Go
106.12.113.223
is a
Hacker
100 %
China
Report Abuse
237attacks reported
158Brute-ForceSSH
50Port Scan
7SSH
7Brute-Force
7uncategorized
3FTP Brute-ForceHacking
2Web App Attack
1Brute-ForceWeb App Attack
1HackingBrute-ForceSSH
1Bad Web Bot
from 62 distinct reporters
and 8 distinct sources : BadIPs.com, Blocklist.de, FireHOL, NormShield.com, Charles Haley, GreenSnow.co, darklist.de, AbuseIPDB
106.12.113.223 was first signaled at 2019-03-29 18:23 and last record was at 2020-08-04 15:30.
IP

106.12.113.223

Organization
Beijing Baidu Netcom Science and Technology Co., Ltd.
Localisation
China
Beijing, Beijing
NetRange : First & Last IP
106.12.0.0 - 106.13.255.255
Network CIDR
106.12.0.0/15

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2020-08-04 15:30 attacks Brute-ForceSSH AbuseIPDB  
2020-08-04 14:29 attacks Brute-ForceSSH AbuseIPDB Aug 5 01:29:11 fhem-rasp sshd[24832]: Invalid user shangbuqi from 106.12.113.223 port 36000
2020-08-04 13:23 attacks Brute-ForceSSH AbuseIPDB Aug 5 00:23:13 fhem-rasp sshd[20101]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 user=root
2020-08-04 12:50 attacks Brute-ForceSSH AbuseIPDB Aug 4 23:50:26 fhem-rasp sshd[20084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 user=root
2020-08-04 12:34 attacks Brute-ForceSSH AbuseIPDB Aug 4 23:34:01 fhem-rasp sshd[18673]: Invalid user postgres2020 from 106.12.113.223 port 34960
2020-08-04 12:24 attacks Brute-ForceSSH AbuseIPDB 2020-08-04T23:19:58.764421v22018076590370373 sshd[2200]: Failed password for root from 106.12.113.223 port 41072 ssh2 2020-08-04T23:21:59.687307v22018
2020-08-04 12:13 attacks Brute-ForceSSH AbuseIPDB Aug 4 23:13:32 fhem-rasp sshd[8883]: Failed password for root from 106.12.113.223 port 42312 ssh2 Aug 4 23:13:34 fhem-rasp sshd[8883]: Disconnected fr
2020-08-04 11:21 attacks Port Scan AbuseIPDB (sshd) Failed SSH login from 106.12.113.223 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 4 23:19:55
2020-08-03 20:48 attacks Brute-ForceSSH AbuseIPDB Aug 4 07:46:23 web1 sshd\[24535\]: Invalid user Qaz!!! from 106.12.113.223 Aug 4 07:46:23 web1 sshd\[24535\]: pam_unix\(sshd:auth\): authentication fa
2020-08-03 19:46 attacks Brute-ForceSSH AbuseIPDB Aug 4 06:40:59 web1 sshd\[21251\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 user=root
2020-08-01 15:16 attacks Brute-ForceSSH AbuseIPDB Aug 2 00:13:28 124388 sshd[8012]: Failed password for root from 106.12.113.223 port 37840 ssh2 Aug 2 00:14:49 124388 sshd[8128]: pam_unix(sshd:auth):
2020-08-01 15:13 attacks Brute-ForceSSH AbuseIPDB Aug 2 02:07:58 ns382633 sshd\[2938\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 user=r
2020-08-01 12:37 attacks Brute-ForceSSH AbuseIPDB  
2020-07-31 04:17 attacks Brute-ForceSSH AbuseIPDB (sshd) Failed SSH login from 106.12.113.223 (CN/China/-): 5 in the last 3600 secs
2020-07-30 14:03 attacks Brute-ForceSSH AbuseIPDB Jul 30 17:39:57 ws19vmsma01 sshd[13475]: Failed password for root from 106.12.113.223 port 37878 ssh2
2020-07-30 08:33 attacks Brute-ForceSSH AbuseIPDB Jul 30 10:33:20 mockhub sshd[17181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Jul 30 10:
2020-07-30 08:11 attacks Brute-ForceSSH AbuseIPDB Jul 30 10:10:59 mockhub sshd[16164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Jul 30 10:
2020-07-29 21:17 attacks Brute-ForceSSH AbuseIPDB Jul 30 02:17:00 Tower sshd[12141]: Connection from 106.12.113.223 port 51844 on 192.168.10.220 port 22 rdomain "" Jul 30 02:17:02 Tower sshd
2020-07-29 20:44 attacks Brute-ForceWeb App Attack AbuseIPDB B: Abusive ssh attack
2020-07-29 19:12 attacks Brute-ForceSSH AbuseIPDB Jul 30 06:12:49 zooi sshd[609]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Jul 30 06:12:51
2020-07-28 12:13 attacks SSH AbuseIPDB k+ssh-bruteforce
2020-07-28 12:08 attacks Brute-ForceSSH AbuseIPDB (sshd) Failed SSH login from 106.12.113.223 (CN/China/-): 5 in the last 3600 secs
2020-07-28 11:55 attacks Web App Attack AbuseIPDB Automatic report - Banned IP Access
2020-07-27 10:40 attacks Brute-Force AbuseIPDB Jul 27 21:27:35 server sshd[9191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Jul 27 21:27
2020-07-27 02:51 attacks Brute-ForceSSH AbuseIPDB Failed password for invalid user newuser from 106.12.113.223 port 36936 ssh2
2020-07-25 21:40 attacks Brute-ForceSSH AbuseIPDB Jul 26 08:32:09 vps1 sshd[5682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Jul 26 08:32:
2020-07-25 20:59 attacks Brute-ForceSSH AbuseIPDB Jul 26 07:52:02 vps1 sshd[5094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Jul 26 07:52:
2020-07-25 20:21 attacks Brute-ForceSSH AbuseIPDB Jul 26 07:13:20 vps1 sshd[4588]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Jul 26 07:13:
2020-07-25 19:43 attacks Brute-ForceSSH AbuseIPDB Jul 26 06:35:36 vps1 sshd[3703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Jul 26 06:35:
2020-07-25 19:20 attacks Brute-ForceSSH AbuseIPDB $f2bV_matches
2020-07-25 19:04 attacks Brute-ForceSSH AbuseIPDB Jul 26 05:57:44 vps1 sshd[3047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Jul 26 05:57:
2020-07-25 18:27 attacks Brute-ForceSSH AbuseIPDB Jul 26 05:20:18 vps1 sshd[2473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Jul 26 05:20:
