106.12.132.21 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 106.12.132.21 to port 80 [T]	2020-05-20 12:29:23

Comments on same subnet:

IP	Type	Details	Datetime
106.12.132.224	attackspam	pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 Failed password for invalid user ekim from 106.12.132.224 port 52754 ssh2 Failed password for root from 106.12.132.224 port 36956 ssh2	2020-10-13 00:57:56
106.12.132.224	attackspam	Oct 12 10:14:25 abendstille sshd\[30630\]: Invalid user yoneyama from 106.12.132.224 Oct 12 10:14:25 abendstille sshd\[30630\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 Oct 12 10:14:27 abendstille sshd\[30630\]: Failed password for invalid user yoneyama from 106.12.132.224 port 39144 ssh2 Oct 12 10:18:24 abendstille sshd\[3001\]: Invalid user briacheslav from 106.12.132.224 Oct 12 10:18:24 abendstille sshd\[3001\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 ...	2020-10-12 16:21:33
106.12.132.224	attackspam	Aug 23 19:48:42 * sshd[29235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 Aug 23 19:48:44 * sshd[29235]: Failed password for invalid user rom from 106.12.132.224 port 57872 ssh2	2020-08-24 02:07:29
106.12.132.224	attackbots	$f2bV_matches	2020-08-17 04:02:21
106.12.132.224	attackbotsspam	Ssh brute force	2020-08-12 08:31:21
106.12.132.224	attackbots	Aug 7 17:14:02 ny01 sshd[23643]: Failed password for root from 106.12.132.224 port 35184 ssh2 Aug 7 17:17:01 ny01 sshd[24042]: Failed password for root from 106.12.132.224 port 51424 ssh2	2020-08-08 05:39:45
106.12.132.224	attackbots	$f2bV_matches	2020-08-05 12:50:40
106.12.132.224	attackspambots	SSH bruteforce	2020-07-28 23:57:05
106.12.132.224	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-26 08:23:06
106.12.132.86	attackbots	Lines containing failures of 106.12.132.86 Jun 25 07:41:40 neweola sshd[19717]: Invalid user wgr from 106.12.132.86 port 39262 Jun 25 07:41:40 neweola sshd[19717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.86 Jun 25 07:41:41 neweola sshd[19717]: Failed password for invalid user wgr from 106.12.132.86 port 39262 ssh2 Jun 25 07:41:43 neweola sshd[19717]: Received disconnect from 106.12.132.86 port 39262:11: Bye Bye [preauth] Jun 25 07:41:43 neweola sshd[19717]: Disconnected from invalid user wgr 106.12.132.86 port 39262 [preauth] Jun 25 08:19:11 neweola sshd[21124]: Invalid user alok from 106.12.132.86 port 42479 Jun 25 08:19:11 neweola sshd[21124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.86 Jun 25 08:19:13 neweola sshd[21124]: Failed password for invalid user alok from 106.12.132.86 port 42479 ssh2 Jun 25 08:19:14 neweola sshd[21124]: Received disconnect f........ ------------------------------	2020-06-27 02:31:54
106.12.132.224	attackbots	$f2bV_matches	2020-06-25 21:50:28
106.12.132.224	attackspambots	Jun 6 21:49:10 jumpserver sshd[98929]: Failed password for root from 106.12.132.224 port 48750 ssh2 Jun 6 21:52:05 jumpserver sshd[98956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 user=root Jun 6 21:52:07 jumpserver sshd[98956]: Failed password for root from 106.12.132.224 port 41842 ssh2 ...	2020-06-07 06:43:36
106.12.132.224	attackspam	Jun 5 00:26:18 vmi345603 sshd[11818]: Failed password for root from 106.12.132.224 port 55552 ssh2 ...	2020-06-05 07:25:10
106.12.132.224	attackbotsspam	Jun 4 06:36:39 OPSO sshd\[25010\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 user=root Jun 4 06:36:42 OPSO sshd\[25010\]: Failed password for root from 106.12.132.224 port 54408 ssh2 Jun 4 06:39:43 OPSO sshd\[25136\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 user=root Jun 4 06:39:45 OPSO sshd\[25136\]: Failed password for root from 106.12.132.224 port 37598 ssh2 Jun 4 06:42:50 OPSO sshd\[25610\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 user=root	2020-06-04 18:17:15
106.12.132.224	attackbots	May 27 07:25:26 r.ca sshd[20874]: Failed password for root from 106.12.132.224 port 36878 ssh2	2020-05-28 00:57:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.132.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30642
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.132.21.			IN	A

;; AUTHORITY SECTION:
.			537	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051901 1800 900 604800 86400

