106.12.11.166 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Sep 22 19:57:30 eventyay sshd[29587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.11.166 Sep 22 19:57:32 eventyay sshd[29587]: Failed password for invalid user tester from 106.12.11.166 port 40224 ssh2 Sep 22 20:02:28 eventyay sshd[29679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.11.166 ...	2019-09-23 02:08:01
attack	Sep 20 05:24:32 intra sshd\[26142\]: Invalid user yutso from 106.12.11.166Sep 20 05:24:34 intra sshd\[26142\]: Failed password for invalid user yutso from 106.12.11.166 port 49484 ssh2Sep 20 05:29:33 intra sshd\[26230\]: Invalid user aDmin.123 from 106.12.11.166Sep 20 05:29:35 intra sshd\[26230\]: Failed password for invalid user aDmin.123 from 106.12.11.166 port 60996 ssh2Sep 20 05:34:17 intra sshd\[26346\]: Invalid user weblogic from 106.12.11.166Sep 20 05:34:19 intra sshd\[26346\]: Failed password for invalid user weblogic from 106.12.11.166 port 44268 ssh2 ...	2019-09-20 16:30:43
attackspam	Sep 5 07:30:54 vps01 sshd[15698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.11.166 Sep 5 07:30:57 vps01 sshd[15698]: Failed password for invalid user server1 from 106.12.11.166 port 36228 ssh2	2019-09-05 13:56:05
attackbotsspam	6 failed attempt(s) in the last 24h	2019-09-02 09:07:13
attack	Aug 31 07:47:37 aiointranet sshd\[12476\]: Invalid user hadoopuser from 106.12.11.166 Aug 31 07:47:37 aiointranet sshd\[12476\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.11.166 Aug 31 07:47:39 aiointranet sshd\[12476\]: Failed password for invalid user hadoopuser from 106.12.11.166 port 33500 ssh2 Aug 31 07:52:16 aiointranet sshd\[12902\]: Invalid user smith from 106.12.11.166 Aug 31 07:52:16 aiointranet sshd\[12902\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.11.166	2019-09-01 05:43:11
attackbotsspam	Aug 16 06:11:48 hiderm sshd\[13375\]: Invalid user robyn from 106.12.11.166 Aug 16 06:11:48 hiderm sshd\[13375\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.11.166 Aug 16 06:11:50 hiderm sshd\[13375\]: Failed password for invalid user robyn from 106.12.11.166 port 33522 ssh2 Aug 16 06:17:56 hiderm sshd\[13870\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.11.166 user=root Aug 16 06:17:58 hiderm sshd\[13870\]: Failed password for root from 106.12.11.166 port 53546 ssh2	2019-08-17 00:23:30
attackbotsspam	Aug 14 15:11:55 lnxmail61 sshd[12947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.11.166	2019-08-14 21:20:29
attackspambots	Aug 11 18:10:43 *** sshd[30179]: Invalid user sentry from 106.12.11.166	2019-08-12 05:40:56
attackbots	Jul 25 01:39:53 XXX sshd[57980]: Invalid user guest3 from 106.12.11.166 port 52310	2019-07-25 18:19:29

Comments on same subnet:

