106.12.115.245

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	detected by Fail2Ban	2020-08-18 07:03:27

Comments on same subnet:

IP	Type	Details	Datetime
106.12.115.169	attack	2020-08-29 01:12:01.662939-0500 localhost sshd[20959]: Failed password for invalid user odoo from 106.12.115.169 port 52264 ssh2	2020-08-29 17:13:31
106.12.115.169	attackbots	Aug 27 17:01:13 pornomens sshd\[17912\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.115.169 user=root Aug 27 17:01:15 pornomens sshd\[17912\]: Failed password for root from 106.12.115.169 port 49414 ssh2 Aug 27 17:06:27 pornomens sshd\[17968\]: Invalid user ram from 106.12.115.169 port 49310 Aug 27 17:06:27 pornomens sshd\[17968\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.115.169 ...	2020-08-28 01:12:58
106.12.115.169	attack	SSH Brute-Force. Ports scanning.	2020-08-27 04:06:43
106.12.115.169	attackbotsspam	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-26 02:18:33
106.12.115.169	attackspambots	2020-08-21T16:05:06.3408001495-001 sshd[3521]: Invalid user cyx from 106.12.115.169 port 60512 2020-08-21T16:05:08.4807031495-001 sshd[3521]: Failed password for invalid user cyx from 106.12.115.169 port 60512 ssh2 2020-08-21T16:09:45.3397771495-001 sshd[3871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.115.169 user=root 2020-08-21T16:09:46.7789941495-001 sshd[3871]: Failed password for root from 106.12.115.169 port 39550 ssh2 2020-08-21T16:14:13.6949871495-001 sshd[4155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.115.169 user=root 2020-08-21T16:14:15.9269121495-001 sshd[4155]: Failed password for root from 106.12.115.169 port 46808 ssh2 ...	2020-08-22 05:31:50
106.12.115.169	attackbotsspam	Aug 20 13:50:06 rush sshd[24172]: Failed password for root from 106.12.115.169 port 35170 ssh2 Aug 20 13:53:09 rush sshd[24248]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.115.169 Aug 20 13:53:11 rush sshd[24248]: Failed password for invalid user lyl from 106.12.115.169 port 39360 ssh2 ...	2020-08-21 04:03:35
106.12.115.169	attack	SSH Invalid Login	2020-08-17 07:35:50
106.12.115.169	attack	Aug 8 15:37:35 PorscheCustomer sshd[29039]: Failed password for root from 106.12.115.169 port 42088 ssh2 Aug 8 15:42:33 PorscheCustomer sshd[29138]: Failed password for root from 106.12.115.169 port 41414 ssh2 ...	2020-08-08 21:53:18
106.12.115.169	attack	SSH auth scanning - multiple failed logins	2020-08-04 03:26:09
106.12.115.169	attack	2020-08-02T15:26:27.863727linuxbox-skyline sshd[38363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.115.169 user=root 2020-08-02T15:26:29.991656linuxbox-skyline sshd[38363]: Failed password for root from 106.12.115.169 port 33882 ssh2 ...	2020-08-03 05:35:27
