166.111.71.34 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: IIINT

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	2019-12-23T18:32:37.563548scmdmz1 sshd[31761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.111.71.34 user=lp 2019-12-23T18:32:39.960101scmdmz1 sshd[31761]: Failed password for lp from 166.111.71.34 port 48670 ssh2 2019-12-23T18:38:33.383804scmdmz1 sshd[32248]: Invalid user guest from 166.111.71.34 port 40626 2019-12-23T18:38:33.387645scmdmz1 sshd[32248]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.111.71.34 2019-12-23T18:38:33.383804scmdmz1 sshd[32248]: Invalid user guest from 166.111.71.34 port 40626 2019-12-23T18:38:35.653460scmdmz1 sshd[32248]: Failed password for invalid user guest from 166.111.71.34 port 40626 ssh2 ...	2019-12-24 01:50:07
attack	Dec 23 08:33:09 server sshd\[15465\]: Invalid user sesso from 166.111.71.34 Dec 23 08:33:09 server sshd\[15465\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.111.71.34 Dec 23 08:33:11 server sshd\[15465\]: Failed password for invalid user sesso from 166.111.71.34 port 54992 ssh2 Dec 23 08:54:12 server sshd\[21071\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.111.71.34 user=root Dec 23 08:54:15 server sshd\[21071\]: Failed password for root from 166.111.71.34 port 36842 ssh2 ...	2019-12-23 13:54:31
attack	Dec 18 02:15:53 eventyay sshd[9266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.111.71.34 Dec 18 02:15:55 eventyay sshd[9266]: Failed password for invalid user !a@a#a$a from 166.111.71.34 port 39560 ssh2 Dec 18 02:23:53 eventyay sshd[9695]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.111.71.34 ...	2019-12-18 09:40:39
attackspambots	$f2bV_matches	2019-12-13 23:19:06
attackbotsspam	Dec 9 04:09:04 liveconfig01 sshd[12867]: Invalid user wwwrun from 166.111.71.34 Dec 9 04:09:04 liveconfig01 sshd[12867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.111.71.34 Dec 9 04:09:06 liveconfig01 sshd[12867]: Failed password for invalid user wwwrun from 166.111.71.34 port 42658 ssh2 Dec 9 04:09:06 liveconfig01 sshd[12867]: Received disconnect from 166.111.71.34 port 42658:11: Bye Bye [preauth] Dec 9 04:09:06 liveconfig01 sshd[12867]: Disconnected from 166.111.71.34 port 42658 [preauth] Dec 9 04:24:12 liveconfig01 sshd[13863]: Invalid user yoyo from 166.111.71.34 Dec 9 04:24:12 liveconfig01 sshd[13863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.111.71.34 Dec 9 04:24:14 liveconfig01 sshd[13863]: Failed password for invalid user yoyo from 166.111.71.34 port 48158 ssh2 Dec 9 04:24:14 liveconfig01 sshd[13863]: Received disconnect from 166.111.71.34 port 48158:11:........ -------------------------------	2019-12-09 22:37:07
attack	Dec 7 14:35:53 Ubuntu-1404-trusty-64-minimal sshd\[22149\]: Invalid user master from 166.111.71.34 Dec 7 14:35:53 Ubuntu-1404-trusty-64-minimal sshd\[22149\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.111.71.34 Dec 7 14:35:55 Ubuntu-1404-trusty-64-minimal sshd\[22149\]: Failed password for invalid user master from 166.111.71.34 port 50854 ssh2 Dec 7 14:45:05 Ubuntu-1404-trusty-64-minimal sshd\[27120\]: Invalid user redemption from 166.111.71.34 Dec 7 14:45:05 Ubuntu-1404-trusty-64-minimal sshd\[27120\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.111.71.34	2019-12-07 22:57:43

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 166.111.71.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33167
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;166.111.71.34.			IN	A

