root from 106.12.49.118 port 40078 ssh2 Apr 19 10:09:14 ns382633 sshd\[11606\]: Invalid user gq from 106.12.49.118 port 39532 Apr 19 10:09:14 ns382633 sshd\[11606\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 Apr 19 10:09:16 ns382633 sshd\[11606\]: Failed password for invalid user gq from 106.12.49.118 port 39532 ssh2	2020-04-19 18:02:49
106.12.49.118	attackbots	Apr 3 22:43:27 webhost01 sshd[15642]: Failed password for root from 106.12.49.118 port 36008 ssh2 ...	2020-04-03 23:57:10
106.12.49.224	attackbots	2020-03-16T16:28:07.236692 sshd[15010]: Invalid user fangce from 106.12.49.224 port 56282 2020-03-16T16:28:07.250964 sshd[15010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.224 2020-03-16T16:28:07.236692 sshd[15010]: Invalid user fangce from 106.12.49.224 port 56282 2020-03-16T16:28:08.889982 sshd[15010]: Failed password for invalid user fangce from 106.12.49.224 port 56282 ssh2 ...	2020-03-17 01:13:02
106.12.49.150	attack	5x Failed Password	2020-03-13 18:10:43
106.12.49.207	attackbotsspam	web-1 [ssh] SSH Attack	2020-03-12 15:07:57
106.12.49.150	attackspambots	invalid login attempt (mail)	2020-03-11 11:22:58
106.12.49.207	attack	Invalid user asterisk from 106.12.49.207 port 52274	2020-03-11 07:13:06
106.12.49.118	attack	Mar 6 15:21:42 vps58358 sshd\[7193\]: Invalid user msagent123 from 106.12.49.118Mar 6 15:21:45 vps58358 sshd\[7193\]: Failed password for invalid user msagent123 from 106.12.49.118 port 37914 ssh2Mar 6 15:25:14 vps58358 sshd\[7231\]: Invalid user asd@123 from 106.12.49.118Mar 6 15:25:16 vps58358 sshd\[7231\]: Failed password for invalid user asd@123 from 106.12.49.118 port 50166 ssh2Mar 6 15:29:11 vps58358 sshd\[7265\]: Invalid user Passw0rt321 from 106.12.49.118Mar 6 15:29:14 vps58358 sshd\[7265\]: Failed password for invalid user Passw0rt321 from 106.12.49.118 port 34178 ssh2 ...	2020-03-06 23:40:44
106.12.49.118	attack	$f2bV_matches	2020-03-06 09:53:04

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.49.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44564
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.49.158.			IN	A

