106.12.252.125

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Found on 106.12.0.0/15 Dark List de / proto=6 . srcport=63091 . dstport=445 . (4323)	2020-09-23 01:46:32
attackspambots	Found on 106.12.0.0/15 Dark List de / proto=6 . srcport=63091 . dstport=445 . (4323)	2020-09-22 17:49:47

Comments on same subnet:

IP	Type	Details	Datetime
106.12.252.212	attackspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-09 03:10:18
106.12.252.212	attackspam	445/tcp 1433/tcp... [2020-08-21/10-07]9pkt,2pt.(tcp)	2020-10-08 19:14:37
106.12.252.212	attackbots	Icarus honeypot on github	2020-09-08 20:08:52
106.12.252.212	attack	Icarus honeypot on github	2020-09-08 12:06:08
106.12.252.212	attackbots	Icarus honeypot on github	2020-09-08 04:42:15
106.12.252.212	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-07 02:03:13
106.12.252.212	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-06 17:24:33
106.12.252.212	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-06 09:25:24
106.12.252.212	attackbots	20/8/18@08:29:34: FAIL: Alarm-Network address from=106.12.252.212 ...	2020-08-19 03:57:41
106.12.252.143	attack	Port probing on unauthorized port 1433	2020-06-15 07:00:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.252.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59904
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.252.125.			IN	A

;; AUTHORITY SECTION:
.			236	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092101 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 22 17:49:43 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 125.252.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 125.252.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
189.213.166.130	attack	Automatic report - Port Scan Attack	2020-08-21 13:05:00
123.126.40.22	attack	Aug 21 06:37:51 melroy-server sshd[18844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.126.40.22 Aug 21 06:37:53 melroy-server sshd[18844]: Failed password for invalid user frappe from 123.126.40.22 port 38912 ssh2 ...	2020-08-21 13:29:36
159.65.65.54	attackbots	Aug 21 00:11:50 server sshd\[26118\]: Invalid user cristina from 159.65.65.54 port 45844 Aug 21 00:12:46 server sshd\[26468\]: Invalid user test from 159.65.65.54 port 51892	2020-08-21 13:35:18
222.186.175.167	attackbots	$f2bV_matches	2020-08-21 13:16:11
85.45.123.234	attackspambots	Aug 21 07:02:44 vps639187 sshd\[11914\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.45.123.234 user=root Aug 21 07:02:46 vps639187 sshd\[11914\]: Failed password for root from 85.45.123.234 port 37763 ssh2 Aug 21 07:06:33 vps639187 sshd\[11958\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.45.123.234 user=root ...	2020-08-21 13:26:49
129.211.124.29	attackspam	Invalid user odoo from 129.211.124.29 port 53660	2020-08-21 13:27:23
174.219.130.172	attack	Brute forcing email accounts	2020-08-21 13:39:41
220.134.218.112	attack	Aug 21 03:58:37 scw-6657dc sshd[6840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.134.218.112 Aug 21 03:58:37 scw-6657dc sshd[6840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.134.218.112 Aug 21 03:58:39 scw-6657dc sshd[6840]: Failed password for invalid user fy from 220.134.218.112 port 57276 ssh2 ...	2020-08-21 13:12:20
112.85.42.194	attackbots	Aug 21 08:00:13 ift sshd\[8904\]: Failed password for root from 112.85.42.194 port 48039 ssh2Aug 21 08:00:15 ift sshd\[8904\]: Failed password for root from 112.85.42.194 port 48039 ssh2Aug 21 08:00:18 ift sshd\[8904\]: Failed password for root from 112.85.42.194 port 48039 ssh2Aug 21 08:03:17 ift sshd\[9371\]: Failed password for root from 112.85.42.194 port 32913 ssh2Aug 21 08:04:21 ift sshd\[9427\]: Failed password for root from 112.85.42.194 port 18194 ssh2 ...	2020-08-21 13:06:47
14.181.26.63	attackspambots	1597982310 - 08/21/2020 05:58:30 Host: 14.181.26.63/14.181.26.63 Port: 445 TCP Blocked	2020-08-21 13:24:29
112.85.42.89	attackbotsspam	Aug 21 10:41:15 dhoomketu sshd[2538929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.89 user=root Aug 21 10:41:18 dhoomketu sshd[2538929]: Failed password for root from 112.85.42.89 port 38664 ssh2 Aug 21 10:41:15 dhoomketu sshd[2538929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.89 user=root Aug 21 10:41:18 dhoomketu sshd[2538929]: Failed password for root from 112.85.42.89 port 38664 ssh2 Aug 21 10:41:21 dhoomketu sshd[2538929]: Failed password for root from 112.85.42.89 port 38664 ssh2 ...	2020-08-21 13:14:55
121.66.252.158	attackspam	Aug 21 00:49:07 NPSTNNYC01T sshd[18618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.66.252.158 Aug 21 00:49:08 NPSTNNYC01T sshd[18618]: Failed password for invalid user gci from 121.66.252.158 port 47086 ssh2 Aug 21 00:53:44 NPSTNNYC01T sshd[19026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.66.252.158 ...	2020-08-21 13:39:06
159.65.109.241	attackspam	Aug 20 22:56:01 server sshd\[29416\]: Invalid user asterisk from 159.65.109.241 port 53320 Aug 20 22:58:57 server sshd\[30528\]: Invalid user webmaster from 159.65.109.241 port 43090	2020-08-21 13:00:02
2.224.168.43	attackbotsspam	Invalid user wangjw from 2.224.168.43 port 38378	2020-08-21 13:40:27
193.181.246.226	attack	Aug 21 06:44:28 OPSO sshd\[814\]: Invalid user woody from 193.181.246.226 port 28098 Aug 21 06:44:28 OPSO sshd\[814\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.181.246.226 Aug 21 06:44:30 OPSO sshd\[814\]: Failed password for invalid user woody from 193.181.246.226 port 28098 ssh2 Aug 21 06:48:49 OPSO sshd\[1875\]: Invalid user lfs from 193.181.246.226 port 25879 Aug 21 06:48:49 OPSO sshd\[1875\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.181.246.226	2020-08-21 13:03:13

Recently Reported IPs

105.114.199.178	84.241.208.105	53.213.57.187	89.205.92.205
244.107.127.58	249.140.80.102	232.149.176.164	124.211.203.90
222.9.13.209	234.83.30.173	119.149.136.46	81.30.208.171
49.73.43.197	146.185.130.195	41.225.238.252	180.117.163.90
29.119.10.179	181.169.74.100	213.227.209.123	112.133.232.71