106.12.5.196 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	SSH Invalid Login	2020-05-16 08:05:19
attackspam	2020-05-07T11:45:19.981717ionos.janbro.de sshd[7229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.196 2020-05-07T11:45:19.890316ionos.janbro.de sshd[7229]: Invalid user azman from 106.12.5.196 port 55060 2020-05-07T11:45:21.950778ionos.janbro.de sshd[7229]: Failed password for invalid user azman from 106.12.5.196 port 55060 ssh2 2020-05-07T11:49:39.891081ionos.janbro.de sshd[7272]: Invalid user helga from 106.12.5.196 port 58496 2020-05-07T11:49:40.042861ionos.janbro.de sshd[7272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.196 2020-05-07T11:49:39.891081ionos.janbro.de sshd[7272]: Invalid user helga from 106.12.5.196 port 58496 2020-05-07T11:49:41.845851ionos.janbro.de sshd[7272]: Failed password for invalid user helga from 106.12.5.196 port 58496 ssh2 2020-05-07T11:54:40.489396ionos.janbro.de sshd[7297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh r ...	2020-05-07 23:25:32
attackbots	Apr 18 13:50:03 vps sshd[8117]: Failed password for root from 106.12.5.196 port 41732 ssh2 Apr 18 14:03:35 vps sshd[8849]: Failed password for root from 106.12.5.196 port 35030 ssh2 ...	2020-04-18 20:30:37
attackbotsspam	Apr 13 16:13:43 v22018086721571380 sshd[325]: Failed password for invalid user jessica from 106.12.5.196 port 54534 ssh2	2020-04-13 23:47:24
attackbotsspam	detected by Fail2Ban	2020-04-07 08:37:47
attackbotsspam	Unauthorised connection attempt detected at AUO NODE 1. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-06 06:20:07
attack	Apr 5 07:36:15 DAAP sshd[30680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.196 user=root Apr 5 07:36:17 DAAP sshd[30680]: Failed password for root from 106.12.5.196 port 35968 ssh2 Apr 5 07:41:06 DAAP sshd[30815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.196 user=root Apr 5 07:41:08 DAAP sshd[30815]: Failed password for root from 106.12.5.196 port 32978 ssh2 Apr 5 07:45:59 DAAP sshd[30919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.196 user=root Apr 5 07:46:02 DAAP sshd[30919]: Failed password for root from 106.12.5.196 port 58206 ssh2 ...	2020-04-05 15:56:53
attackspam	Apr 2 07:52:44 s158375 sshd[15187]: Failed password for root from 106.12.5.196 port 56998 ssh2	2020-04-03 16:14:50
attackbotsspam	-	2020-03-20 04:03:24
attack	Mar 13 03:35:23 marvibiene sshd[27156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.196 user=root Mar 13 03:35:25 marvibiene sshd[27156]: Failed password for root from 106.12.5.196 port 36324 ssh2 Mar 13 03:57:54 marvibiene sshd[27351]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.196 user=root Mar 13 03:57:56 marvibiene sshd[27351]: Failed password for root from 106.12.5.196 port 36488 ssh2 ...	2020-03-13 12:33:43

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.52.154	attack	invalid login attempt (adelina)	2020-10-12 21:00:39
106.12.52.154	attack	2020-10-11T18:45:54.859781linuxbox-skyline sshd[36908]: Invalid user asdfgh from 106.12.52.154 port 52364 ...	2020-10-12 12:30:10
106.12.56.41	attack	(sshd) Failed SSH login from 106.12.56.41 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 09:20:58 jbs1 sshd[24687]: Invalid user martin from 106.12.56.41 Oct 11 09:20:58 jbs1 sshd[24687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 Oct 11 09:21:00 jbs1 sshd[24687]: Failed password for invalid user martin from 106.12.56.41 port 52952 ssh2 Oct 11 09:36:02 jbs1 sshd[29711]: Invalid user hermann from 106.12.56.41 Oct 11 09:36:02 jbs1 sshd[29711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41	2020-10-12 01:51:15
106.12.55.57	attack	19219/tcp 162/tcp 23912/tcp... [2020-08-11/10-07]35pkt,35pt.(tcp)	2020-10-08 06:12:54
106.12.55.57	attack	Found on 106.12.0.0/15 Dark List de / proto=6 . srcport=40207 . dstport=19219 . (1001)	2020-10-07 22:32:07
106.12.55.57	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-07 14:33:43
106.12.56.41	attackbots	$f2bV_matches	2020-10-06 03:34:02
106.12.56.41	attackbots	(sshd) Failed SSH login from 106.12.56.41 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 5 01:20:47 optimus sshd[1119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 user=root Oct 5 01:20:48 optimus sshd[1119]: Failed password for root from 106.12.56.41 port 35886 ssh2 Oct 5 01:25:01 optimus sshd[2543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 user=root Oct 5 01:25:03 optimus sshd[2543]: Failed password for root from 106.12.56.41 port 32852 ssh2 Oct 5 01:29:13 optimus sshd[3919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 user=root	2020-10-05 19:27:47
106.12.57.165	attackbots	24852/tcp 16010/tcp 25739/tcp... [2020-08-04/10-03]25pkt,25pt.(tcp)	2020-10-04 05:59:22
106.12.57.165	attackspam	24852/tcp 16010/tcp 25739/tcp... [2020-08-04/10-03]25pkt,25pt.(tcp)	2020-10-03 21:59:01
106.12.57.165	attack	" "	2020-10-03 13:43:29
106.12.56.41	attackbotsspam	Oct 1 10:42:58 propaganda sshd[16972]: Connection from 106.12.56.41 port 37440 on 10.0.0.161 port 22 rdomain "" Oct 1 10:43:00 propaganda sshd[16972]: Connection closed by 106.12.56.41 port 37440 [preauth]	2020-10-02 05:24:30
106.12.56.41	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-01 21:43:56
106.12.56.41	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-01 14:00:41
106.12.56.41	attack	Oct 1 00:12:44 ws26vmsma01 sshd[9072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 Oct 1 00:12:46 ws26vmsma01 sshd[9072]: Failed password for invalid user edgar from 106.12.56.41 port 54692 ssh2 ...	2020-10-01 08:35:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.5.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29587
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.5.196.			IN	A

