106.12.126.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Invalid user dsetiadi from 106.12.126.42 port 36436	2019-10-27 01:16:48
attackbotsspam	Oct 15 06:44:28 site2 sshd\[23752\]: Invalid user toni from 106.12.126.42Oct 15 06:44:30 site2 sshd\[23752\]: Failed password for invalid user toni from 106.12.126.42 port 36126 ssh2Oct 15 06:48:58 site2 sshd\[23998\]: Invalid user uq from 106.12.126.42Oct 15 06:48:59 site2 sshd\[23998\]: Failed password for invalid user uq from 106.12.126.42 port 44860 ssh2Oct 15 06:53:20 site2 sshd\[24337\]: Failed password for root from 106.12.126.42 port 53528 ssh2 ...	2019-10-15 13:13:32
attackbotsspam	Oct 14 13:43:41 icinga sshd[24444]: Failed password for root from 106.12.126.42 port 44380 ssh2 ...	2019-10-14 23:53:05
attackspam	2019-10-13T18:09:21.182455abusebot-7.cloudsearch.cf sshd\[19197\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.126.42 user=root	2019-10-14 02:27:05
attackspambots	Oct 8 13:06:26 php1 sshd\[5071\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.126.42 user=root Oct 8 13:06:28 php1 sshd\[5071\]: Failed password for root from 106.12.126.42 port 33628 ssh2 Oct 8 13:10:46 php1 sshd\[5577\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.126.42 user=root Oct 8 13:10:48 php1 sshd\[5577\]: Failed password for root from 106.12.126.42 port 39568 ssh2 Oct 8 13:15:13 php1 sshd\[5979\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.126.42 user=root	2019-10-09 07:23:24
attack	Oct 5 07:06:44 www2 sshd\[6100\]: Invalid user 123Star from 106.12.126.42Oct 5 07:06:46 www2 sshd\[6100\]: Failed password for invalid user 123Star from 106.12.126.42 port 55846 ssh2Oct 5 07:10:54 www2 sshd\[6651\]: Invalid user q1w2e3r4T5 from 106.12.126.42 ...	2019-10-05 16:38:02
attackbots	Sep 23 05:54:06 markkoudstaal sshd[15690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.126.42 Sep 23 05:54:08 markkoudstaal sshd[15690]: Failed password for invalid user arkserver from 106.12.126.42 port 60240 ssh2 Sep 23 05:58:57 markkoudstaal sshd[16176]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.126.42	2019-09-23 12:03:45
attack	2019-09-22T15:04:41.600833hub.schaetter.us sshd\[10453\]: Invalid user cloudtest!@\# from 106.12.126.42 2019-09-22T15:04:41.642409hub.schaetter.us sshd\[10453\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.126.42 2019-09-22T15:04:43.720086hub.schaetter.us sshd\[10453\]: Failed password for invalid user cloudtest!@\# from 106.12.126.42 port 55374 ssh2 2019-09-22T15:14:34.990044hub.schaetter.us sshd\[10513\]: Invalid user qwerty from 106.12.126.42 2019-09-22T15:14:35.021544hub.schaetter.us sshd\[10513\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.126.42 ...	2019-09-23 04:52:41
attack	Sep 21 23:22:08 mail sshd\[23335\]: Failed password for invalid user nsukei1 from 106.12.126.42 port 44792 ssh2 Sep 21 23:26:48 mail sshd\[23813\]: Invalid user lxpopuser from 106.12.126.42 port 55894 Sep 21 23:26:48 mail sshd\[23813\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.126.42 Sep 21 23:26:50 mail sshd\[23813\]: Failed password for invalid user lxpopuser from 106.12.126.42 port 55894 ssh2 Sep 21 23:31:36 mail sshd\[24306\]: Invalid user wyzykiewicz from 106.12.126.42 port 38738	2019-09-22 05:41:48

Comments on same subnet:

