106.12.55.112 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-06-28T03:50:43.592443abusebot-8.cloudsearch.cf sshd[25273]: Invalid user president from 106.12.55.112 port 41517 2020-06-28T03:50:43.598620abusebot-8.cloudsearch.cf sshd[25273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.112 2020-06-28T03:50:43.592443abusebot-8.cloudsearch.cf sshd[25273]: Invalid user president from 106.12.55.112 port 41517 2020-06-28T03:50:45.496405abusebot-8.cloudsearch.cf sshd[25273]: Failed password for invalid user president from 106.12.55.112 port 41517 ssh2 2020-06-28T03:56:13.925122abusebot-8.cloudsearch.cf sshd[25345]: Invalid user oficina from 106.12.55.112 port 38316 2020-06-28T03:56:13.935141abusebot-8.cloudsearch.cf sshd[25345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.112 2020-06-28T03:56:13.925122abusebot-8.cloudsearch.cf sshd[25345]: Invalid user oficina from 106.12.55.112 port 38316 2020-06-28T03:56:15.802800abusebot-8.cloudsearch.cf ssh ...	2020-06-28 12:58:41
attackspam	Invalid user said from 106.12.55.112 port 55658	2020-06-28 07:34:14
attack	2020-06-11T20:34:21.477340abusebot-3.cloudsearch.cf sshd[10848]: Invalid user qlw from 106.12.55.112 port 43269 2020-06-11T20:34:21.483740abusebot-3.cloudsearch.cf sshd[10848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.112 2020-06-11T20:34:21.477340abusebot-3.cloudsearch.cf sshd[10848]: Invalid user qlw from 106.12.55.112 port 43269 2020-06-11T20:34:23.272977abusebot-3.cloudsearch.cf sshd[10848]: Failed password for invalid user qlw from 106.12.55.112 port 43269 ssh2 2020-06-11T20:39:36.401624abusebot-3.cloudsearch.cf sshd[11156]: Invalid user kg from 106.12.55.112 port 39932 2020-06-11T20:39:36.408588abusebot-3.cloudsearch.cf sshd[11156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.112 2020-06-11T20:39:36.401624abusebot-3.cloudsearch.cf sshd[11156]: Invalid user kg from 106.12.55.112 port 39932 2020-06-11T20:39:38.443526abusebot-3.cloudsearch.cf sshd[11156]: Failed password fo ...	2020-06-12 05:14:28
attack	SSH login attempts.	2020-05-23 17:54:30
attack	May 7 13:26:27 lukav-desktop sshd\[11878\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.112 user=root May 7 13:26:28 lukav-desktop sshd\[11878\]: Failed password for root from 106.12.55.112 port 50233 ssh2 May 7 13:31:37 lukav-desktop sshd\[12015\]: Invalid user anurag from 106.12.55.112 May 7 13:31:37 lukav-desktop sshd\[12015\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.112 May 7 13:31:39 lukav-desktop sshd\[12015\]: Failed password for invalid user anurag from 106.12.55.112 port 49458 ssh2	2020-05-07 19:03:19
attackbots	May 2 17:13:35 gw1 sshd[15945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.112 May 2 17:13:37 gw1 sshd[15945]: Failed password for invalid user ofsaa from 106.12.55.112 port 48764 ssh2 ...	2020-05-02 22:27:54
attackspam	Apr 26 15:22:13 [host] sshd[2102]: Invalid user ng Apr 26 15:22:13 [host] sshd[2102]: pam_unix(sshd:a Apr 26 15:22:15 [host] sshd[2102]: Failed password	2020-04-27 03:17:06
attackspambots	Invalid user st from 106.12.55.112 port 59775	2020-04-25 16:33:56
attack	Invalid user admin from 106.12.55.112 port 56485	2020-04-21 03:34:29
attackbotsspam	prod8 ...	2020-04-08 04:46:16
attackspam	Automatic report - SSH Brute-Force Attack	2020-04-01 05:32:22

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.55.57	attack	19219/tcp 162/tcp 23912/tcp... [2020-08-11/10-07]35pkt,35pt.(tcp)	2020-10-08 06:12:54
106.12.55.57	attack	Found on 106.12.0.0/15 Dark List de / proto=6 . srcport=40207 . dstport=19219 . (1001)	2020-10-07 22:32:07
106.12.55.57	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-07 14:33:43
106.12.55.170	attack	ssh brute force	2020-08-31 20:12:16
106.12.55.57	attackspambots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-28 19:57:03
106.12.55.57	attackbotsspam	SSH Invalid Login	2020-08-28 06:41:55
106.12.55.57	attackbots	Aug 26 16:45:09 marvibiene sshd[26983]: Invalid user rey from 106.12.55.57 port 34908 Aug 26 16:45:09 marvibiene sshd[26983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.57 Aug 26 16:45:09 marvibiene sshd[26983]: Invalid user rey from 106.12.55.57 port 34908 Aug 26 16:45:10 marvibiene sshd[26983]: Failed password for invalid user rey from 106.12.55.57 port 34908 ssh2	2020-08-27 02:05:17
106.12.55.170	attackbots	Invalid user jon from 106.12.55.170 port 59460	2020-08-25 16:29:05
106.12.55.39	attack	Aug 21 22:19:22 PorscheCustomer sshd[13823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.39 Aug 21 22:19:24 PorscheCustomer sshd[13823]: Failed password for invalid user lol from 106.12.55.39 port 42548 ssh2 Aug 21 22:25:26 PorscheCustomer sshd[14021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.39 ...	2020-08-22 04:46:16
106.12.55.39	attack	Invalid user ba from 106.12.55.39 port 50448	2020-08-19 16:57:54
106.12.55.39	attack	Automatic report - Banned IP Access	2020-08-06 18:50:40
106.12.55.170	attack	Aug 4 16:59:54 webhost01 sshd[31562]: Failed password for root from 106.12.55.170 port 47118 ssh2 ...	2020-08-04 19:13:28
106.12.55.39	attack	Aug 2 21:07:30 django-0 sshd[1480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.39 user=root Aug 2 21:07:32 django-0 sshd[1480]: Failed password for root from 106.12.55.39 port 51108 ssh2 ...	2020-08-03 05:08:47
106.12.55.170	attack	Jul 26 22:03:57 hidden sshd[18378]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.170 Jul 26 22:03:59 hidden sshd[18378]: Failed password for invalid user master from 106.12.55.170 port 43322 ssh2 Jul 26 22:15:01 hidden sshd[20005]: Invalid user mahmood from 106.12.55.170 port 48874	2020-07-27 05:48:57
106.12.55.170	attackspambots	Jul 26 00:51:22 server sshd[46587]: Failed password for invalid user martin from 106.12.55.170 port 38544 ssh2 Jul 26 01:04:26 server sshd[51496]: Failed password for invalid user msr from 106.12.55.170 port 46700 ssh2 Jul 26 01:08:42 server sshd[52945]: Failed password for invalid user amsftp from 106.12.55.170 port 41644 ssh2	2020-07-26 07:55:12

