106.12.22.91 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Apr 29 05:58:08 ns381471 sshd[29567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.22.91 Apr 29 05:58:09 ns381471 sshd[29567]: Failed password for invalid user user from 106.12.22.91 port 51479 ssh2	2020-04-29 14:44:21
attackspam	Invalid user ew from 106.12.22.91 port 15367	2020-04-23 07:07:56
attackbots	fail2ban/Apr 18 20:28:54 h1962932 sshd[3787]: Invalid user oracle from 106.12.22.91 port 3324 Apr 18 20:28:54 h1962932 sshd[3787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.22.91 Apr 18 20:28:54 h1962932 sshd[3787]: Invalid user oracle from 106.12.22.91 port 3324 Apr 18 20:28:57 h1962932 sshd[3787]: Failed password for invalid user oracle from 106.12.22.91 port 3324 ssh2 Apr 18 20:32:43 h1962932 sshd[3954]: Invalid user admin from 106.12.22.91 port 49446	2020-04-19 03:14:51
attack	SSH Brute-Force attacks	2020-04-17 08:33:20
attackspambots	Apr 16 00:52:31 [host] sshd[31138]: Invalid user w Apr 16 00:52:31 [host] sshd[31138]: pam_unix(sshd: Apr 16 00:52:33 [host] sshd[31138]: Failed passwor	2020-04-16 07:03:28
attackspambots	SSH/22 MH Probe, BF, Hack -	2020-04-08 18:10:11

Comments on same subnet:

IP	Type	Details	Datetime
106.12.220.84	attack	Oct 13 23:50:41 pve1 sshd[8381]: Failed password for root from 106.12.220.84 port 48488 ssh2 ...	2020-10-14 06:57:34
106.12.220.84	attack	sshguard	2020-10-07 03:40:45
106.12.220.84	attackspambots	2020-10-06T06:16:59.233412yoshi.linuxbox.ninja sshd[828623]: Failed password for root from 106.12.220.84 port 41082 ssh2 2020-10-06T06:18:50.032459yoshi.linuxbox.ninja sshd[829668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.220.84 user=root 2020-10-06T06:18:51.901708yoshi.linuxbox.ninja sshd[829668]: Failed password for root from 106.12.220.84 port 37742 ssh2 ...	2020-10-06 19:42:09
106.12.221.83	attack	Oct 1 22:20:28 hosting sshd[15390]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.221.83 user=root Oct 1 22:20:30 hosting sshd[15390]: Failed password for root from 106.12.221.83 port 40624 ssh2 ...	2020-10-02 05:22:55
106.12.221.83	attackspambots	Oct 1 01:52:42 vpn01 sshd[24768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.221.83 Oct 1 01:52:43 vpn01 sshd[24768]: Failed password for invalid user ram from 106.12.221.83 port 54816 ssh2 ...	2020-10-01 13:58:53
106.12.22.202	attackspambots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-01 04:40:59
106.12.22.202	attack	Invalid user brainy from 106.12.22.202 port 44698	2020-09-30 20:54:42
106.12.22.202	attack	Invalid user brainy from 106.12.22.202 port 44698	2020-09-30 13:23:07
106.12.220.84	attackspambots	Sep 26 19:08:37 MainVPS sshd[17540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.220.84 user=root Sep 26 19:08:40 MainVPS sshd[17540]: Failed password for root from 106.12.220.84 port 60272 ssh2 Sep 26 19:13:04 MainVPS sshd[21983]: Invalid user admin from 106.12.220.84 port 60058 Sep 26 19:13:05 MainVPS sshd[21983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.220.84 Sep 26 19:13:04 MainVPS sshd[21983]: Invalid user admin from 106.12.220.84 port 60058 Sep 26 19:13:07 MainVPS sshd[21983]: Failed password for invalid user admin from 106.12.220.84 port 60058 ssh2 ...	2020-09-27 02:52:15
106.12.220.84	attackspambots	Sep 26 06:24:51 minden010 sshd[3635]: Failed password for root from 106.12.220.84 port 47892 ssh2 Sep 26 06:29:53 minden010 sshd[5786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.220.84 Sep 26 06:29:55 minden010 sshd[5786]: Failed password for invalid user virl from 106.12.220.84 port 52326 ssh2 ...	2020-09-26 18:48:52
106.12.221.83	attackbots	Invalid user zzz from 106.12.221.83 port 46806	2020-09-23 03:19:27
106.12.221.83	attackspambots	Time: Tue Sep 22 11:23:28 2020 +0000 IP: 106.12.221.83 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 22 11:05:01 29-1 sshd[25122]: Invalid user john from 106.12.221.83 port 45230 Sep 22 11:05:03 29-1 sshd[25122]: Failed password for invalid user john from 106.12.221.83 port 45230 ssh2 Sep 22 11:18:54 29-1 sshd[27238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.221.83 user=root Sep 22 11:18:56 29-1 sshd[27238]: Failed password for root from 106.12.221.83 port 46390 ssh2 Sep 22 11:23:27 29-1 sshd[27898]: Invalid user redmine from 106.12.221.83 port 48208	2020-09-22 19:30:47
106.12.222.209	attackspam	Sep 21 14:06:50 MainVPS sshd[23642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.222.209 user=root Sep 21 14:06:52 MainVPS sshd[23642]: Failed password for root from 106.12.222.209 port 44432 ssh2 Sep 21 14:11:36 MainVPS sshd[1911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.222.209 user=mysql Sep 21 14:11:38 MainVPS sshd[1911]: Failed password for mysql from 106.12.222.209 port 50788 ssh2 Sep 21 14:16:25 MainVPS sshd[12755]: Invalid user dockeruser from 106.12.222.209 port 57172 ...	2020-09-22 00:32:30
106.12.222.209	attackspambots	$f2bV_matches	2020-09-21 16:13:41
106.12.222.209	attack	Sep 20 23:55:41 onepixel sshd[1401874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.222.209 Sep 20 23:55:41 onepixel sshd[1401874]: Invalid user hadoop from 106.12.222.209 port 39382 Sep 20 23:55:44 onepixel sshd[1401874]: Failed password for invalid user hadoop from 106.12.222.209 port 39382 ssh2 Sep 21 00:00:10 onepixel sshd[1402596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.222.209 user=root Sep 21 00:00:12 onepixel sshd[1402596]: Failed password for root from 106.12.222.209 port 47834 ssh2	2020-09-21 08:09:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.22.91
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18078
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.22.91.			IN	A

