106.12.55.112 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-06-28T03:50:43.592443abusebot-8.cloudsearch.cf sshd[25273]: Invalid user president from 106.12.55.112 port 41517 2020-06-28T03:50:43.598620abusebot-8.cloudsearch.cf sshd[25273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.112 2020-06-28T03:50:43.592443abusebot-8.cloudsearch.cf sshd[25273]: Invalid user president from 106.12.55.112 port 41517 2020-06-28T03:50:45.496405abusebot-8.cloudsearch.cf sshd[25273]: Failed password for invalid user president from 106.12.55.112 port 41517 ssh2 2020-06-28T03:56:13.925122abusebot-8.cloudsearch.cf sshd[25345]: Invalid user oficina from 106.12.55.112 port 38316 2020-06-28T03:56:13.935141abusebot-8.cloudsearch.cf sshd[25345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.112 2020-06-28T03:56:13.925122abusebot-8.cloudsearch.cf sshd[25345]: Invalid user oficina from 106.12.55.112 port 38316 2020-06-28T03:56:15.802800abusebot-8.cloudsearch.cf ssh ...	2020-06-28 12:58:41
attackspam	Invalid user said from 106.12.55.112 port 55658	2020-06-28 07:34:14
attack	2020-06-11T20:34:21.477340abusebot-3.cloudsearch.cf sshd[10848]: Invalid user qlw from 106.12.55.112 port 43269 2020-06-11T20:34:21.483740abusebot-3.cloudsearch.cf sshd[10848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.112 2020-06-11T20:34:21.477340abusebot-3.cloudsearch.cf sshd[10848]: Invalid user qlw from 106.12.55.112 port 43269 2020-06-11T20:34:23.272977abusebot-3.cloudsearch.cf sshd[10848]: Failed password for invalid user qlw from 106.12.55.112 port 43269 ssh2 2020-06-11T20:39:36.401624abusebot-3.cloudsearch.cf sshd[11156]: Invalid user kg from 106.12.55.112 port 39932 2020-06-11T20:39:36.408588abusebot-3.cloudsearch.cf sshd[11156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.112 2020-06-11T20:39:36.401624abusebot-3.cloudsearch.cf sshd[11156]: Invalid user kg from 106.12.55.112 port 39932 2020-06-11T20:39:38.443526abusebot-3.cloudsearch.cf sshd[11156]: Failed password fo ...	2020-06-12 05:14:28
attack	SSH login attempts.	2020-05-23 17:54:30
attack	May 7 13:26:27 lukav-desktop sshd\[11878\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.112 user=root May 7 13:26:28 lukav-desktop sshd\[11878\]: Failed password for root from 106.12.55.112 port 50233 ssh2 May 7 13:31:37 lukav-desktop sshd\[12015\]: Invalid user anurag from 106.12.55.112 May 7 13:31:37 lukav-desktop sshd\[12015\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.112 May 7 13:31:39 lukav-desktop sshd\[12015\]: Failed password for invalid user anurag from 106.12.55.112 port 49458 ssh2	2020-05-07 19:03:19
attackbots	May 2 17:13:35 gw1 sshd[15945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.112 May 2 17:13:37 gw1 sshd[15945]: Failed password for invalid user ofsaa from 106.12.55.112 port 48764 ssh2 ...	2020-05-02 22:27:54
attackspam	Apr 26 15:22:13 [host] sshd[2102]: Invalid user ng Apr 26 15:22:13 [host] sshd[2102]: pam_unix(sshd:a Apr 26 15:22:15 [host] sshd[2102]: Failed password	2020-04-27 03:17:06
attackspambots	Invalid user st from 106.12.55.112 port 59775	2020-04-25 16:33:56
attack	Invalid user admin from 106.12.55.112 port 56485	2020-04-21 03:34:29
attackbotsspam	prod8 ...	2020-04-08 04:46:16
attackspam	Automatic report - SSH Brute-Force Attack	2020-04-01 05:32:22

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.55.57	attack	19219/tcp 162/tcp 23912/tcp... [2020-08-11/10-07]35pkt,35pt.(tcp)	2020-10-08 06:12:54
106.12.55.57	attack	Found on 106.12.0.0/15 Dark List de / proto=6 . srcport=40207 . dstport=19219 . (1001)	2020-10-07 22:32:07
106.12.55.57	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-07 14:33:43
106.12.55.170	attack	ssh brute force	2020-08-31 20:12:16
106.12.55.57	attackspambots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-28 19:57:03
106.12.55.57	attackbotsspam	SSH Invalid Login	2020-08-28 06:41:55
106.12.55.57	attackbots	Aug 26 16:45:09 marvibiene sshd[26983]: Invalid user rey from 106.12.55.57 port 34908 Aug 26 16:45:09 marvibiene sshd[26983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.57 Aug 26 16:45:09 marvibiene sshd[26983]: Invalid user rey from 106.12.55.57 port 34908 Aug 26 16:45:10 marvibiene sshd[26983]: Failed password for invalid user rey from 106.12.55.57 port 34908 ssh2	2020-08-27 02:05:17
106.12.55.170	attackbots	Invalid user jon from 106.12.55.170 port 59460	2020-08-25 16:29:05
106.12.55.39	attack	Aug 21 22:19:22 PorscheCustomer sshd[13823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.39 Aug 21 22:19:24 PorscheCustomer sshd[13823]: Failed password for invalid user lol from 106.12.55.39 port 42548 ssh2 Aug 21 22:25:26 PorscheCustomer sshd[14021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.39 ...	2020-08-22 04:46:16
106.12.55.39	attack	Invalid user ba from 106.12.55.39 port 50448	2020-08-19 16:57:54
106.12.55.39	attack	Automatic report - Banned IP Access	2020-08-06 18:50:40
106.12.55.170	attack	Aug 4 16:59:54 webhost01 sshd[31562]: Failed password for root from 106.12.55.170 port 47118 ssh2 ...	2020-08-04 19:13:28
106.12.55.39	attack	Aug 2 21:07:30 django-0 sshd[1480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.39 user=root Aug 2 21:07:32 django-0 sshd[1480]: Failed password for root from 106.12.55.39 port 51108 ssh2 ...	2020-08-03 05:08:47
106.12.55.170	attack	Jul 26 22:03:57 hidden sshd[18378]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.170 Jul 26 22:03:59 hidden sshd[18378]: Failed password for invalid user master from 106.12.55.170 port 43322 ssh2 Jul 26 22:15:01 hidden sshd[20005]: Invalid user mahmood from 106.12.55.170 port 48874	2020-07-27 05:48:57
106.12.55.170	attackspambots	Jul 26 00:51:22 server sshd[46587]: Failed password for invalid user martin from 106.12.55.170 port 38544 ssh2 Jul 26 01:04:26 server sshd[51496]: Failed password for invalid user msr from 106.12.55.170 port 46700 ssh2 Jul 26 01:08:42 server sshd[52945]: Failed password for invalid user amsftp from 106.12.55.170 port 41644 ssh2	2020-07-26 07:55:12