2020-07-25 17:49 attacks Brute-ForceSSH AbuseIPDB Jul 26 04:42:23 vps1 sshd[1895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Jul 26 04:42:
2020-07-24 10:06 attacks Brute-ForceSSH AbuseIPDB Jul 24 13:06:01 Host-KLAX-C sshd[4819]: Disconnected from invalid user postgres 106.12.113.223 port 56592 [preauth]
2020-07-24 10:04 attacks Brute-ForceSSH AbuseIPDB Jul 24 12:04:56 mockhub sshd[20863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Jul 24 12:
2020-07-24 03:32 attacks Brute-Force AbuseIPDB 2020-07-24 07:30:30.966771-0500 localhost sshd[73005]: Failed password for invalid user t6 from 106.12.113.223 port 35306 ssh2
2020-07-23 15:05 attacks Brute-ForceSSH AbuseIPDB 2020-07-24T02:01:10.663450ns386461 sshd\[30069\]: Invalid user django from 106.12.113.223 port 44386 2020-07-24T02:01:10.667939ns386461 sshd\[30069\]:
2020-07-22 21:30 attacks Brute-ForceSSH AbuseIPDB Jul 23 08:19:57 Invalid user 22 from 106.12.113.223 port 52106
2020-07-22 01:31 attacks Brute-ForceSSH AbuseIPDB  
2020-07-21 13:46 attacks Brute-ForceSSH AbuseIPDB SSH Login Bruteforce
2020-07-21 07:50 attacks Brute-ForceSSH AbuseIPDB SSHD brute force attack detected by fail2ban
2020-07-20 20:35 attacks Brute-ForceSSH AbuseIPDB Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-21T05:29:48Z and 2020-07-21T05:35:51Z
2020-07-20 03:30 attacks Brute-Force AbuseIPDB 2020-07-20 12:13:23,445 fail2ban.actions [937]: NOTICE [sshd] Ban 106.12.113.223 2020-07-20 12:48:15,439 fail2ban.actions [937]: NOTICE [sshd] Ban 106
2020-07-19 22:44 attacks Port Scan AbuseIPDB 07/20/2020-03:44:10.910475 106.12.113.223 Protocol: 6 ET SCAN Potential SSH Scan
2020-07-19 22:41 attacks Port Scan AbuseIPDB 07/20/2020-03:41:34.027007 106.12.113.223 Protocol: 6 ET SCAN Potential SSH Scan
2020-07-19 22:38 attacks Port Scan AbuseIPDB 07/20/2020-03:38:56.850197 106.12.113.223 Protocol: 6 ET SCAN Potential SSH Scan
2020-07-19 22:36 attacks Port Scan AbuseIPDB 07/20/2020-03:36:27.008587 106.12.113.223 Protocol: 6 ET SCAN Potential SSH Scan
2020-07-19 22:33 attacks Port Scan AbuseIPDB 07/20/2020-03:33:54.316346 106.12.113.223 Protocol: 6 ET SCAN Potential SSH Scan
2020-07-19 22:31 attacks Port Scan AbuseIPDB 07/20/2020-03:31:20.613437 106.12.113.223 Protocol: 6 ET SCAN Potential SSH Scan
2020-07-19 22:28 attacks Port Scan AbuseIPDB 07/20/2020-03:28:35.642094 106.12.113.223 Protocol: 6 ET SCAN Potential SSH Scan
2019-08-30 07:19 attacks Brute-ForceSSH AbuseIPDB Aug 30 18:19:12 ubuntu-2gb-nbg1-dc3-1 sshd[7735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.2
2019-08-30 08:19 attacks Brute-ForceSSH AbuseIPDB Aug 30 19:19:42 ubuntu-2gb-nbg1-dc3-1 sshd[12036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.
2019-08-30 09:21 attacks Brute-ForceSSH AbuseIPDB Aug 30 20:21:28 ubuntu-2gb-nbg1-dc3-1 sshd[16372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.
2019-08-30 10:21 attacks Brute-ForceSSH AbuseIPDB Aug 30 21:21:42 ubuntu-2gb-nbg1-dc3-1 sshd[20706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.
2019-08-30 14:44 attacks Brute-ForceSSH AbuseIPDB Aug 30 19:43:59 Tower sshd[20376]: Connection from 106.12.113.223 port 38864 on 192.168.10.220 port 22 Aug 30 19:44:01 Tower sshd[20376]: Invalid user
2019-08-30 14:45 attacks Brute-ForceSSH AbuseIPDB Aug 31 01:43:07 minden010 sshd[31296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Aug 31 0
2019-08-30 14:55 attacks FTP Brute-ForceHacking AbuseIPDB Aug 31 01:43:07 minden010 sshd[31296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Aug 31 0
2019-08-30 15:47 attacks Brute-ForceSSH AbuseIPDB Aug 31 02:45:31 minden010 sshd[26606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Aug 31 0
2019-08-30 16:50 attacks Brute-ForceSSH AbuseIPDB Aug 31 03:48:43 minden010 sshd[22396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Aug 31 0
2019-08-30 17:55 attacks Brute-ForceSSH AbuseIPDB Aug 31 04:52:51 minden010 sshd[17376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.223 Aug 31 0
2019-08-31 06:53 attacks bi_any_0_1d BadIPs.com  
2019-08-31 06:55 attacks SSH bi_ssh_0_1d BadIPs.com  
2019-08-31 06:56 attacks blocklist_de Blocklist.de  
2019-08-31 06:57 attacks SSH blocklist_de_ssh Blocklist.de  
2019-08-31 07:06 attacks firehol_level2 FireHOL  
2019-09-04 02:48 attacks Bad Web Bot bi_badbots_0_1d BadIPs.com  
2019-09-04 02:48 attacks Brute-Force bi_bruteforce_0_1d BadIPs.com  
2019-09-08 21:44 attacks SSH bi_sshd_0_1d BadIPs.com  
2019-09-21 08:53 attacks Brute-Force normshield_all_bruteforce NormShield.com  
2019-09-21 08:53 attacks Brute-Force normshield_high_bruteforce NormShield.com  
2020-07-31 16:02 attacks firehol_level4 FireHOL  
2020-07-31 16:10 attacks SSH haley_ssh Charles Haley  
2020-08-04 12:13 attacks greensnow GreenSnow.co  
2019-03-29 18:23 attacks darklist_de darklist.de  
2019-09-03 03:47 attacks darklist_de darklist.de  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse
IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
anonymizer
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
attacks
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
malware
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

