106.12.43.54 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	firewall-block, port(s): 2228/tcp	2020-09-01 17:45:57
attackspambots	srv02 Mass scanning activity detected Target: 1920 ..	2020-08-27 18:13:11
attack	Aug 19 23:35:50 r.ca sshd[18444]: Failed password for invalid user zhou from 106.12.43.54 port 50372 ssh2	2020-08-20 17:14:06
attack	31154/tcp 3453/tcp 19480/tcp... [2020-06-29/07-19]5pkt,5pt.(tcp)	2020-07-20 07:36:35
attackspambots	Jun 19 02:28:38 ArkNodeAT sshd\[17008\]: Invalid user ubuntu from 106.12.43.54 Jun 19 02:28:38 ArkNodeAT sshd\[17008\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.54 Jun 19 02:28:41 ArkNodeAT sshd\[17008\]: Failed password for invalid user ubuntu from 106.12.43.54 port 37360 ssh2	2020-06-19 08:35:20
attack	Jun 17 04:44:29 firewall sshd[17523]: Failed password for root from 106.12.43.54 port 52880 ssh2 Jun 17 04:46:25 firewall sshd[17608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.54 user=root Jun 17 04:46:27 firewall sshd[17608]: Failed password for root from 106.12.43.54 port 48824 ssh2 ...	2020-06-17 15:55:49
attack	Jun 15 09:43:43 ns382633 sshd\[4431\]: Invalid user bug from 106.12.43.54 port 53332 Jun 15 09:43:43 ns382633 sshd\[4431\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.54 Jun 15 09:43:44 ns382633 sshd\[4431\]: Failed password for invalid user bug from 106.12.43.54 port 53332 ssh2 Jun 15 09:51:25 ns382633 sshd\[5946\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.54 user=root Jun 15 09:51:27 ns382633 sshd\[5946\]: Failed password for root from 106.12.43.54 port 36958 ssh2	2020-06-15 18:50:07
attackbotsspam	Jun 11 05:57:38 host sshd[24596]: Invalid user kiuchi from 106.12.43.54 port 38122 ...	2020-06-11 13:25:24
attackbotsspam	SSH brute-force attempt	2020-06-03 21:16:47
attackbots	Jun 2 16:58:42 ny01 sshd[27154]: Failed password for root from 106.12.43.54 port 47130 ssh2 Jun 2 17:02:28 ny01 sshd[27741]: Failed password for root from 106.12.43.54 port 43024 ssh2	2020-06-03 05:06:53
attackspam	Invalid user contec123 from 106.12.43.54 port 51408	2020-05-16 08:04:06
attackbotsspam	May 13 05:50:09 piServer sshd[31196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.54 May 13 05:50:12 piServer sshd[31196]: Failed password for invalid user shop from 106.12.43.54 port 32826 ssh2 May 13 05:59:21 piServer sshd[32431]: Failed password for root from 106.12.43.54 port 53220 ssh2 ...	2020-05-13 12:35:44
attackspam	Port scan(s) denied	2020-05-02 15:36:43

Comments on same subnet:

