106.12.106.221

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Multiple SSH authentication failures from 106.12.106.221	2020-08-28 03:06:19
attackspam	Aug 24 12:43:07 instance-2 sshd[13970]: Failed password for root from 106.12.106.221 port 59220 ssh2 Aug 24 12:48:37 instance-2 sshd[14127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.221 Aug 24 12:48:39 instance-2 sshd[14127]: Failed password for invalid user weblogic from 106.12.106.221 port 33536 ssh2	2020-08-24 23:57:40
attack	Invalid user test from 106.12.106.221 port 45312	2020-08-23 15:13:59
attackbotsspam	SSH brute force attempt	2020-08-23 04:10:00
attackbots	Aug 7 13:36:29 ovpn sshd\[9032\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.221 user=root Aug 7 13:36:31 ovpn sshd\[9032\]: Failed password for root from 106.12.106.221 port 59460 ssh2 Aug 7 13:59:17 ovpn sshd\[18037\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.221 user=root Aug 7 13:59:19 ovpn sshd\[18037\]: Failed password for root from 106.12.106.221 port 50648 ssh2 Aug 7 14:01:28 ovpn sshd\[18973\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.221 user=root	2020-08-08 02:13:50

Comments on same subnet:

IP	Type	Details	Datetime
106.12.106.34	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-09-29 06:50:44
106.12.106.34	attackbotsspam	Fail2Ban Ban Triggered	2020-09-28 23:18:27
106.12.106.34	attackbotsspam	Sep 28 07:19:06 rancher-0 sshd[350833]: Invalid user aaa from 106.12.106.34 port 48220 ...	2020-09-28 15:22:10
106.12.106.34	attackbotsspam	Unauthorized connection attempt detected from IP address 106.12.106.34 to port 6160 [T]	2020-08-30 14:42:56
106.12.106.34	attack	Aug 11 22:33:11 ns381471 sshd[14012]: Failed password for root from 106.12.106.34 port 35774 ssh2	2020-08-12 04:39:42
106.12.106.34	attackbots	firewall-block, port(s): 980/tcp	2020-07-28 03:05:28
106.12.106.232	attackbots	Jul 26 15:03:23 root sshd[13172]: Invalid user apollo from 106.12.106.232 ...	2020-07-27 01:05:37
106.12.106.232	attackspam	$f2bV_matches	2020-07-16 03:55:43
106.12.106.232	attackbots	2020-07-08T14:09:10.452769mail.broermann.family sshd[21566]: Invalid user pj from 106.12.106.232 port 41786 2020-07-08T14:09:10.456964mail.broermann.family sshd[21566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.232 2020-07-08T14:09:10.452769mail.broermann.family sshd[21566]: Invalid user pj from 106.12.106.232 port 41786 2020-07-08T14:09:12.219729mail.broermann.family sshd[21566]: Failed password for invalid user pj from 106.12.106.232 port 41786 ssh2 2020-07-08T14:14:49.715390mail.broermann.family sshd[22102]: Invalid user ziyb from 106.12.106.232 port 35164 ...	2020-07-08 23:07:24
106.12.106.34	attackspam	16559/tcp 28609/tcp 6869/tcp [2020-06-23/07-05]3pkt	2020-07-05 17:28:21
106.12.106.232	attackspambots	Invalid user prashant from 106.12.106.232 port 47500	2020-07-01 16:24:58
106.12.106.34	attackbotsspam	Jun 27 15:08:03 gestao sshd[8871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.34 Jun 27 15:08:05 gestao sshd[8871]: Failed password for invalid user oo from 106.12.106.34 port 49024 ssh2 Jun 27 15:11:24 gestao sshd[9043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.34 ...	2020-06-28 00:49:04
106.12.106.34	attackbots	SSH login attempts.	2020-06-19 14:03:46
106.12.106.34	attackbots	Jun 18 08:27:36 vmd17057 sshd[1476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.34 Jun 18 08:27:39 vmd17057 sshd[1476]: Failed password for invalid user appserver from 106.12.106.34 port 38828 ssh2 ...	2020-06-18 16:01:41
106.12.106.232	attackbots	Jun 13 06:49:42 serwer sshd\[29868\]: Invalid user airflow from 106.12.106.232 port 35598 Jun 13 06:49:42 serwer sshd\[29868\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.232 Jun 13 06:49:45 serwer sshd\[29868\]: Failed password for invalid user airflow from 106.12.106.232 port 35598 ssh2 ...	2020-06-13 17:29:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.106.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5576
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.106.221.			IN	A

;; AUTHORITY SECTION:
.			308	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080701 1800 900 604800 86400

