106.12.241.109

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jul 9 13:53:53 localhost sshd[3501872]: Invalid user wyk from 106.12.241.109 port 23570 ...	2020-07-09 16:35:42
attackbots	Jun 1 05:43:32 haigwepa sshd[8934]: Failed password for root from 106.12.241.109 port 19352 ssh2 ...	2020-06-01 18:30:23
attack	SSH authentication failure x 6 reported by Fail2Ban ...	2020-03-14 12:55:36
attackbotsspam	Feb 9 04:36:47 web9 sshd\[7485\]: Invalid user kwh from 106.12.241.109 Feb 9 04:36:47 web9 sshd\[7485\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 Feb 9 04:36:49 web9 sshd\[7485\]: Failed password for invalid user kwh from 106.12.241.109 port 50910 ssh2 Feb 9 04:39:44 web9 sshd\[7876\]: Invalid user tws from 106.12.241.109 Feb 9 04:39:44 web9 sshd\[7876\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109	2020-02-09 23:05:52
attack	Feb 3 06:08:19 legacy sshd[12134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 Feb 3 06:08:21 legacy sshd[12134]: Failed password for invalid user fepbytr from 106.12.241.109 port 36480 ssh2 Feb 3 06:12:21 legacy sshd[12419]: Failed password for root from 106.12.241.109 port 9577 ssh2 ...	2020-02-03 13:22:19
attackbotsspam	Unauthorized connection attempt detected from IP address 106.12.241.109 to port 2220 [J]	2020-01-29 01:57:07
attackspam	Unauthorized connection attempt detected from IP address 106.12.241.109 to port 2220 [J]	2020-01-23 09:52:44
attack	$f2bV_matches	2020-01-15 18:39:33
attackbots	Dec 15 17:37:52 server sshd\[20596\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 user=root Dec 15 17:37:55 server sshd\[20596\]: Failed password for root from 106.12.241.109 port 45430 ssh2 Dec 15 17:59:51 server sshd\[26647\]: Invalid user dagfinn from 106.12.241.109 Dec 15 17:59:51 server sshd\[26647\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 Dec 15 17:59:54 server sshd\[26647\]: Failed password for invalid user dagfinn from 106.12.241.109 port 59584 ssh2 ...	2019-12-16 03:52:19
attackspam	Dec 10 08:32:10 sachi sshd\[7636\]: Invalid user chinami from 106.12.241.109 Dec 10 08:32:10 sachi sshd\[7636\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 Dec 10 08:32:12 sachi sshd\[7636\]: Failed password for invalid user chinami from 106.12.241.109 port 50360 ssh2 Dec 10 08:38:49 sachi sshd\[8283\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 user=root Dec 10 08:38:51 sachi sshd\[8283\]: Failed password for root from 106.12.241.109 port 57746 ssh2	2019-12-11 02:41:40
attack	Dec 5 12:43:45 pornomens sshd\[13136\]: Invalid user hudy from 106.12.241.109 port 53638 Dec 5 12:43:45 pornomens sshd\[13136\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 Dec 5 12:43:47 pornomens sshd\[13136\]: Failed password for invalid user hudy from 106.12.241.109 port 53638 ssh2 ...	2019-12-05 20:48:22
attackspambots	$f2bV_matches	2019-12-02 02:32:01
attackspambots	Automatic report - Banned IP Access	2019-12-01 00:34:00
attack	Nov 20 23:05:01 home sshd[20986]: Invalid user admin from 106.12.241.109 port 42912 Nov 20 23:05:01 home sshd[20986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 Nov 20 23:05:01 home sshd[20986]: Invalid user admin from 106.12.241.109 port 42912 Nov 20 23:05:03 home sshd[20986]: Failed password for invalid user admin from 106.12.241.109 port 42912 ssh2 Nov 20 23:13:43 home sshd[21029]: Invalid user guest from 106.12.241.109 port 51324 Nov 20 23:13:43 home sshd[21029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 Nov 20 23:13:43 home sshd[21029]: Invalid user guest from 106.12.241.109 port 51324 Nov 20 23:13:45 home sshd[21029]: Failed password for invalid user guest from 106.12.241.109 port 51324 ssh2 Nov 20 23:18:13 home sshd[21057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 user=root Nov 20 23:18:15 home sshd[21057]: Failed passwor	2019-11-21 14:57:58
