106.12.5.57 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 106.12.5.57 to port 1433	2020-07-09 08:12:23

Comments on same subnet:

IP	Type	Details	Datetime
106.12.52.154	attack	invalid login attempt (adelina)	2020-10-12 21:00:39
106.12.52.154	attack	2020-10-11T18:45:54.859781linuxbox-skyline sshd[36908]: Invalid user asdfgh from 106.12.52.154 port 52364 ...	2020-10-12 12:30:10
106.12.56.41	attack	(sshd) Failed SSH login from 106.12.56.41 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 09:20:58 jbs1 sshd[24687]: Invalid user martin from 106.12.56.41 Oct 11 09:20:58 jbs1 sshd[24687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 Oct 11 09:21:00 jbs1 sshd[24687]: Failed password for invalid user martin from 106.12.56.41 port 52952 ssh2 Oct 11 09:36:02 jbs1 sshd[29711]: Invalid user hermann from 106.12.56.41 Oct 11 09:36:02 jbs1 sshd[29711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41	2020-10-12 01:51:15
106.12.55.57	attack	19219/tcp 162/tcp 23912/tcp... [2020-08-11/10-07]35pkt,35pt.(tcp)	2020-10-08 06:12:54
106.12.55.57	attack	Found on 106.12.0.0/15 Dark List de / proto=6 . srcport=40207 . dstport=19219 . (1001)	2020-10-07 22:32:07
106.12.55.57	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-07 14:33:43
106.12.56.41	attackbots	$f2bV_matches	2020-10-06 03:34:02
106.12.56.41	attackbots	(sshd) Failed SSH login from 106.12.56.41 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 5 01:20:47 optimus sshd[1119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 user=root Oct 5 01:20:48 optimus sshd[1119]: Failed password for root from 106.12.56.41 port 35886 ssh2 Oct 5 01:25:01 optimus sshd[2543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 user=root Oct 5 01:25:03 optimus sshd[2543]: Failed password for root from 106.12.56.41 port 32852 ssh2 Oct 5 01:29:13 optimus sshd[3919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 user=root	2020-10-05 19:27:47
106.12.57.165	attackbots	24852/tcp 16010/tcp 25739/tcp... [2020-08-04/10-03]25pkt,25pt.(tcp)	2020-10-04 05:59:22
106.12.57.165	attackspam	24852/tcp 16010/tcp 25739/tcp... [2020-08-04/10-03]25pkt,25pt.(tcp)	2020-10-03 21:59:01
106.12.57.165	attack	" "	2020-10-03 13:43:29
106.12.56.41	attackbotsspam	Oct 1 10:42:58 propaganda sshd[16972]: Connection from 106.12.56.41 port 37440 on 10.0.0.161 port 22 rdomain "" Oct 1 10:43:00 propaganda sshd[16972]: Connection closed by 106.12.56.41 port 37440 [preauth]	2020-10-02 05:24:30
106.12.56.41	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-01 21:43:56
106.12.56.41	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-01 14:00:41
106.12.56.41	attack	Oct 1 00:12:44 ws26vmsma01 sshd[9072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.56.41 Oct 1 00:12:46 ws26vmsma01 sshd[9072]: Failed password for invalid user edgar from 106.12.56.41 port 54692 ssh2 ...	2020-10-01 08:35:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.5.57
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33449
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.5.57.			IN	A

;; AUTHORITY SECTION:
.			597	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070801 1800 900 604800 86400