IP	Type	Details	Datetime
106.12.43.142	attackbotsspam	May 27 21:31:28 electroncash sshd[64988]: Failed password for invalid user db2fenc1 from 106.12.43.142 port 40082 ssh2 May 27 21:34:42 electroncash sshd[710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.142 user=root May 27 21:34:43 electroncash sshd[710]: Failed password for root from 106.12.43.142 port 59554 ssh2 May 27 21:37:51 electroncash sshd[1710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.142 user=root May 27 21:37:54 electroncash sshd[1710]: Failed password for root from 106.12.43.142 port 50784 ssh2 ...	2020-05-28 07:34:41
106.12.43.142	attackspambots	May 3 05:48:16 sip sshd[32063]: Failed password for root from 106.12.43.142 port 42018 ssh2 May 3 05:53:06 sip sshd[1547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.142 May 3 05:53:08 sip sshd[1547]: Failed password for invalid user sshuser from 106.12.43.142 port 37640 ssh2	2020-05-03 15:15:13
106.12.43.66	attackbots	"Unauthorized connection attempt on SSHD detected"	2020-04-27 22:43:11
106.12.43.242	attack	Apr 24 14:03:26 rotator sshd\[15297\]: Invalid user frappe from 106.12.43.242Apr 24 14:03:28 rotator sshd\[15297\]: Failed password for invalid user frappe from 106.12.43.242 port 45984 ssh2Apr 24 14:05:27 rotator sshd\[16084\]: Invalid user constructor from 106.12.43.242Apr 24 14:05:29 rotator sshd\[16084\]: Failed password for invalid user constructor from 106.12.43.242 port 42198 ssh2Apr 24 14:07:52 rotator sshd\[16110\]: Failed password for root from 106.12.43.242 port 38406 ssh2Apr 24 14:09:49 rotator sshd\[16150\]: Failed password for root from 106.12.43.242 port 34616 ssh2 ...	2020-04-24 21:02:37
106.12.43.142	attackbotsspam	Invalid user ci from 106.12.43.142 port 51768	2020-04-23 14:00:38
106.12.43.142	attackspam	Invalid user tester from 106.12.43.142 port 45436	2020-04-21 06:20:13
106.12.43.142	attack	Apr 20 07:44:00 sxvn sshd[371692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.142	2020-04-20 17:42:43
106.12.43.242	attackspambots	$f2bV_matches	2020-04-13 22:30:59
106.12.43.66	attackspam	SSH authentication failure x 6 reported by Fail2Ban ...	2020-04-11 04:09:20
106.12.43.66	attack	2020-04-04T09:39:37.937734-07:00 suse-nuc sshd[11093]: Invalid user lizimeng from 106.12.43.66 port 45038 ...	2020-04-05 03:51:49
106.12.43.142	attackspam	Apr 2 03:48:00 vlre-nyc-1 sshd\[30778\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.142 user=root Apr 2 03:48:03 vlre-nyc-1 sshd\[30778\]: Failed password for root from 106.12.43.142 port 52532 ssh2 Apr 2 03:56:24 vlre-nyc-1 sshd\[30974\]: Invalid user songbanghao from 106.12.43.142 Apr 2 03:56:24 vlre-nyc-1 sshd\[30974\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.142 Apr 2 03:56:26 vlre-nyc-1 sshd\[30974\]: Failed password for invalid user songbanghao from 106.12.43.142 port 40116 ssh2 ...	2020-04-02 15:59:35
106.12.43.142	attack	Mar 28 23:41:35 eventyay sshd[23244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.142 Mar 28 23:41:37 eventyay sshd[23244]: Failed password for invalid user tcn from 106.12.43.142 port 38430 ssh2 Mar 28 23:49:52 eventyay sshd[23443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.142 ...	2020-03-29 07:35:11
106.12.43.142	attackspambots	k+ssh-bruteforce	2020-03-26 13:15:28
106.12.43.142	attack	2020-03-25 13:48:45,965 fail2ban.actions: WARNING [ssh] Ban 106.12.43.142	2020-03-26 00:03:00
106.12.43.142	attackspambots	Mar 25 05:22:31 h1745522 sshd[28618]: Invalid user r00t from 106.12.43.142 port 37642 Mar 25 05:22:31 h1745522 sshd[28618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.142 Mar 25 05:22:31 h1745522 sshd[28618]: Invalid user r00t from 106.12.43.142 port 37642 Mar 25 05:22:33 h1745522 sshd[28618]: Failed password for invalid user r00t from 106.12.43.142 port 37642 ssh2 Mar 25 05:26:51 h1745522 sshd[28745]: Invalid user ntps from 106.12.43.142 port 39694 Mar 25 05:26:51 h1745522 sshd[28745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.43.142 Mar 25 05:26:51 h1745522 sshd[28745]: Invalid user ntps from 106.12.43.142 port 39694 Mar 25 05:26:54 h1745522 sshd[28745]: Failed password for invalid user ntps from 106.12.43.142 port 39694 ssh2 Mar 25 05:31:00 h1745522 sshd[28827]: Invalid user n from 106.12.43.142 port 41740 ...	2020-03-25 12:44:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.43.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57746
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.43.54.			IN	A