inetnum: 106.12.0.0 - 106.13.255.255
netname: Baidu
descr: Beijing Baidu Netcom Science and Technology Co., Ltd.
descr: Baidu Plaza, No.10, Shangdi 10th street,
descr: Haidian District Beijing,100080
admin-c: SD753-AP
tech-c: SD753-AP
country: CN
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
mnt-routes: MAINT-CNNIC-AP
status: ALLOCATED PORTABLE
last-modified: 2015-01-28T09:58:01Z
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
last-modified: 2017-11-01T08:57:39Z
source: APNIC

person: Supeng Deng
nic-hdl: SD753-AP
address: No.6 2nd North Street Haidian District Beijing
country: CN
phone: +86-10-58003402
fax-no: +86-10-58003402
e-mail: zhangyukun@baidu.com
mnt-by: MAINT-CNNIC-AP
last-modified: 2016-11-01T08:04:01Z
source: APNIC

route: 106.13.0.0/18
descr: Baidu
country: CN
origin: AS38365
notify: zhangyukun@baidu.com
mnt-by: MAINT-CNNIC-AP
last-modified: 2018-11-14T23:46:02Z
source: APNIC

route: 106.13.0.0/18
descr: Baidu
country: CN
origin: AS55967
notify: zhangyukun@baidu.com
mnt-by: MAINT-CNNIC-AP
last-modified: 2018-11-14T23:46:02Z
source: APNIC
most specific ip range is highlighted
Updated : 2020-08-02