106.12.61.221 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Feb 16 23:04:33 ns382633 sshd\[28640\]: Invalid user xerox from 106.12.61.221 port 36160 Feb 16 23:04:33 ns382633 sshd\[28640\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.61.221 Feb 16 23:04:35 ns382633 sshd\[28640\]: Failed password for invalid user xerox from 106.12.61.221 port 36160 ssh2 Feb 16 23:24:54 ns382633 sshd\[32220\]: Invalid user artificial from 106.12.61.221 port 54868 Feb 16 23:24:54 ns382633 sshd\[32220\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.61.221	2020-02-17 09:23:25
attackbots	SASL PLAIN auth failed: ruser=...	2020-02-13 07:19:56

Type

Details

Datetime

attack

Feb 16 23:04:33 ns382633 sshd\[28640\]: Invalid user xerox from 106.12.61.221 port 36160
Feb 16 23:04:33 ns382633 sshd\[28640\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.61.221
Feb 16 23:04:35 ns382633 sshd\[28640\]: Failed password for invalid user xerox from 106.12.61.221 port 36160 ssh2
Feb 16 23:24:54 ns382633 sshd\[32220\]: Invalid user artificial from 106.12.61.221 port 54868
Feb 16 23:24:54 ns382633 sshd\[32220\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.61.221

2020-02-17 09:23:25

attackbots

SASL PLAIN auth failed: ruser=...

2020-02-13 07:19:56

Comments on same subnet:

IP	Type	Details	Datetime
106.12.61.64	attackbotsspam	Jun 29 03:59:36 dhoomketu sshd[1116728]: Invalid user assist from 106.12.61.64 port 41570 Jun 29 03:59:36 dhoomketu sshd[1116728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.61.64 Jun 29 03:59:36 dhoomketu sshd[1116728]: Invalid user assist from 106.12.61.64 port 41570 Jun 29 03:59:38 dhoomketu sshd[1116728]: Failed password for invalid user assist from 106.12.61.64 port 41570 ssh2 Jun 29 04:02:48 dhoomketu sshd[1116790]: Invalid user ftp-user from 106.12.61.64 port 60664 ...	2020-06-29 07:27:44
106.12.61.64	attackbots	(sshd) Failed SSH login from 106.12.61.64 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 26 22:30:08 s1 sshd[9434]: Invalid user zhangjie from 106.12.61.64 port 59052 Jun 26 22:30:11 s1 sshd[9434]: Failed password for invalid user zhangjie from 106.12.61.64 port 59052 ssh2 Jun 26 22:51:23 s1 sshd[10937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.61.64 user=root Jun 26 22:51:25 s1 sshd[10937]: Failed password for root from 106.12.61.64 port 40284 ssh2 Jun 26 22:53:53 s1 sshd[11089]: Invalid user logic from 106.12.61.64 port 55470	2020-06-27 06:46:05
106.12.61.64	attack	bruteforce detected	2020-06-18 18:14:09
106.12.61.64	attack	$f2bV_matches	2020-06-03 15:24:25
106.12.61.64	attackbotsspam	IP blocked	2020-05-24 16:56:12
106.12.61.64	attack	May 22 07:01:33 plex sshd[31906]: Invalid user vtq from 106.12.61.64 port 42892	2020-05-22 15:25:31
106.12.61.64	attack	May 16 04:10:55 s158375 sshd[17556]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.61.64	2020-05-17 01:11:25
106.12.61.64	attackspambots	May 15 12:35:31 webhost01 sshd[24757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.61.64 May 15 12:35:34 webhost01 sshd[24757]: Failed password for invalid user amal from 106.12.61.64 port 56042 ssh2 ...	2020-05-15 13:43:42
106.12.61.64	attackbotsspam	Observed on multiple hosts.	2020-05-05 14:23:47
106.12.61.64	attackbotsspam	2020-03-31 UTC: (2x) - nproc,root	2020-04-01 18:44:38
106.12.61.64	attack	sshd jail - ssh hack attempt	2020-03-25 12:25:50
106.12.61.64	attackbotsspam	Mar 22 12:01:33 XXXXXX sshd[46097]: Invalid user rohit from 106.12.61.64 port 57196	2020-03-23 01:18:42
106.12.61.168	attackspam	Feb 17 18:40:52 vmanager6029 sshd\[13989\]: Invalid user rootalias from 106.12.61.168 port 60880 Feb 17 18:40:52 vmanager6029 sshd\[13989\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.61.168 Feb 17 18:40:53 vmanager6029 sshd\[13989\]: Failed password for invalid user rootalias from 106.12.61.168 port 60880 ssh2	2020-02-18 02:25:39
106.12.61.168	attackspambots	pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.61.168 Failed password for invalid user 123123 from 106.12.61.168 port 49610 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.61.168	2020-02-12 17:12:06
106.12.61.168	attack	...	2020-02-10 05:36:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.61.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24817
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.61.221.			IN	A

