106.12.5.148 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Invalid user backup from 106.12.5.148 port 35062	2019-11-22 04:56:23
attackbots	Nov 15 19:20:04 OPSO sshd\[22209\]: Invalid user leslie from 106.12.5.148 port 41014 Nov 15 19:20:04 OPSO sshd\[22209\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.148 Nov 15 19:20:06 OPSO sshd\[22209\]: Failed password for invalid user leslie from 106.12.5.148 port 41014 ssh2 Nov 15 19:24:05 OPSO sshd\[22622\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.148 user=root Nov 15 19:24:07 OPSO sshd\[22622\]: Failed password for root from 106.12.5.148 port 47838 ssh2	2019-11-16 05:22:25

类型

评论内容

时间

attackspambots

Invalid user backup from 106.12.5.148 port 35062

2019-11-22 04:56:23

attackbots

Nov 15 19:20:04 OPSO sshd\[22209\]: Invalid user leslie from 106.12.5.148 port 41014
Nov 15 19:20:04 OPSO sshd\[22209\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.148
Nov 15 19:20:06 OPSO sshd\[22209\]: Failed password for invalid user leslie from 106.12.5.148 port 41014 ssh2
Nov 15 19:24:05 OPSO sshd\[22622\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.148  user=root
Nov 15 19:24:07 OPSO sshd\[22622\]: Failed password for root from 106.12.5.148 port 47838 ssh2

2019-11-16 05:22:25

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.52.154	attack	invalid login attempt (adelina)	2020-10-12 21:00:39
106.12.52.154	attack	2020-10-11T18:45:54.859781linuxbox-skyline sshd[36908]: Invalid user asdfgh from 106.12.52.154 port 52364 ...	2020-10-12 12:30:10
106.12.56.41	attack	(sshd) Failed SSH login from 106.12.56.41 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 09:20:58 jbs1 sshd[24687]: Invalid user martin from 106.12.56.41 Oct 11 09:20:58 jbs1 sshd[24687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 Oct 11 09:21:00 jbs1 sshd[24687]: Failed password for invalid user martin from 106.12.56.41 port 52952 ssh2 Oct 11 09:36:02 jbs1 sshd[29711]: Invalid user hermann from 106.12.56.41 Oct 11 09:36:02 jbs1 sshd[29711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41	2020-10-12 01:51:15
106.12.55.57	attack	19219/tcp 162/tcp 23912/tcp... [2020-08-11/10-07]35pkt,35pt.(tcp)	2020-10-08 06:12:54
106.12.55.57	attack	Found on 106.12.0.0/15 Dark List de / proto=6 . srcport=40207 . dstport=19219 . (1001)	2020-10-07 22:32:07
106.12.55.57	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-07 14:33:43
106.12.56.41	attackbots	$f2bV_matches	2020-10-06 03:34:02
106.12.56.41	attackbots	(sshd) Failed SSH login from 106.12.56.41 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 5 01:20:47 optimus sshd[1119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 user=root Oct 5 01:20:48 optimus sshd[1119]: Failed password for root from 106.12.56.41 port 35886 ssh2 Oct 5 01:25:01 optimus sshd[2543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 user=root Oct 5 01:25:03 optimus sshd[2543]: Failed password for root from 106.12.56.41 port 32852 ssh2 Oct 5 01:29:13 optimus sshd[3919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 user=root	2020-10-05 19:27:47
106.12.57.165	attackbots	24852/tcp 16010/tcp 25739/tcp... [2020-08-04/10-03]25pkt,25pt.(tcp)	2020-10-04 05:59:22
106.12.57.165	attackspam	24852/tcp 16010/tcp 25739/tcp... [2020-08-04/10-03]25pkt,25pt.(tcp)	2020-10-03 21:59:01
106.12.57.165	attack	" "	2020-10-03 13:43:29
106.12.56.41	attackbotsspam	Oct 1 10:42:58 propaganda sshd[16972]: Connection from 106.12.56.41 port 37440 on 10.0.0.161 port 22 rdomain "" Oct 1 10:43:00 propaganda sshd[16972]: Connection closed by 106.12.56.41 port 37440 [preauth]	2020-10-02 05:24:30
106.12.56.41	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-01 21:43:56
106.12.56.41	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-01 14:00:41
106.12.56.41	attack	Oct 1 00:12:44 ws26vmsma01 sshd[9072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 Oct 1 00:12:46 ws26vmsma01 sshd[9072]: Failed password for invalid user edgar from 106.12.56.41 port 54692 ssh2 ...	2020-10-01 08:35:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.5.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11373
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.5.148.			IN	A