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.55.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4522
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.55.112.			IN	A

;; AUTHORITY SECTION:
.			460	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020033101 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 01 05:32:18 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 112.55.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 112.55.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
41.84.131.10	attackbotsspam	Jul 6 03:28:40 ip-172-31-1-72 sshd\[10683\]: Invalid user sa from 41.84.131.10 Jul 6 03:28:40 ip-172-31-1-72 sshd\[10683\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.84.131.10 Jul 6 03:28:42 ip-172-31-1-72 sshd\[10683\]: Failed password for invalid user sa from 41.84.131.10 port 26910 ssh2 Jul 6 03:31:29 ip-172-31-1-72 sshd\[10733\]: Invalid user user2 from 41.84.131.10 Jul 6 03:31:29 ip-172-31-1-72 sshd\[10733\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.84.131.10	2019-07-06 21:17:53
138.197.78.121	attackspam	Jul 6 13:17:06 ncomp sshd[32479]: Invalid user demo from 138.197.78.121 Jul 6 13:17:06 ncomp sshd[32479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.78.121 Jul 6 13:17:06 ncomp sshd[32479]: Invalid user demo from 138.197.78.121 Jul 6 13:17:07 ncomp sshd[32479]: Failed password for invalid user demo from 138.197.78.121 port 52066 ssh2	2019-07-06 21:12:40
40.76.40.239	attackspam	Invalid user michael from 40.76.40.239 port 55348 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.76.40.239 Failed password for invalid user michael from 40.76.40.239 port 55348 ssh2 Invalid user apache from 40.76.40.239 port 60274 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.76.40.239	2019-07-06 21:54:58
185.176.27.30	attack	06.07.2019 13:35:32 Connection to port 17681 blocked by firewall	2019-07-06 21:42:28
117.216.169.23	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-06 21:15:40
118.69.62.58	attackbots	Unauthorized connection attempt from IP address 118.69.62.58 on Port 445(SMB)	2019-07-06 21:35:57
141.98.9.2	attackbots		2019-07-06 21:50:00
119.54.107.235	attack	FTP/21 MH Probe, BF, Hack -	2019-07-06 21:25:31
37.79.251.231	attackspambots	IMAP brute force ...	2019-07-06 21:58:22
197.247.18.190	attackspam	Jul 3 20:04:31 dns01 sshd[29647]: Invalid user vendas from 197.247.18.190 Jul 3 20:04:31 dns01 sshd[29647]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.247.18.190 Jul 3 20:04:34 dns01 sshd[29647]: Failed password for invalid user vendas from 197.247.18.190 port 53016 ssh2 Jul 3 20:04:34 dns01 sshd[29647]: Received disconnect from 197.247.18.190 port 53016:11: Bye Bye [preauth] Jul 3 20:04:34 dns01 sshd[29647]: Disconnected from 197.247.18.190 port 53016 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=197.247.18.190	2019-07-06 21:19:08
191.242.76.223	attack	Jul 5 23:31:37 web1 postfix/smtpd[30489]: warning: unknown[191.242.76.223]: SASL PLAIN authentication failed: authentication failure ...	2019-07-06 21:13:29
193.56.28.244	attackspam	Brute force attempt	2019-07-06 21:45:54
42.236.10.77	attackbots	Automatic report - Web App Attack	2019-07-06 21:36:58
181.49.155.250	attack	Unauthorized connection attempt from IP address 181.49.155.250 on Port 445(SMB)	2019-07-06 21:27:54
178.128.27.125	attack	Automatic report	2019-07-06 21:24:54

最近上报的IP列表

145.165.110.221	51.126.109.18	67.20.46.95	157.185.31.172
162.179.139.96	236.207.233.237	4.109.253.47	208.222.254.113
21.246.62.69	120.181.201.120	92.169.20.186	104.20.36.161
29.61.117.63	78.198.77.17	78.38.90.129	86.157.118.80
196.128.0.46	97.189.18.35	99.7.172.161	162.162.117.86