106.12.5.137 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Sep 1 14:41:17 rocket sshd[32407]: Failed password for root from 106.12.5.137 port 39360 ssh2 Sep 1 14:46:17 rocket sshd[687]: Failed password for root from 106.12.5.137 port 36804 ssh2 ...	2020-09-02 00:42:42
attackspambots	Aug 23 06:41:49 home sshd[3545590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137 Aug 23 06:41:49 home sshd[3545590]: Invalid user cloud from 106.12.5.137 port 56634 Aug 23 06:41:50 home sshd[3545590]: Failed password for invalid user cloud from 106.12.5.137 port 56634 ssh2 Aug 23 06:46:38 home sshd[3547388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137 user=root Aug 23 06:46:40 home sshd[3547388]: Failed password for root from 106.12.5.137 port 60978 ssh2 ...	2020-08-23 12:54:13
attackspam	2020-08-09T05:50:58.314733amanda2.illicoweb.com sshd\[29776\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137 user=root 2020-08-09T05:51:00.645494amanda2.illicoweb.com sshd\[29776\]: Failed password for root from 106.12.5.137 port 49334 ssh2 2020-08-09T05:55:48.319957amanda2.illicoweb.com sshd\[30242\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137 user=root 2020-08-09T05:55:51.131983amanda2.illicoweb.com sshd\[30242\]: Failed password for root from 106.12.5.137 port 52870 ssh2 2020-08-09T06:00:38.014090amanda2.illicoweb.com sshd\[30444\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137 user=root ...	2020-08-09 15:18:43
attackspam	Aug 8 06:48:20 game-panel sshd[10281]: Failed password for root from 106.12.5.137 port 32884 ssh2 Aug 8 06:53:10 game-panel sshd[10548]: Failed password for root from 106.12.5.137 port 51542 ssh2	2020-08-08 15:27:27
attack	Aug 2 14:24:44 vps647732 sshd[10797]: Failed password for root from 106.12.5.137 port 45568 ssh2 ...	2020-08-02 23:57:49
attackspam	Failed password for invalid user bob from 106.12.5.137 port 38878 ssh2	2020-07-30 00:28:14
attackbotsspam	Invalid user tian from 106.12.5.137 port 52252	2020-07-29 06:21:49
attackspambots	Jul 25 05:46:18 Ubuntu-1404-trusty-64-minimal sshd\[16716\]: Invalid user ci from 106.12.5.137 Jul 25 05:46:18 Ubuntu-1404-trusty-64-minimal sshd\[16716\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137 Jul 25 05:46:20 Ubuntu-1404-trusty-64-minimal sshd\[16716\]: Failed password for invalid user ci from 106.12.5.137 port 53008 ssh2 Jul 25 05:56:15 Ubuntu-1404-trusty-64-minimal sshd\[21566\]: Invalid user james from 106.12.5.137 Jul 25 05:56:15 Ubuntu-1404-trusty-64-minimal sshd\[21566\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137	2020-07-25 12:03:53
attack	2020-07-22T05:04:15.135092shield sshd\[8300\]: Invalid user margarita from 106.12.5.137 port 60304 2020-07-22T05:04:15.142971shield sshd\[8300\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137 2020-07-22T05:04:17.232542shield sshd\[8300\]: Failed password for invalid user margarita from 106.12.5.137 port 60304 ssh2 2020-07-22T05:09:27.070476shield sshd\[8928\]: Invalid user zein from 106.12.5.137 port 36410 2020-07-22T05:09:27.081104shield sshd\[8928\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137	2020-07-22 13:17:13
attack	Jul 13 15:22:31 [host] sshd[26348]: Invalid user w Jul 13 15:22:31 [host] sshd[26348]: pam_unix(sshd: Jul 13 15:22:33 [host] sshd[26348]: Failed passwor	2020-07-14 03:33:06
attack	Jun 21 06:19:43 haigwepa sshd[16935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.137 Jun 21 06:19:45 haigwepa sshd[16935]: Failed password for invalid user wordpress from 106.12.5.137 port 56240 ssh2 ...	2020-06-21 17:00:02

