106.13.99.39 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-09-25 04:46:58

Comments on same subnet:

IP	Type	Details	Datetime
106.13.99.107	attack	prod8 ...	2020-09-19 20:48:12
106.13.99.107	attackbotsspam	2020-09-18T22:48:25.464526paragon sshd[167838]: Failed password for root from 106.13.99.107 port 45590 ssh2 2020-09-18T22:50:45.072868paragon sshd[167914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root 2020-09-18T22:50:46.818378paragon sshd[167914]: Failed password for root from 106.13.99.107 port 52748 ssh2 2020-09-18T22:53:07.949543paragon sshd[167997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root 2020-09-18T22:53:10.522963paragon sshd[167997]: Failed password for root from 106.13.99.107 port 59898 ssh2 ...	2020-09-19 04:22:09
106.13.99.107	attackspambots	Sep 13 08:21:21 george sshd[28987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root Sep 13 08:21:24 george sshd[28987]: Failed password for root from 106.13.99.107 port 51700 ssh2 Sep 13 08:26:08 george sshd[30645]: Invalid user aster from 106.13.99.107 port 56496 Sep 13 08:26:08 george sshd[30645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 Sep 13 08:26:10 george sshd[30645]: Failed password for invalid user aster from 106.13.99.107 port 56496 ssh2 ...	2020-09-13 21:20:38
106.13.99.107	attack	SSH-BruteForce	2020-09-13 13:14:05
106.13.99.107	attackspambots	Sep 12 22:48:03 vpn01 sshd[24871]: Failed password for root from 106.13.99.107 port 33648 ssh2 ...	2020-09-13 05:00:19
106.13.99.107	attackspam	[SID2] Fail2ban detected 5 failed SSH login attempts within 30 minutes. This report was submitted automatically.	2020-09-11 20:43:33
106.13.99.107	attackspam	Sep 11 05:24:29 ovpn sshd\[23699\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root Sep 11 05:24:30 ovpn sshd\[23699\]: Failed password for root from 106.13.99.107 port 47644 ssh2 Sep 11 05:33:51 ovpn sshd\[26025\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root Sep 11 05:33:54 ovpn sshd\[26025\]: Failed password for root from 106.13.99.107 port 33540 ssh2 Sep 11 05:38:40 ovpn sshd\[27190\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root	2020-09-11 12:51:28
106.13.99.107	attackbotsspam	Sep 10 18:54:17 marvibiene sshd[11503]: Failed password for root from 106.13.99.107 port 39592 ssh2 Sep 10 18:56:35 marvibiene sshd[11627]: Failed password for root from 106.13.99.107 port 34220 ssh2 Sep 10 18:58:36 marvibiene sshd[11730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107	2020-09-11 05:10:43
106.13.99.107	attackbotsspam	2020-09-09T23:28:42.869692dreamphreak.com sshd[268803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root 2020-09-09T23:28:45.228163dreamphreak.com sshd[268803]: Failed password for root from 106.13.99.107 port 45136 ssh2 ...	2020-09-10 20:22:33
106.13.99.107	attackbots	Sep 9 23:40:42 ovpn sshd\[29522\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root Sep 9 23:40:44 ovpn sshd\[29522\]: Failed password for root from 106.13.99.107 port 38290 ssh2 Sep 9 23:53:30 ovpn sshd\[32680\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root Sep 9 23:53:32 ovpn sshd\[32680\]: Failed password for root from 106.13.99.107 port 60394 ssh2 Sep 9 23:57:33 ovpn sshd\[1223\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root	2020-09-10 12:12:25
106.13.99.107	attackbots	$f2bV_matches	2020-09-10 02:58:45
106.13.99.107	attackspam	Sep 3 00:08:01 itv-usvr-01 sshd[15170]: Invalid user biadmin from 106.13.99.107 Sep 3 00:08:01 itv-usvr-01 sshd[15170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 Sep 3 00:08:01 itv-usvr-01 sshd[15170]: Invalid user biadmin from 106.13.99.107 Sep 3 00:08:04 itv-usvr-01 sshd[15170]: Failed password for invalid user biadmin from 106.13.99.107 port 40956 ssh2 Sep 3 00:17:02 itv-usvr-01 sshd[15710]: Invalid user back from 106.13.99.107	2020-09-03 02:43:17
106.13.99.107	attackbotsspam	May 4 20:30:10 ms-srv sshd[52612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 May 4 20:30:12 ms-srv sshd[52612]: Failed password for invalid user p from 106.13.99.107 port 41922 ssh2	2020-09-02 18:15:10
106.13.99.107	attackspam	SSH Invalid Login	2020-08-29 08:25:24
106.13.99.107	attackbotsspam	Repeated brute force against a port	2020-08-27 10:07:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.99.39
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6165
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.99.39.			IN	A