;; AUTHORITY SECTION:
.			344	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040800 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 08 18:10:06 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 91.22.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 91.22.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.145	attackspam	2020-06-14T01:50:02.791791lavrinenko.info sshd[3128]: Failed password for root from 218.92.0.145 port 28482 ssh2 2020-06-14T01:50:08.352517lavrinenko.info sshd[3128]: Failed password for root from 218.92.0.145 port 28482 ssh2 2020-06-14T01:50:12.381324lavrinenko.info sshd[3128]: Failed password for root from 218.92.0.145 port 28482 ssh2 2020-06-14T01:50:17.107406lavrinenko.info sshd[3128]: Failed password for root from 218.92.0.145 port 28482 ssh2 2020-06-14T01:50:22.001366lavrinenko.info sshd[3128]: Failed password for root from 218.92.0.145 port 28482 ssh2 ...	2020-06-14 06:50:37
94.102.124.75	attack	Jun 14 00:46:38 lnxweb62 sshd[5481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.102.124.75	2020-06-14 07:13:58
124.156.107.252	attackbots	Jun 14 00:09:12 OPSO sshd\[3212\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.107.252 user=root Jun 14 00:09:14 OPSO sshd\[3212\]: Failed password for root from 124.156.107.252 port 43740 ssh2 Jun 14 00:12:06 OPSO sshd\[3951\]: Invalid user jasmin from 124.156.107.252 port 50140 Jun 14 00:12:06 OPSO sshd\[3951\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.107.252 Jun 14 00:12:08 OPSO sshd\[3951\]: Failed password for invalid user jasmin from 124.156.107.252 port 50140 ssh2	2020-06-14 07:19:59
111.67.206.52	attack	Invalid user redhat from 111.67.206.52 port 44180	2020-06-14 06:43:11
106.13.160.249	attackspam	Jun 13 22:54:27 vps sshd[5517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.160.249 Jun 13 22:54:28 vps sshd[5517]: Failed password for invalid user pey from 106.13.160.249 port 59146 ssh2 Jun 13 23:07:10 vps sshd[6285]: Failed password for root from 106.13.160.249 port 44708 ssh2 ...	2020-06-14 07:16:37
159.65.154.48	attack	firewall-block, port(s): 14042/tcp	2020-06-14 07:10:26
121.52.153.104	attack	Lines containing failures of 121.52.153.104 Jun 13 02:36:55 nexus sshd[19853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.52.153.104 user=r.r Jun 13 02:36:57 nexus sshd[19853]: Failed password for r.r from 121.52.153.104 port 24520 ssh2 Jun 13 02:36:57 nexus sshd[19853]: Received disconnect from 121.52.153.104 port 24520:11: Bye Bye [preauth] Jun 13 02:36:57 nexus sshd[19853]: Disconnected from 121.52.153.104 port 24520 [preauth] Jun 13 02:50:38 nexus sshd[19925]: Invalid user dvs from 121.52.153.104 port 56862 Jun 13 02:50:38 nexus sshd[19925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.52.153.104 Jun 13 02:50:40 nexus sshd[19925]: Failed password for invalid user dvs from 121.52.153.104 port 56862 ssh2 Jun 13 02:50:40 nexus sshd[19925]: Received disconnect from 121.52.153.104 port 56862:11: Bye Bye [preauth] Jun 13 02:50:40 nexus sshd[19925]: Disconnected from 121.52.153......... ------------------------------	2020-06-14 06:48:47
50.246.53.29	attackbots	761. On Jun 13 2020 experienced a Brute Force SSH login attempt -> 1 unique times by 50.246.53.29.	2020-06-14 06:45:21
