106.13.99.245 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	2019-11-26T17:53:27.050516abusebot-5.cloudsearch.cf sshd\[5511\]: Invalid user joanna from 106.13.99.245 port 43942	2019-11-27 05:34:37
attackspambots	2019-11-25T11:54:16.803125shield sshd\[28238\]: Invalid user emil from 106.13.99.245 port 57080 2019-11-25T11:54:16.807329shield sshd\[28238\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.245 2019-11-25T11:54:18.870723shield sshd\[28238\]: Failed password for invalid user emil from 106.13.99.245 port 57080 ssh2 2019-11-25T12:00:03.636927shield sshd\[29663\]: Invalid user sinus from 106.13.99.245 port 38386 2019-11-25T12:00:03.641047shield sshd\[29663\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.245	2019-11-25 21:51:49
attackspam	2019-11-12T22:36:16.285865abusebot-5.cloudsearch.cf sshd\[19119\]: Invalid user arkserver from 106.13.99.245 port 41264	2019-11-13 07:08:01
attack	2019-11-12T15:08:33.048773abusebot-5.cloudsearch.cf sshd\[15657\]: Invalid user dj from 106.13.99.245 port 53832	2019-11-13 03:46:55
attackspam	2019-11-07T23:43:52.550752abusebot-5.cloudsearch.cf sshd\[25361\]: Invalid user legal1 from 106.13.99.245 port 37050	2019-11-08 07:45:31
attackbots	Nov 5 09:41:35 Tower sshd[24917]: Connection from 106.13.99.245 port 32824 on 192.168.10.220 port 22 Nov 5 09:41:39 Tower sshd[24917]: Invalid user swsgest from 106.13.99.245 port 32824 Nov 5 09:41:39 Tower sshd[24917]: error: Could not get shadow information for NOUSER Nov 5 09:41:39 Tower sshd[24917]: Failed password for invalid user swsgest from 106.13.99.245 port 32824 ssh2 Nov 5 09:41:40 Tower sshd[24917]: Received disconnect from 106.13.99.245 port 32824:11: Bye Bye [preauth] Nov 5 09:41:40 Tower sshd[24917]: Disconnected from invalid user swsgest 106.13.99.245 port 32824 [preauth]	2019-11-05 22:46:38
attackbots	2019-10-26T05:29:20.883600abusebot-5.cloudsearch.cf sshd\[13364\]: Invalid user heng from 106.13.99.245 port 47122	2019-10-26 15:45:48
attackspambots	2019-10-21T14:56:26.530371abusebot-5.cloudsearch.cf sshd\[5888\]: Invalid user desmond from 106.13.99.245 port 59524	2019-10-22 02:41:24
attackspambots	2019-10-17T12:22:43.854468abusebot-5.cloudsearch.cf sshd\[4587\]: Invalid user kernel from 106.13.99.245 port 46550	2019-10-17 20:49:21
attack	2019-10-14T12:25:50.779319abusebot-5.cloudsearch.cf sshd\[22224\]: Invalid user tester1 from 106.13.99.245 port 56406	2019-10-14 20:54:01
attackspambots	$f2bV_matches	2019-10-13 20:06:18
attackspam	$f2bV_matches	2019-10-12 18:20:58
attack	2019-10-03T20:51:49.714080-07:00 suse-nuc sshd[14319]: Invalid user hue from 106.13.99.245 port 38218 ...	2019-10-04 17:54:56
attack	Oct 2 01:47:00 plusreed sshd[20104]: Invalid user pop3 from 106.13.99.245 ...	2019-10-02 14:16:15
attackbotsspam	2019-09-25T21:00:20.773792abusebot.cloudsearch.cf sshd\[16480\]: Invalid user crs from 106.13.99.245 port 43678	2019-09-26 05:10:11
attackspambots	Sep 17 06:49:08 hpm sshd\[22386\]: Invalid user alina from 106.13.99.245 Sep 17 06:49:08 hpm sshd\[22386\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.245 Sep 17 06:49:10 hpm sshd\[22386\]: Failed password for invalid user alina from 106.13.99.245 port 54238 ssh2 Sep 17 06:53:59 hpm sshd\[22771\]: Invalid user jb from 106.13.99.245 Sep 17 06:53:59 hpm sshd\[22771\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.245	2019-09-18 01:05:55
attackspam	Aug 16 13:11:42 rpi sshd[32740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.245 Aug 16 13:11:44 rpi sshd[32740]: Failed password for invalid user l4d2 from 106.13.99.245 port 55808 ssh2	2019-08-16 23:29:18
attack	Aug 2 02:07:40 microserver sshd[52378]: Invalid user bash from 106.13.99.245 port 49656 Aug 2 02:07:40 microserver sshd[52378]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.245 Aug 2 02:07:42 microserver sshd[52378]: Failed password for invalid user bash from 106.13.99.245 port 49656 ssh2 Aug 2 02:10:45 microserver sshd[53031]: Invalid user raphaello from 106.13.99.245 port 49706 Aug 2 02:10:45 microserver sshd[53031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.245 Aug 2 02:22:44 microserver sshd[56013]: Invalid user user4 from 106.13.99.245 port 49894 Aug 2 02:22:44 microserver sshd[56013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.245 Aug 2 02:22:47 microserver sshd[56013]: Failed password for invalid user user4 from 106.13.99.245 port 49894 ssh2 Aug 2 02:25:50 microserver sshd[57008]: Invalid user insserver from 106.13.99.245 port 49940	2019-08-02 08:33:34