;; AUTHORITY SECTION:
.			518	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030601 1800 900 604800 86400

;; Query time: 48 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 07 08:07:55 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 196.5.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 196.5.12.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
80.211.16.26	attackbotsspam	Nov 7 20:50:50 web1 sshd\[11919\]: Invalid user isaac123 from 80.211.16.26 Nov 7 20:50:50 web1 sshd\[11919\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.16.26 Nov 7 20:50:52 web1 sshd\[11919\]: Failed password for invalid user isaac123 from 80.211.16.26 port 49690 ssh2 Nov 7 20:54:43 web1 sshd\[12285\]: Invalid user 123456mima from 80.211.16.26 Nov 7 20:54:43 web1 sshd\[12285\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.16.26	2019-11-08 20:05:13
200.95.175.119	attackbotsspam	Nov 8 00:00:49 ingram sshd[16299]: Invalid user fbackup from 200.95.175.119 Nov 8 00:00:49 ingram sshd[16299]: Failed password for invalid user fbackup from 200.95.175.119 port 46894 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=200.95.175.119	2019-11-08 19:43:10
164.132.47.147	attack	Automatic report - Banned IP Access	2019-11-08 19:52:36
45.125.65.107	attackbotsspam	\[2019-11-08 06:46:44\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-08T06:46:44.332-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="1484501148323235014",SessionID="0x7fdf2c003608",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.107/59069",ACLName="no_extension_match" \[2019-11-08 06:46:55\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-08T06:46:55.962-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="1152301148221530558",SessionID="0x7fdf2c8a8ab8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.107/64663",ACLName="no_extension_match" \[2019-11-08 06:47:33\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-08T06:47:33.689-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="1816801148914258011",SessionID="0x7fdf2c10bc68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.107/57673",ACL	2019-11-08 19:48:16
106.12.58.4	attackbots	2019-11-08T10:24:51.879396shield sshd\[28197\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.58.4 user=root 2019-11-08T10:24:53.762480shield sshd\[28197\]: Failed password for root from 106.12.58.4 port 34272 ssh2 2019-11-08T10:29:22.812998shield sshd\[28618\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.58.4 user=root 2019-11-08T10:29:24.901413shield sshd\[28618\]: Failed password for root from 106.12.58.4 port 41298 ssh2 2019-11-08T10:33:58.735558shield sshd\[29129\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.58.4 user=root	2019-11-08 20:04:29
223.247.213.245	attackspambots	Nov 8 04:47:58 mail sshd\[15275\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.247.213.245 user=root ...	2019-11-08 19:48:41
200.60.91.42	attackspam	Nov 8 09:03:10 server sshd\[32057\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.60.91.42 user=root Nov 8 09:03:12 server sshd\[32057\]: Failed password for root from 200.60.91.42 port 41714 ssh2 Nov 8 09:17:36 server sshd\[3373\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.60.91.42 user=root Nov 8 09:17:37 server sshd\[3373\]: Failed password for root from 200.60.91.42 port 41636 ssh2 Nov 8 09:23:41 server sshd\[4845\]: Invalid user distcache from 200.60.91.42 Nov 8 09:23:41 server sshd\[4845\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.60.91.42 ...	2019-11-08 19:59:35
