106.12.208.94 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Invalid user takahashi from 106.12.208.94 port 46236	2020-05-24 17:13:07
attackspam	2020-04-24T23:03:29.938149shield sshd\[28633\]: Invalid user choopa from 106.12.208.94 port 53796 2020-04-24T23:03:29.941690shield sshd\[28633\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.94 2020-04-24T23:03:31.806536shield sshd\[28633\]: Failed password for invalid user choopa from 106.12.208.94 port 53796 ssh2 2020-04-24T23:08:04.333595shield sshd\[29352\]: Invalid user vendeg from 106.12.208.94 port 57020 2020-04-24T23:08:04.337796shield sshd\[29352\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.94	2020-04-25 07:37:30
attackspam	Apr 21 06:22:08 srv01 sshd[14608]: Invalid user test from 106.12.208.94 port 58130 Apr 21 06:22:08 srv01 sshd[14608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.94 Apr 21 06:22:08 srv01 sshd[14608]: Invalid user test from 106.12.208.94 port 58130 Apr 21 06:22:11 srv01 sshd[14608]: Failed password for invalid user test from 106.12.208.94 port 58130 ssh2 Apr 21 06:25:27 srv01 sshd[18087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.94 user=root Apr 21 06:25:30 srv01 sshd[18087]: Failed password for root from 106.12.208.94 port 45452 ssh2 ...	2020-04-21 15:17:29
attack	2020-04-20T05:54:41.133466sd-86998 sshd[16615]: Invalid user git from 106.12.208.94 port 47628 2020-04-20T05:54:41.140539sd-86998 sshd[16615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.94 2020-04-20T05:54:41.133466sd-86998 sshd[16615]: Invalid user git from 106.12.208.94 port 47628 2020-04-20T05:54:43.196813sd-86998 sshd[16615]: Failed password for invalid user git from 106.12.208.94 port 47628 ssh2 2020-04-20T05:59:23.910193sd-86998 sshd[16942]: Invalid user user from 106.12.208.94 port 52896 ...	2020-04-20 12:44:50
attack	Apr 17 10:57:37 scw-6657dc sshd[15265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.94 Apr 17 10:57:37 scw-6657dc sshd[15265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.94 Apr 17 10:57:39 scw-6657dc sshd[15265]: Failed password for invalid user tester from 106.12.208.94 port 47554 ssh2 ...	2020-04-17 19:16:30

Comments on same subnet:

IP	Type	Details	Datetime
106.12.208.175	attack	"Remote Command Execution: Direct Unix Command Execution - Matched Data: echo found within ARGS:b4dboy: echo \x22xbshell\x22;"	2020-10-07 05:52:03
106.12.208.175	attackspam	"Remote Command Execution: Direct Unix Command Execution - Matched Data: echo found within ARGS:b4dboy: echo \x22xbshell\x22;"	2020-10-06 22:03:58
106.12.208.175	attack	"Remote Command Execution: Direct Unix Command Execution - Matched Data: echo found within ARGS:b4dboy: echo \x22xbshell\x22;"	2020-10-06 13:47:39
106.12.208.211	attackbotsspam	(sshd) Failed SSH login from 106.12.208.211 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 28 13:27:52 server2 sshd[10834]: Invalid user git from 106.12.208.211 Sep 28 13:27:52 server2 sshd[10834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.211 Sep 28 13:27:53 server2 sshd[10834]: Failed password for invalid user git from 106.12.208.211 port 47796 ssh2 Sep 28 13:35:17 server2 sshd[25064]: Invalid user info from 106.12.208.211 Sep 28 13:35:17 server2 sshd[25064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.211	2020-09-29 02:05:06
106.12.208.211	attackspam	sshd: Failed password for invalid user .... from 106.12.208.211 port 42528 ssh2 (5 attempts)	2020-09-28 18:11:36
106.12.208.99	attackbots	Invalid user admin from 106.12.208.99 port 37336	2020-09-14 22:53:21
106.12.208.99	attack	2020-09-14T08:18:38.331142ks3355764 sshd[29433]: Invalid user admin from 106.12.208.99 port 44104 2020-09-14T08:18:40.419553ks3355764 sshd[29433]: Failed password for invalid user admin from 106.12.208.99 port 44104 ssh2 ...	2020-09-14 14:43:10
