106.12.49.158 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Mar 10 13:33:24 lock-38 sshd[8936]: Failed password for invalid user oikawa from 106.12.49.158 port 35960 ssh2 Mar 10 13:58:08 lock-38 sshd[9118]: Failed password for invalid user developer from 106.12.49.158 port 55644 ssh2 ...	2020-03-12 01:58:04
attackbots	Mar 9 23:21:01 mout sshd[12351]: Invalid user charles from 106.12.49.158 port 48346	2020-03-10 07:44:06
attackbots	$f2bV_matches	2020-03-10 03:11:12
attackbotsspam	$f2bV_matches	2020-03-07 17:54:09
attack	Feb 9 14:52:16 haigwepa sshd[16802]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.158 Feb 9 14:52:18 haigwepa sshd[16802]: Failed password for invalid user kcw from 106.12.49.158 port 60090 ssh2 ...	2020-02-09 23:22:58
attackspambots	Unauthorized connection attempt detected from IP address 106.12.49.158 to port 2220 [J]	2020-01-19 04:01:27

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.49.118	attack	Jun 8 13:53:54 roki-contabo sshd\[7336\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 user=root Jun 8 13:53:56 roki-contabo sshd\[7336\]: Failed password for root from 106.12.49.118 port 45396 ssh2 Jun 8 13:58:38 roki-contabo sshd\[7451\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 user=root Jun 8 13:58:40 roki-contabo sshd\[7451\]: Failed password for root from 106.12.49.118 port 32852 ssh2 Jun 8 14:01:31 roki-contabo sshd\[7530\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 user=root ...	2020-06-09 04:19:30
106.12.49.118	attackspambots	2020-06-04T15:58:23.5808851495-001 sshd[4202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 user=root 2020-06-04T15:58:25.2741011495-001 sshd[4202]: Failed password for root from 106.12.49.118 port 33728 ssh2 2020-06-04T16:01:20.6117241495-001 sshd[4394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 user=root 2020-06-04T16:01:22.6057411495-001 sshd[4394]: Failed password for root from 106.12.49.118 port 46298 ssh2 2020-06-04T16:04:12.5568491495-001 sshd[4507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 user=root 2020-06-04T16:04:14.4958551495-001 sshd[4507]: Failed password for root from 106.12.49.118 port 58860 ssh2 ...	2020-06-05 05:53:41
106.12.49.118	attack	2020-05-31T06:15:49.2340911240 sshd\[27657\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 user=root 2020-05-31T06:15:51.1874811240 sshd\[27657\]: Failed password for root from 106.12.49.118 port 39406 ssh2 2020-05-31T06:23:00.9397651240 sshd\[28021\]: Invalid user samantha from 106.12.49.118 port 53566 2020-05-31T06:23:00.9443561240 sshd\[28021\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 ...	2020-05-31 17:20:52
106.12.49.118	attackspam	$f2bV_matches	2020-05-25 07:58:27
106.12.49.118	attackbotsspam	SSH Brute Force	2020-04-29 13:08:42
106.12.49.118	attackspam	Invalid user play from 106.12.49.118 port 51248	2020-04-29 06:35:37
106.12.49.118	attack	Apr 19 10:00:52 ns382633 sshd\[9853\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 user=root Apr 19 10:00:54 ns382633 sshd\[9853\]: Failed password for root from 106.12.49.118 port 40078 ssh2 Apr 19 10:09:14 ns382633 sshd\[11606\]: Invalid user gq from 106.12.49.118 port 39532 Apr 19 10:09:14 ns382633 sshd\[11606\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.118 Apr 19 10:09:16 ns382633 sshd\[11606\]: Failed password for invalid user gq from 106.12.49.118 port 39532 ssh2	2020-04-19 18:02:49
106.12.49.118	attackbots	Apr 3 22:43:27 webhost01 sshd[15642]: Failed password for root from 106.12.49.118 port 36008 ssh2 ...	2020-04-03 23:57:10
106.12.49.224	attackbots	2020-03-16T16:28:07.236692 sshd[15010]: Invalid user fangce from 106.12.49.224 port 56282 2020-03-16T16:28:07.250964 sshd[15010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.49.224 2020-03-16T16:28:07.236692 sshd[15010]: Invalid user fangce from 106.12.49.224 port 56282 2020-03-16T16:28:08.889982 sshd[15010]: Failed password for invalid user fangce from 106.12.49.224 port 56282 ssh2 ...	2020-03-17 01:13:02
106.12.49.150	attack	5x Failed Password	2020-03-13 18:10:43
106.12.49.207	attackbotsspam	web-1 [ssh] SSH Attack	2020-03-12 15:07:57
106.12.49.150	attackspambots	invalid login attempt (mail)	2020-03-11 11:22:58
106.12.49.207	attack	Invalid user asterisk from 106.12.49.207 port 52274	2020-03-11 07:13:06
106.12.49.118	attack	Mar 6 15:21:42 vps58358 sshd\[7193\]: Invalid user msagent123 from 106.12.49.118Mar 6 15:21:45 vps58358 sshd\[7193\]: Failed password for invalid user msagent123 from 106.12.49.118 port 37914 ssh2Mar 6 15:25:14 vps58358 sshd\[7231\]: Invalid user asd@123 from 106.12.49.118Mar 6 15:25:16 vps58358 sshd\[7231\]: Failed password for invalid user asd@123 from 106.12.49.118 port 50166 ssh2Mar 6 15:29:11 vps58358 sshd\[7265\]: Invalid user Passw0rt321 from 106.12.49.118Mar 6 15:29:14 vps58358 sshd\[7265\]: Failed password for invalid user Passw0rt321 from 106.12.49.118 port 34178 ssh2 ...	2020-03-06 23:40:44
106.12.49.118	attack	$f2bV_matches	2020-03-06 09:53:04

