106.12.99.239 - IPInfo

Basic Info

City: unknown

Region: Beijing

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: Beijing Baidu Netcom Science and Technology Co., Ltd.

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2019-07-26T18:07:01.706411abusebot-8.cloudsearch.cf sshd\[19218\]: Invalid user sen from 106.12.99.239 port 53698	2019-07-27 02:43:36

Comments on same subnet:

IP	Type	Details	Datetime
106.12.99.84	attack	1596370322 - 08/02/2020 14:12:02 Host: 106.12.99.84/106.12.99.84 Port: 445 TCP Blocked	2020-08-02 22:17:26
106.12.99.204	attackspambots	2020-07-19T11:44:12.6553031495-001 sshd[16981]: Invalid user cronje from 106.12.99.204 port 41024 2020-07-19T11:44:14.6746911495-001 sshd[16981]: Failed password for invalid user cronje from 106.12.99.204 port 41024 ssh2 2020-07-19T11:48:01.8728961495-001 sshd[17172]: Invalid user chenxuwu from 106.12.99.204 port 53884 2020-07-19T11:48:01.8798671495-001 sshd[17172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.99.204 2020-07-19T11:48:01.8728961495-001 sshd[17172]: Invalid user chenxuwu from 106.12.99.204 port 53884 2020-07-19T11:48:04.0015681495-001 sshd[17172]: Failed password for invalid user chenxuwu from 106.12.99.204 port 53884 ssh2 ...	2020-07-20 01:17:10
106.12.99.204	attackspambots	Jul 11 22:00:07 l03 sshd[11767]: Invalid user jessie from 106.12.99.204 port 47276 ...	2020-07-12 05:08:23
106.12.99.204	attackbotsspam	Jul 6 04:36:15 NG-HHDC-SVS-001 sshd[26875]: Invalid user huy from 106.12.99.204 ...	2020-07-06 03:16:54
106.12.99.204	attack	Bruteforce detected by fail2ban	2020-06-18 03:47:04
106.12.99.204	attackbots	2020-06-12T05:53:27.9408631240 sshd\[13802\]: Invalid user hm from 106.12.99.204 port 44622 2020-06-12T05:53:27.9455211240 sshd\[13802\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.99.204 2020-06-12T05:53:29.9171631240 sshd\[13802\]: Failed password for invalid user hm from 106.12.99.204 port 44622 ssh2 ...	2020-06-12 16:31:10
106.12.99.204	attackspam	Jun 4 17:17:07 ny01 sshd[15121]: Failed password for root from 106.12.99.204 port 53944 ssh2 Jun 4 17:20:51 ny01 sshd[15614]: Failed password for root from 106.12.99.204 port 48986 ssh2	2020-06-05 05:33:21
106.12.99.204	attackbots	May 28 23:18:27 eventyay sshd[23681]: Failed password for root from 106.12.99.204 port 51052 ssh2 May 28 23:21:23 eventyay sshd[23808]: Failed password for root from 106.12.99.204 port 57536 ssh2 ...	2020-05-29 05:27:17
106.12.99.204	attackspambots	(sshd) Failed SSH login from 106.12.99.204 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 15 12:01:32 elude sshd[13238]: Invalid user lee from 106.12.99.204 port 42928 May 15 12:01:34 elude sshd[13238]: Failed password for invalid user lee from 106.12.99.204 port 42928 ssh2 May 15 12:04:36 elude sshd[13666]: Invalid user dex from 106.12.99.204 port 47608 May 15 12:04:38 elude sshd[13666]: Failed password for invalid user dex from 106.12.99.204 port 47608 ssh2 May 15 12:05:46 elude sshd[13854]: Invalid user jiayuanyang from 106.12.99.204 port 59710	2020-05-15 19:07:10
106.12.99.84	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-22 21:18:09
106.12.99.173	attack	Mar 9 02:54:17 server sshd\[7574\]: Invalid user e from 106.12.99.173 Mar 9 02:54:17 server sshd\[7574\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.99.173 Mar 9 02:54:18 server sshd\[7574\]: Failed password for invalid user e from 106.12.99.173 port 46928 ssh2 Mar 9 03:26:21 server sshd\[15162\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.99.173 user=root Mar 9 03:26:23 server sshd\[15162\]: Failed password for root from 106.12.99.173 port 34060 ssh2 ...	2020-03-09 08:53:02
106.12.99.173	attack	$f2bV_matches	2020-02-17 06:21:26
106.12.99.121	attackspam	Unauthorized connection attempt detected from IP address 106.12.99.121 to port 1433 [J]	2020-02-01 17:58:10
106.12.99.173	attackbots	Jan 31 22:21:00 game-panel sshd[22174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.99.173 Jan 31 22:21:02 game-panel sshd[22174]: Failed password for invalid user www from 106.12.99.173 port 35302 ssh2 Jan 31 22:24:05 game-panel sshd[22331]: Failed password for support from 106.12.99.173 port 57202 ssh2	2020-02-01 07:07:36
106.12.99.173	attackbots	leo_www	2020-01-08 15:05:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.99.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9931
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.99.239.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 27 02:43:30 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 239.99.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 239.99.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
