106.12.199.98 - IPInfo

Basic Info

City: unknown

Region: Beijing

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: Beijing Baidu Netcom Science and Technology Co., Ltd.

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 14 04:23:09 gw1 sshd[32556]: Failed password for mysql from 106.12.199.98 port 55852 ssh2 ...	2019-11-14 07:30:57
attack	[ssh] SSH attack	2019-11-12 22:29:35
attackspambots	Nov 10 09:57:23 microserver sshd[65242]: Failed password for root from 106.12.199.98 port 35732 ssh2 Nov 10 10:02:06 microserver sshd[685]: Invalid user odoo from 106.12.199.98 port 41360 Nov 10 10:02:06 microserver sshd[685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 Nov 10 10:02:08 microserver sshd[685]: Failed password for invalid user odoo from 106.12.199.98 port 41360 ssh2 Nov 10 10:15:47 microserver sshd[2738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 user=root Nov 10 10:15:49 microserver sshd[2738]: Failed password for root from 106.12.199.98 port 58150 ssh2 Nov 10 10:20:31 microserver sshd[3396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 user=root Nov 10 10:20:34 microserver sshd[3396]: Failed password for root from 106.12.199.98 port 35534 ssh2 Nov 10 10:25:14 microserver sshd[3976]: Invalid user ot from 106.12.199.98 po	2019-11-10 17:52:29
attackbots	Nov 7 07:15:35 server sshd\[12491\]: Invalid user glen from 106.12.199.98 port 60354 Nov 7 07:15:35 server sshd\[12491\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 Nov 7 07:15:36 server sshd\[12491\]: Failed password for invalid user glen from 106.12.199.98 port 60354 ssh2 Nov 7 07:20:25 server sshd\[10171\]: User root from 106.12.199.98 not allowed because listed in DenyUsers Nov 7 07:20:25 server sshd\[10171\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 user=root	2019-11-07 13:34:05
attackbotsspam	Nov 1 19:37:17 legacy sshd[32118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 Nov 1 19:37:19 legacy sshd[32118]: Failed password for invalid user jinglei1982 from 106.12.199.98 port 53544 ssh2 Nov 1 19:41:24 legacy sshd[32221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 ...	2019-11-02 02:53:00
attackbotsspam	Oct 27 03:44:14 php1 sshd\[740\]: Invalid user design1234 from 106.12.199.98 Oct 27 03:44:14 php1 sshd\[740\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 Oct 27 03:44:17 php1 sshd\[740\]: Failed password for invalid user design1234 from 106.12.199.98 port 58820 ssh2 Oct 27 03:50:13 php1 sshd\[1272\]: Invalid user suporte from 106.12.199.98 Oct 27 03:50:13 php1 sshd\[1272\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98	2019-10-27 22:43:40
attack	Oct 21 15:52:02 MK-Soft-VM4 sshd[20706]: Failed password for root from 106.12.199.98 port 51204 ssh2 Oct 21 15:57:10 MK-Soft-VM4 sshd[23509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 ...	2019-10-21 23:05:39
attackbotsspam	Oct 14 21:59:42 lnxmail61 sshd[592]: Failed password for root from 106.12.199.98 port 34548 ssh2 Oct 14 21:59:42 lnxmail61 sshd[592]: Failed password for root from 106.12.199.98 port 34548 ssh2	2019-10-15 04:15:52
attackspam	Oct 5 06:28:30 MK-Soft-VM5 sshd[4787]: Failed password for root from 106.12.199.98 port 46154 ssh2 ...	2019-10-05 17:45:44
attack	Sep 29 00:59:37 v22019058497090703 sshd[4877]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 Sep 29 00:59:40 v22019058497090703 sshd[4877]: Failed password for invalid user upload from 106.12.199.98 port 38570 ssh2 Sep 29 01:04:28 v22019058497090703 sshd[5654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 ...	2019-09-29 07:48:37