222.186.175.148	attackspam	Nov 8 06:59:11 xentho sshd[32516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root Nov 8 06:59:13 xentho sshd[32516]: Failed password for root from 222.186.175.148 port 57462 ssh2 Nov 8 06:59:18 xentho sshd[32516]: Failed password for root from 222.186.175.148 port 57462 ssh2 Nov 8 06:59:11 xentho sshd[32516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root Nov 8 06:59:13 xentho sshd[32516]: Failed password for root from 222.186.175.148 port 57462 ssh2 Nov 8 06:59:18 xentho sshd[32516]: Failed password for root from 222.186.175.148 port 57462 ssh2 Nov 8 06:59:11 xentho sshd[32516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root Nov 8 06:59:13 xentho sshd[32516]: Failed password for root from 222.186.175.148 port 57462 ssh2 Nov 8 06:59:18 xentho sshd[32516]: Failed password for r ...	2019-11-08 20:02:53
80.82.64.127	attack	80.82.64.127 was recorded 30 times by 7 hosts attempting to connect to the following ports: 4567,7744,55555,4477,6060,23212,23232,1000,3210,5678,4555,2000,5555,8585,4400,5389,5050,4050,3357,7456,7410,6050. Incident counter (4h, 24h, all-time): 30, 245, 1430	2019-11-08 20:09:05
188.80.22.177	attack	188.80.22.177 - - [08/Nov/2019:07:23:28 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.80.22.177 - - [08/Nov/2019:07:23:28 +0100] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.80.22.177 - - [08/Nov/2019:07:23:28 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.80.22.177 - - [08/Nov/2019:07:23:29 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.80.22.177 - - [08/Nov/2019:07:23:29 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.80.22.177 - - [08/Nov/2019:07:23:29 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-11-08 20:07:06
112.85.42.180	attackspambots	Nov 8 11:46:51 MK-Soft-Root2 sshd[30531]: Failed password for root from 112.85.42.180 port 2399 ssh2 Nov 8 11:46:55 MK-Soft-Root2 sshd[30531]: Failed password for root from 112.85.42.180 port 2399 ssh2 ...	2019-11-08 19:49:34
188.165.255.8	attack	Nov 8 14:12:59 server sshd\[16530\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns380964.ip-188-165-255.eu user=root Nov 8 14:13:01 server sshd\[16530\]: Failed password for root from 188.165.255.8 port 37686 ssh2 Nov 8 14:29:46 server sshd\[20669\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns380964.ip-188-165-255.eu user=root Nov 8 14:29:48 server sshd\[20669\]: Failed password for root from 188.165.255.8 port 33950 ssh2 Nov 8 14:32:53 server sshd\[21611\]: Invalid user kr from 188.165.255.8 ...	2019-11-08 19:58:00
157.245.111.175	attackbots	Nov 8 17:30:10 vibhu-HP-Z238-Microtower-Workstation sshd\[24447\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.111.175 user=root Nov 8 17:30:12 vibhu-HP-Z238-Microtower-Workstation sshd\[24447\]: Failed password for root from 157.245.111.175 port 41386 ssh2 Nov 8 17:34:22 vibhu-HP-Z238-Microtower-Workstation sshd\[24628\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.111.175 user=root Nov 8 17:34:24 vibhu-HP-Z238-Microtower-Workstation sshd\[24628\]: Failed password for root from 157.245.111.175 port 50878 ssh2 Nov 8 17:38:38 vibhu-HP-Z238-Microtower-Workstation sshd\[24801\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.111.175 user=root ...	2019-11-08 20:09:52
167.71.124.19	attackbotsspam	Lines containing failures of 167.71.124.19 Nov 8 07:18:18 shared02 sshd[16985]: Invalid user user from 167.71.124.19 port 50526 Nov 8 07:18:18 shared02 sshd[16985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.124.19 Nov 8 07:18:20 shared02 sshd[16985]: Failed password for invalid user user from 167.71.124.19 port 50526 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=167.71.124.19	2019-11-08 19:46:32
61.130.28.210	attackspam	2019-11-08T11:17:45.824552abusebot-3.cloudsearch.cf sshd\[9719\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.130.28.210 user=root	2019-11-08 19:45:42

最近上报的IP列表

121.158.64.186	30.117.106.76	214.190.98.22	167.170.101.30
52.17.170.57	23.95.238.230	171.244.166.22	158.46.182.95
189.131.12.199	155.94.254.7	120.138.108.45	91.132.36.201
247.82.193.49	169.85.199.63	200.57.251.195	74.125.208.17
188.43.227.101	188.98.168.8	216.74.103.228	111.67.201.55