IP	Type	Details	Datetime
106.12.126.114	attackbots	ET SCAN NMAP -sS window 1024	2020-10-10 03:29:42
106.12.126.114	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-09 19:22:57
106.12.126.114	attack	Jul 27 23:25:31 buvik sshd[3318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.126.114 Jul 27 23:25:33 buvik sshd[3318]: Failed password for invalid user xiehs from 106.12.126.114 port 40798 ssh2 Jul 27 23:30:03 buvik sshd[3838]: Invalid user arkserver from 106.12.126.114 ...	2020-07-28 06:49:59
106.12.126.114	attackspambots	TCP (SYN) 106.12.126.114:42658 -> port 15898, len 44	2020-07-20 07:30:45
106.12.126.208	attackspam	" "	2020-06-24 23:10:22
106.12.126.208	attack	2020-06-21T07:42:04.910048snf-827550 sshd[4435]: Invalid user qma from 106.12.126.208 port 44730 2020-06-21T07:42:06.284123snf-827550 sshd[4435]: Failed password for invalid user qma from 106.12.126.208 port 44730 ssh2 2020-06-21T07:45:19.358928snf-827550 sshd[4446]: Invalid user daniel from 106.12.126.208 port 49158 ...	2020-06-21 18:05:02
106.12.126.114	attackbotsspam	Jun 20 12:44:49 Host-KLAX-C sshd[2554]: Invalid user bass from 106.12.126.114 port 42126 ...	2020-06-21 04:15:44
106.12.126.114	attackbotsspam	2020-06-15 05:54:32,369 fail2ban.actions: WARNING [ssh] Ban 106.12.126.114	2020-06-15 13:51:22
106.12.126.208	attackbotsspam	Jun 10 05:50:09 rotator sshd\[23821\]: Invalid user marijuanamea123 from 106.12.126.208Jun 10 05:50:11 rotator sshd\[23821\]: Failed password for invalid user marijuanamea123 from 106.12.126.208 port 57278 ssh2Jun 10 05:52:17 rotator sshd\[24454\]: Invalid user lovelike from 106.12.126.208Jun 10 05:52:20 rotator sshd\[24454\]: Failed password for invalid user lovelike from 106.12.126.208 port 56932 ssh2Jun 10 05:54:24 rotator sshd\[24495\]: Invalid user cheryl from 106.12.126.208Jun 10 05:54:26 rotator sshd\[24495\]: Failed password for invalid user cheryl from 106.12.126.208 port 56592 ssh2 ...	2020-06-10 13:08:04
106.12.126.54	attackspam	Lines containing failures of 106.12.126.54 Jun 5 12:48:43 shared04 sshd[10894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.126.54 user=r.r Jun 5 12:48:45 shared04 sshd[10894]: Failed password for r.r from 106.12.126.54 port 34040 ssh2 Jun 5 12:48:45 shared04 sshd[10894]: Received disconnect from 106.12.126.54 port 34040:11: Bye Bye [preauth] Jun 5 12:48:45 shared04 sshd[10894]: Disconnected from authenticating user r.r 106.12.126.54 port 34040 [preauth] Jun 5 12:58:50 shared04 sshd[14592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.126.54 user=r.r Jun 5 12:58:52 shared04 sshd[14592]: Failed password for r.r from 106.12.126.54 port 49946 ssh2 Jun 5 12:58:52 shared04 sshd[14592]: Received disconnect from 106.12.126.54 port 49946:11: Bye Bye [preauth] Jun 5 12:58:52 shared04 sshd[14592]: Disconnected from authenticating user r.r 106.12.126.54 port 49946 [preauth........ ------------------------------	2020-06-07 21:19:21
106.12.126.114	attack	Jun 5 19:42:06 UTC__SANYALnet-Labs__cac14 sshd[12601]: Connection from 106.12.126.114 port 48810 on 64.137.176.112 port 22 Jun 5 19:42:08 UTC__SANYALnet-Labs__cac14 sshd[12601]: User r.r from 106.12.126.114 not allowed because not listed in AllowUsers Jun 5 19:42:08 UTC__SANYALnet-Labs__cac14 sshd[12601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.126.114 user=r.r Jun 5 19:42:11 UTC__SANYALnet-Labs__cac14 sshd[12601]: Failed password for invalid user r.r from 106.12.126.114 port 48810 ssh2 Jun 5 19:42:11 UTC__SANYALnet-Labs__cac14 sshd[12601]: Received disconnect from 106.12.126.114: 11: Bye Bye [preauth] Jun 5 19:52:19 UTC__SANYALnet-Labs__cac14 sshd[10556]: Connection from 106.12.126.114 port 42532 on 64.137.176.112 port 22 Jun 5 19:52:22 UTC__SANYALnet-Labs__cac14 sshd[10556]: User r.r from 106.12.126.114 not allowed because not listed in AllowUsers Jun 5 19:52:22 UTC__SANYALnet-Labs__cac14 sshd[10556]: pam........ -------------------------------	2020-06-07 07:35:11
106.12.126.149	attack	Mar 28 22:36:42 [host] sshd[2296]: Invalid user xr Mar 28 22:36:42 [host] sshd[2296]: pam_unix(sshd:a Mar 28 22:36:43 [host] sshd[2296]: Failed password	2020-03-29 06:18:16
106.12.126.149	attackbots	Mar 27 00:11:35 vpn01 sshd[24200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.126.149 Mar 27 00:11:37 vpn01 sshd[24200]: Failed password for invalid user kwn from 106.12.126.149 port 35406 ssh2 ...	2020-03-27 07:49:23

