106.12.99.239 - IPInfo

Basic Info

City: unknown

Region: Beijing

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: Beijing Baidu Netcom Science and Technology Co., Ltd.

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2019-07-26T18:07:01.706411abusebot-8.cloudsearch.cf sshd\[19218\]: Invalid user sen from 106.12.99.239 port 53698	2019-07-27 02:43:36

Comments on same subnet:

IP	Type	Details	Datetime
106.12.99.84	attack	1596370322 - 08/02/2020 14:12:02 Host: 106.12.99.84/106.12.99.84 Port: 445 TCP Blocked	2020-08-02 22:17:26
106.12.99.204	attackspambots	2020-07-19T11:44:12.6553031495-001 sshd[16981]: Invalid user cronje from 106.12.99.204 port 41024 2020-07-19T11:44:14.6746911495-001 sshd[16981]: Failed password for invalid user cronje from 106.12.99.204 port 41024 ssh2 2020-07-19T11:48:01.8728961495-001 sshd[17172]: Invalid user chenxuwu from 106.12.99.204 port 53884 2020-07-19T11:48:01.8798671495-001 sshd[17172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.99.204 2020-07-19T11:48:01.8728961495-001 sshd[17172]: Invalid user chenxuwu from 106.12.99.204 port 53884 2020-07-19T11:48:04.0015681495-001 sshd[17172]: Failed password for invalid user chenxuwu from 106.12.99.204 port 53884 ssh2 ...	2020-07-20 01:17:10
106.12.99.204	attackspambots	Jul 11 22:00:07 l03 sshd[11767]: Invalid user jessie from 106.12.99.204 port 47276 ...	2020-07-12 05:08:23
106.12.99.204	attackbotsspam	Jul 6 04:36:15 NG-HHDC-SVS-001 sshd[26875]: Invalid user huy from 106.12.99.204 ...	2020-07-06 03:16:54
106.12.99.204	attack	Bruteforce detected by fail2ban	2020-06-18 03:47:04
106.12.99.204	attackbots	2020-06-12T05:53:27.9408631240 sshd\[13802\]: Invalid user hm from 106.12.99.204 port 44622 2020-06-12T05:53:27.9455211240 sshd\[13802\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.99.204 2020-06-12T05:53:29.9171631240 sshd\[13802\]: Failed password for invalid user hm from 106.12.99.204 port 44622 ssh2 ...	2020-06-12 16:31:10
106.12.99.204	attackspam	Jun 4 17:17:07 ny01 sshd[15121]: Failed password for root from 106.12.99.204 port 53944 ssh2 Jun 4 17:20:51 ny01 sshd[15614]: Failed password for root from 106.12.99.204 port 48986 ssh2	2020-06-05 05:33:21
106.12.99.204	attackbots	May 28 23:18:27 eventyay sshd[23681]: Failed password for root from 106.12.99.204 port 51052 ssh2 May 28 23:21:23 eventyay sshd[23808]: Failed password for root from 106.12.99.204 port 57536 ssh2 ...	2020-05-29 05:27:17
106.12.99.204	attackspambots	(sshd) Failed SSH login from 106.12.99.204 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 15 12:01:32 elude sshd[13238]: Invalid user lee from 106.12.99.204 port 42928 May 15 12:01:34 elude sshd[13238]: Failed password for invalid user lee from 106.12.99.204 port 42928 ssh2 May 15 12:04:36 elude sshd[13666]: Invalid user dex from 106.12.99.204 port 47608 May 15 12:04:38 elude sshd[13666]: Failed password for invalid user dex from 106.12.99.204 port 47608 ssh2 May 15 12:05:46 elude sshd[13854]: Invalid user jiayuanyang from 106.12.99.204 port 59710	2020-05-15 19:07:10
106.12.99.84	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-22 21:18:09
106.12.99.173	attack	Mar 9 02:54:17 server sshd\[7574\]: Invalid user e from 106.12.99.173 Mar 9 02:54:17 server sshd\[7574\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.99.173 Mar 9 02:54:18 server sshd\[7574\]: Failed password for invalid user e from 106.12.99.173 port 46928 ssh2 Mar 9 03:26:21 server sshd\[15162\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.99.173 user=root Mar 9 03:26:23 server sshd\[15162\]: Failed password for root from 106.12.99.173 port 34060 ssh2 ...	2020-03-09 08:53:02
106.12.99.173	attack	$f2bV_matches	2020-02-17 06:21:26
106.12.99.121	attackspam	Unauthorized connection attempt detected from IP address 106.12.99.121 to port 1433 [J]	2020-02-01 17:58:10
106.12.99.173	attackbots	Jan 31 22:21:00 game-panel sshd[22174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.99.173 Jan 31 22:21:02 game-panel sshd[22174]: Failed password for invalid user www from 106.12.99.173 port 35302 ssh2 Jan 31 22:24:05 game-panel sshd[22331]: Failed password for support from 106.12.99.173 port 57202 ssh2	2020-02-01 07:07:36
106.12.99.173	attackbots	leo_www	2020-01-08 15:05:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.99.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9931
