106.12.12.242 - IPInfo

Basic Info

City: unknown

Region: Beijing

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Invalid user ali from 106.12.12.242 port 37258	2020-08-28 18:46:56
attack	Aug 23 06:26:13 ip106 sshd[30480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 Aug 23 06:26:15 ip106 sshd[30480]: Failed password for invalid user monitor from 106.12.12.242 port 50174 ssh2 ...	2020-08-23 13:35:29
attackbots	Port Scan ...	2020-08-23 02:29:19
attackbots	Aug 18 09:46:00 home sshd[881413]: Invalid user cyrus from 106.12.12.242 port 47269 Aug 18 09:46:00 home sshd[881413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 Aug 18 09:46:00 home sshd[881413]: Invalid user cyrus from 106.12.12.242 port 47269 Aug 18 09:46:02 home sshd[881413]: Failed password for invalid user cyrus from 106.12.12.242 port 47269 ssh2 Aug 18 09:50:38 home sshd[882843]: Invalid user jwu from 106.12.12.242 port 37102 ...	2020-08-18 16:26:06
attackspam	Jun 2 06:22:31 icinga sshd[56541]: Failed password for root from 106.12.12.242 port 42355 ssh2 Jun 2 06:36:17 icinga sshd[14661]: Failed password for root from 106.12.12.242 port 49105 ssh2 ...	2020-06-02 14:08:08
attackbotsspam	May 30 15:42:36 OPSO sshd\[31754\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 user=root May 30 15:42:38 OPSO sshd\[31754\]: Failed password for root from 106.12.12.242 port 34174 ssh2 May 30 15:48:25 OPSO sshd\[32548\]: Invalid user bluesky from 106.12.12.242 port 33543 May 30 15:48:25 OPSO sshd\[32548\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 May 30 15:48:27 OPSO sshd\[32548\]: Failed password for invalid user bluesky from 106.12.12.242 port 33543 ssh2	2020-05-31 01:09:02
attack	Invalid user stef from 106.12.12.242 port 34176	2020-05-28 17:59:31
attackspambots	May 23 15:14:00 lnxweb61 sshd[10226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242	2020-05-23 22:11:23
attackspam	SSH invalid-user multiple login try	2020-05-23 19:12:31
attack	SSH invalid-user multiple login attempts	2020-05-09 07:52:08
attackbots	hit -> srv3:22	2020-05-01 19:10:32
attack	Apr 28 08:26:05 lock-38 sshd[1644902]: Disconnected from invalid user mary 106.12.12.242 port 53694 [preauth] Apr 28 08:28:35 lock-38 sshd[1644971]: Invalid user hspark from 106.12.12.242 port 35660 Apr 28 08:28:35 lock-38 sshd[1644971]: Invalid user hspark from 106.12.12.242 port 35660 Apr 28 08:28:35 lock-38 sshd[1644971]: Failed password for invalid user hspark from 106.12.12.242 port 35660 ssh2 Apr 28 08:28:36 lock-38 sshd[1644971]: Disconnected from invalid user hspark 106.12.12.242 port 35660 [preauth] ...	2020-04-28 18:05:26
attack	2020-04-26 09:14:58 server sshd[79029]: Failed password for invalid user jsh from 106.12.12.242 port 38350 ssh2	2020-04-28 03:17:24
attackspam	Invalid user qg from 106.12.12.242 port 51277	2020-04-24 17:24:11
attack	Invalid user test from 106.12.12.242 port 56220	2020-04-22 01:24:39
attackbots	Invalid user test from 106.12.12.242 port 56220	2020-04-20 20:41:51
attackbots	5x Failed Password	2020-04-06 08:51:11
attackbotsspam	2020-04-04T20:25:02.347254abusebot-5.cloudsearch.cf sshd[32129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 user=root 2020-04-04T20:25:04.429982abusebot-5.cloudsearch.cf sshd[32129]: Failed password for root from 106.12.12.242 port 60956 ssh2 2020-04-04T20:27:01.066070abusebot-5.cloudsearch.cf sshd[32207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 user=root 2020-04-04T20:27:02.817738abusebot-5.cloudsearch.cf sshd[32207]: Failed password for root from 106.12.12.242 port 46196 ssh2 2020-04-04T20:28:54.292456abusebot-5.cloudsearch.cf sshd[32309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 user=root 2020-04-04T20:28:56.224693abusebot-5.cloudsearch.cf sshd[32309]: Failed password for root from 106.12.12.242 port 59658 ssh2 2020-04-04T20:30:50.147693abusebot-5.cloudsearch.cf sshd[32325]: pam_unix(sshd:auth): authe ...	2020-04-05 04:37:06
attackspam	Apr 1 14:02:42 ns382633 sshd\[10646\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 user=root Apr 1 14:02:43 ns382633 sshd\[10646\]: Failed password for root from 106.12.12.242 port 33415 ssh2 Apr 1 14:17:05 ns382633 sshd\[13803\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 user=root Apr 1 14:17:07 ns382633 sshd\[13803\]: Failed password for root from 106.12.12.242 port 44109 ssh2 Apr 1 14:27:44 ns382633 sshd\[15847\]: Invalid user ypz from 106.12.12.242 port 44138 Apr 1 14:27:44 ns382633 sshd\[15847\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242	2020-04-02 04:32:30
attackspambots	$f2bV_matches	2020-03-24 06:38:44
attackbotsspam	2020-02-07T16:27:32.419219scmdmz1 sshd[13363]: Invalid user nyj from 106.12.12.242 port 45498 2020-02-07T16:27:32.423205scmdmz1 sshd[13363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.242 2020-02-07T16:27:32.419219scmdmz1 sshd[13363]: Invalid user nyj from 106.12.12.242 port 45498 2020-02-07T16:27:34.078087scmdmz1 sshd[13363]: Failed password for invalid user nyj from 106.12.12.242 port 45498 ssh2 2020-02-07T16:31:54.271778scmdmz1 sshd[14125]: Invalid user ljw from 106.12.12.242 port 40602 ...	2020-02-08 05:46:15

