106.12.138.245

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Oct 22 11:40:10 friendsofhawaii sshd\[23772\]: Invalid user ts3soundboard from 106.12.138.245 Oct 22 11:40:10 friendsofhawaii sshd\[23772\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.138.245 Oct 22 11:40:11 friendsofhawaii sshd\[23772\]: Failed password for invalid user ts3soundboard from 106.12.138.245 port 39972 ssh2 Oct 22 11:45:18 friendsofhawaii sshd\[24158\]: Invalid user testuser from 106.12.138.245 Oct 22 11:45:18 friendsofhawaii sshd\[24158\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.138.245	2019-10-23 08:05:14
attack	2019-10-22T16:19:50.636778abusebot-6.cloudsearch.cf sshd\[10109\]: Invalid user adnane from 106.12.138.245 port 44374	2019-10-23 00:42:51

Type

Details

Datetime

attack

Oct 22 11:40:10 friendsofhawaii sshd\[23772\]: Invalid user ts3soundboard from 106.12.138.245
Oct 22 11:40:10 friendsofhawaii sshd\[23772\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.138.245
Oct 22 11:40:11 friendsofhawaii sshd\[23772\]: Failed password for invalid user ts3soundboard from 106.12.138.245 port 39972 ssh2
Oct 22 11:45:18 friendsofhawaii sshd\[24158\]: Invalid user testuser from 106.12.138.245
Oct 22 11:45:18 friendsofhawaii sshd\[24158\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.138.245

2019-10-23 08:05:14

attack

2019-10-22T16:19:50.636778abusebot-6.cloudsearch.cf sshd\[10109\]: Invalid user adnane from 106.12.138.245 port 44374

2019-10-23 00:42:51

Comments on same subnet:

IP	Type	Details	Datetime
106.12.138.72	attack	Sep 28 10:46:38 XXX sshd[60152]: Invalid user 51.254.2.202 from 106.12.138.72 port 52994	2020-09-30 05:02:21
106.12.138.72	attackspam	Sep 28 10:46:38 XXX sshd[60152]: Invalid user 51.254.2.202 from 106.12.138.72 port 52994	2020-09-29 21:10:51
106.12.138.72	attackspam	Sep 28 10:46:38 XXX sshd[60152]: Invalid user 51.254.2.202 from 106.12.138.72 port 52994	2020-09-29 13:24:31
106.12.138.72	attackspam	(sshd) Failed SSH login from 106.12.138.72 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 13 18:30:25 elude sshd[6336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.138.72 user=root Sep 13 18:30:26 elude sshd[6336]: Failed password for root from 106.12.138.72 port 47338 ssh2 Sep 13 18:52:34 elude sshd[9600]: Invalid user hu from 106.12.138.72 port 57076 Sep 13 18:52:36 elude sshd[9600]: Failed password for invalid user hu from 106.12.138.72 port 57076 ssh2 Sep 13 18:57:28 elude sshd[10263]: Invalid user 0 from 106.12.138.72 port 57666	2020-09-14 05:55:17
106.12.138.226	attackspam	Aug 6 16:27:12 buvik sshd[23861]: Failed password for root from 106.12.138.226 port 47290 ssh2 Aug 6 16:31:04 buvik sshd[24437]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.138.226 user=root Aug 6 16:31:06 buvik sshd[24437]: Failed password for root from 106.12.138.226 port 60390 ssh2 ...	2020-08-06 22:31:32
106.12.138.72	attackbots	Aug 2 16:20:23 minden010 sshd[11462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.138.72 Aug 2 16:20:25 minden010 sshd[11462]: Failed password for invalid user wonder from 106.12.138.72 port 47934 ssh2 Aug 2 16:23:19 minden010 sshd[12379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.138.72 ...	2020-08-02 22:37:45
106.12.138.72	attack	Jul 13 01:33:38 mail sshd[22961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.138.72 Jul 13 01:33:40 mail sshd[22961]: Failed password for invalid user 9737 from 106.12.138.72 port 53122 ssh2 ...	2020-07-14 13:03:48
106.12.138.72	attackspam	Cluster member 67.227.229.95 (US/United States/host.cjthedj97.me) said, DENY 106.12.138.72, Reason:[(sshd) Failed SSH login from 106.12.138.72 (CN/China/-): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER	2020-07-11 06:14:49
106.12.138.72	attackbotsspam	2020-07-09T23:01:34.590387abusebot-3.cloudsearch.cf sshd[11601]: Invalid user isemi from 106.12.138.72 port 57002 2020-07-09T23:01:34.597071abusebot-3.cloudsearch.cf sshd[11601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.138.72 2020-07-09T23:01:34.590387abusebot-3.cloudsearch.cf sshd[11601]: Invalid user isemi from 106.12.138.72 port 57002 2020-07-09T23:01:36.696029abusebot-3.cloudsearch.cf sshd[11601]: Failed password for invalid user isemi from 106.12.138.72 port 57002 ssh2 2020-07-09T23:05:13.442390abusebot-3.cloudsearch.cf sshd[11666]: Invalid user zhoujianglong from 106.12.138.72 port 53034 2020-07-09T23:05:13.447904abusebot-3.cloudsearch.cf sshd[11666]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.138.72 2020-07-09T23:05:13.442390abusebot-3.cloudsearch.cf sshd[11666]: Invalid user zhoujianglong from 106.12.138.72 port 53034 2020-07-09T23:05:15.611917abusebot-3.cloudsearch.cf ssh ...	2020-07-10 08:12:12
106.12.138.226	attackspam	2020-07-07T16:26:56.607668mail.standpoint.com.ua sshd[31000]: Failed password for invalid user ucpss from 106.12.138.226 port 53354 ssh2 2020-07-07T16:30:39.334906mail.standpoint.com.ua sshd[31515]: Invalid user marilia from 106.12.138.226 port 42464 2020-07-07T16:30:39.338644mail.standpoint.com.ua sshd[31515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.138.226 2020-07-07T16:30:39.334906mail.standpoint.com.ua sshd[31515]: Invalid user marilia from 106.12.138.226 port 42464 2020-07-07T16:30:40.725365mail.standpoint.com.ua sshd[31515]: Failed password for invalid user marilia from 106.12.138.226 port 42464 ssh2 ...	2020-07-08 00:19:03
106.12.138.226	attack	Multiple SSH authentication failures from 106.12.138.226	2020-07-02 05:54:53
106.12.138.226	attackbots	2020-06-29T13:09:08.251079+02:00 sshd[8562]: Failed password for invalid user ubuntu from 106.12.138.226 port 41056 ssh2	2020-06-30 00:08:20
106.12.138.72	attackspambots	Jun 28 07:57:02 sso sshd[8073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.138.72 Jun 28 07:57:04 sso sshd[8073]: Failed password for invalid user user1 from 106.12.138.72 port 46076 ssh2 ...	2020-06-28 14:13:21
106.12.138.226	attack	2020-06-24T04:09:30.240947shield sshd\[22882\]: Invalid user cookie from 106.12.138.226 port 46528 2020-06-24T04:09:30.244454shield sshd\[22882\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.138.226 2020-06-24T04:09:32.334577shield sshd\[22882\]: Failed password for invalid user cookie from 106.12.138.226 port 46528 ssh2 2020-06-24T04:17:05.267634shield sshd\[23678\]: Invalid user qb from 106.12.138.226 port 36890 2020-06-24T04:17:05.271241shield sshd\[23678\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.138.226	2020-06-24 12:20:18
106.12.138.226	attack	Jun 22 08:42:14 propaganda sshd[112124]: Connection from 106.12.138.226 port 54980 on 10.0.0.160 port 22 rdomain "" Jun 22 08:42:16 propaganda sshd[112124]: Connection closed by 106.12.138.226 port 54980 [preauth]	2020-06-23 01:27:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.138.245
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13678
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.138.245.			IN	A