106.12.208.99	attack	2020-09-13T19:52:57.693694abusebot-8.cloudsearch.cf sshd[21953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.99 user=root 2020-09-13T19:52:59.035021abusebot-8.cloudsearch.cf sshd[21953]: Failed password for root from 106.12.208.99 port 54532 ssh2 2020-09-13T19:54:55.105526abusebot-8.cloudsearch.cf sshd[22007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.99 user=root 2020-09-13T19:54:56.647778abusebot-8.cloudsearch.cf sshd[22007]: Failed password for root from 106.12.208.99 port 41892 ssh2 2020-09-13T19:56:52.973883abusebot-8.cloudsearch.cf sshd[22013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.99 user=root 2020-09-13T19:56:55.243511abusebot-8.cloudsearch.cf sshd[22013]: Failed password for root from 106.12.208.99 port 53252 ssh2 2020-09-13T19:58:43.410969abusebot-8.cloudsearch.cf sshd[22020]: pam_unix(sshd:auth): authe ...	2020-09-14 06:40:29
106.12.208.99	attackbotsspam	Sep 7 21:53:59 v26 sshd[27516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.99 user=r.r Sep 7 21:54:01 v26 sshd[27516]: Failed password for r.r from 106.12.208.99 port 42106 ssh2 Sep 7 21:54:01 v26 sshd[27516]: Received disconnect from 106.12.208.99 port 42106:11: Bye Bye [preauth] Sep 7 21:54:01 v26 sshd[27516]: Disconnected from 106.12.208.99 port 42106 [preauth] Sep 7 22:11:10 v26 sshd[29162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.99 user=r.r Sep 7 22:11:12 v26 sshd[29162]: Failed password for r.r from 106.12.208.99 port 45240 ssh2 Sep 7 22:11:12 v26 sshd[29162]: Received disconnect from 106.12.208.99 port 45240:11: Bye Bye [preauth] Sep 7 22:11:12 v26 sshd[29162]: Disconnected from 106.12.208.99 port 45240 [preauth] Sep 7 22:14:05 v26 sshd[29528]: Invalid user januario from 106.12.208.99 port 57512 Sep 7 22:14:05 v26 sshd[29528]: pam_unix(s........ -------------------------------	2020-09-11 02:02:36
106.12.208.99	attackspambots	Sep 7 21:53:59 v26 sshd[27516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.99 user=r.r Sep 7 21:54:01 v26 sshd[27516]: Failed password for r.r from 106.12.208.99 port 42106 ssh2 Sep 7 21:54:01 v26 sshd[27516]: Received disconnect from 106.12.208.99 port 42106:11: Bye Bye [preauth] Sep 7 21:54:01 v26 sshd[27516]: Disconnected from 106.12.208.99 port 42106 [preauth] Sep 7 22:11:10 v26 sshd[29162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.99 user=r.r Sep 7 22:11:12 v26 sshd[29162]: Failed password for r.r from 106.12.208.99 port 45240 ssh2 Sep 7 22:11:12 v26 sshd[29162]: Received disconnect from 106.12.208.99 port 45240:11: Bye Bye [preauth] Sep 7 22:11:12 v26 sshd[29162]: Disconnected from 106.12.208.99 port 45240 [preauth] Sep 7 22:14:05 v26 sshd[29528]: Invalid user januario from 106.12.208.99 port 57512 Sep 7 22:14:05 v26 sshd[29528]: pam_unix(s........ -------------------------------	2020-09-10 17:24:17
106.12.208.99	attackspam	Sep 7 21:53:59 v26 sshd[27516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.99 user=r.r Sep 7 21:54:01 v26 sshd[27516]: Failed password for r.r from 106.12.208.99 port 42106 ssh2 Sep 7 21:54:01 v26 sshd[27516]: Received disconnect from 106.12.208.99 port 42106:11: Bye Bye [preauth] Sep 7 21:54:01 v26 sshd[27516]: Disconnected from 106.12.208.99 port 42106 [preauth] Sep 7 22:11:10 v26 sshd[29162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.99 user=r.r Sep 7 22:11:12 v26 sshd[29162]: Failed password for r.r from 106.12.208.99 port 45240 ssh2 Sep 7 22:11:12 v26 sshd[29162]: Received disconnect from 106.12.208.99 port 45240:11: Bye Bye [preauth] Sep 7 22:11:12 v26 sshd[29162]: Disconnected from 106.12.208.99 port 45240 [preauth] Sep 7 22:14:05 v26 sshd[29528]: Invalid user januario from 106.12.208.99 port 57512 Sep 7 22:14:05 v26 sshd[29528]: pam_unix(s........ -------------------------------	2020-09-10 07:57:41