;; AUTHORITY SECTION:
.			446	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120700 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 07 22:57:39 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 34.71.111.166.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 34.71.111.166.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
220.250.51.208	attackspambots	Oct 11 09:36:54 rancher-0 sshd[595278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.250.51.208 user=root Oct 11 09:36:55 rancher-0 sshd[595278]: Failed password for root from 220.250.51.208 port 35642 ssh2 ...	2020-10-11 15:50:33
139.99.134.195	attackbots	(mod_security) mod_security (id:210730) triggered by 139.99.134.195 (AU/Australia/vps-62ae2a86.vps.ovh.ca): 5 in the last 3600 secs	2020-10-11 15:46:23
182.254.166.97	attackbotsspam	Oct 11 10:10:27 www2 sshd\[62896\]: Invalid user git from 182.254.166.97Oct 11 10:10:28 www2 sshd\[62896\]: Failed password for invalid user git from 182.254.166.97 port 52772 ssh2Oct 11 10:15:38 www2 sshd\[63456\]: Failed password for root from 182.254.166.97 port 53142 ssh2 ...	2020-10-11 15:20:57
3.249.157.117	attackbotsspam	Unauthorized connection attempt detected, IP banned.	2020-10-11 15:55:54
222.185.235.186	attackbotsspam	Oct 3 06:28:39 roki-contabo sshd\[31517\]: Invalid user javier from 222.185.235.186 Oct 3 06:28:39 roki-contabo sshd\[31517\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.185.235.186 Oct 3 06:28:41 roki-contabo sshd\[31517\]: Failed password for invalid user javier from 222.185.235.186 port 58094 ssh2 Oct 3 07:00:46 roki-contabo sshd\[32162\]: Invalid user sysadmin from 222.185.235.186 Oct 3 07:00:46 roki-contabo sshd\[32162\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.185.235.186 ...	2020-10-11 15:23:09
103.45.130.165	attackbotsspam	Automatic report - Banned IP Access	2020-10-11 15:21:20
124.238.113.126	attackspam	"fail2ban match"	2020-10-11 15:13:14
218.241.134.34	attack	2020-10-10T18:32:29.705953yoshi.linuxbox.ninja sshd[1476196]: Invalid user vcsa1 from 218.241.134.34 port 31100 2020-10-10T18:32:32.150855yoshi.linuxbox.ninja sshd[1476196]: Failed password for invalid user vcsa1 from 218.241.134.34 port 31100 ssh2 2020-10-10T18:34:23.287166yoshi.linuxbox.ninja sshd[1477381]: Invalid user google from 218.241.134.34 port 43820 ...	2020-10-11 15:44:31
183.81.13.152	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-11 15:45:02
218.92.0.185	attack	Oct 11 03:18:52 plusreed sshd[24210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.185 user=root Oct 11 03:18:53 plusreed sshd[24210]: Failed password for root from 218.92.0.185 port 17169 ssh2 ...	2020-10-11 15:28:36
104.148.61.175	attackbots	Oct 10 22:45:59 SRV001 postfix/smtpd[15262]: NOQUEUE: reject: RCPT from unknown[104.148.61.175]: 554 5.7.1 : Relay access denied; from= to= proto=SMTP helo= ...	2020-10-11 15:36:06
112.249.237.26	attackspambots	20/10/10@16:46:19: FAIL: IoT-Telnet address from=112.249.237.26 ...	2020-10-11 15:45:32
192.144.190.244	attackspambots	Brute force attempt	2020-10-11 15:41:30
185.202.2.147	attack	2020-10-10T20:46:48Z - RDP login failed multiple times. (185.202.2.147)	2020-10-11 15:18:43
51.178.53.78	attack	FR - - [10/Oct/2020:22:28:51 +0300] POST /xmlrpc.php HTTP/1.1 404 9434 - Mozilla/5.0 X11; Ubuntu; Linux x86_64; rv:62.0 Gecko/20100101 Firefox/62.0	2020-10-11 15:11:40

Recently Reported IPs

221.234.239.186	221.13.12.42	246.49.181.60	193.253.218.93
171.36.143.239	124.88.113.46	123.157.144.97	123.145.5.92
118.166.129.176	113.128.104.191	112.193.168.253	111.175.59.80
111.162.153.152	110.177.82.53	106.45.0.121	60.208.167.121
47.75.221.106	39.68.238.132	34.92.190.238	223.104.3.150