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.55.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4522
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.55.112.			IN	A

;; AUTHORITY SECTION:
.			460	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020033101 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 01 05:32:18 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 112.55.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 112.55.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.234.217.194	attackspambots	login attempts	2019-11-06 00:11:42
185.53.88.33	attackspam	\[2019-11-05 10:35:17\] NOTICE\[2601\] chan_sip.c: Registration from '"1001" \' failed for '185.53.88.33:5448' - Wrong password \[2019-11-05 10:35:17\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-05T10:35:17.064-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="1001",SessionID="0x7fdf2c0eb718",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.33/5448",Challenge="22b1bd67",ReceivedChallenge="22b1bd67",ReceivedHash="ecbc37cd045bc2e4bf5c06f63caea1cf" \[2019-11-05 10:35:17\] NOTICE\[2601\] chan_sip.c: Registration from '"1001" \' failed for '185.53.88.33:5448' - Wrong password \[2019-11-05 10:35:17\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-05T10:35:17.165-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="1001",SessionID="0x7fdf2c003608",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/1	2019-11-05 23:42:23
139.59.40.233	attackbotsspam	Wordpress bruteforce	2019-11-06 00:27:20
159.203.201.69	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-06 00:14:13
49.87.35.57	attackbots	firewall-block, port(s): 23/tcp	2019-11-06 00:18:31
178.62.28.79	attackspam	2019-11-04 23:22:44 server sshd[52732]: Failed password for invalid user temp from 178.62.28.79 port 49270 ssh2	2019-11-06 00:21:38
46.101.11.213	attackspambots	Nov 5 11:08:52 TORMINT sshd\[5239\]: Invalid user azerty from 46.101.11.213 Nov 5 11:08:52 TORMINT sshd\[5239\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.11.213 Nov 5 11:08:55 TORMINT sshd\[5239\]: Failed password for invalid user azerty from 46.101.11.213 port 34038 ssh2 ...	2019-11-06 00:14:42
188.186.104.26	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-05 23:53:11
185.176.27.190	attackspambots	11/05/2019-15:40:33.054570 185.176.27.190 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-05 23:59:08
51.254.137.90	attackbotsspam	(mod_security) mod_security (id:949110) triggered by 51.254.137.90 (FR/France/90.ip-51-254-137.eu): 3 in the last 3600 secs	2019-11-06 00:27:39
192.188.2.235	attackbotsspam	1433	2019-11-06 00:01:02
14.18.93.114	attack	Nov 5 16:45:43 vmanager6029 sshd\[7811\]: Invalid user whocares from 14.18.93.114 port 32874 Nov 5 16:45:43 vmanager6029 sshd\[7811\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.18.93.114 Nov 5 16:45:45 vmanager6029 sshd\[7811\]: Failed password for invalid user whocares from 14.18.93.114 port 32874 ssh2	2019-11-06 00:03:45
34.212.63.114	attackspam	11/05/2019-16:10:02.953681 34.212.63.114 Protocol: 6 SURICATA TLS invalid record/traffic	2019-11-05 23:41:58
151.74.74.148	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/151.74.74.148/ IT - 1H : (111) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IT NAME ASN : ASN1267 IP : 151.74.74.148 CIDR : 151.74.0.0/16 PREFIX COUNT : 161 UNIQUE IP COUNT : 6032640 ATTACKS DETECTED ASN1267 : 1H - 2 3H - 4 6H - 7 12H - 11 24H - 23 DateTime : 2019-11-05 15:40:08 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-06 00:13:32
193.29.15.60	attackspam	11/05/2019-10:47:21.035239 193.29.15.60 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-06 00:13:55

最近上报的IP列表

145.165.110.221	51.126.109.18	67.20.46.95	157.185.31.172
162.179.139.96	236.207.233.237	4.109.253.47	208.222.254.113
21.246.62.69	120.181.201.120	92.169.20.186	104.20.36.161
29.61.117.63	78.198.77.17	78.38.90.129	86.157.118.80
196.128.0.46	97.189.18.35	99.7.172.161	162.162.117.86