;; AUTHORITY SECTION:
.			274	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011800 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 19 04:01:24 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 158.49.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 158.49.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
217.160.60.230	attackbots	Aug 31 23:21:30 lvps5-35-247-183 sshd[4102]: Invalid user movies from 217.160.60.230 Aug 31 23:21:30 lvps5-35-247-183 sshd[4102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.160.60.230 Aug 31 23:21:32 lvps5-35-247-183 sshd[4102]: Failed password for invalid user movies from 217.160.60.230 port 55212 ssh2 Aug 31 23:21:32 lvps5-35-247-183 sshd[4102]: Received disconnect from 217.160.60.230: 11: Bye Bye [preauth] Aug 31 23:28:51 lvps5-35-247-183 sshd[4308]: Invalid user cd from 217.160.60.230 Aug 31 23:28:51 lvps5-35-247-183 sshd[4308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.160.60.230 Aug 31 23:28:54 lvps5-35-247-183 sshd[4308]: Failed password for invalid user cd from 217.160.60.230 port 47570 ssh2 Aug 31 23:28:54 lvps5-35-247-183 sshd[4308]: Received disconnect from 217.160.60.230: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=217.16	2019-09-01 11:10:53
66.84.95.93	attackspam	(From noreply@thewordpressclub7743.site) Hi There, Are you presently working with Wordpress/Woocommerce or maybe do you actually plan to work with it sooner or later ? We currently offer a little over 2500 premium plugins as well as themes completely free to get : http://urlre.xyz/GzyKd Thanks, Taren	2019-09-01 11:29:10
14.29.244.64	attackspam	Sep 1 03:54:24 nextcloud sshd\[28129\]: Invalid user lovetravel-ftp from 14.29.244.64 Sep 1 03:54:24 nextcloud sshd\[28129\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.244.64 Sep 1 03:54:26 nextcloud sshd\[28129\]: Failed password for invalid user lovetravel-ftp from 14.29.244.64 port 44590 ssh2 ...	2019-09-01 11:48:59
222.186.30.111	attack	01.09.2019 03:28:30 SSH access blocked by firewall	2019-09-01 11:45:54
141.98.9.205	attack	Sep 1 05:10:45 webserver postfix/smtpd\[19324\]: warning: unknown\[141.98.9.205\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 1 05:11:55 webserver postfix/smtpd\[19324\]: warning: unknown\[141.98.9.205\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 1 05:13:05 webserver postfix/smtpd\[19223\]: warning: unknown\[141.98.9.205\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 1 05:14:15 webserver postfix/smtpd\[19223\]: warning: unknown\[141.98.9.205\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 1 05:15:25 webserver postfix/smtpd\[19223\]: warning: unknown\[141.98.9.205\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-09-01 11:20:04
213.230.126.165	attackspambots	Aug 31 14:18:03 sshd[12396]: reverse mapping checking getaddrinfo for 165.126.uzpak.uz [213.230.126.165] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 31 14:22:22 sshd[12477]: reverse mapping checking getaddrinfo for 165.126.uzpak.uz [213.230.126.165] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 31 14:26:46 sshd[12583]: reverse mapping checking getaddrinfo for 165.126.uzpak.uz [213.230.126.165] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 31 14:31:20 sshd[12644]: reverse mapping checking getaddrinfo for 165.126.uzpak.uz [213.230.126.165] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 31 14:35:49 sshd[12731]: reverse mapping checking getaddrinfo for 165.126.uzpak.uz [213.230.126.165] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 31 14:40:20 sshd[12791]: reverse mapping checking getaddrinfo for 165.126.uzpak.uz [213.230.126.165] failed - POSSIBLE BREAK-IN ATTEMPT!	2019-09-01 11:41:21
197.253.19.74	attackbots	Sep 1 04:43:29 srv206 sshd[6034]: Invalid user wright from 197.253.19.74 ...	2019-09-01 11:25:06
91.121.136.44	attackbots	Invalid user arthur from 91.121.136.44 port 37220	2019-09-01 11:36:45
106.12.33.174	attackspam	Too many connections or unauthorized access detected from Arctic banned ip	2019-09-01 11:42:54
167.99.252.222	attackbotsspam	Aug 31 23:40:11 lvps5-35-247-183 sshd[4665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.252.222 user=r.r Aug 31 23:40:13 lvps5-35-247-183 sshd[4665]: Failed password for r.r from 167.99.252.222 port 55472 ssh2 Aug 31 23:40:13 lvps5-35-247-183 sshd[4665]: Received disconnect from 167.99.252.222: 11: Bye Bye [preauth] Aug 31 23:40:14 lvps5-35-247-183 sshd[4667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.252.222 user=r.r Aug 31 23:40:15 lvps5-35-247-183 sshd[4667]: Failed password for r.r from 167.99.252.222 port 56712 ssh2 Aug 31 23:40:15 lvps5-35-247-183 sshd[4667]: Received disconnect from 167.99.252.222: 11: Bye Bye [preauth] Aug 31 23:40:16 lvps5-35-247-183 sshd[4670]: Invalid user admin from 167.99.252.222 Aug 31 23:40:16 lvps5-35-247-183 sshd[4670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.252.222 ........ --------------------------------------	2019-09-01 11:52:48
113.190.218.91	attackbots	"Fail2Ban detected SSH brute force attempt"	2019-09-01 11:09:52
49.50.64.213	attackspam	Sep 1 03:59:41 MainVPS sshd[6613]: Invalid user uftp from 49.50.64.213 port 41634 Sep 1 03:59:41 MainVPS sshd[6613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.50.64.213 Sep 1 03:59:41 MainVPS sshd[6613]: Invalid user uftp from 49.50.64.213 port 41634 Sep 1 03:59:43 MainVPS sshd[6613]: Failed password for invalid user uftp from 49.50.64.213 port 41634 ssh2 Sep 1 04:04:30 MainVPS sshd[6944]: Invalid user purchase from 49.50.64.213 port 57520 ...	2019-09-01 11:38:39
104.238.97.230	attackbotsspam	Looking for resource vulnerabilities	2019-09-01 11:35:43
120.88.185.39	attackspam	$f2bV_matches	2019-09-01 11:09:34
85.206.165.15	attackspam	(From brianweara@mail.ru) Lay eyes on is an prominentoffer for you. http://ginggigesi.tk/7m28o	2019-09-01 11:24:13

最近上报的IP列表

120.238.26.1	80.91.165.64	179.80.55.57	156.199.57.41
92.127.99.193	114.177.218.13	89.137.232.159	154.199.145.197
18.222.175.109	112.101.204.253	99.238.255.149	129.97.174.249
82.251.138.44	217.241.94.195	189.151.98.132	56.118.61.195
37.150.167.39	71.205.41.77	118.247.48.224	87.173.93.45