106.12.5.137 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 1 14:41:17 rocket sshd[32407]: Failed password for root from 106.12.5.137 port 39360 ssh2 Sep 1 14:46:17 rocket sshd[687]: Failed password for root from 106.12.5.137 port 36804 ssh2 ...	2020-09-02 00:42:42
attackspambots	Aug 23 06:41:49 home sshd[3545590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137 Aug 23 06:41:49 home sshd[3545590]: Invalid user cloud from 106.12.5.137 port 56634 Aug 23 06:41:50 home sshd[3545590]: Failed password for invalid user cloud from 106.12.5.137 port 56634 ssh2 Aug 23 06:46:38 home sshd[3547388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137 user=root Aug 23 06:46:40 home sshd[3547388]: Failed password for root from 106.12.5.137 port 60978 ssh2 ...	2020-08-23 12:54:13
attackspam	2020-08-09T05:50:58.314733amanda2.illicoweb.com sshd\[29776\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137 user=root 2020-08-09T05:51:00.645494amanda2.illicoweb.com sshd\[29776\]: Failed password for root from 106.12.5.137 port 49334 ssh2 2020-08-09T05:55:48.319957amanda2.illicoweb.com sshd\[30242\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137 user=root 2020-08-09T05:55:51.131983amanda2.illicoweb.com sshd\[30242\]: Failed password for root from 106.12.5.137 port 52870 ssh2 2020-08-09T06:00:38.014090amanda2.illicoweb.com sshd\[30444\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137 user=root ...	2020-08-09 15:18:43
attackspam	Aug 8 06:48:20 game-panel sshd[10281]: Failed password for root from 106.12.5.137 port 32884 ssh2 Aug 8 06:53:10 game-panel sshd[10548]: Failed password for root from 106.12.5.137 port 51542 ssh2	2020-08-08 15:27:27
attack	Aug 2 14:24:44 vps647732 sshd[10797]: Failed password for root from 106.12.5.137 port 45568 ssh2 ...	2020-08-02 23:57:49
attackspam	Failed password for invalid user bob from 106.12.5.137 port 38878 ssh2	2020-07-30 00:28:14
attackbotsspam	Invalid user tian from 106.12.5.137 port 52252	2020-07-29 06:21:49
attackspambots	Jul 25 05:46:18 Ubuntu-1404-trusty-64-minimal sshd\[16716\]: Invalid user ci from 106.12.5.137 Jul 25 05:46:18 Ubuntu-1404-trusty-64-minimal sshd\[16716\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137 Jul 25 05:46:20 Ubuntu-1404-trusty-64-minimal sshd\[16716\]: Failed password for invalid user ci from 106.12.5.137 port 53008 ssh2 Jul 25 05:56:15 Ubuntu-1404-trusty-64-minimal sshd\[21566\]: Invalid user james from 106.12.5.137 Jul 25 05:56:15 Ubuntu-1404-trusty-64-minimal sshd\[21566\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137	2020-07-25 12:03:53
attack	2020-07-22T05:04:15.135092shield sshd\[8300\]: Invalid user margarita from 106.12.5.137 port 60304 2020-07-22T05:04:15.142971shield sshd\[8300\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137 2020-07-22T05:04:17.232542shield sshd\[8300\]: Failed password for invalid user margarita from 106.12.5.137 port 60304 ssh2 2020-07-22T05:09:27.070476shield sshd\[8928\]: Invalid user zein from 106.12.5.137 port 36410 2020-07-22T05:09:27.081104shield sshd\[8928\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137	2020-07-22 13:17:13
attack	Jul 13 15:22:31 [host] sshd[26348]: Invalid user w Jul 13 15:22:31 [host] sshd[26348]: pam_unix(sshd: Jul 13 15:22:33 [host] sshd[26348]: Failed passwor	2020-07-14 03:33:06
attack	Jun 21 06:19:43 haigwepa sshd[16935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137 Jun 21 06:19:45 haigwepa sshd[16935]: Failed password for invalid user wordpress from 106.12.5.137 port 56240 ssh2 ...	2020-06-21 17:00:02