attackspam	Nov 18 22:04:07 firewall sshd[26583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 Nov 18 22:04:07 firewall sshd[26583]: Invalid user maik from 106.12.241.109 Nov 18 22:04:09 firewall sshd[26583]: Failed password for invalid user maik from 106.12.241.109 port 44168 ssh2 ...	2019-11-19 09:28:18
attack	Nov 16 13:25:03 sachi sshd\[20883\]: Invalid user barnwell from 106.12.241.109 Nov 16 13:25:03 sachi sshd\[20883\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 Nov 16 13:25:05 sachi sshd\[20883\]: Failed password for invalid user barnwell from 106.12.241.109 port 36494 ssh2 Nov 16 13:29:13 sachi sshd\[21195\]: Invalid user solid from 106.12.241.109 Nov 16 13:29:13 sachi sshd\[21195\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109	2019-11-17 09:22:20
attackbots	Nov 3 19:49:18 hpm sshd\[10859\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 user=root Nov 3 19:49:20 hpm sshd\[10859\]: Failed password for root from 106.12.241.109 port 58692 ssh2 Nov 3 19:53:56 hpm sshd\[11218\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 user=root Nov 3 19:53:57 hpm sshd\[11218\]: Failed password for root from 106.12.241.109 port 39300 ssh2 Nov 3 19:58:45 hpm sshd\[11606\]: Invalid user test from 106.12.241.109	2019-11-04 14:11:01
attackbotsspam	2019-10-05T08:27:23.864157tmaserv sshd\[11243\]: Invalid user @\#$werSDFxcvf from 106.12.241.109 port 53562 2019-10-05T08:27:23.869342tmaserv sshd\[11243\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 2019-10-05T08:27:25.547604tmaserv sshd\[11243\]: Failed password for invalid user @\#$werSDFxcvf from 106.12.241.109 port 53562 ssh2 2019-10-05T08:31:30.487751tmaserv sshd\[11453\]: Invalid user Pa$$w0rd@1 from 106.12.241.109 port 60934 2019-10-05T08:31:30.492355tmaserv sshd\[11453\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 2019-10-05T08:31:32.414989tmaserv sshd\[11453\]: Failed password for invalid user Pa$$w0rd@1 from 106.12.241.109 port 60934 ssh2 ...	2019-10-05 13:48:58
attack	ssh failed login	2019-09-30 06:17:42
attackspam	Sep 24 12:05:06 auw2 sshd\[28607\]: Invalid user zliu from 106.12.241.109 Sep 24 12:05:06 auw2 sshd\[28607\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 Sep 24 12:05:08 auw2 sshd\[28607\]: Failed password for invalid user zliu from 106.12.241.109 port 58974 ssh2 Sep 24 12:09:35 auw2 sshd\[29151\]: Invalid user ty from 106.12.241.109 Sep 24 12:09:35 auw2 sshd\[29151\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109	2019-09-25 06:14:30
attackspambots	Sep 15 00:06:11 bouncer sshd\[32234\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 user=root Sep 15 00:06:13 bouncer sshd\[32234\]: Failed password for root from 106.12.241.109 port 43422 ssh2 Sep 15 00:19:33 bouncer sshd\[32288\]: Invalid user testing from 106.12.241.109 port 38984 ...	2019-09-15 06:54:30
attackbotsspam	2019-09-14T11:02:26.454041 sshd[325]: Invalid user webuser from 106.12.241.109 port 42556 2019-09-14T11:02:26.464142 sshd[325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 2019-09-14T11:02:26.454041 sshd[325]: Invalid user webuser from 106.12.241.109 port 42556 2019-09-14T11:02:28.317670 sshd[325]: Failed password for invalid user webuser from 106.12.241.109 port 42556 ssh2 2019-09-14T11:07:20.509748 sshd[367]: Invalid user water from 106.12.241.109 port 56686 ...	2019-09-14 17:24:27
attackbotsspam	Sep 11 16:11:14 mail sshd\[16018\]: Invalid user Password1! from 106.12.241.109 port 42062 Sep 11 16:11:14 mail sshd\[16018\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 Sep 11 16:11:16 mail sshd\[16018\]: Failed password for invalid user Password1! from 106.12.241.109 port 42062 ssh2 Sep 11 16:19:44 mail sshd\[17529\]: Invalid user q1w2e3 from 106.12.241.109 port 45312 Sep 11 16:19:44 mail sshd\[17529\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109	2019-09-11 22:33:39
attackspam	Sep 8 02:25:34 tuotantolaitos sshd[18377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.109 Sep 8 02:25:36 tuotantolaitos sshd[18377]: Failed password for invalid user ubuntu from 106.12.241.109 port 52304 ssh2 ...	2019-09-08 07:31:50