;; AUTHORITY SECTION:
.			587	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050200 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 02 15:36:38 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 54.43.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 54.43.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
202.46.129.204	attackspam	202.46.129.204 - - \[27/Dec/2019:18:24:26 +0100\] "POST /wp-login.php HTTP/1.0" 200 7427 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 202.46.129.204 - - \[27/Dec/2019:18:24:28 +0100\] "POST /wp-login.php HTTP/1.0" 200 7242 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 202.46.129.204 - - \[27/Dec/2019:18:24:30 +0100\] "POST /wp-login.php HTTP/1.0" 200 7239 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-12-28 03:26:48
166.172.186.113	attackspambots	Dec 27 17:53:45 host3 dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=166.172.186.113, lip=207.180.241.50, TLS, session= Dec 27 18:00:23 host3 dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=166.172.186.113, lip=207.180.241.50, TLS, session=<6cThbbKaL6imrLpx> Dec 27 18:00:31 host3 dovecot: imap-login: Aborted login (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=166.172.186.113, lip=207.180.241.50, TLS, session= Dec 27 18:00:31 host3 dovecot: imap-login: Aborted login (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=166.172.186.113, lip=207.180.241.50, TLS, session= Dec 27 18:00:43 host3 dovecot: imap-login: Aborted login (auth failed, 1 attempts in 6 secs): user=	2019-12-28 03:47:56
176.109.175.166	attackspambots	" "	2019-12-28 03:51:25
122.155.174.34	attackbotsspam	Dec 27 05:12:36 web9 sshd\[30066\]: Invalid user wwwadmin from 122.155.174.34 Dec 27 05:12:36 web9 sshd\[30066\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.155.174.34 Dec 27 05:12:39 web9 sshd\[30066\]: Failed password for invalid user wwwadmin from 122.155.174.34 port 49282 ssh2 Dec 27 05:15:09 web9 sshd\[30459\]: Invalid user dovecot from 122.155.174.34 Dec 27 05:15:09 web9 sshd\[30459\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.155.174.34	2019-12-28 03:51:47
106.81.231.213	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-28 03:41:04
51.83.98.104	attackbots	20 attempts against mh-ssh on cloud.magehost.pro	2019-12-28 03:58:06
128.199.224.215	attackspambots	Dec 27 18:07:16 [host] sshd[27142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.224.215 user=root Dec 27 18:07:19 [host] sshd[27142]: Failed password for root from 128.199.224.215 port 60224 ssh2 Dec 27 18:16:50 [host] sshd[27588]: Invalid user edu from 128.199.224.215 Dec 27 18:16:50 [host] sshd[27588]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.224.215	2019-12-28 03:36:00
177.72.90.159	attackbotsspam	Telnet/23 MH Probe, BF, Hack -	2019-12-28 03:28:30
116.62.144.124	attackbotsspam	SIP/5060 Probe, BF, Hack -	2019-12-28 03:29:00
90.226.57.164	attack	Dec 27 15:47:35 mail sshd\[6970\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.226.57.164 user=root Dec 27 15:47:36 mail sshd\[6970\]: Failed password for root from 90.226.57.164 port 38254 ssh2 Dec 27 15:47:39 mail sshd\[6970\]: Failed password for root from 90.226.57.164 port 38254 ssh2	2019-12-28 03:48:41
185.200.118.77	attackbots	proto=tcp . spt=55631 . dpt=3389 . src=185.200.118.77 . dst=xx.xx.4.1 . (Found on Alienvault Dec 27) (672)	2019-12-28 03:34:49
218.92.0.175	attackspam	Dec 27 20:40:19 ns3042688 sshd\[25585\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.175 user=root Dec 27 20:40:21 ns3042688 sshd\[25585\]: Failed password for root from 218.92.0.175 port 20031 ssh2 Dec 27 20:40:37 ns3042688 sshd\[25611\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.175 user=root Dec 27 20:40:39 ns3042688 sshd\[25611\]: Failed password for root from 218.92.0.175 port 54546 ssh2 Dec 27 20:40:59 ns3042688 sshd\[25658\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.175 user=root ...	2019-12-28 03:43:39
151.217.117.36	attack	Hits on port : 5900	2019-12-28 03:49:00
118.68.203.7	attack	Dec 27 16:04:01 vmanager6029 sshd\[8287\]: Invalid user guest from 118.68.203.7 port 42199 Dec 27 16:04:02 vmanager6029 sshd\[8287\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.68.203.7 Dec 27 16:04:04 vmanager6029 sshd\[8287\]: Failed password for invalid user guest from 118.68.203.7 port 42199 ssh2	2019-12-28 03:44:31
49.247.213.36	attackbots	Dec 27 15:46:39 dcd-gentoo sshd[3941]: User sshd from 49.247.213.36 not allowed because none of user's groups are listed in AllowGroups Dec 27 15:47:20 dcd-gentoo sshd[3977]: Invalid user sshtest from 49.247.213.36 port 59268 Dec 27 15:47:45 dcd-gentoo sshd[4010]: Invalid user sshuser from 49.247.213.36 port 33248 ...	2019-12-28 03:44:51

Recently Reported IPs

61.189.61.6	51.161.45.174	69.252.54.33	177.253.202.4
84.37.120.88	116.124.3.232	197.110.32.225	37.164.90.121
44.221.230.234	111.43.96.169	212.225.129.140	117.177.81.211
122.10.94.192	46.17.107.81	103.145.12.26	182.60.57.100
211.163.54.149	130.215.14.77	152.68.223.112	206.164.215.120