attack	Jul 30 03:46:41 www2 sshd\[29379\]: Failed password for root from 106.13.99.245 port 38882 ssh2Jul 30 03:49:57 www2 sshd\[29600\]: Invalid user megha from 106.13.99.245Jul 30 03:49:59 www2 sshd\[29600\]: Failed password for invalid user megha from 106.13.99.245 port 49120 ssh2Jul 30 03:51:06 www2 sshd\[29944\]: Invalid user p from 106.13.99.245Jul 30 03:51:08 www2 sshd\[29944\]: Failed password for invalid user p from 106.13.99.245 port 59338 ssh2Jul 30 03:52:15 www2 sshd\[30024\]: Invalid user wen from 106.13.99.245 ...	2019-07-30 09:08:29

Comments on same subnet:

IP	Type	Details	Datetime
106.13.99.39	attackspam	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-09-25 04:46:58
106.13.99.107	attack	prod8 ...	2020-09-19 20:48:12
106.13.99.107	attackbotsspam	2020-09-18T22:48:25.464526paragon sshd[167838]: Failed password for root from 106.13.99.107 port 45590 ssh2 2020-09-18T22:50:45.072868paragon sshd[167914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root 2020-09-18T22:50:46.818378paragon sshd[167914]: Failed password for root from 106.13.99.107 port 52748 ssh2 2020-09-18T22:53:07.949543paragon sshd[167997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root 2020-09-18T22:53:10.522963paragon sshd[167997]: Failed password for root from 106.13.99.107 port 59898 ssh2 ...	2020-09-19 04:22:09
106.13.99.107	attackspambots	Sep 13 08:21:21 george sshd[28987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root Sep 13 08:21:24 george sshd[28987]: Failed password for root from 106.13.99.107 port 51700 ssh2 Sep 13 08:26:08 george sshd[30645]: Invalid user aster from 106.13.99.107 port 56496 Sep 13 08:26:08 george sshd[30645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 Sep 13 08:26:10 george sshd[30645]: Failed password for invalid user aster from 106.13.99.107 port 56496 ssh2 ...	2020-09-13 21:20:38
106.13.99.107	attack	SSH-BruteForce	2020-09-13 13:14:05
106.13.99.107	attackspambots	Sep 12 22:48:03 vpn01 sshd[24871]: Failed password for root from 106.13.99.107 port 33648 ssh2 ...	2020-09-13 05:00:19
106.13.99.107	attackspam	[SID2] Fail2ban detected 5 failed SSH login attempts within 30 minutes. This report was submitted automatically.	2020-09-11 20:43:33
106.13.99.107	attackspam	Sep 11 05:24:29 ovpn sshd\[23699\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root Sep 11 05:24:30 ovpn sshd\[23699\]: Failed password for root from 106.13.99.107 port 47644 ssh2 Sep 11 05:33:51 ovpn sshd\[26025\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root Sep 11 05:33:54 ovpn sshd\[26025\]: Failed password for root from 106.13.99.107 port 33540 ssh2 Sep 11 05:38:40 ovpn sshd\[27190\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root	2020-09-11 12:51:28
106.13.99.107	attackbotsspam	Sep 10 18:54:17 marvibiene sshd[11503]: Failed password for root from 106.13.99.107 port 39592 ssh2 Sep 10 18:56:35 marvibiene sshd[11627]: Failed password for root from 106.13.99.107 port 34220 ssh2 Sep 10 18:58:36 marvibiene sshd[11730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107	2020-09-11 05:10:43
106.13.99.107	attackbotsspam	2020-09-09T23:28:42.869692dreamphreak.com sshd[268803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root 2020-09-09T23:28:45.228163dreamphreak.com sshd[268803]: Failed password for root from 106.13.99.107 port 45136 ssh2 ...	2020-09-10 20:22:33
106.13.99.107	attackbots	Sep 9 23:40:42 ovpn sshd\[29522\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root Sep 9 23:40:44 ovpn sshd\[29522\]: Failed password for root from 106.13.99.107 port 38290 ssh2 Sep 9 23:53:30 ovpn sshd\[32680\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root Sep 9 23:53:32 ovpn sshd\[32680\]: Failed password for root from 106.13.99.107 port 60394 ssh2 Sep 9 23:57:33 ovpn sshd\[1223\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root	2020-09-10 12:12:25