Comments on same subnet:

IP	Type	Details	Datetime
106.12.125.241	attack	Oct 12 23:39:26 localhost sshd[1152202]: Invalid user CVSROOT from 106.12.125.241 port 37014 ...	2020-10-12 23:39:48
106.12.125.241	attack	ssh brute force	2020-10-12 15:02:58
106.12.121.179	attackbotsspam	Brute-force attempt banned	2020-10-10 03:44:36
106.12.126.114	attackbots	ET SCAN NMAP -sS window 1024	2020-10-10 03:29:42
106.12.121.179	attack	sshd: Failed password for invalid user .... from 106.12.121.179 port 54966 ssh2 (8 attempts)	2020-10-09 19:40:25
106.12.126.114	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-09 19:22:57
106.12.125.241	attackbots	Oct 9 09:47:45 ns382633 sshd\[20848\]: Invalid user administrator from 106.12.125.241 port 55126 Oct 9 09:47:45 ns382633 sshd\[20848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 Oct 9 09:47:47 ns382633 sshd\[20848\]: Failed password for invalid user administrator from 106.12.125.241 port 55126 ssh2 Oct 9 09:53:23 ns382633 sshd\[21610\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.241 user=root Oct 9 09:53:25 ns382633 sshd\[21610\]: Failed password for root from 106.12.125.241 port 48080 ssh2	2020-10-09 17:42:14
106.12.123.239	attackspam	Found on CINS badguys / proto=6 . srcport=56933 . dstport=3508 . (5380)	2020-10-09 04:11:23
106.12.123.239	attackspambots	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-08 20:19:28
106.12.123.239	attackspam	Failed password for invalid user samba from 106.12.123.239 port 42704 ssh2	2020-10-08 12:15:56
106.12.123.239	attackspambots	TCP (SYN) 106.12.123.239:53351 -> port 20725, len 44	2020-10-08 07:36:48
106.12.127.39	attackspam	Oct 6 00:16:59 dev0-dcde-rnet sshd[24466]: Failed password for root from 106.12.127.39 port 35302 ssh2 Oct 6 00:22:53 dev0-dcde-rnet sshd[24535]: Failed password for root from 106.12.127.39 port 54790 ssh2	2020-10-06 08:01:45
106.12.127.39	attackbotsspam	$f2bV_matches	2020-10-05 16:23:30
106.12.125.178	attack	2020-10-04T00:32:21.990228mail.standpoint.com.ua sshd[8726]: Invalid user admin from 106.12.125.178 port 57304 2020-10-04T00:32:21.992993mail.standpoint.com.ua sshd[8726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.178 2020-10-04T00:32:21.990228mail.standpoint.com.ua sshd[8726]: Invalid user admin from 106.12.125.178 port 57304 2020-10-04T00:32:23.391915mail.standpoint.com.ua sshd[8726]: Failed password for invalid user admin from 106.12.125.178 port 57304 ssh2 2020-10-04T00:33:47.893416mail.standpoint.com.ua sshd[8899]: Invalid user minecraft from 106.12.125.178 port 51324 ...	2020-10-04 07:12:02
106.12.125.178	attack	Oct 3 14:13:57 *** sshd[15317]: User root from 106.12.125.178 not allowed because not listed in AllowUsers	2020-10-03 23:26:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.12.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22095
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.12.242.			IN	A