106.12.208.211	attackspambots	Aug 31 05:47:29 web1 sshd\[29574\]: Invalid user status from 106.12.208.211 Aug 31 05:47:29 web1 sshd\[29574\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.211 Aug 31 05:47:31 web1 sshd\[29574\]: Failed password for invalid user status from 106.12.208.211 port 51214 ssh2 Aug 31 05:51:36 web1 sshd\[29825\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.211 user=root Aug 31 05:51:38 web1 sshd\[29825\]: Failed password for root from 106.12.208.211 port 44366 ssh2	2020-08-31 17:14:04
106.12.208.211	attackbots	Aug 28 20:24:31 home sshd[2165499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.211 Aug 28 20:24:31 home sshd[2165499]: Invalid user zhang from 106.12.208.211 port 53772 Aug 28 20:24:33 home sshd[2165499]: Failed password for invalid user zhang from 106.12.208.211 port 53772 ssh2 Aug 28 20:27:28 home sshd[2166529]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.211 user=root Aug 28 20:27:29 home sshd[2166529]: Failed password for root from 106.12.208.211 port 37734 ssh2 ...	2020-08-29 02:36:07
106.12.208.99	attack	Aug 28 03:35:47 v22019038103785759 sshd\[13367\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.99 user=root Aug 28 03:35:49 v22019038103785759 sshd\[13367\]: Failed password for root from 106.12.208.99 port 58292 ssh2 Aug 28 03:40:05 v22019038103785759 sshd\[13831\]: Invalid user usertest from 106.12.208.99 port 44122 Aug 28 03:40:05 v22019038103785759 sshd\[13831\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.99 Aug 28 03:40:07 v22019038103785759 sshd\[13831\]: Failed password for invalid user usertest from 106.12.208.99 port 44122 ssh2 ...	2020-08-28 10:06:24
106.12.208.31	attack	ssh brute force	2020-08-20 13:24:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.208.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3311
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.208.94.			IN	A

;; AUTHORITY SECTION:
.			443	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041001 1800 900 604800 86400

;; Query time: 150 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 11 19:02:20 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 94.208.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 94.208.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
41.159.18.20	attack	$f2bV_matches	2019-07-30 06:43:59
51.255.32.128	attack	Jul 29 19:36:19 vps65 sshd\[1936\]: Invalid user admin from 51.255.32.128 port 42575 Jul 29 19:36:19 vps65 sshd\[1936\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.32.128 ...	2019-07-30 06:53:38
178.62.84.12	attackbots	Jul 30 03:51:11 vibhu-HP-Z238-Microtower-Workstation sshd\[31727\]: Invalid user wl from 178.62.84.12 Jul 30 03:51:11 vibhu-HP-Z238-Microtower-Workstation sshd\[31727\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.84.12 Jul 30 03:51:13 vibhu-HP-Z238-Microtower-Workstation sshd\[31727\]: Failed password for invalid user wl from 178.62.84.12 port 36004 ssh2 Jul 30 03:57:22 vibhu-HP-Z238-Microtower-Workstation sshd\[31881\]: Invalid user kj from 178.62.84.12 Jul 30 03:57:22 vibhu-HP-Z238-Microtower-Workstation sshd\[31881\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.84.12 ...	2019-07-30 06:44:32
175.11.210.76	attackbots	Automatic report - Port Scan Attack	2019-07-30 06:38:02