;; Query time: 84 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 08 02:13:46 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 221.106.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 221.106.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
212.64.16.31	attackspambots	Jun 10 14:29:02 firewall sshd[6240]: Invalid user got from 212.64.16.31 Jun 10 14:29:04 firewall sshd[6240]: Failed password for invalid user got from 212.64.16.31 port 53292 ssh2 Jun 10 14:31:11 firewall sshd[6320]: Invalid user ubuntu from 212.64.16.31 ...	2020-06-11 01:51:04
111.248.71.118	attackspam	Icarus honeypot on github	2020-06-11 01:49:25
51.222.19.63	attack	Honeypot attack, port: 445, PTR: ip63.ip-51-222-19.net.	2020-06-11 01:56:22
46.38.150.188	attack	Jun 10 19:16:02 mail postfix/smtpd\[5756\]: warning: unknown\[46.38.150.188\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 10 19:17:36 mail postfix/smtpd\[6414\]: warning: unknown\[46.38.150.188\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 10 19:49:06 mail postfix/smtpd\[7270\]: warning: unknown\[46.38.150.188\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 10 19:50:41 mail postfix/smtpd\[7270\]: warning: unknown\[46.38.150.188\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-06-11 01:50:47
200.105.183.118	attack	SSH bruteforce	2020-06-11 01:46:24
49.149.78.110	attackbots	1591786682 - 06/10/2020 12:58:02 Host: 49.149.78.110/49.149.78.110 Port: 445 TCP Blocked	2020-06-11 01:40:25
222.186.173.215	attackspambots	Jun 10 14:25:37 firewall sshd[6122]: Failed password for root from 222.186.173.215 port 50204 ssh2 Jun 10 14:25:41 firewall sshd[6122]: Failed password for root from 222.186.173.215 port 50204 ssh2 Jun 10 14:25:44 firewall sshd[6122]: Failed password for root from 222.186.173.215 port 50204 ssh2 ...	2020-06-11 01:27:06
36.71.29.249	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-06-11 01:20:44
139.219.5.244	attackbotsspam	139.219.5.244 - - [10/Jun/2020:19:01:22 +0200] "POST /wp-login.php HTTP/1.1" 200 6062 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 139.219.5.244 - - [10/Jun/2020:19:01:51 +0200] "POST /wp-login.php HTTP/1.1" 200 6062 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 139.219.5.244 - - [10/Jun/2020:19:02:16 +0200] "POST /wp-login.php HTTP/1.1" 200 6062 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 139.219.5.244 - - [10/Jun/2020:19:02:48 +0200] "POST /wp-login.php HTTP/1.1" 200 6062 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 139.219.5.244 - - [10/Jun/2020:19:03:30 +0200] "POST /wp-login.php HTTP/1.1" 200 6062 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safar ...	2020-06-11 01:23:11
45.55.155.72	attackbotsspam	2020-06-09T13:38:50.249729devel sshd[21543]: Invalid user debika from 45.55.155.72 port 38333 2020-06-09T13:38:52.556569devel sshd[21543]: Failed password for invalid user debika from 45.55.155.72 port 38333 ssh2 2020-06-10T11:46:39.306128devel sshd[13873]: Invalid user ftpuser from 45.55.155.72 port 29458	2020-06-11 01:33:01
162.252.57.170	attack	Honeypot attack, port: 445, PTR: propt.eartort.net.	2020-06-11 01:48:40
142.93.112.41	attackbotsspam	firewall-block, port(s): 30117/tcp	2020-06-11 01:15:45
92.246.243.163	attackspam	SSH Brute-Force reported by Fail2Ban	2020-06-11 01:16:53
193.56.28.205	attackspambots	smtp auth brute force	2020-06-11 01:35:52
103.92.24.240	attackspam	Jun 10 18:44:06 abendstille sshd\[22043\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.24.240 user=root Jun 10 18:44:07 abendstille sshd\[22043\]: Failed password for root from 103.92.24.240 port 45464 ssh2 Jun 10 18:47:45 abendstille sshd\[25706\]: Invalid user jianghh from 103.92.24.240 Jun 10 18:47:45 abendstille sshd\[25706\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.24.240 Jun 10 18:47:47 abendstille sshd\[25706\]: Failed password for invalid user jianghh from 103.92.24.240 port 60596 ssh2 ...	2020-06-11 01:13:48

Recently Reported IPs

78.142.29.199	59.41.171.23	119.155.25.171	116.74.120.122
76.190.8.85	66.249.70.59	186.98.51.118	189.252.74.31
114.32.64.186	37.59.172.218	197.3.6.82	112.30.136.31
62.210.14.241	190.98.254.154	121.10.41.109	186.219.243.53
111.241.134.207	49.206.51.33	122.184.85.89	192.241.239.140