;; AUTHORITY SECTION:
.			348	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102200 1800 900 604800 86400

;; Query time: 133 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 23 00:42:44 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 245.138.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 245.138.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
120.72.26.12	attack	RDP Brute-Force (Grieskirchen RZ2)	2020-01-06 08:59:04
157.230.128.181	attackspambots	Jan 5 20:51:06 vps46666688 sshd[31330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.128.181 Jan 5 20:51:09 vps46666688 sshd[31330]: Failed password for invalid user alcaide from 157.230.128.181 port 55932 ssh2 ...	2020-01-06 09:09:51
81.250.151.128	attackspam	Honeypot attack, port: 445, PTR: lputeaux-657-1-299-128.w81-250.abo.wanadoo.fr.	2020-01-06 09:16:01
71.85.237.85	attackbotsspam	IDS	2020-01-06 09:14:03
139.99.219.75	attackspambots	Jan x@x Jan x@x Jan x@x Jan x@x Jan x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=139.99.219.75	2020-01-06 09:11:18
118.71.86.200	attackbotsspam	Unauthorized connection attempt detected from IP address 118.71.86.200 to port 23 [J]	2020-01-06 09:02:40
51.83.249.117	attackspam	Jan x@x Jan x@x Jan x@x Jan x@x Jan x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=51.83.249.117	2020-01-06 09:17:26
188.26.5.6	attackspambots	Unauthorized connection attempt detected from IP address 188.26.5.6 to port 4567 [J]	2020-01-06 09:02:19
162.222.179.81	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/162.222.179.81/ US - 1H : (14) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN15169 IP : 162.222.179.81 CIDR : 162.222.176.0/21 PREFIX COUNT : 602 UNIQUE IP COUNT : 8951808 ATTACKS DETECTED ASN15169 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 4 DateTime : 2020-01-05 22:47:19 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2020-01-06 09:08:00
106.13.207.159	attackspambots	Unauthorized connection attempt detected from IP address 106.13.207.159 to port 2220 [J]	2020-01-06 08:51:57
114.23.219.37	attack	Fake Googlebot	2020-01-06 09:17:13
211.193.17.183	attackbots	Unauthorized connection attempt detected from IP address 211.193.17.183 to port 5555	2020-01-06 08:55:32
179.180.98.61	attack	Honeypot attack, port: 23, PTR: 179.180.98.61.dynamic.adsl.gvt.net.br.	2020-01-06 09:12:26
101.109.253.194	attack	1578260850 - 01/05/2020 22:47:30 Host: 101.109.253.194/101.109.253.194 Port: 445 TCP Blocked	2020-01-06 09:03:09
213.254.131.157	attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2020-01-06 08:48:46

Recently Reported IPs

70.236.160.150	118.193.102.119	47.146.233.19	247.77.43.124
250.186.218.35	34.200.186.208	249.193.58.20	254.41.198.241
121.255.167.31	191.75.180.229	61.3.42.69	185.42.181.218
113.91.230.9	130.70.21.119	188.222.36.124	122.164.7.199
57.134.86.7	124.95.129.102	90.240.135.203	160.14.246.173