106.12.115.169	attackbotsspam	2020-08-02T12:39:08.117321shield sshd\[1843\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.115.169 user=root 2020-08-02T12:39:10.428220shield sshd\[1843\]: Failed password for root from 106.12.115.169 port 48660 ssh2 2020-08-02T12:43:14.128844shield sshd\[2727\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.115.169 user=root 2020-08-02T12:43:16.209177shield sshd\[2727\]: Failed password for root from 106.12.115.169 port 39368 ssh2 2020-08-02T12:47:23.817767shield sshd\[3542\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.115.169 user=root	2020-08-03 02:39:22
106.12.115.169	attackbots	2020-07-30T14:15:54.963302vps773228.ovh.net sshd[13645]: Invalid user daipilin from 106.12.115.169 port 36758 2020-07-30T14:15:54.976848vps773228.ovh.net sshd[13645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.115.169 2020-07-30T14:15:54.963302vps773228.ovh.net sshd[13645]: Invalid user daipilin from 106.12.115.169 port 36758 2020-07-30T14:15:56.602102vps773228.ovh.net sshd[13645]: Failed password for invalid user daipilin from 106.12.115.169 port 36758 ssh2 2020-07-30T14:20:33.571311vps773228.ovh.net sshd[13692]: Invalid user ybli from 106.12.115.169 port 33340 ...	2020-07-30 21:06:16
106.12.115.169	attackspam	Jul 23 06:20:58 inter-technics sshd[30257]: Invalid user maryam from 106.12.115.169 port 44696 Jul 23 06:20:58 inter-technics sshd[30257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.115.169 Jul 23 06:20:58 inter-technics sshd[30257]: Invalid user maryam from 106.12.115.169 port 44696 Jul 23 06:21:00 inter-technics sshd[30257]: Failed password for invalid user maryam from 106.12.115.169 port 44696 ssh2 Jul 23 06:24:19 inter-technics sshd[30450]: Invalid user anna from 106.12.115.169 port 59434 ...	2020-07-23 12:38:05
106.12.115.169	attackbotsspam	Jul 19 12:23:38 ns382633 sshd\[14982\]: Invalid user dcb from 106.12.115.169 port 55644 Jul 19 12:23:38 ns382633 sshd\[14982\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.115.169 Jul 19 12:23:40 ns382633 sshd\[14982\]: Failed password for invalid user dcb from 106.12.115.169 port 55644 ssh2 Jul 19 12:30:03 ns382633 sshd\[16185\]: Invalid user redmine from 106.12.115.169 port 46010 Jul 19 12:30:03 ns382633 sshd\[16185\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.115.169	2020-07-19 22:43:25
106.12.115.169	attackbotsspam	Jul 10 07:03:17 OPSO sshd\[19679\]: Invalid user dawn from 106.12.115.169 port 56072 Jul 10 07:03:17 OPSO sshd\[19679\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.115.169 Jul 10 07:03:20 OPSO sshd\[19679\]: Failed password for invalid user dawn from 106.12.115.169 port 56072 ssh2 Jul 10 07:09:16 OPSO sshd\[20242\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.115.169 user=admin Jul 10 07:09:18 OPSO sshd\[20242\]: Failed password for admin from 106.12.115.169 port 47234 ssh2	2020-07-10 15:33:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.115.245
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31566
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.115.245.			IN	A