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.52.154	attack	invalid login attempt (adelina)	2020-10-12 21:00:39
106.12.52.154	attack	2020-10-11T18:45:54.859781linuxbox-skyline sshd[36908]: Invalid user asdfgh from 106.12.52.154 port 52364 ...	2020-10-12 12:30:10
106.12.56.41	attack	(sshd) Failed SSH login from 106.12.56.41 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 09:20:58 jbs1 sshd[24687]: Invalid user martin from 106.12.56.41 Oct 11 09:20:58 jbs1 sshd[24687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 Oct 11 09:21:00 jbs1 sshd[24687]: Failed password for invalid user martin from 106.12.56.41 port 52952 ssh2 Oct 11 09:36:02 jbs1 sshd[29711]: Invalid user hermann from 106.12.56.41 Oct 11 09:36:02 jbs1 sshd[29711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41	2020-10-12 01:51:15
106.12.55.57	attack	19219/tcp 162/tcp 23912/tcp... [2020-08-11/10-07]35pkt,35pt.(tcp)	2020-10-08 06:12:54
106.12.55.57	attack	Found on 106.12.0.0/15 Dark List de / proto=6 . srcport=40207 . dstport=19219 . (1001)	2020-10-07 22:32:07
106.12.55.57	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-07 14:33:43
106.12.56.41	attackbots	$f2bV_matches	2020-10-06 03:34:02
106.12.56.41	attackbots	(sshd) Failed SSH login from 106.12.56.41 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 5 01:20:47 optimus sshd[1119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 user=root Oct 5 01:20:48 optimus sshd[1119]: Failed password for root from 106.12.56.41 port 35886 ssh2 Oct 5 01:25:01 optimus sshd[2543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 user=root Oct 5 01:25:03 optimus sshd[2543]: Failed password for root from 106.12.56.41 port 32852 ssh2 Oct 5 01:29:13 optimus sshd[3919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 user=root	2020-10-05 19:27:47
106.12.57.165	attackbots	24852/tcp 16010/tcp 25739/tcp... [2020-08-04/10-03]25pkt,25pt.(tcp)	2020-10-04 05:59:22
106.12.57.165	attackspam	24852/tcp 16010/tcp 25739/tcp... [2020-08-04/10-03]25pkt,25pt.(tcp)	2020-10-03 21:59:01
106.12.57.165	attack	" "	2020-10-03 13:43:29
106.12.56.41	attackbotsspam	Oct 1 10:42:58 propaganda sshd[16972]: Connection from 106.12.56.41 port 37440 on 10.0.0.161 port 22 rdomain "" Oct 1 10:43:00 propaganda sshd[16972]: Connection closed by 106.12.56.41 port 37440 [preauth]	2020-10-02 05:24:30
106.12.56.41	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-01 21:43:56
106.12.56.41	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-01 14:00:41
106.12.56.41	attack	Oct 1 00:12:44 ws26vmsma01 sshd[9072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 Oct 1 00:12:46 ws26vmsma01 sshd[9072]: Failed password for invalid user edgar from 106.12.56.41 port 54692 ssh2 ...	2020-10-01 08:35:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.5.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36362
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.5.137.			IN	A

;; AUTHORITY SECTION:
.			532	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062100 1800 900 604800 86400