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.126.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24613
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.126.42.			IN	A

;; AUTHORITY SECTION:
.			367	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092100 1800 900 604800 86400

;; Query time: 692 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 22 05:42:36 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 42.126.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.126.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
36.233.135.24	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/36.233.135.24/ TW - 1H : (303) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 36.233.135.24 CIDR : 36.233.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 ATTACKS DETECTED ASN3462 : 1H - 6 3H - 24 6H - 68 12H - 167 24H - 280 DateTime : 2019-11-14 07:26:30 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-14 17:45:19
222.186.42.4	attackspambots	2019-11-14T09:42:13.708928abusebot-7.cloudsearch.cf sshd\[32405\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.4 user=root	2019-11-14 17:43:47
61.228.210.146	attackbotsspam	port scan and connect, tcp 23 (telnet)	2019-11-14 17:42:23
159.203.201.190	attack	" "	2019-11-14 17:59:16
78.188.4.124	attackspambots	Registration form abuse	2019-11-14 17:34:36
170.130.187.6	attackbotsspam	UTC: 2019-11-13 port: 23/tcp	2019-11-14 17:29:42
188.240.208.26	attackbotsspam	Automatic report - XMLRPC Attack	2019-11-14 18:06:59
54.37.136.213	attackbotsspam	Nov 14 11:14:03 sauna sshd[217590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.136.213 Nov 14 11:14:04 sauna sshd[217590]: Failed password for invalid user test from 54.37.136.213 port 55852 ssh2 ...	2019-11-14 17:37:32
52.231.159.59	attackspam	T: f2b 404 5x	2019-11-14 17:42:52
72.240.36.235	attackbots	Nov 14 15:29:09 vibhu-HP-Z238-Microtower-Workstation sshd\[12802\]: Invalid user hurst from 72.240.36.235 Nov 14 15:29:09 vibhu-HP-Z238-Microtower-Workstation sshd\[12802\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.240.36.235 Nov 14 15:29:11 vibhu-HP-Z238-Microtower-Workstation sshd\[12802\]: Failed password for invalid user hurst from 72.240.36.235 port 50091 ssh2 Nov 14 15:35:47 vibhu-HP-Z238-Microtower-Workstation sshd\[13224\]: Invalid user star1234 from 72.240.36.235 Nov 14 15:35:47 vibhu-HP-Z238-Microtower-Workstation sshd\[13224\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.240.36.235 ...	2019-11-14 18:08:30
178.62.118.53	attackbots	$f2bV_matches	2019-11-14 17:46:13
51.77.156.223	attackbots	Nov 14 09:35:46 minden010 sshd[27788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.156.223 Nov 14 09:35:47 minden010 sshd[27788]: Failed password for invalid user danell from 51.77.156.223 port 49260 ssh2 Nov 14 09:39:58 minden010 sshd[1031]: Failed password for root from 51.77.156.223 port 37480 ssh2 ...	2019-11-14 17:38:50
91.200.82.131	attackspambots	B: Magento admin pass test (wrong country)	2019-11-14 17:51:38
122.51.23.52	attack	Automatic report - SSH Brute-Force Attack	2019-11-14 17:56:03
106.13.17.8	attackbots	Nov 14 09:59:31 server sshd\[22695\]: Invalid user quadrant from 106.13.17.8 Nov 14 09:59:31 server sshd\[22695\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.17.8 Nov 14 09:59:33 server sshd\[22695\]: Failed password for invalid user quadrant from 106.13.17.8 port 45834 ssh2 Nov 14 10:13:02 server sshd\[26406\]: Invalid user server from 106.13.17.8 Nov 14 10:13:02 server sshd\[26406\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.17.8 ...	2019-11-14 17:44:27

Recently Reported IPs

151.8.228.85	162.243.131.154	110.77.230.48	14.3.227.86
181.35.81.46	208.186.113.239	95.24.186.123	158.192.83.217
161.116.245.244	37.211.76.255	188.162.199.219	103.200.118.61
77.105.152.126	222.254.229.39	212.164.233.151	173.212.207.189
45.71.89.254	202.224.120.208	33.230.53.132	189.172.43.180