185.53.88.22	attackspam	\[2019-07-29 18:36:39\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-29T18:36:39.841-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9441519470495",SessionID="0x7ff4d0411568",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.22/60128",ACLName="no_extension_match" \[2019-07-29 18:38:19\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-29T18:38:19.618-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011441519470495",SessionID="0x7ff4d0592ee8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.22/59974",ACLName="no_extension_match" \[2019-07-29 18:39:54\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-29T18:39:54.274-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011441519470495",SessionID="0x7ff4d0411568",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.22/64393",ACLName="no_extensi	2019-07-30 06:55:02
43.249.51.77	attackbots	IP: 43.249.51.77 ASN: AS58438 ApnaTeleLink pvt. Ltd. Port: Message Submission 587 Found in one or more Blacklists Date: 29/07/2019 5:35:28 PM UTC	2019-07-30 07:18:44
95.255.14.141	attack	Jul 30 00:12:33 v22019058497090703 sshd[9884]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.255.14.141 Jul 30 00:12:34 v22019058497090703 sshd[9884]: Failed password for invalid user rh from 95.255.14.141 port 58876 ssh2 Jul 30 00:16:52 v22019058497090703 sshd[10139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.255.14.141 ...	2019-07-30 06:43:36
106.13.117.204	attack	Jul 30 00:07:15 localhost sshd\[9468\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.117.204 user=root Jul 30 00:07:17 localhost sshd\[9468\]: Failed password for root from 106.13.117.204 port 54130 ssh2 Jul 30 00:11:58 localhost sshd\[10047\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.117.204 user=root	2019-07-30 06:37:42
197.253.75.3	attackbotsspam	2019-07-29T17:36:14.013653abusebot-4.cloudsearch.cf sshd\[22844\]: Invalid user eg from 197.253.75.3 port 46802	2019-07-30 06:55:36
142.54.101.146	attackspam	Jul 29 20:25:08 sshgateway sshd\[8116\]: Invalid user git from 142.54.101.146 Jul 29 20:25:08 sshgateway sshd\[8116\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.54.101.146 Jul 29 20:25:10 sshgateway sshd\[8116\]: Failed password for invalid user git from 142.54.101.146 port 49396 ssh2	2019-07-30 07:23:40
45.31.122.143	attackbots	Jul 30 00:50:07 srv-4 sshd\[18101\]: Invalid user pi from 45.31.122.143 Jul 30 00:50:07 srv-4 sshd\[18102\]: Invalid user pi from 45.31.122.143 Jul 30 00:50:07 srv-4 sshd\[18101\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.31.122.143 ...	2019-07-30 07:01:36
46.98.134.131	attackbots	IP: 46.98.134.131 ASN: AS15377 ISP Fregat Ltd. Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 29/07/2019 5:35:33 PM UTC	2019-07-30 07:17:20
78.128.113.70	attackspambots	Jul 29 23:58:24 mail postfix/smtpd\[8988\]: warning: unknown\[78.128.113.70\]: SASL PLAIN authentication failed: \ Jul 29 23:58:31 mail postfix/smtpd\[8988\]: warning: unknown\[78.128.113.70\]: SASL PLAIN authentication failed: \ Jul 30 00:07:43 mail postfix/smtpd\[10619\]: warning: unknown\[78.128.113.70\]: SASL PLAIN authentication failed: \ Jul 30 00:38:45 mail postfix/smtpd\[10203\]: warning: unknown\[78.128.113.70\]: SASL PLAIN authentication failed: \	2019-07-30 06:48:56
195.123.214.238	attack	codzienny-newsletter.co.pl it sends spam	2019-07-30 07:01:20
37.187.118.14	attackspambots	Invalid user postgres from 37.187.118.14 port 36182 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.118.14 Failed password for invalid user postgres from 37.187.118.14 port 36182 ssh2 Invalid user iptv from 37.187.118.14 port 32990 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.118.14	2019-07-30 06:45:56

Recently Reported IPs

177.68.110.191	192.82.64.12	188.96.64.181	180.249.181.5
202.62.227.168	177.87.145.147	36.85.191.111	5.235.190.81
236.208.64.71	248.169.168.91	171.79.4.83	191.252.153.3
41.217.128.93	35.196.10.194	27.2.65.228	116.111.19.97
74.208.169.95	202.159.38.131	225.109.118.49	67.138.49.197