;; Query time: 282 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 21 16:59:57 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 137.5.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 137.5.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
187.207.204.215	attack	Unauthorized connection attempt detected from IP address 187.207.204.215 to port 2220 [J]	2020-01-30 21:33:21
51.75.160.215	attackspam	$f2bV_matches	2020-01-30 21:28:09
91.195.255.228	attack	1580360103 - 01/30/2020 05:55:03 Host: 91.195.255.228/91.195.255.228 Port: 23 TCP Blocked	2020-01-30 21:34:23
111.42.66.31	attackspambots	Automatic report - Port Scan Attack	2020-01-30 21:38:03
167.114.152.25	attackbots	Unauthorized connection attempt detected from IP address 167.114.152.25 to port 2220 [J]	2020-01-30 21:23:41
66.61.194.149	attackbots	Unauthorized connection attempt from IP address 66.61.194.149 on Port 445(SMB)	2020-01-30 21:32:26
103.114.107.129	attack	Unauthorised access (Jan 30) SRC=103.114.107.129 LEN=40 TTL=235 ID=6442 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 30) SRC=103.114.107.129 LEN=40 TTL=235 ID=10323 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 29) SRC=103.114.107.129 LEN=40 TTL=235 ID=43225 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 29) SRC=103.114.107.129 LEN=40 TTL=235 ID=8679 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 28) SRC=103.114.107.129 LEN=40 TTL=235 ID=17862 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 28) SRC=103.114.107.129 LEN=40 TTL=235 ID=11659 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 27) SRC=103.114.107.129 LEN=40 TTL=235 ID=25012 TCP DPT=3389 WINDOW=1024 SYN	2020-01-30 21:35:48
89.73.110.59	attack	TCP Port Scanning	2020-01-30 21:34:46
86.42.225.90	attackspam	Telnet/23 MH Probe, BF, Hack -	2020-01-30 21:41:15
200.16.132.202	attackspambots	Jan 30 14:46:26 pkdns2 sshd\[43741\]: Invalid user cheedella from 200.16.132.202Jan 30 14:46:29 pkdns2 sshd\[43741\]: Failed password for invalid user cheedella from 200.16.132.202 port 39003 ssh2Jan 30 14:49:12 pkdns2 sshd\[43925\]: Invalid user riyaz from 200.16.132.202Jan 30 14:49:14 pkdns2 sshd\[43925\]: Failed password for invalid user riyaz from 200.16.132.202 port 48517 ssh2Jan 30 14:56:03 pkdns2 sshd\[44386\]: Invalid user divena from 200.16.132.202Jan 30 14:56:05 pkdns2 sshd\[44386\]: Failed password for invalid user divena from 200.16.132.202 port 39315 ssh2 ...	2020-01-30 21:22:35
80.29.123.143	attack	Jan 30 09:08:07 goofy sshd\[1908\]: Invalid user indrayani from 80.29.123.143 Jan 30 09:08:07 goofy sshd\[1908\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.29.123.143 Jan 30 09:08:09 goofy sshd\[1908\]: Failed password for invalid user indrayani from 80.29.123.143 port 45406 ssh2 Jan 30 09:19:32 goofy sshd\[2533\]: Invalid user wafiya from 80.29.123.143 Jan 30 09:19:32 goofy sshd\[2533\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.29.123.143	2020-01-30 21:27:40
103.78.96.138	attackspam	1580360119 - 01/30/2020 05:55:19 Host: 103.78.96.138/103.78.96.138 Port: 445 TCP Blocked	2020-01-30 21:18:22
222.186.190.92	attackspam	Jan 30 14:21:13 ns381471 sshd[2805]: Failed password for root from 222.186.190.92 port 61178 ssh2 Jan 30 14:21:27 ns381471 sshd[2805]: error: maximum authentication attempts exceeded for root from 222.186.190.92 port 61178 ssh2 [preauth]	2020-01-30 21:28:53
99.23.138.34	attackbotsspam	Jan 30 15:38:49 www4 sshd\[16660\]: Invalid user kshiti from 99.23.138.34 Jan 30 15:38:49 www4 sshd\[16660\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=99.23.138.34 Jan 30 15:38:51 www4 sshd\[16660\]: Failed password for invalid user kshiti from 99.23.138.34 port 34372 ssh2 ...	2020-01-30 21:44:43
122.115.43.20	attack	firewall-block, port(s): 6379/tcp	2020-01-30 21:30:59

最近上报的IP列表

193.169.212.88	73.88.60.50	126.132.172.99	133.186.132.141
39.10.79.73	39.49.17.98	103.81.115.80	160.150.170.110
9.128.4.118	103.250.6.53	8.41.8.152	69.125.135.232
131.112.230.182	237.88.205.117	104.12.34.72	155.135.163.60
70.139.208.183	190.158.73.137	131.193.167.163	230.110.175.37