106.13.99.107	attackbots	$f2bV_matches	2020-09-10 02:58:45
106.13.99.107	attackspam	Sep 3 00:08:01 itv-usvr-01 sshd[15170]: Invalid user biadmin from 106.13.99.107 Sep 3 00:08:01 itv-usvr-01 sshd[15170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 Sep 3 00:08:01 itv-usvr-01 sshd[15170]: Invalid user biadmin from 106.13.99.107 Sep 3 00:08:04 itv-usvr-01 sshd[15170]: Failed password for invalid user biadmin from 106.13.99.107 port 40956 ssh2 Sep 3 00:17:02 itv-usvr-01 sshd[15710]: Invalid user back from 106.13.99.107	2020-09-03 02:43:17
106.13.99.107	attackbotsspam	May 4 20:30:10 ms-srv sshd[52612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 May 4 20:30:12 ms-srv sshd[52612]: Failed password for invalid user p from 106.13.99.107 port 41922 ssh2	2020-09-02 18:15:10
106.13.99.107	attackspam	SSH Invalid Login	2020-08-29 08:25:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.99.245
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6571
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.99.245.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 30 09:08:23 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 245.99.13.106.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 245.99.13.106.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
1.203.115.141	attackspam	Automatic report - Banned IP Access	2019-08-03 23:06:04
177.87.68.128	attackbotsspam	Aug 3 00:38:44 web1 postfix/smtpd[7833]: warning: unknown[177.87.68.128]: SASL PLAIN authentication failed: authentication failure ...	2019-08-03 22:14:31
187.120.129.216	attack	failed_logins	2019-08-03 22:37:21
203.110.179.26	attack	Aug 3 16:29:22 pkdns2 sshd\[5871\]: Invalid user pdey from 203.110.179.26Aug 3 16:29:24 pkdns2 sshd\[5871\]: Failed password for invalid user pdey from 203.110.179.26 port 59660 ssh2Aug 3 16:35:42 pkdns2 sshd\[6140\]: Invalid user emily from 203.110.179.26Aug 3 16:35:45 pkdns2 sshd\[6140\]: Failed password for invalid user emily from 203.110.179.26 port 59434 ssh2Aug 3 16:38:45 pkdns2 sshd\[6226\]: Invalid user amy from 203.110.179.26Aug 3 16:38:47 pkdns2 sshd\[6226\]: Failed password for invalid user amy from 203.110.179.26 port 59366 ssh2 ...	2019-08-03 22:35:34
5.188.86.114	attack	08/03/2019-09:11:57.723849 5.188.86.114 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 6	2019-08-03 22:20:45
201.131.225.133	attackspambots	libpam_shield report: forced login attempt	2019-08-03 22:23:13
187.120.140.52	attackspam	libpam_shield report: forced login attempt	2019-08-03 22:33:30
202.158.18.162	attackbots	445/tcp 445/tcp [2019-07-06/08-03]2pkt	2019-08-03 22:53:29
193.112.213.48	attack	Aug 3 12:19:57 [munged] sshd[28521]: Invalid user network1 from 193.112.213.48 port 58924 Aug 3 12:19:57 [munged] sshd[28521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.213.48 Aug 3 14:37:19 [munged] sshd[32515]: Invalid user httpadmin from 193.112.213.48 port 39238 Aug 3 14:37:19 [munged] sshd[32515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.213.48	2019-08-03 22:09:02
189.91.7.9	attack	failed_logins	2019-08-03 22:45:50
221.3.209.118	attackbotsspam	23/tcp 23/tcp 23/tcp [2019-06-21/08-03]3pkt	2019-08-03 22:47:44
177.69.245.49	attackspam	failed_logins	2019-08-03 22:39:15
113.200.156.180	attackbots	Aug 3 16:56:53 lnxmail61 sshd[7306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.200.156.180	2019-08-03 23:04:33
61.92.169.178	attackbotsspam	Aug 3 08:17:44 dedicated sshd[3720]: Invalid user miller from 61.92.169.178 port 44438	2019-08-03 22:36:14
112.221.179.133	attackspam	Aug 3 09:57:54 pornomens sshd\[14725\]: Invalid user shock from 112.221.179.133 port 54998 Aug 3 09:57:54 pornomens sshd\[14725\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.221.179.133 Aug 3 09:57:55 pornomens sshd\[14725\]: Failed password for invalid user shock from 112.221.179.133 port 54998 ssh2 ...	2019-08-03 22:47:02

Recently Reported IPs

52.121.134.165	180.124.236.170	82.129.131.170	5.210.129.136
150.255.40.116	161.190.58.12	201.243.24.244	61.99.239.126
105.112.51.250	183.165.133.53	100.44.68.167	186.249.46.90
179.162.140.164	122.97.202.187	252.22.157.148	187.148.47.129
185.209.21.135	155.121.106.122	200.187.10.1	66.119.37.231