69.174.91.35	attack	fell into ViewStateTrap:madrid	2020-06-10 22:47:33
212.64.54.49	attackbotsspam	Jun 10 15:02:39 ift sshd\[17850\]: Invalid user tramvm from 212.64.54.49Jun 10 15:02:41 ift sshd\[17850\]: Failed password for invalid user tramvm from 212.64.54.49 port 58642 ssh2Jun 10 15:04:44 ift sshd\[18138\]: Invalid user zhou from 212.64.54.49Jun 10 15:04:46 ift sshd\[18138\]: Failed password for invalid user zhou from 212.64.54.49 port 56992 ssh2Jun 10 15:06:55 ift sshd\[18781\]: Invalid user logadmin from 212.64.54.49 ...	2020-06-10 22:34:02
111.229.167.10	attack	2020-06-10T14:15:46.655444galaxy.wi.uni-potsdam.de sshd[1412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.167.10 user=root 2020-06-10T14:15:48.754890galaxy.wi.uni-potsdam.de sshd[1412]: Failed password for root from 111.229.167.10 port 58840 ssh2 2020-06-10T14:16:15.459218galaxy.wi.uni-potsdam.de sshd[1509]: Invalid user na from 111.229.167.10 port 35242 2020-06-10T14:16:15.461258galaxy.wi.uni-potsdam.de sshd[1509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.167.10 2020-06-10T14:16:15.459218galaxy.wi.uni-potsdam.de sshd[1509]: Invalid user na from 111.229.167.10 port 35242 2020-06-10T14:16:17.208181galaxy.wi.uni-potsdam.de sshd[1509]: Failed password for invalid user na from 111.229.167.10 port 35242 ssh2 2020-06-10T14:16:47.512965galaxy.wi.uni-potsdam.de sshd[1563]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.167.10 user=root 2 ...	2020-06-10 22:38:23
106.54.127.159	attack	IP blocked	2020-06-10 22:53:54
103.228.183.10	attackbots	Jun 10 15:42:55 ns3164893 sshd[8658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.228.183.10 user=root Jun 10 15:42:57 ns3164893 sshd[8658]: Failed password for root from 103.228.183.10 port 47084 ssh2 ...	2020-06-10 23:03:50
14.254.9.5	attackspambots	Unauthorized connection attempt from IP address 14.254.9.5 on Port 445(SMB)	2020-06-10 23:09:43
178.128.226.2	attack	Jun 10 16:53:59 root sshd[26310]: Invalid user nux from 178.128.226.2 ...	2020-06-10 22:51:46
106.1.94.78	attackbotsspam	Jun 10 15:36:33 vmd26974 sshd[30699]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.1.94.78 Jun 10 15:36:36 vmd26974 sshd[30699]: Failed password for invalid user admin from 106.1.94.78 port 59530 ssh2 ...	2020-06-10 22:26:41
201.150.35.113	attackspam	LGS,WP GET /website/wp-includes/wlwmanifest.xml	2020-06-10 22:32:08
79.124.62.66	attackbotsspam	" "	2020-06-10 23:06:25
194.28.241.241	attackbots	Unauthorized connection attempt from IP address 194.28.241.241 on Port 445(SMB)	2020-06-10 22:31:45
87.246.7.108	attack	Brute force attempt	2020-06-10 22:41:32
37.49.224.14	attackbots	Jun 10 07:56:51 XXX sshd[28440]: Did not receive identification string from 37.49.224.14 Jun 10 07:57:06 XXX sshd[28587]: Invalid user admin from 37.49.224.14 Jun 10 07:57:06 XXX sshd[28587]: Received disconnect from 37.49.224.14: 11: Normal Shutdown, Thank you for playing [preauth] Jun 10 07:57:28 XXX sshd[28595]: Invalid user admin from 37.49.224.14 Jun 10 07:57:28 XXX sshd[28595]: Received disconnect from 37.49.224.14: 11: Normal Shutdown, Thank you for playing [preauth] Jun 10 07:57:50 XXX sshd[28597]: User r.r from 37.49.224.14 not allowed because none of user's groups are listed in AllowGroups Jun 10 07:57:50 XXX sshd[28597]: Received disconnect from 37.49.224.14: 11: Normal Shutdown, Thank you for playing [preauth] Jun 10 07:58:11 XXX sshd[28776]: Invalid user ansible from 37.49.224.14 Jun 10 07:58:11 XXX sshd[28776]: Received disconnect from 37.49.224.14: 11: Normal Shutdown, Thank you for playing [preauth] Jun 10 07:58:32 XXX sshd[28784]: Invalid user centos fr........ -------------------------------	2020-06-10 22:29:45
69.156.165.11	attack	Jun 10 16:37:05 server sshd[2048]: Failed password for invalid user krista from 69.156.165.11 port 49057 ssh2 Jun 10 16:40:42 server sshd[6158]: Failed password for invalid user amaina from 69.156.165.11 port 51064 ssh2 Jun 10 16:44:09 server sshd[9996]: Failed password for invalid user beltrami from 69.156.165.11 port 53108 ssh2	2020-06-10 22:46:27
176.63.26.184	attackbots	Automatic report - XMLRPC Attack	2020-06-10 23:12:57

Recently Reported IPs

13.127.252.253	254.103.143.94	67.88.85.125	142.26.50.238
42.228.10.252	182.232.23.131	227.227.249.132	85.202.10.42
14.162.2.159	252.135.15.13	182.232.22.89	177.153.227.151
101.121.234.55	165.153.115.10	73.165.123.42	114.26.11.126
210.214.162.251	216.200.238.247	190.183.222.39	61.147.42.237