;; AUTHORITY SECTION:
.			485	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092401 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 25 04:46:54 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 39.99.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 39.99.13.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
191.6.235.116	attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-12-04 16:30:08
51.75.248.241	attackspambots	Dec 4 09:26:06 vps666546 sshd\[28201\]: Invalid user dev from 51.75.248.241 port 50280 Dec 4 09:26:06 vps666546 sshd\[28201\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.248.241 Dec 4 09:26:08 vps666546 sshd\[28201\]: Failed password for invalid user dev from 51.75.248.241 port 50280 ssh2 Dec 4 09:27:16 vps666546 sshd\[28244\]: Invalid user dev from 51.75.248.241 port 41824 Dec 4 09:27:16 vps666546 sshd\[28244\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.248.241 ...	2019-12-04 16:28:02
35.196.194.37	attack	Automated report (2019-12-04T06:28:35+00:00). Misbehaving bot detected at this address.	2019-12-04 16:47:32
62.234.91.237	attack	Dec 4 09:41:19 eventyay sshd[5379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.91.237 Dec 4 09:41:21 eventyay sshd[5379]: Failed password for invalid user zzzz from 62.234.91.237 port 56715 ssh2 Dec 4 09:48:18 eventyay sshd[5603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.91.237 ...	2019-12-04 16:51:22
180.76.150.29	attackbots	Dec 4 08:49:31 vps666546 sshd\[26204\]: Invalid user operator from 180.76.150.29 port 35560 Dec 4 08:49:31 vps666546 sshd\[26204\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.150.29 Dec 4 08:49:33 vps666546 sshd\[26204\]: Failed password for invalid user operator from 180.76.150.29 port 35560 ssh2 Dec 4 08:55:44 vps666546 sshd\[26563\]: Invalid user developer from 180.76.150.29 port 60254 Dec 4 08:55:44 vps666546 sshd\[26563\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.150.29 ...	2019-12-04 16:36:57
195.182.22.223	attackbotsspam	Automatic report - Banned IP Access	2019-12-04 16:26:51
139.59.164.196	attackbots	139.59.164.196 - - \[04/Dec/2019:09:33:33 +0100\] "POST /wp-login.php HTTP/1.0" 200 4404 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.59.164.196 - - \[04/Dec/2019:09:33:34 +0100\] "POST /wp-login.php HTTP/1.0" 200 4236 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.59.164.196 - - \[04/Dec/2019:09:33:35 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-12-04 16:40:09
192.99.247.232	attack	Dec 4 10:43:02 sauna sshd[28262]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.247.232 Dec 4 10:43:04 sauna sshd[28262]: Failed password for invalid user 0123456 from 192.99.247.232 port 46508 ssh2 ...	2019-12-04 16:44:05
37.187.46.74	attackbotsspam	Dec 4 14:08:53 areeb-Workstation sshd[15211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.46.74 Dec 4 14:08:55 areeb-Workstation sshd[15211]: Failed password for invalid user wingefeld from 37.187.46.74 port 50886 ssh2 ...	2019-12-04 16:46:27
118.91.255.14	attackbotsspam	Dec 4 09:18:27 legacy sshd[9288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.91.255.14 Dec 4 09:18:28 legacy sshd[9288]: Failed password for invalid user brodeur from 118.91.255.14 port 46380 ssh2 Dec 4 09:24:44 legacy sshd[9675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.91.255.14 ...	2019-12-04 16:26:12
49.234.13.138	attack	Port scan on 2 port(s): 2375 2376	2019-12-04 16:26:24
209.97.137.94	attackbots	12/04/2019-07:29:01.705746 209.97.137.94 Protocol: 6 ET POLICY Cleartext WordPress Login	2019-12-04 16:21:45
61.246.33.106	attackbotsspam	Dec 4 09:22:12 sd-53420 sshd\[19881\]: Invalid user master from 61.246.33.106 Dec 4 09:22:12 sd-53420 sshd\[19881\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.246.33.106 Dec 4 09:22:14 sd-53420 sshd\[19881\]: Failed password for invalid user master from 61.246.33.106 port 45730 ssh2 Dec 4 09:28:54 sd-53420 sshd\[21099\]: User root from 61.246.33.106 not allowed because none of user's groups are listed in AllowGroups Dec 4 09:28:54 sd-53420 sshd\[21099\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.246.33.106 user=root ...	2019-12-04 16:46:11
139.162.72.191	attackspambots	Port scan: Attack repeated for 24 hours	2019-12-04 16:35:20
179.216.25.89	attackspambots	Dec 4 09:19:03 legacy sshd[9393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.216.25.89 Dec 4 09:19:05 legacy sshd[9393]: Failed password for invalid user server from 179.216.25.89 port 29079 ssh2 Dec 4 09:26:55 legacy sshd[9837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.216.25.89 ...	2019-12-04 16:49:06

Recently Reported IPs

144.17.157.107	141.85.183.187	217.99.33.6	193.90.215.182
57.130.92.39	231.175.193.190	104.131.115.14	104.131.83.213
101.132.175.186	83.34.67.237	79.137.73.76	75.143.188.17
69.172.78.17	241.107.115.120	68.183.99.42	118.109.144.162
176.76.248.5	214.54.184.128	210.39.5.103	177.240.209.215