;; AUTHORITY SECTION:
.			378	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020701 1800 900 604800 86400

;; Query time: 401 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 08 05:46:09 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 242.12.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 242.12.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
40.73.116.245	attackspambots	Oct 15 08:10:19 meumeu sshd[4550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.116.245 Oct 15 08:10:21 meumeu sshd[4550]: Failed password for invalid user P@55Word from 40.73.116.245 port 34930 ssh2 Oct 15 08:15:50 meumeu sshd[5371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.116.245 ...	2019-10-15 14:42:08
111.230.241.90	attack	Oct 15 07:09:18 www2 sshd\[13393\]: Invalid user toi from 111.230.241.90Oct 15 07:09:21 www2 sshd\[13393\]: Failed password for invalid user toi from 111.230.241.90 port 40444 ssh2Oct 15 07:14:03 www2 sshd\[13934\]: Failed password for root from 111.230.241.90 port 50024 ssh2 ...	2019-10-15 14:32:31
106.75.176.192	attack	Oct 14 17:45:49 auw2 sshd\[24610\]: Invalid user admin from 106.75.176.192 Oct 14 17:45:49 auw2 sshd\[24610\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.176.192 Oct 14 17:45:50 auw2 sshd\[24610\]: Failed password for invalid user admin from 106.75.176.192 port 41524 ssh2 Oct 14 17:51:28 auw2 sshd\[25101\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.176.192 user=root Oct 14 17:51:31 auw2 sshd\[25101\]: Failed password for root from 106.75.176.192 port 50606 ssh2	2019-10-15 14:11:07
183.103.35.198	attack	$f2bV_matches	2019-10-15 14:37:31
222.154.238.59	attack	Oct 14 18:03:51 hanapaa sshd\[7159\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222-154-238-59.adsl.xtra.co.nz user=root Oct 14 18:03:52 hanapaa sshd\[7159\]: Failed password for root from 222.154.238.59 port 42534 ssh2 Oct 14 18:08:19 hanapaa sshd\[7520\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222-154-238-59.adsl.xtra.co.nz user=root Oct 14 18:08:21 hanapaa sshd\[7520\]: Failed password for root from 222.154.238.59 port 53974 ssh2 Oct 14 18:12:46 hanapaa sshd\[7991\]: Invalid user carshowguide from 222.154.238.59 Oct 14 18:12:46 hanapaa sshd\[7991\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222-154-238-59.adsl.xtra.co.nz	2019-10-15 14:34:29
159.89.36.171	attackbotsspam	Automatic report - Banned IP Access	2019-10-15 14:43:48
60.190.114.82	attackspam	2019-10-15T05:57:50.556365abusebot-5.cloudsearch.cf sshd\[922\]: Invalid user dice from 60.190.114.82 port 35966	2019-10-15 14:25:02
209.17.97.2	attackbots	Automatic report - Banned IP Access	2019-10-15 14:11:34
185.90.116.102	attackspam	Excessive Port-Scanning	2019-10-15 14:17:50
89.248.174.214	attackspam	10/15/2019-01:09:56.232351 89.248.174.214 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-15 14:21:07
106.13.93.161	attackbots	[Aegis] @ 2019-10-15 05:31:13 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-10-15 14:19:42
45.137.40.3	attackspambots	[Aegis] @ 2019-10-15 04:51:04 0100 -> A web attack returned code 200 (success).	2019-10-15 14:20:33
109.194.199.28	attack	Oct 15 03:51:19 www_kotimaassa_fi sshd[23836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.194.199.28 Oct 15 03:51:21 www_kotimaassa_fi sshd[23836]: Failed password for invalid user admin from 109.194.199.28 port 49268 ssh2 ...	2019-10-15 14:15:15
185.164.57.186	attack	[Aegis] @ 2019-10-15 04:50:42 0100 -> A web attack returned code 200 (success).	2019-10-15 14:32:17
210.16.103.127	attack	WordPress wp-login brute force :: 210.16.103.127 0.152 BYPASS [15/Oct/2019:16:03:21 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-15 14:34:46

Recently Reported IPs

100.141.76.130	138.97.31.81	190.180.181.236	119.91.104.77
216.24.183.114	1.55.43.230	39.93.241.201	85.231.43.22
150.109.204.252	116.89.88.245	220.200.56.195	187.18.175.55
162.251.126.149	120.17.222.117	159.89.90.41	49.235.190.177
86.216.5.65	41.218.202.140	190.124.172.36	90.192.83.194