attack	SSH brute-force: detected 11 distinct usernames within a 24-hour window.	2019-09-29 01:03:37
attackbotsspam	2019-09-27T10:23:20.861842tmaserv sshd\[4675\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 2019-09-27T10:23:23.230829tmaserv sshd\[4675\]: Failed password for invalid user hoster from 106.12.199.98 port 49078 ssh2 2019-09-27T10:33:37.435498tmaserv sshd\[5223\]: Invalid user mf from 106.12.199.98 port 39040 2019-09-27T10:33:37.440611tmaserv sshd\[5223\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 2019-09-27T10:33:39.177283tmaserv sshd\[5223\]: Failed password for invalid user mf from 106.12.199.98 port 39040 ssh2 2019-09-27T10:36:19.873298tmaserv sshd\[5456\]: Invalid user admin from 106.12.199.98 port 57704 ...	2019-09-27 17:05:58
attackbots	Aug 22 00:03:07 web9 sshd\[16126\]: Invalid user cod4 from 106.12.199.98 Aug 22 00:03:07 web9 sshd\[16126\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 Aug 22 00:03:09 web9 sshd\[16126\]: Failed password for invalid user cod4 from 106.12.199.98 port 59322 ssh2 Aug 22 00:08:13 web9 sshd\[17180\]: Invalid user Administrator from 106.12.199.98 Aug 22 00:08:13 web9 sshd\[17180\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98	2019-08-22 20:37:12
attack	Aug 21 03:12:14 hcbbdb sshd\[5715\]: Invalid user admin1 from 106.12.199.98 Aug 21 03:12:14 hcbbdb sshd\[5715\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 Aug 21 03:12:16 hcbbdb sshd\[5715\]: Failed password for invalid user admin1 from 106.12.199.98 port 57588 ssh2 Aug 21 03:14:27 hcbbdb sshd\[5954\]: Invalid user debian from 106.12.199.98 Aug 21 03:14:27 hcbbdb sshd\[5954\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98	2019-08-21 15:30:42
attackbots	Aug 16 20:00:45 ip-172-31-1-72 sshd\[5831\]: Invalid user gos from 106.12.199.98 Aug 16 20:00:45 ip-172-31-1-72 sshd\[5831\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 Aug 16 20:00:48 ip-172-31-1-72 sshd\[5831\]: Failed password for invalid user gos from 106.12.199.98 port 54194 ssh2 Aug 16 20:03:44 ip-172-31-1-72 sshd\[5867\]: Invalid user if from 106.12.199.98 Aug 16 20:03:44 ip-172-31-1-72 sshd\[5867\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98	2019-08-17 05:47:50
attackspam	2019-08-15T21:56:46.568886abusebot.cloudsearch.cf sshd\[8304\]: Invalid user leon from 106.12.199.98 port 45172	2019-08-16 06:45:02
attack	Aug 7 22:01:07 dev0-dcde-rnet sshd[861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 Aug 7 22:01:09 dev0-dcde-rnet sshd[861]: Failed password for invalid user demo from 106.12.199.98 port 36104 ssh2 Aug 7 22:03:22 dev0-dcde-rnet sshd[867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98	2019-08-08 04:57:10
attackbotsspam	Jul 17 08:10:25 vps691689 sshd[12362]: Failed password for root from 106.12.199.98 port 41072 ssh2 Jul 17 08:14:08 vps691689 sshd[12383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 ...	2019-07-17 14:55:58
attack	Jul 17 06:43:11 vps691689 sshd[11664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 Jul 17 06:43:13 vps691689 sshd[11664]: Failed password for invalid user admin from 106.12.199.98 port 55808 ssh2 Jul 17 06:46:45 vps691689 sshd[11693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 ...	2019-07-17 13:13:21