217.251.103.190	attackspambots	Lines containing failures of 217.251.103.190 Jun 13 06:06:26 keyhelp sshd[13006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.251.103.190 user=syslog Jun 13 06:06:28 keyhelp sshd[13006]: Failed password for syslog from 217.251.103.190 port 33692 ssh2 Jun 13 06:06:28 keyhelp sshd[13006]: Received disconnect from 217.251.103.190 port 33692:11: Bye Bye [preauth] Jun 13 06:06:28 keyhelp sshd[13006]: Disconnected from authenticating user syslog 217.251.103.190 port 33692 [preauth] Jun 13 06:22:27 keyhelp sshd[17766]: Invalid user admin from 217.251.103.190 port 51382 Jun 13 06:22:27 keyhelp sshd[17766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.251.103.190 Jun 13 06:22:29 keyhelp sshd[17766]: Failed password for invalid user admin from 217.251.103.190 port 51382 ssh2 Jun 13 06:22:30 keyhelp sshd[17766]: Received disconnect from 217.251.103.190 port 51382:11: Bye Bye [preauth] Ju........ ------------------------------	2020-06-14 07:13:22
122.51.41.44	attackspam	2020-06-14T03:58:52.195445billing sshd[32005]: Failed password for invalid user cdr from 122.51.41.44 port 36114 ssh2 2020-06-14T04:07:33.346843billing sshd[17808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.41.44 user=root 2020-06-14T04:07:35.034161billing sshd[17808]: Failed password for root from 122.51.41.44 port 44300 ssh2 ...	2020-06-14 07:03:54
164.132.73.220	attackspam	TCP (SYN) 164.132.73.220:46333 -> port 17720, len 44	2020-06-14 07:10:12
67.207.89.207	attackspam	2020-06-14T00:10:02.062060vps751288.ovh.net sshd\[1022\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.207.89.207 user=root 2020-06-14T00:10:04.090127vps751288.ovh.net sshd\[1022\]: Failed password for root from 67.207.89.207 port 50248 ssh2 2020-06-14T00:13:08.564324vps751288.ovh.net sshd\[1050\]: Invalid user nagios4 from 67.207.89.207 port 50960 2020-06-14T00:13:08.572869vps751288.ovh.net sshd\[1050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.207.89.207 2020-06-14T00:13:10.134382vps751288.ovh.net sshd\[1050\]: Failed password for invalid user nagios4 from 67.207.89.207 port 50960 ssh2	2020-06-14 07:09:29
192.144.230.158	attack	2020-06-13T20:59:19.377950abusebot-4.cloudsearch.cf sshd[4298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.230.158 user=root 2020-06-13T20:59:20.914919abusebot-4.cloudsearch.cf sshd[4298]: Failed password for root from 192.144.230.158 port 57832 ssh2 2020-06-13T21:05:22.236920abusebot-4.cloudsearch.cf sshd[4747]: Invalid user git from 192.144.230.158 port 40218 2020-06-13T21:05:22.246207abusebot-4.cloudsearch.cf sshd[4747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.230.158 2020-06-13T21:05:22.236920abusebot-4.cloudsearch.cf sshd[4747]: Invalid user git from 192.144.230.158 port 40218 2020-06-13T21:05:23.948872abusebot-4.cloudsearch.cf sshd[4747]: Failed password for invalid user git from 192.144.230.158 port 40218 ssh2 2020-06-13T21:07:46.842874abusebot-4.cloudsearch.cf sshd[4871]: Invalid user zhangf from 192.144.230.158 port 36932 ...	2020-06-14 06:54:39
46.118.80.243	attack	46.118.80.243 - - [13/Jun/2020:23:08:00 +0200] "GET /wp-login.php HTTP/1.1" 302 516 ...	2020-06-14 06:45:54
49.233.202.231	attack	Jun 14 00:26:07 cosmoit sshd[23747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.202.231	2020-06-14 06:47:02

Recently Reported IPs

46.155.49.18	211.76.226.183	215.167.110.243	40.154.113.66
0.148.62.197	226.34.44.249	42.158.186.185	116.72.10.221
5.98.20.65	216.218.191.226	96.142.11.44	223.209.19.163
219.153.67.145	230.14.187.139	241.197.200.142	97.58.205.99
229.250.119.61	163.223.192.21	95.41.226.166	183.18.76.75