;; Query time: 174 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 20 12:29:18 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 21.132.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 21.132.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.76.214.118	attack	Sep 22 08:47:23 TORMINT sshd\[26148\]: Invalid user terrariaserver1 from 182.76.214.118 Sep 22 08:47:23 TORMINT sshd\[26148\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.76.214.118 Sep 22 08:47:25 TORMINT sshd\[26148\]: Failed password for invalid user terrariaserver1 from 182.76.214.118 port 46851 ssh2 ...	2019-09-22 21:10:33
177.205.234.212	attack	Automatic report - Port Scan Attack	2019-09-22 21:10:49
39.42.143.66	attack	3389BruteforceFW22	2019-09-22 21:15:33
52.163.93.31	attack	3389BruteforceFW22	2019-09-22 21:11:35
213.82.114.206	attack	Sep 22 03:17:03 hiderm sshd\[3643\]: Invalid user admin from 213.82.114.206 Sep 22 03:17:04 hiderm sshd\[3643\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host206-114-static.82-213-b.business.telecomitalia.it Sep 22 03:17:06 hiderm sshd\[3643\]: Failed password for invalid user admin from 213.82.114.206 port 48834 ssh2 Sep 22 03:21:18 hiderm sshd\[4036\]: Invalid user prueba from 213.82.114.206 Sep 22 03:21:18 hiderm sshd\[4036\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host206-114-static.82-213-b.business.telecomitalia.it	2019-09-22 21:33:25
54.37.68.66	attack	Sep 22 14:47:44 jane sshd[26729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.68.66 Sep 22 14:47:46 jane sshd[26729]: Failed password for invalid user gking from 54.37.68.66 port 60800 ssh2 ...	2019-09-22 20:58:16
37.59.38.216	attackbots	Sep 22 12:47:25 sshgateway sshd\[353\]: Invalid user luca from 37.59.38.216 Sep 22 12:47:25 sshgateway sshd\[353\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.38.216 Sep 22 12:47:27 sshgateway sshd\[353\]: Failed password for invalid user luca from 37.59.38.216 port 41459 ssh2	2019-09-22 21:09:10
103.55.91.51	attackspam	Sep 22 02:42:46 php1 sshd\[17268\]: Invalid user jeffchen from 103.55.91.51 Sep 22 02:42:46 php1 sshd\[17268\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.55.91.51 Sep 22 02:42:47 php1 sshd\[17268\]: Failed password for invalid user jeffchen from 103.55.91.51 port 41844 ssh2 Sep 22 02:47:51 php1 sshd\[17826\]: Invalid user deploy from 103.55.91.51 Sep 22 02:47:51 php1 sshd\[17826\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.55.91.51	2019-09-22 20:55:20
37.187.181.182	attackbots	Sep 22 03:00:20 hiderm sshd\[1987\]: Invalid user 123456 from 37.187.181.182 Sep 22 03:00:20 hiderm sshd\[1987\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.ip-37-187-181.eu Sep 22 03:00:21 hiderm sshd\[1987\]: Failed password for invalid user 123456 from 37.187.181.182 port 52954 ssh2 Sep 22 03:04:21 hiderm sshd\[2355\]: Invalid user ew@123 from 37.187.181.182 Sep 22 03:04:21 hiderm sshd\[2355\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.ip-37-187-181.eu	2019-09-22 21:20:23
187.95.114.162	attackspam	Sep 22 15:14:17 vps01 sshd[3796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.95.114.162 Sep 22 15:14:18 vps01 sshd[3796]: Failed password for invalid user kyle from 187.95.114.162 port 27293 ssh2	2019-09-22 21:15:58
222.186.15.217	attack	2019-09-22T13:07:15.215727abusebot-6.cloudsearch.cf sshd\[25631\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.217 user=root	2019-09-22 21:09:33
77.70.96.195	attackspam	Sep 22 13:00:11 web8 sshd\[21723\]: Invalid user marketing from 77.70.96.195 Sep 22 13:00:11 web8 sshd\[21723\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.70.96.195 Sep 22 13:00:14 web8 sshd\[21723\]: Failed password for invalid user marketing from 77.70.96.195 port 55228 ssh2 Sep 22 13:04:17 web8 sshd\[23634\]: Invalid user rick from 77.70.96.195 Sep 22 13:04:17 web8 sshd\[23634\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.70.96.195	2019-09-22 21:12:58
49.234.62.163	attack	Sep 22 13:43:19 yesfletchmain sshd\[22157\]: Invalid user ubnt from 49.234.62.163 port 32780 Sep 22 13:43:19 yesfletchmain sshd\[22157\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.62.163 Sep 22 13:43:21 yesfletchmain sshd\[22157\]: Failed password for invalid user ubnt from 49.234.62.163 port 32780 ssh2 Sep 22 13:47:14 yesfletchmain sshd\[22463\]: Invalid user was from 49.234.62.163 port 33844 Sep 22 13:47:14 yesfletchmain sshd\[22463\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.62.163 ...	2019-09-22 21:19:22
216.245.220.166	attackspam	\[2019-09-22 08:47:23\] NOTICE\[2270\] chan_sip.c: Registration from '"2001" \' failed for '216.245.220.166:5549' - Wrong password \[2019-09-22 08:47:23\] SECURITY\[2283\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-22T08:47:23.849-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2001",SessionID="0x7fcd8c856e68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.245.220.166/5549",Challenge="33d126c8",ReceivedChallenge="33d126c8",ReceivedHash="f710819cdc614cc60b3e28b5a491595d" \[2019-09-22 08:47:23\] NOTICE\[2270\] chan_sip.c: Registration from '"2001" \' failed for '216.245.220.166:5549' - Wrong password \[2019-09-22 08:47:23\] SECURITY\[2283\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-22T08:47:23.918-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2001",SessionID="0x7fcd8c1615d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="I	2019-09-22 21:12:07
69.85.67.82	attackbots	2019-09-22 02:23:51,020 fail2ban.actions [800]: NOTICE [sshd] Ban 69.85.67.82 2019-09-22 05:34:18,740 fail2ban.actions [800]: NOTICE [sshd] Ban 69.85.67.82 2019-09-22 08:46:58,264 fail2ban.actions [800]: NOTICE [sshd] Ban 69.85.67.82 ...	2019-09-22 21:34:56

Recently Reported IPs

172.228.224.65	23.87.23.80	37.111.48.34	222.175.128.158
188.161.91.204	185.153.199.87	182.117.100.57	180.140.152.72
178.76.249.234	175.175.251.147	171.36.135.206	132.105.79.234
171.4.4.24	132.28.122.187	139.9.193.32	132.232.37.219
124.205.137.94	124.205.137.86	124.205.137.85	124.205.137.84