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.52.154	attack	invalid login attempt (adelina)	2020-10-12 21:00:39
106.12.52.154	attack	2020-10-11T18:45:54.859781linuxbox-skyline sshd[36908]: Invalid user asdfgh from 106.12.52.154 port 52364 ...	2020-10-12 12:30:10
106.12.56.41	attack	(sshd) Failed SSH login from 106.12.56.41 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 09:20:58 jbs1 sshd[24687]: Invalid user martin from 106.12.56.41 Oct 11 09:20:58 jbs1 sshd[24687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 Oct 11 09:21:00 jbs1 sshd[24687]: Failed password for invalid user martin from 106.12.56.41 port 52952 ssh2 Oct 11 09:36:02 jbs1 sshd[29711]: Invalid user hermann from 106.12.56.41 Oct 11 09:36:02 jbs1 sshd[29711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41	2020-10-12 01:51:15
106.12.55.57	attack	19219/tcp 162/tcp 23912/tcp... [2020-08-11/10-07]35pkt,35pt.(tcp)	2020-10-08 06:12:54
106.12.55.57	attack	Found on 106.12.0.0/15 Dark List de / proto=6 . srcport=40207 . dstport=19219 . (1001)	2020-10-07 22:32:07
106.12.55.57	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-07 14:33:43
106.12.56.41	attackbots	$f2bV_matches	2020-10-06 03:34:02
106.12.56.41	attackbots	(sshd) Failed SSH login from 106.12.56.41 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 5 01:20:47 optimus sshd[1119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 user=root Oct 5 01:20:48 optimus sshd[1119]: Failed password for root from 106.12.56.41 port 35886 ssh2 Oct 5 01:25:01 optimus sshd[2543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 user=root Oct 5 01:25:03 optimus sshd[2543]: Failed password for root from 106.12.56.41 port 32852 ssh2 Oct 5 01:29:13 optimus sshd[3919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 user=root	2020-10-05 19:27:47
106.12.57.165	attackbots	24852/tcp 16010/tcp 25739/tcp... [2020-08-04/10-03]25pkt,25pt.(tcp)	2020-10-04 05:59:22
106.12.57.165	attackspam	24852/tcp 16010/tcp 25739/tcp... [2020-08-04/10-03]25pkt,25pt.(tcp)	2020-10-03 21:59:01
106.12.57.165	attack	" "	2020-10-03 13:43:29
106.12.56.41	attackbotsspam	Oct 1 10:42:58 propaganda sshd[16972]: Connection from 106.12.56.41 port 37440 on 10.0.0.161 port 22 rdomain "" Oct 1 10:43:00 propaganda sshd[16972]: Connection closed by 106.12.56.41 port 37440 [preauth]	2020-10-02 05:24:30
106.12.56.41	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-01 21:43:56
106.12.56.41	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-01 14:00:41
106.12.56.41	attack	Oct 1 00:12:44 ws26vmsma01 sshd[9072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 Oct 1 00:12:46 ws26vmsma01 sshd[9072]: Failed password for invalid user edgar from 106.12.56.41 port 54692 ssh2 ...	2020-10-01 08:35:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.5.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36362
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.5.137.			IN	A

;; AUTHORITY SECTION:
.			532	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062100 1800 900 604800 86400

;; Query time: 282 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 21 16:59:57 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 137.5.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 137.5.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
123.30.154.184	attackbots	Invalid user www from 123.30.154.184 port 52144	2019-10-29 06:25:50
159.65.164.210	attack	Invalid user iinstall from 159.65.164.210 port 33164	2019-10-29 06:21:45
124.156.172.11	attackspam	Invalid user pepe from 124.156.172.11 port 60662	2019-10-29 06:25:34
51.75.255.166	attackspambots	Oct 29 00:44:58 hosting sshd[15808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.ip-51-75-255.eu user=root Oct 29 00:45:00 hosting sshd[15808]: Failed password for root from 51.75.255.166 port 42758 ssh2 Oct 29 00:50:50 hosting sshd[16323]: Invalid user 123456 from 51.75.255.166 port 39572 Oct 29 00:50:50 hosting sshd[16323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.ip-51-75-255.eu Oct 29 00:50:50 hosting sshd[16323]: Invalid user 123456 from 51.75.255.166 port 39572 Oct 29 00:50:51 hosting sshd[16323]: Failed password for invalid user 123456 from 51.75.255.166 port 39572 ssh2 ...	2019-10-29 06:33:23
159.89.235.61	attackbotsspam	Invalid user list from 159.89.235.61 port 40396	2019-10-29 06:21:15
132.232.95.108	attackspambots	Oct 29 05:36:39 webhost01 sshd[30696]: Failed password for root from 132.232.95.108 port 47486 ssh2 ...	2019-10-29 06:44:21
109.110.52.77	attack	2019-10-28T22:39:16.150575stark.klein-stark.info sshd\[24030\]: Invalid user applmgr from 109.110.52.77 port 33684 2019-10-28T22:39:16.157572stark.klein-stark.info sshd\[24030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.110.52.77 2019-10-28T22:39:18.814521stark.klein-stark.info sshd\[24030\]: Failed password for invalid user applmgr from 109.110.52.77 port 33684 ssh2 ...	2019-10-29 06:50:01
156.67.218.230	attackspam	Invalid user er from 156.67.218.230 port 50666	2019-10-29 06:22:17
138.121.110.217	attackspambots	Invalid user admin from 138.121.110.217 port 60902	2019-10-29 06:25:04
203.232.210.195	attack	Invalid user ctakes from 203.232.210.195 port 56606	2019-10-29 06:38:40
142.93.214.20	attack	Tried sshing with brute force.	2019-10-29 06:43:52
61.219.11.153	attack	firewall-block, port(s): 53/tcp	2019-10-29 06:56:08
176.107.131.128	attackspambots	Oct 24 03:49:06 heissa sshd\[19566\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.107.131.128 user=root Oct 24 03:49:08 heissa sshd\[19566\]: Failed password for root from 176.107.131.128 port 56824 ssh2 Oct 24 03:57:27 heissa sshd\[20858\]: Invalid user db2inst from 176.107.131.128 port 53480 Oct 24 03:57:27 heissa sshd\[20858\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.107.131.128 Oct 24 03:57:30 heissa sshd\[20858\]: Failed password for invalid user db2inst from 176.107.131.128 port 53480 ssh2	2019-10-29 06:42:28
121.165.66.226	attack	Invalid user ec from 121.165.66.226 port 44120	2019-10-29 06:26:28
157.230.58.196	attackspam	Invalid user aish from 157.230.58.196 port 49260	2019-10-29 06:22:03

最近上报的IP列表

193.169.212.88	73.88.60.50	126.132.172.99	133.186.132.141
39.10.79.73	39.49.17.98	103.81.115.80	160.150.170.110
9.128.4.118	103.250.6.53	8.41.8.152	69.125.135.232
131.112.230.182	237.88.205.117	104.12.34.72	155.135.163.60
70.139.208.183	190.158.73.137	131.193.167.163	230.110.175.37