;; Query time: 50 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 09 08:12:19 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 57.5.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 57.5.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
162.243.135.91	attack	587/tcp 2376/tcp 110/tcp... [2020-02-15/24]12pkt,9pt.(tcp),2pt.(udp)	2020-02-26 02:17:55
116.6.84.60	attackbots	suspicious action Tue, 25 Feb 2020 13:37:38 -0300	2020-02-26 02:46:21
122.51.74.59	attack	Feb 25 18:44:40 MK-Soft-VM4 sshd[25624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.74.59 Feb 25 18:44:42 MK-Soft-VM4 sshd[25624]: Failed password for invalid user timesheet from 122.51.74.59 port 40302 ssh2 ...	2020-02-26 02:11:17
94.29.126.9	attackspambots	20/2/25@11:37:37: FAIL: Alarm-Network address from=94.29.126.9 20/2/25@11:37:38: FAIL: Alarm-Network address from=94.29.126.9 ...	2020-02-26 02:44:57
138.68.233.59	attackbots	2020-02-25T18:14:03.133678shield sshd\[30806\]: Invalid user chenxinnuo from 138.68.233.59 port 44426 2020-02-25T18:14:03.138489shield sshd\[30806\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.233.59 2020-02-25T18:14:05.258621shield sshd\[30806\]: Failed password for invalid user chenxinnuo from 138.68.233.59 port 44426 ssh2 2020-02-25T18:23:19.553001shield sshd\[32420\]: Invalid user default from 138.68.233.59 port 59706 2020-02-25T18:23:19.560041shield sshd\[32420\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.233.59	2020-02-26 02:35:22
117.184.114.140	attackspam	Feb 25 08:08:23 tdfoods sshd\[10221\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.184.114.140 user=backup Feb 25 08:08:25 tdfoods sshd\[10221\]: Failed password for backup from 117.184.114.140 port 36614 ssh2 Feb 25 08:16:40 tdfoods sshd\[10864\]: Invalid user chenyifan from 117.184.114.140 Feb 25 08:16:40 tdfoods sshd\[10864\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.184.114.140 Feb 25 08:16:43 tdfoods sshd\[10864\]: Failed password for invalid user chenyifan from 117.184.114.140 port 45672 ssh2	2020-02-26 02:22:26
206.189.72.217	attackbots	$f2bV_matches_ltvn	2020-02-26 02:34:36
45.155.126.38	attack	2020-02-25 10:30:11 H=edm10.edmeventallgain.info [45.155.126.38]:35613 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.2) (https://www.spamhaus.org/sbl/query/SBLCSS) 2020-02-25 10:36:22 H=edm10.edmeventallgain.info [45.155.126.38]:39960 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.2, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) 2020-02-25 10:37:42 H=edm10.edmeventallgain.info [45.155.126.38]:34896 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.2) (https://www.spamhaus.org/sbl/query/SBL476649) ...	2020-02-26 02:39:47
20.20.20.5	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2020-02-26 02:29:24
49.88.112.65	attackspam	Feb 25 08:30:14 hanapaa sshd\[24027\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.65 user=root Feb 25 08:30:16 hanapaa sshd\[24027\]: Failed password for root from 49.88.112.65 port 59763 ssh2 Feb 25 08:31:18 hanapaa sshd\[24111\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.65 user=root Feb 25 08:31:20 hanapaa sshd\[24111\]: Failed password for root from 49.88.112.65 port 35139 ssh2 Feb 25 08:32:24 hanapaa sshd\[24179\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.65 user=root	2020-02-26 02:40:50
71.6.147.254	attackbotsspam	4070/udp 60001/tcp 8443/tcp... [2019-12-27/2020-02-25]114pkt,76pt.(tcp),21pt.(udp)	2020-02-26 02:36:19
198.108.67.40	attack	21304/tcp 18079/tcp 8040/tcp... [2019-12-29/2020-02-25]96pkt,90pt.(tcp)	2020-02-26 02:34:50
103.23.138.25	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-26 02:29:52
185.176.27.46	attack	ET DROP Dshield Block Listed Source group 1 - port: 6366 proto: TCP cat: Misc Attack	2020-02-26 02:44:22
45.55.219.114	attackspambots	Feb 25 19:05:48 localhost sshd\[25132\]: Invalid user sunny from 45.55.219.114 port 40224 Feb 25 19:05:48 localhost sshd\[25132\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.219.114 Feb 25 19:05:50 localhost sshd\[25132\]: Failed password for invalid user sunny from 45.55.219.114 port 40224 ssh2	2020-02-26 02:19:58

Recently Reported IPs

153.3.227.163	78.110.66.72	91.92.247.69	76.75.71.46
97.148.25.147	152.240.177.59	99.46.32.252	151.196.56.96
73.219.221.146	101.169.155.227	219.187.55.242	99.104.82.187
170.190.222.145	122.233.116.94	109.20.201.67	107.74.255.108
174.134.184.56	185.71.223.164	60.165.16.198	151.83.6.193