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.49.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44564
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.49.158.			IN	A

;; AUTHORITY SECTION:
.			274	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011800 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 19 04:01:24 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 158.49.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 158.49.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
187.34.211.130	attackbotsspam	Sat, 20 Jul 2019 21:56:33 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-21 07:46:10
167.99.202.143	attack	Jul 21 01:01:40 v22019058497090703 sshd[15125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.202.143 Jul 21 01:01:42 v22019058497090703 sshd[15125]: Failed password for invalid user vega from 167.99.202.143 port 47766 ssh2 Jul 21 01:08:07 v22019058497090703 sshd[15550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.202.143 ...	2019-07-21 07:34:47
193.169.252.212	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 21:19:27,458 INFO [amun_request_handler] PortScan Detected on Port: 25 (193.169.252.212)	2019-07-21 07:21:29
1.34.177.7	attackspambots	2019-07-20T22:42:42.217121abusebot.cloudsearch.cf sshd\[8063\]: Invalid user cacti from 1.34.177.7 port 34584 2019-07-20T22:42:42.222458abusebot.cloudsearch.cf sshd\[8063\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1-34-177-7.hinet-ip.hinet.net	2019-07-21 07:07:43
151.80.144.255	attackbots	Jul 21 01:20:36 SilenceServices sshd[6159]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.144.255 Jul 21 01:20:38 SilenceServices sshd[6159]: Failed password for invalid user deploy from 151.80.144.255 port 46851 ssh2 Jul 21 01:24:58 SilenceServices sshd[8574]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.144.255	2019-07-21 07:27:08
115.78.8.83	attack	2019-07-21T05:59:07.575278enmeeting.mahidol.ac.th sshd\[30792\]: Invalid user dell from 115.78.8.83 port 40453 2019-07-21T05:59:07.589647enmeeting.mahidol.ac.th sshd\[30792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.78.8.83 2019-07-21T05:59:09.780025enmeeting.mahidol.ac.th sshd\[30792\]: Failed password for invalid user dell from 115.78.8.83 port 40453 ssh2 ...	2019-07-21 07:09:57
5.107.180.150	attackbotsspam	C1,WP GET /wp-login.php	2019-07-21 07:16:02
200.116.129.73	attackspam	Invalid user webmaster from 200.116.129.73 port 51782	2019-07-21 07:40:25
191.53.248.206	attack	$f2bV_matches	2019-07-21 07:37:53
78.162.188.83	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 20:53:48,088 INFO [amun_request_handler] PortScan Detected on Port: 445 (78.162.188.83)	2019-07-21 07:07:09
118.163.218.241	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 02:25:07,436 INFO [shellcode_manager] (118.163.218.241) no match, writing hexdump (19ce1b864e2c7b3499e4e09b97d4cc03 :2237367) - MS17010 (EternalBlue)	2019-07-21 07:08:43
92.86.179.186	attackspambots	Jul 20 22:59:41 ip-172-31-1-72 sshd\[22472\]: Invalid user openproject from 92.86.179.186 Jul 20 22:59:41 ip-172-31-1-72 sshd\[22472\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.86.179.186 Jul 20 22:59:44 ip-172-31-1-72 sshd\[22472\]: Failed password for invalid user openproject from 92.86.179.186 port 58622 ssh2 Jul 20 23:04:23 ip-172-31-1-72 sshd\[22505\]: Invalid user customer from 92.86.179.186 Jul 20 23:04:23 ip-172-31-1-72 sshd\[22505\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.86.179.186	2019-07-21 07:38:12
96.114.71.147	attackspam	Jan 18 12:04:25 vtv3 sshd\[23139\]: Invalid user vicente from 96.114.71.147 port 38812 Jan 18 12:04:25 vtv3 sshd\[23139\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.114.71.147 Jan 18 12:04:27 vtv3 sshd\[23139\]: Failed password for invalid user vicente from 96.114.71.147 port 38812 ssh2 Jan 18 12:08:39 vtv3 sshd\[24790\]: Invalid user violet from 96.114.71.147 port 38792 Jan 18 12:08:39 vtv3 sshd\[24790\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.114.71.147 Jan 26 01:30:46 vtv3 sshd\[31766\]: Invalid user veridiana from 96.114.71.147 port 53316 Jan 26 01:30:46 vtv3 sshd\[31766\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.114.71.147 Jan 26 01:30:48 vtv3 sshd\[31766\]: Failed password for invalid user veridiana from 96.114.71.147 port 53316 ssh2 Jan 26 01:34:35 vtv3 sshd\[32261\]: Invalid user ftp from 96.114.71.147 port 55558 Jan 26 01:34:35 vtv3 sshd\[322	2019-07-21 07:12:18
198.98.53.237	attackbotsspam	Splunk® : port scan detected: Jul 20 19:16:46 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:64:c3:d6:0b:ef:f0:08:00 SRC=198.98.53.237 DST=104.248.11.191 LEN=44 TOS=0x08 PREC=0x00 TTL=246 ID=54321 PROTO=TCP SPT=42961 DPT=8088 WINDOW=65535 RES=0x00 SYN URGP=0	2019-07-21 07:20:42
45.119.208.227	attackspam	Automatic report generated by Wazuh	2019-07-21 07:21:05

最近上报的IP列表

120.238.26.1	80.91.165.64	179.80.55.57	156.199.57.41
92.127.99.193	114.177.218.13	89.137.232.159	154.199.145.197
18.222.175.109	112.101.204.253	99.238.255.149	129.97.174.249
82.251.138.44	217.241.94.195	189.151.98.132	56.118.61.195
37.150.167.39	71.205.41.77	118.247.48.224	87.173.93.45