5.12.1.63 - IPInfo

Basic Info

City: Sector 3

Region: Bucuresti

Country: Romania

Internet Service Provider: Digi.Mobil

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
5.12.164.159	attack	20 attempts against mh-ssh on sonic	2020-07-30 17:51:22
5.12.164.159	attackspambots	Jul 29 22:27:34 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=5.12.164.159 DST=79.143.186.54 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=8001 DF PROTO=TCP SPT=41398 DPT=2222 WINDOW=29200 RES=0x00 SYN URGP=0 Jul 29 22:27:35 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=5.12.164.159 DST=79.143.186.54 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=8002 DF PROTO=TCP SPT=41398 DPT=2222 WINDOW=29200 RES=0x00 SYN URGP=0 Jul 29 22:27:37 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=5.12.164.159 DST=79.143.186.54 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=8003 DF PROTO=TCP SPT=41398 DPT=2222 WINDOW=29200 RES=0x00 SYN URGP=0	2020-07-30 05:43:30
5.12.199.5	attack	Automatic report - Port Scan Attack	2020-07-05 15:06:45
5.12.194.28	attackbotsspam	Automatic report - Port Scan Attack	2020-05-29 05:41:45
5.12.168.188	attackspam	Automatic report - Port Scan Attack	2020-04-13 19:08:27
5.12.16.84	attackspam	unauthorized connection attempt	2020-02-26 15:07:07
5.12.119.148	attackspam	Unauthorized connection attempt detected from IP address 5.12.119.148 to port 23 [J]	2020-02-05 10:19:50
5.12.120.157	attackspambots	Unauthorized connection attempt detected from IP address 5.12.120.157 to port 8080 [J]	2020-01-13 02:57:25
5.12.14.28	attackbots	MYH,DEF GET /downloader/	2019-11-13 08:40:09
5.12.174.169	attack	SSH,FTP,8080, Web management Port Scan	2019-11-06 20:31:26
5.12.13.109	attackbots	Automatic report - Port Scan Attack	2019-08-27 18:21:32
5.12.197.56	attackspambots	Web Probe / Attack	2019-08-08 15:55:13

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.12.1.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51341
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;5.12.1.63.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025022000 1800 900 604800 86400

;; Query time: 39 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 20 18:24:14 CST 2025
;; MSG SIZE  rcvd: 102

Host info

63.1.12.5.in-addr.arpa domain name pointer 5-12-1-63.residential.rdsnet.ro.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
63.1.12.5.in-addr.arpa	name = 5-12-1-63.residential.rdsnet.ro.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.101.43.224	attack	Sep 27 21:08:17 gw1 sshd[31841]: Failed password for root from 46.101.43.224 port 36276 ssh2 Sep 27 21:12:48 gw1 sshd[32006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.43.224 ...	2019-09-28 00:25:48
95.56.105.28	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 27-09-2019 13:10:47.	2019-09-28 00:24:08
79.187.192.249	attackbotsspam	Sep 27 11:55:33 ny01 sshd[3135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.187.192.249 Sep 27 11:55:36 ny01 sshd[3135]: Failed password for invalid user bg from 79.187.192.249 port 55681 ssh2 Sep 27 11:59:47 ny01 sshd[4051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.187.192.249	2019-09-28 00:44:25
134.209.147.198	attack	Sep 23 21:58:55 pl1server sshd[10732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.147.198 user=r.r Sep 23 21:58:56 pl1server sshd[10732]: Failed password for r.r from 134.209.147.198 port 41346 ssh2 Sep 23 21:58:57 pl1server sshd[10732]: Received disconnect from 134.209.147.198: 11: Bye Bye [preauth] Sep 23 22:09:37 pl1server sshd[13008]: Invalid user yangzhao from 134.209.147.198 Sep 23 22:09:37 pl1server sshd[13008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.147.198 Sep 23 22:09:39 pl1server sshd[13008]: Failed password for invalid user yangzhao from 134.209.147.198 port 47378 ssh2 Sep 23 22:09:39 pl1server sshd[13008]: Received disconnect from 134.209.147.198: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=134.209.147.198	2019-09-28 00:11:04
59.99.40.27	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 27-09-2019 13:10:36.	2019-09-28 00:41:57
142.44.137.62	attackbots	Sep 27 21:20:57 areeb-Workstation sshd[5246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.137.62 Sep 27 21:20:59 areeb-Workstation sshd[5246]: Failed password for invalid user alex from 142.44.137.62 port 51672 ssh2 ...	2019-09-28 00:12:08
58.59.97.242	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 27-09-2019 13:10:34.	2019-09-28 00:48:43
83.13.115.58	attack	Automatic report - Port Scan Attack	2019-09-28 00:38:38
87.117.52.214	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 27-09-2019 13:10:42.	2019-09-28 00:32:27
86.57.161.131	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 27-09-2019 13:10:41.	2019-09-28 00:33:02
103.31.13.169	attackspambots	Port scan attempt detected by AWS-CCS, CTS, India	2019-09-28 00:47:42
27.210.234.25	attack	(Sep 27) LEN=40 TTL=49 ID=44604 TCP DPT=8080 WINDOW=60126 SYN (Sep 27) LEN=40 TTL=49 ID=57699 TCP DPT=8080 WINDOW=40272 SYN (Sep 27) LEN=40 TTL=49 ID=41605 TCP DPT=8080 WINDOW=16520 SYN (Sep 26) LEN=40 TTL=49 ID=22459 TCP DPT=8080 WINDOW=40272 SYN (Sep 26) LEN=40 TTL=49 ID=36272 TCP DPT=8080 WINDOW=40272 SYN (Sep 25) LEN=40 TTL=49 ID=7572 TCP DPT=8080 WINDOW=60126 SYN (Sep 25) LEN=40 TTL=49 ID=34099 TCP DPT=8080 WINDOW=60126 SYN (Sep 25) LEN=40 TTL=49 ID=16170 TCP DPT=8080 WINDOW=60126 SYN (Sep 25) LEN=40 TTL=49 ID=52711 TCP DPT=8080 WINDOW=16520 SYN (Sep 25) LEN=40 TTL=49 ID=33615 TCP DPT=8080 WINDOW=16520 SYN	2019-09-28 00:12:32
49.204.228.152	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 27-09-2019 13:10:32.	2019-09-28 00:52:09
92.46.73.184	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 27-09-2019 13:10:45.	2019-09-28 00:26:39
112.13.91.29	attackbots	Sep 27 17:30:31 nextcloud sshd\[23504\]: Invalid user rosa from 112.13.91.29 Sep 27 17:30:31 nextcloud sshd\[23504\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.13.91.29 Sep 27 17:30:33 nextcloud sshd\[23504\]: Failed password for invalid user rosa from 112.13.91.29 port 3548 ssh2 ...	2019-09-28 00:08:38

Recently Reported IPs

14.33.20.224	124.208.137.25	219.159.131.77	118.129.36.21
70.20.254.246	87.117.213.219	55.15.218.186	66.236.190.199
80.123.47.26	132.213.222.127	198.175.210.182	21.148.97.221
235.178.27.48	144.246.111.98	205.77.112.172	236.26.172.151
215.127.79.162	13.245.30.9	75.55.157.185	63.24.73.150