;; AUTHORITY SECTION:
.			412	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111502 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 16 05:22:21 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 148.5.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 148.5.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
54.37.136.213	attackspam	2019-10-29T14:23:38.179544abusebot-5.cloudsearch.cf sshd\[2200\]: Invalid user temp from 54.37.136.213 port 56572	2019-10-30 01:56:32
222.186.175.212	attackbotsspam	Oct 29 17:45:42 sshgateway sshd\[2527\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.212 user=root Oct 29 17:45:44 sshgateway sshd\[2527\]: Failed password for root from 222.186.175.212 port 11574 ssh2 Oct 29 17:46:00 sshgateway sshd\[2527\]: error: maximum authentication attempts exceeded for root from 222.186.175.212 port 11574 ssh2 \[preauth\]	2019-10-30 01:50:21
148.70.201.162	attackbotsspam	Oct 29 14:48:56 anodpoucpklekan sshd[67367]: Invalid user 789 from 148.70.201.162 port 57566 ...	2019-10-30 01:25:11
125.213.233.211	attack	...	2019-10-30 01:49:47
180.68.177.209	attack	Oct 29 13:44:51 TORMINT sshd\[25478\]: Invalid user 123456 from 180.68.177.209 Oct 29 13:44:51 TORMINT sshd\[25478\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.68.177.209 Oct 29 13:44:53 TORMINT sshd\[25478\]: Failed password for invalid user 123456 from 180.68.177.209 port 44496 ssh2 ...	2019-10-30 01:48:32
58.229.208.187	attackbotsspam	Oct 29 05:33:31 tdfoods sshd\[548\]: Invalid user TengYuan from 58.229.208.187 Oct 29 05:33:31 tdfoods sshd\[548\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.229.208.187 Oct 29 05:33:33 tdfoods sshd\[548\]: Failed password for invalid user TengYuan from 58.229.208.187 port 39396 ssh2 Oct 29 05:38:39 tdfoods sshd\[949\]: Invalid user awg from 58.229.208.187 Oct 29 05:38:39 tdfoods sshd\[949\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.229.208.187	2019-10-30 01:33:10
106.12.42.95	attackspam	Invalid user ethernet from 106.12.42.95 port 39996	2019-10-30 01:38:32
47.240.54.179	attackbotsspam	Wordpress xmlrpc	2019-10-30 01:39:57
211.103.31.226	attack	Invalid user cybernetic from 211.103.31.226 port 38996	2019-10-30 01:47:32
124.204.68.210	attackspambots	Oct 29 14:15:11 SilenceServices sshd[905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.204.68.210 Oct 29 14:15:14 SilenceServices sshd[905]: Failed password for invalid user Password@2016 from 124.204.68.210 port 40369 ssh2 Oct 29 14:20:38 SilenceServices sshd[2469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.204.68.210	2019-10-30 01:29:25
118.70.120.230	attack	Unauthorised access (Oct 29) SRC=118.70.120.230 LEN=52 TTL=115 ID=12936 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-30 01:54:46
93.142.122.122	attack	TCP Port Scanning	2019-10-30 01:24:46
34.212.63.114	attackspam	10/29/2019-18:30:02.616242 34.212.63.114 Protocol: 6 SURICATA TLS invalid record/traffic	2019-10-30 01:31:46
183.131.113.151	attack	Automatic report - Port Scan	2019-10-30 01:30:04
5.249.145.73	attack	Jan 31 20:20:00 vtv3 sshd\[20518\]: Invalid user tester from 5.249.145.73 port 42830 Jan 31 20:20:00 vtv3 sshd\[20518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.145.73 Jan 31 20:20:02 vtv3 sshd\[20518\]: Failed password for invalid user tester from 5.249.145.73 port 42830 ssh2 Jan 31 20:24:19 vtv3 sshd\[21797\]: Invalid user azureuser from 5.249.145.73 port 58884 Jan 31 20:24:19 vtv3 sshd\[21797\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.145.73 Feb 4 04:32:05 vtv3 sshd\[21548\]: Invalid user admin from 5.249.145.73 port 37460 Feb 4 04:32:05 vtv3 sshd\[21548\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.145.73 Feb 4 04:32:07 vtv3 sshd\[21548\]: Failed password for invalid user admin from 5.249.145.73 port 37460 ssh2 Feb 4 04:36:25 vtv3 sshd\[22811\]: Invalid user student from 5.249.145.73 port 53476 Feb 4 04:36:25 vtv3 sshd\[22811\]: pam_un	2019-10-30 01:54:21

最近上报的IP列表

36.90.21.190	192.166.47.75	84.185.24.205	160.178.0.137
52.34.24.33	177.107.187.210	61.130.199.254	49.233.171.112
180.167.121.42	49.232.163.32	198.126.164.37	112.35.36.16
55.143.99.199	29.58.164.39	106.146.157.119	79.141.105.205
170.78.96.133	127.89.0.135	215.148.243.130	178.159.57.162