;; AUTHORITY SECTION:
.			585	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021202 1800 900 604800 86400

;; Query time: 129 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 13 07:19:53 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 221.61.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 221.61.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
132.232.66.238	attackspambots	May 14 04:45:57 NPSTNNYC01T sshd[24974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.66.238 May 14 04:45:59 NPSTNNYC01T sshd[24974]: Failed password for invalid user db2yccm from 132.232.66.238 port 34844 ssh2 May 14 04:51:25 NPSTNNYC01T sshd[25393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.66.238 ...	2020-05-14 16:56:01
163.172.29.120	attackbots	SSH Brute Force	2020-05-14 16:44:02
85.93.57.53	attackspam	May 14 05:37:28 *** sshd[21809]: Invalid user diag from 85.93.57.53	2020-05-14 17:15:13
149.202.80.208	attackbots	Trolling for resource vulnerabilities	2020-05-14 17:02:15
14.63.162.167	attackspambots	(ftpd) Failed FTP login from 14.63.162.167 (KR/South Korea/-): 10 in the last 3600 secs	2020-05-14 17:16:12
185.220.103.9	attackbots	Trolling for resource vulnerabilities	2020-05-14 17:11:09
45.14.150.133	attackbots	2020-05-14T05:49:37.017431upcloud.m0sh1x2.com sshd[15761]: Invalid user setup from 45.14.150.133 port 33512	2020-05-14 16:50:36
47.180.212.134	attack	May 14 04:10:22 NPSTNNYC01T sshd[21748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.180.212.134 May 14 04:10:25 NPSTNNYC01T sshd[21748]: Failed password for invalid user vds from 47.180.212.134 port 48099 ssh2 May 14 04:10:56 NPSTNNYC01T sshd[21857]: Failed password for root from 47.180.212.134 port 51344 ssh2 ...	2020-05-14 16:48:17
144.76.176.171	attackspam	20 attempts against mh-misbehave-ban on storm	2020-05-14 17:25:28
49.235.11.46	attackspambots	May 14 08:00:26 scw-6657dc sshd[2459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.11.46 May 14 08:00:26 scw-6657dc sshd[2459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.11.46 May 14 08:00:28 scw-6657dc sshd[2459]: Failed password for invalid user bdos from 49.235.11.46 port 44116 ssh2 ...	2020-05-14 17:02:40
118.24.89.243	attackspam	...	2020-05-14 16:45:10
139.59.46.243	attackspam	$f2bV_matches	2020-05-14 17:18:43
31.202.101.40	attackspambots	WP bruteforce attempt; username: N/A	2020-05-14 17:13:47
203.129.197.98	attackbotsspam	May 14 09:38:41 ovpn sshd\[5058\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.129.197.98 user=root May 14 09:38:43 ovpn sshd\[5058\]: Failed password for root from 203.129.197.98 port 53110 ssh2 May 14 09:40:48 ovpn sshd\[5589\]: Invalid user mysql from 203.129.197.98 May 14 09:40:48 ovpn sshd\[5589\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.129.197.98 May 14 09:40:50 ovpn sshd\[5589\]: Failed password for invalid user mysql from 203.129.197.98 port 41018 ssh2	2020-05-14 17:04:35
171.243.191.97	attackbotsspam	May 14 05:48:59 host sshd\[3180\]: Invalid user system from 171.243.191.97 port 43131	2020-05-14 16:57:37

Recently Reported IPs

222.254.34.123	85.235.94.40	4.14.169.237	106.13.102.141
45.125.66.133	2a01:9cc0:47:5:1a:6:0:2	114.35.93.251	45.162.98.72
45.125.66.187	69.85.239.19	187.190.102.74	124.156.98.182
172.126.50.178	91.193.245.95	171.217.55.50	95.48.129.134
37.59.122.43	243.227.252.43	59.25.218.243	130.102.238.34