Comments on same subnet:

IP	Type	Details	Datetime
106.12.199.117	attackbots	sshguard	2020-10-09 01:32:39
106.12.199.117	attack	sshguard	2020-10-08 17:28:52
106.12.199.30	attackspambots	Sep 28 15:23:05 ns382633 sshd\[8529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.30 user=root Sep 28 15:23:07 ns382633 sshd\[8529\]: Failed password for root from 106.12.199.30 port 53908 ssh2 Sep 28 15:29:29 ns382633 sshd\[9778\]: Invalid user crm from 106.12.199.30 port 56700 Sep 28 15:29:29 ns382633 sshd\[9778\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.30 Sep 28 15:29:31 ns382633 sshd\[9778\]: Failed password for invalid user crm from 106.12.199.30 port 56700 ssh2	2020-09-29 04:29:25
106.12.199.30	attack	Invalid user claudio from 106.12.199.30 port 41208	2020-09-28 20:44:48
106.12.199.30	attackbotsspam	Sep 27 07:56:53 abendstille sshd\[25457\]: Invalid user song from 106.12.199.30 Sep 27 07:56:53 abendstille sshd\[25457\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.30 Sep 27 07:56:55 abendstille sshd\[25457\]: Failed password for invalid user song from 106.12.199.30 port 44214 ssh2 Sep 27 08:01:40 abendstille sshd\[30149\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.30 user=root Sep 27 08:01:42 abendstille sshd\[30149\]: Failed password for root from 106.12.199.30 port 49748 ssh2 ...	2020-09-28 02:42:05
106.12.199.30	attackspam	Sep 27 07:56:53 abendstille sshd\[25457\]: Invalid user song from 106.12.199.30 Sep 27 07:56:53 abendstille sshd\[25457\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.30 Sep 27 07:56:55 abendstille sshd\[25457\]: Failed password for invalid user song from 106.12.199.30 port 44214 ssh2 Sep 27 08:01:40 abendstille sshd\[30149\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.30 user=root Sep 27 08:01:42 abendstille sshd\[30149\]: Failed password for root from 106.12.199.30 port 49748 ssh2 ...	2020-09-27 18:48:35
106.12.199.117	attack	SSH brute-force attempt	2020-09-14 22:58:14
106.12.199.117	attackspam	SSH brute-force attempt	2020-09-14 14:48:05
106.12.199.117	attack	Bruteforce detected by fail2ban	2020-09-14 06:44:00
106.12.199.30	attackspam	Aug 23 10:55:58 gw1 sshd[5231]: Failed password for root from 106.12.199.30 port 46672 ssh2 Aug 23 10:58:44 gw1 sshd[5294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.30 ...	2020-08-23 15:43:44
106.12.199.117	attackspam	Aug 18 00:49:48 vps sshd[536496]: Failed password for invalid user john from 106.12.199.117 port 38692 ssh2 Aug 18 00:53:46 vps sshd[561333]: Invalid user michael from 106.12.199.117 port 48426 Aug 18 00:53:46 vps sshd[561333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.117 Aug 18 00:53:49 vps sshd[561333]: Failed password for invalid user michael from 106.12.199.117 port 48426 ssh2 Aug 18 00:57:41 vps sshd[583692]: Invalid user krm from 106.12.199.117 port 58148 ...	2020-08-18 07:00:39
106.12.199.30	attackspam	Aug 17 15:44:14 ns381471 sshd[13041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.30 Aug 17 15:44:15 ns381471 sshd[13041]: Failed password for invalid user monitor from 106.12.199.30 port 33984 ssh2	2020-08-17 23:03:05
106.12.199.30	attack	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-07 05:38:24
106.12.199.117	attackspam	2020-08-02T17:35:36.522097abusebot-3.cloudsearch.cf sshd[24513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.117 user=root 2020-08-02T17:35:38.479817abusebot-3.cloudsearch.cf sshd[24513]: Failed password for root from 106.12.199.117 port 43918 ssh2 2020-08-02T17:38:33.931214abusebot-3.cloudsearch.cf sshd[24548]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.117 user=root 2020-08-02T17:38:35.190828abusebot-3.cloudsearch.cf sshd[24548]: Failed password for root from 106.12.199.117 port 52234 ssh2 2020-08-02T17:41:15.630278abusebot-3.cloudsearch.cf sshd[24637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.117 user=root 2020-08-02T17:41:17.462123abusebot-3.cloudsearch.cf sshd[24637]: Failed password for root from 106.12.199.117 port 60552 ssh2 2020-08-02T17:44:06.852772abusebot-3.cloudsearch.cf sshd[24668]: pam_unix(sshd:auth): ...	2020-08-03 03:35:15
106.12.199.30	attack	Jul 19 18:51:48 vps687878 sshd\[31750\]: Invalid user glen from 106.12.199.30 port 51232 Jul 19 18:51:48 vps687878 sshd\[31750\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.30 Jul 19 18:51:50 vps687878 sshd\[31750\]: Failed password for invalid user glen from 106.12.199.30 port 51232 ssh2 Jul 19 18:57:00 vps687878 sshd\[32099\]: Invalid user main from 106.12.199.30 port 55466 Jul 19 18:57:00 vps687878 sshd\[32099\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.30 ...	2020-07-20 01:01:12

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.199.98
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25474
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.199.98.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040601 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 07 09:22:33 +08 2019
;; MSG SIZE  rcvd: 117