;; AUTHORITY SECTION:
.			546	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081701 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Aug 18 07:03:19 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 245.115.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 245.115.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
91.121.49.238	attackbots	prod11 ...	2020-06-21 00:23:07
182.75.237.206	attackbotsspam	DATE:2020-06-20 17:11:19, IP:182.75.237.206, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-06-21 00:53:26
104.131.71.105	attack	Jun 21 01:57:51 localhost sshd[4123533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.71.105 user=root Jun 21 01:57:54 localhost sshd[4123533]: Failed password for root from 104.131.71.105 port 34129 ssh2 ...	2020-06-21 00:22:51
89.136.45.153	attackbots	Automatic report - Banned IP Access	2020-06-21 00:30:45
112.85.42.173	attackbotsspam	2020-06-20T19:28:00.135463afi-git.jinr.ru sshd[9143]: Failed password for root from 112.85.42.173 port 52589 ssh2 2020-06-20T19:28:03.948611afi-git.jinr.ru sshd[9143]: Failed password for root from 112.85.42.173 port 52589 ssh2 2020-06-20T19:28:07.315661afi-git.jinr.ru sshd[9143]: Failed password for root from 112.85.42.173 port 52589 ssh2 2020-06-20T19:28:07.315840afi-git.jinr.ru sshd[9143]: error: maximum authentication attempts exceeded for root from 112.85.42.173 port 52589 ssh2 [preauth] 2020-06-20T19:28:07.315855afi-git.jinr.ru sshd[9143]: Disconnecting: Too many authentication failures [preauth] ...	2020-06-21 00:36:27
180.166.184.66	attackbotsspam	Jun 20 13:51:18 ns3033917 sshd[23745]: Failed password for invalid user uftp from 180.166.184.66 port 44918 ssh2 Jun 20 14:09:48 ns3033917 sshd[24053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.184.66 user=root Jun 20 14:09:50 ns3033917 sshd[24053]: Failed password for root from 180.166.184.66 port 53936 ssh2 ...	2020-06-21 00:15:45
111.205.6.222	attack	Jun 20 16:56:14 home sshd[8123]: Failed password for root from 111.205.6.222 port 42663 ssh2 Jun 20 17:00:27 home sshd[8503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.205.6.222 Jun 20 17:00:29 home sshd[8503]: Failed password for invalid user syed from 111.205.6.222 port 36376 ssh2 ...	2020-06-21 00:46:14
80.210.61.186	attackspambots	Unauthorized connection attempt from IP address 80.210.61.186 on Port 445(SMB)	2020-06-21 00:45:06
192.35.168.237	attackbots	TCP (SYN) 192.35.168.237:54374 -> port 9395, len 44	2020-06-21 00:08:46
61.177.172.102	attack	Jun 20 13:32:54 firewall sshd[24748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.102 user=root Jun 20 13:32:56 firewall sshd[24748]: Failed password for root from 61.177.172.102 port 47993 ssh2 Jun 20 13:32:59 firewall sshd[24748]: Failed password for root from 61.177.172.102 port 47993 ssh2 ...	2020-06-21 00:34:49
153.34.76.28	attackbots	DATE:2020-06-20 14:16:36, IP:153.34.76.28, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-06-21 00:09:14
98.145.151.246	attackbotsspam	2020-06-20T14:16[Censored Hostname] sshd[2193158]: Failed password for invalid user admin from 98.145.151.246 port 32984 ssh2 2020-06-20T14:16[Censored Hostname] sshd[2193205]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-98-145-151-246.natnow.res.rr.com user=root 2020-06-20T14:16[Censored Hostname] sshd[2193205]: Failed password for root from 98.145.151.246 port 33310 ssh2[...]	2020-06-21 00:12:01
87.255.194.30	attackspambots	2020-06-20T14:16:25.887792rocketchat.forhosting.nl sshd[16625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.255.194.30 2020-06-20T14:16:25.884752rocketchat.forhosting.nl sshd[16625]: Invalid user hermes from 87.255.194.30 port 47594 2020-06-20T14:16:27.826276rocketchat.forhosting.nl sshd[16625]: Failed password for invalid user hermes from 87.255.194.30 port 47594 ssh2 ...	2020-06-21 00:17:11
14.21.42.158	attack	SSH login attempts.	2020-06-21 00:51:06
104.129.5.49	attackbots	Jun 18 10:07:44 our-server-hostname sshd[22531]: Address 104.129.5.49 maps to 104.129.5.49.static.quadranet.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jun 18 10:07:44 our-server-hostname sshd[22531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.5.49 user=r.r Jun 18 10:07:46 our-server-hostname sshd[22531]: Failed password for r.r from 104.129.5.49 port 56645 ssh2 Jun 18 10:24:08 our-server-hostname sshd[26662]: Address 104.129.5.49 maps to 104.129.5.49.static.quadranet.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jun 18 10:24:08 our-server-hostname sshd[26662]: Invalid user hy from 104.129.5.49 Jun 18 10:24:08 our-server-hostname sshd[26662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.5.49 Jun 18 10:24:11 our-server-hostname sshd[26662]: Failed password for invalid user hy from 104.129.5.49 port 46546 s........ -------------------------------	2020-06-21 00:38:43

Recently Reported IPs

207.244.242.234	95.30.218.123	185.233.187.222	93.160.144.169
217.103.73.94	107.17.145.213	108.144.130.140	175.91.156.23
8.45.160.246	78.211.246.56	104.216.60.178	175.85.202.177
161.24.118.68	97.203.26.254	187.118.167.234	113.228.178.33
213.52.164.228	197.31.0.32	194.22.0.143	2.104.160.176