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.99.239.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 27 02:43:30 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 239.99.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 239.99.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
123.21.225.96	attackspam	Aug 22 21:17:12 srv1 sshd[27246]: Invalid user admin from 123.21.225.96 Aug 22 21:17:12 srv1 sshd[27246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.21.225.96 Aug 22 21:17:14 srv1 sshd[27246]: Failed password for invalid user admin from 123.21.225.96 port 57747 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=123.21.225.96	2019-08-23 07:31:06
182.247.245.50	attack	Aug 23 01:40:56 * sshd[4983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.247.245.50 Aug 23 01:40:58 * sshd[4983]: Failed password for invalid user rwp from 182.247.245.50 port 34500 ssh2	2019-08-23 08:01:28
190.37.4.137	attack	Aug 22 22:26:41 XXX sshd[46212]: Invalid user amp from 190.37.4.137 port 39462	2019-08-23 07:27:18
129.204.122.210	attack	Aug 22 21:31:10 cp sshd[13185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.122.210	2019-08-23 07:31:33
23.225.166.80	attack	Aug 23 00:41:13 server sshd[43511]: Failed password for root from 23.225.166.80 port 49068 ssh2 Aug 23 00:46:59 server sshd[44285]: Failed password for invalid user xs from 23.225.166.80 port 50336 ssh2 Aug 23 00:51:36 server sshd[44688]: Failed password for invalid user usuario1 from 23.225.166.80 port 42658 ssh2	2019-08-23 07:39:39
223.27.234.253	attackspambots	Aug 23 01:41:00 MK-Soft-Root2 sshd\[1846\]: Invalid user vivek from 223.27.234.253 port 50196 Aug 23 01:41:00 MK-Soft-Root2 sshd\[1846\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.27.234.253 Aug 23 01:41:03 MK-Soft-Root2 sshd\[1846\]: Failed password for invalid user vivek from 223.27.234.253 port 50196 ssh2 ...	2019-08-23 07:56:48
139.59.23.25	attack	Aug 22 23:49:43 MK-Soft-VM6 sshd\[19054\]: Invalid user spark from 139.59.23.25 port 34646 Aug 22 23:49:43 MK-Soft-VM6 sshd\[19054\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.23.25 Aug 22 23:49:45 MK-Soft-VM6 sshd\[19054\]: Failed password for invalid user spark from 139.59.23.25 port 34646 ssh2 ...	2019-08-23 08:11:08
178.213.252.241	attackspambots	Automatic report - Port Scan Attack	2019-08-23 07:34:14
37.187.248.10	attack	Invalid user dedrick from 37.187.248.10 port 50060	2019-08-23 08:03:36
144.121.119.222	attack	Unauthorized connection attempt from IP address 144.121.119.222 on Port 445(SMB)	2019-08-23 07:52:02
61.33.196.235	attackbotsspam	Invalid user azure from 61.33.196.235 port 43904	2019-08-23 08:06:03
46.175.64.51	attackspambots	Unauthorized connection attempt from IP address 46.175.64.51 on Port 445(SMB)	2019-08-23 07:46:11
190.46.17.12	attack	Lines containing failures of 190.46.17.12 Aug 22 21:16:49 server01 postfix/smtpd[13278]: connect from pc-12-17-46-190.cm.vtr.net[190.46.17.12] Aug x@x Aug x@x Aug 22 21:16:51 server01 postfix/policy-spf[13286]: : Policy action=PREPEND Received-SPF: none (gefleif.se: No applicable sender policy available) receiver=x@x Aug x@x Aug 22 21:16:52 server01 postfix/smtpd[13278]: lost connection after DATA from pc-12-17-46-190.cm.vtr.net[190.46.17.12] Aug 22 21:16:52 server01 postfix/smtpd[13278]: disconnect from pc-12-17-46-190.cm.vtr.net[190.46.17.12] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=190.46.17.12	2019-08-23 07:50:27
78.0.104.84	attackbots	2019-08-22 19:34:25 H=78-0-104-84.adsl.net.t-com.hr [78.0.104.84]:16205 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=78.0.104.84) 2019-08-22 19:34:25 unexpected disconnection while reading SMTP command from 78-0-104-84.adsl.net.t-com.hr [78.0.104.84]:16205 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-08-22 20:56:55 H=78-0-104-84.adsl.net.t-com.hr [78.0.104.84]:5880 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=78.0.104.84) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=78.0.104.84	2019-08-23 07:38:07
140.119.73.82	attackbotsspam	RDP Bruteforce	2019-08-23 07:51:15

Recently Reported IPs

13.127.252.253	254.103.143.94	67.88.85.125	142.26.50.238
42.228.10.252	182.232.23.131	227.227.249.132	85.202.10.42
14.162.2.159	252.135.15.13	182.232.22.89	177.153.227.151
101.121.234.55	165.153.115.10	73.165.123.42	114.26.11.126
210.214.162.251	216.200.238.247	190.183.222.39	61.147.42.237