Host info

Host 98.199.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 98.199.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.221.47.194	attackbotsspam	Automatic report - Port Scan Attack	2019-10-25 15:21:12
81.22.45.48	attack	10/25/2019-02:57:43.101150 81.22.45.48 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-25 15:25:04
142.44.137.62	attackbots	Oct 25 06:03:22 srv206 sshd[29601]: Invalid user graphics from 142.44.137.62 Oct 25 06:03:22 srv206 sshd[29601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns549998.ip-142-44-137.net Oct 25 06:03:22 srv206 sshd[29601]: Invalid user graphics from 142.44.137.62 Oct 25 06:03:24 srv206 sshd[29601]: Failed password for invalid user graphics from 142.44.137.62 port 32850 ssh2 ...	2019-10-25 15:10:57
81.29.215.84	attackbotsspam	fail2ban honeypot	2019-10-25 15:21:51
188.254.0.182	attackbots	Oct 24 18:22:04 hanapaa sshd\[25071\]: Invalid user manas from 188.254.0.182 Oct 24 18:22:04 hanapaa sshd\[25071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.182 Oct 24 18:22:07 hanapaa sshd\[25071\]: Failed password for invalid user manas from 188.254.0.182 port 39082 ssh2 Oct 24 18:26:19 hanapaa sshd\[25401\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.182 user=root Oct 24 18:26:21 hanapaa sshd\[25401\]: Failed password for root from 188.254.0.182 port 48378 ssh2	2019-10-25 15:39:17
49.88.112.71	attack	Oct 25 09:23:29 MK-Soft-VM6 sshd[10339]: Failed password for root from 49.88.112.71 port 26169 ssh2 Oct 25 09:23:33 MK-Soft-VM6 sshd[10339]: Failed password for root from 49.88.112.71 port 26169 ssh2 ...	2019-10-25 15:40:36
77.222.113.175	attack	445/tcp [2019-10-25]1pkt	2019-10-25 15:14:05
52.32.116.196	attack	10/25/2019-09:24:07.299324 52.32.116.196 Protocol: 6 SURICATA TLS invalid record/traffic	2019-10-25 15:28:25
189.212.176.126	attack	23/tcp 23/tcp [2019-10-25]2pkt	2019-10-25 15:15:47
173.162.229.10	attackbots	2019-10-25T07:05:25.794880abusebot-5.cloudsearch.cf sshd\[32337\]: Invalid user test from 173.162.229.10 port 37938	2019-10-25 15:36:10
118.193.31.20	attackspambots	Oct 24 20:51:38 friendsofhawaii sshd\[22019\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.193.31.20 user=root Oct 24 20:51:41 friendsofhawaii sshd\[22019\]: Failed password for root from 118.193.31.20 port 60812 ssh2 Oct 24 20:57:05 friendsofhawaii sshd\[22444\]: Invalid user gate from 118.193.31.20 Oct 24 20:57:05 friendsofhawaii sshd\[22444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.193.31.20 Oct 24 20:57:07 friendsofhawaii sshd\[22444\]: Failed password for invalid user gate from 118.193.31.20 port 43188 ssh2	2019-10-25 15:40:16
220.202.74.217	attackbots	Oct 24 09:47:40 warning: unknown[220.202.74.217]: SASL LOGIN authentication failed: authentication failure Oct 24 09:47:47 warning: unknown[220.202.74.217]: SASL LOGIN authentication failed: authentication failure Oct 24 09:47:55 warning: unknown[220.202.74.217]: SASL LOGIN authentication failed: authentication failure	2019-10-25 15:38:36
14.164.134.11	attackbots	445/tcp [2019-10-25]1pkt	2019-10-25 15:34:09
101.227.251.235	attack	Oct 25 09:18:31 host sshd[62709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.227.251.235 user=root Oct 25 09:18:33 host sshd[62709]: Failed password for root from 101.227.251.235 port 58209 ssh2 ...	2019-10-25 15:47:46
123.27.62.6	attack	Trying to (more than 3 packets) bruteforce (not open) Samba/Microsoft-DS port 445	2019-10-25 15:42:13

Recently Reported IPs

181.44.35.80	41.41.66.99	189.15.246.182	183.82.121.65
178.90.105.141	24.114.195.114	182.106.200.142	129.28.78.18
211.144.122.42	203.144.200.133	190.94.18.2	179.189.228.126
212.57.23.50	146.185.38.128	90.189.119.42	58.82.188.199
106.51.32.131	212.64.91.66	14.17.3.64	111.231.54.248