Comments on same subnet:

IP	Type	Details	Datetime
106.12.241.106	attack	2020-02-16T13:50:38.842730homeassistant sshd[14648]: Invalid user vnc from 106.12.241.106 port 34030 2020-02-16T13:50:38.849584homeassistant sshd[14648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.106 ...	2020-02-16 22:23:31
106.12.241.224	attackbots	Jan 11 15:30:10 lnxweb61 sshd[31676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.224	2020-01-11 23:32:42

Type

Details

Datetime

106.12.241.106

attack

2020-02-16T13:50:38.842730homeassistant sshd[14648]: Invalid user vnc from 106.12.241.106 port 34030
2020-02-16T13:50:38.849584homeassistant sshd[14648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.106
...

2020-02-16 22:23:31

106.12.241.224

attackbots

Jan 11 15:30:10 lnxweb61 sshd[31676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.241.224

2020-01-11 23:32:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.241.109
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16687
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.241.109.			IN	A

;; AUTHORITY SECTION:
.			2693	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090601 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Sep 07 13:36:44 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 109.241.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 109.241.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
217.23.12.117	attackspambots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-09-05T07:21:42Z and 2020-09-05T08:51:39Z	2020-09-05 19:49:21
178.175.235.37	attackspambots	TCP (SYN) 178.175.235.37:5358 -> port 23, len 44	2020-09-05 19:34:19
149.28.93.113	attackbotsspam	149.28.93.113 - - [05/Sep/2020:08:10:00 +0200] "POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1" 404 5366 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 149.28.93.113 - - [05/Sep/2020:08:10:02 +0200] "GET /f0x.php HTTP/1.1" 404 5386 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 149.28.93.113 - - [05/Sep/2020:08:10:05 +0200] "POST /forum/ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1" 404 5366 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 149.28.93.113 - - [05/Sep/2020:08:10:09 +0200] "GET /forum/f0x.php HTTP/1.1" 404 5386 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv ...	2020-09-05 19:15:15
190.200.24.162	attack	Unauthorized connection attempt from IP address 190.200.24.162 on Port 445(SMB)	2020-09-05 19:32:08
220.246.155.136	attackbotsspam	$f2bV_matches	2020-09-05 19:43:20
1.6.32.35	attackspam	Unauthorized connection attempt from IP address 1.6.32.35 on Port 445(SMB)	2020-09-05 19:40:23
119.115.29.89	attackbots	Unauthorised access (Sep 5) SRC=119.115.29.89 LEN=40 TTL=46 ID=39170 TCP DPT=8080 WINDOW=64537 SYN Unauthorised access (Sep 4) SRC=119.115.29.89 LEN=40 TTL=46 ID=34090 TCP DPT=8080 WINDOW=64537 SYN Unauthorised access (Sep 4) SRC=119.115.29.89 LEN=40 TTL=46 ID=14013 TCP DPT=8080 WINDOW=2434 SYN Unauthorised access (Sep 3) SRC=119.115.29.89 LEN=40 TTL=46 ID=39331 TCP DPT=8080 WINDOW=64537 SYN Unauthorised access (Sep 2) SRC=119.115.29.89 LEN=40 TTL=46 ID=49473 TCP DPT=8080 WINDOW=64537 SYN Unauthorised access (Sep 2) SRC=119.115.29.89 LEN=40 TTL=45 ID=60329 TCP DPT=8080 WINDOW=2434 SYN Unauthorised access (Sep 2) SRC=119.115.29.89 LEN=40 TTL=46 ID=51918 TCP DPT=8080 WINDOW=64537 SYN	2020-09-05 19:21:03
61.136.184.75	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 51 - port: 28424 proto: tcp cat: Misc Attackbytes: 60	2020-09-05 19:50:09
175.138.96.59	attackspambots	Automatic report - Port Scan Attack	2020-09-05 19:25:49
181.114.156.122	attack	Sep 5 08:33:56 abendstille sshd\[30173\]: Invalid user martin from 181.114.156.122 Sep 5 08:33:56 abendstille sshd\[30173\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.114.156.122 Sep 5 08:33:58 abendstille sshd\[30173\]: Failed password for invalid user martin from 181.114.156.122 port 39950 ssh2 Sep 5 08:40:36 abendstille sshd\[4139\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.114.156.122 user=root Sep 5 08:40:38 abendstille sshd\[4139\]: Failed password for root from 181.114.156.122 port 46914 ssh2 ...	2020-09-05 19:41:44
45.123.221.174	attackbotsspam	hacking	2020-09-05 19:59:13
103.99.0.25	attackbotsspam	Sep 5 06:29:45 relay postfix/smtpd\[12176\]: warning: unknown\[103.99.0.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 5 06:29:56 relay postfix/smtpd\[15484\]: warning: unknown\[103.99.0.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 5 06:30:22 relay postfix/smtpd\[15483\]: warning: unknown\[103.99.0.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 5 06:30:29 relay postfix/smtpd\[15484\]: warning: unknown\[103.99.0.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 5 06:30:40 relay postfix/smtpd\[14476\]: warning: unknown\[103.99.0.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-05 19:48:28
221.126.242.254	attack	Unauthorized connection attempt from IP address 221.126.242.254 on Port 445(SMB)	2020-09-05 19:17:35
45.55.88.16	attackspambots	TCP (SYN) 45.55.88.16:46763 -> port 26103, len 44	2020-09-05 19:26:32
201.208.42.110	attackspam	Unauthorized connection attempt from IP address 201.208.42.110 on Port 445(SMB)	2020-09-05 19:27:51

Recently Reported IPs

197.155.194.194	218.36.134.218	84.73.126.172	174.165.82.140
177.9.16.225	89.210.5.137	91.227.19.88	68.183.127.13
185.90.22.79	113.27.86.166	94.199.2.197	220.172.40.199
144.88.243.93	80.253.143.201	100.60.156.15	45.159.25.93
103.26.108.224	123.159.207.29	114.40.157.134	85.66.139.63