IP	Type	Details	Datetime
106.12.116.75	attackbots	Invalid user izumin from 106.12.116.75 port 45404	2020-10-13 22:45:38
106.12.116.75	attackspambots	Oct 12 22:58:28 mavik sshd[13372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.116.75 Oct 12 22:58:30 mavik sshd[13372]: Failed password for invalid user nishida from 106.12.116.75 port 49788 ssh2 Oct 12 23:02:48 mavik sshd[14180]: Invalid user test from 106.12.116.75 Oct 12 23:02:48 mavik sshd[14180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.116.75 Oct 12 23:02:50 mavik sshd[14180]: Failed password for invalid user test from 106.12.116.75 port 52676 ssh2 ...	2020-10-13 06:50:10
106.12.113.204	attackbots	Oct 12 16:59:59 dignus sshd[1747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.204 Oct 12 17:00:00 dignus sshd[1747]: Failed password for invalid user flora from 106.12.113.204 port 56970 ssh2 Oct 12 17:04:35 dignus sshd[1795]: Invalid user IBM from 106.12.113.204 port 52478 Oct 12 17:04:35 dignus sshd[1795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.204 Oct 12 17:04:36 dignus sshd[1795]: Failed password for invalid user IBM from 106.12.113.204 port 52478 ssh2 ...	2020-10-13 00:33:43
106.12.113.204	attackbotsspam	Oct 12 11:10:59 lunarastro sshd[18972]: Failed password for root from 106.12.113.204 port 45396 ssh2	2020-10-12 15:57:11
106.12.113.155	attack	"Unauthorized connection attempt on SSHD detected"	2020-10-12 01:40:30
106.12.113.155	attackspambots	$f2bV_matches	2020-10-11 17:32:02
106.12.112.120	attackbotsspam	Repeated brute force against a port	2020-10-08 00:05:44
106.12.112.120	attackspam	Repeated brute force against a port	2020-10-07 16:12:02
106.12.113.111	attack	Port scan denied	2020-10-06 01:18:52
106.12.110.157	attack	SSH bruteforce	2020-10-04 02:19:19
106.12.110.157	attack	Invalid user test from 106.12.110.157 port 46482	2020-10-03 18:05:05
106.12.117.75	attackbots	Port scan on 3 port(s): 2376 4244 5555	2020-10-01 06:00:10
106.12.117.75	attackspam	Port scan on 3 port(s): 2376 4244 5555	2020-09-30 22:19:23
106.12.117.75	attack	Port scan on 3 port(s): 2376 4244 5555	2020-09-30 14:51:18
106.12.113.204	attackspambots	Time: Tue Sep 29 13:08:26 2020 +0200 IP: 106.12.113.204 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 29 12:59:57 mail-03 sshd[17740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.204 user=root Sep 29 13:00:00 mail-03 sshd[17740]: Failed password for root from 106.12.113.204 port 56366 ssh2 Sep 29 13:04:35 mail-03 sshd[17846]: Invalid user gpadmin from 106.12.113.204 port 53722 Sep 29 13:04:37 mail-03 sshd[17846]: Failed password for invalid user gpadmin from 106.12.113.204 port 53722 ssh2 Sep 29 13:08:22 mail-03 sshd[17883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.113.204 user=root	2020-09-30 00:41:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.11.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47328
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.11.166.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 25 18:19:20 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 166.11.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 166.11.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
195.231.2.151	attack	Scanning random ports - tries to find possible vulnerable services	2019-12-30 09:23:21
222.186.175.163	attackbots	Dec 30 01:55:35 nextcloud sshd\[11028\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.163 user=root Dec 30 01:55:37 nextcloud sshd\[11028\]: Failed password for root from 222.186.175.163 port 4018 ssh2 Dec 30 01:55:41 nextcloud sshd\[11028\]: Failed password for root from 222.186.175.163 port 4018 ssh2 ...	2019-12-30 08:57:52
94.232.136.126	attack	Dec 29 18:50:59 plusreed sshd[10633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.232.136.126 user=root Dec 29 18:51:01 plusreed sshd[10633]: Failed password for root from 94.232.136.126 port 6951 ssh2 ...	2019-12-30 08:59:30
183.6.155.145	attackspam	Unauthorized connection attempt detected from IP address 183.6.155.145 to port 80	2019-12-30 09:04:05
112.85.42.181	attackspambots	Dec 30 01:50:40 ks10 sshd[26317]: Failed password for root from 112.85.42.181 port 61820 ssh2 Dec 30 01:50:43 ks10 sshd[26317]: Failed password for root from 112.85.42.181 port 61820 ssh2 ...	2019-12-30 08:55:01
111.91.76.242	attackbotsspam	SPAM Delivery Attempt	2019-12-30 08:56:02
183.80.213.167	attackbots	Unauthorized connection attempt detected from IP address 183.80.213.167 to port 23	2019-12-30 09:03:25
14.207.71.172	attackbotsspam	Unauthorized connection attempt detected from IP address 14.207.71.172 to port 8000	2019-12-30 09:20:29
37.235.227.170	attackbots	Unauthorized connection attempt detected from IP address 37.235.227.170 to port 445	2019-12-30 09:19:36
117.102.73.98	attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2019-12-30 08:55:32
60.167.71.10	attackspam	Unauthorized connection attempt detected from IP address 60.167.71.10 to port 1433	2019-12-30 09:16:02
89.189.174.137	attackspam	Unauthorized connection attempt detected from IP address 89.189.174.137 to port 85	2019-12-30 09:13:44
181.164.229.24	attack	Unauthorised access (Dec 30) SRC=181.164.229.24 LEN=40 TOS=0x02 TTL=45 ID=16824 TCP DPT=23 WINDOW=48923 SYN	2019-12-30 08:59:19
115.206.0.29	attack	Unauthorized connection attempt detected from IP address 115.206.0.29 to port 7574	2019-12-30 09:10:08
183.80.251.117	attack	Unauthorized connection attempt detected from IP address 183.80.251.117 to port 23	2019-12-30 09:03:10

Recently Reported IPs

74.142.59.182	139.211.124.246	47.230.43.72	88.105.45.235
239.216.41.30	185.230.127.239	240.54.72.243	2003:dd:af2c:9c00:24b2:216c:9526:193d
146.123.19.22	195.123.214.192	139.198.190.165	196.2.92.196
238.25.139.180	142.240.207.116	220.207.226.22	12.11.8.77
170.250.100.212	138.68.7.176	99.81.201.191	126.76.213.211