106.42.99.236 - IPInfo

Basic Info

City: Zhengzhou

Region: Henan

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
106.42.99.56	attack	Unauthorized connection attempt detected from IP address 106.42.99.56 to port 139 [T]	2020-05-20 08:58:01
106.42.99.252	attackbots	Unauthorized connection attempt detected from IP address 106.42.99.252 to port 139 [T]	2020-05-20 08:57:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.42.99.236
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49804
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.42.99.236.			IN	A

;; AUTHORITY SECTION:
.			595	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020112400 1800 900 604800 86400

;; Query time: 21 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 24 15:01:20 CST 2020
;; MSG SIZE  rcvd: 117

Host info

236.99.42.106.in-addr.arpa has no PTR record

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 236.99.42.106.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
78.108.91.17	attackbots	Brute force attempt	2019-10-19 14:50:29
112.78.1.86	attackbotsspam	techno.ws 112.78.1.86 \[19/Oct/2019:05:54:40 +0200\] "POST /wp-login.php HTTP/1.1" 200 5604 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" techno.ws 112.78.1.86 \[19/Oct/2019:05:54:42 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4070 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-10-19 14:31:29
74.15.19.171	attack	Oct 17 22:28:24 vegas sshd[30763]: Invalid user admin from 74.15.19.171 port 47930 Oct 17 22:28:24 vegas sshd[30763]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.15.19.171 Oct 17 22:28:26 vegas sshd[30763]: Failed password for invalid user admin from 74.15.19.171 port 47930 ssh2 Oct 17 22:33:52 vegas sshd[31762]: Invalid user ubuntu from 74.15.19.171 port 49478 Oct 17 22:33:52 vegas sshd[31762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.15.19.171 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=74.15.19.171	2019-10-19 14:52:36
79.232.54.40	attack	Automatic report - Port Scan	2019-10-19 14:42:57
68.183.142.240	attackbotsspam	Oct 19 05:42:29 mail1 sshd\[24838\]: Invalid user platao from 68.183.142.240 port 37256 Oct 19 05:42:29 mail1 sshd\[24838\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.142.240 Oct 19 05:42:31 mail1 sshd\[24838\]: Failed password for invalid user platao from 68.183.142.240 port 37256 ssh2 Oct 19 05:54:40 mail1 sshd\[30260\]: Invalid user cam from 68.183.142.240 port 33076 Oct 19 05:54:40 mail1 sshd\[30260\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.142.240 ...	2019-10-19 14:33:58
132.232.126.232	attack	Oct 19 09:01:14 site3 sshd\[102898\]: Invalid user Lolita123 from 132.232.126.232 Oct 19 09:01:14 site3 sshd\[102898\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.126.232 Oct 19 09:01:17 site3 sshd\[102898\]: Failed password for invalid user Lolita123 from 132.232.126.232 port 44996 ssh2 Oct 19 09:07:20 site3 sshd\[102950\]: Invalid user Projekt-123 from 132.232.126.232 Oct 19 09:07:20 site3 sshd\[102950\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.126.232 ...	2019-10-19 14:22:44
138.197.188.208	attackbots	Lines containing failures of 138.197.188.208 Oct 18 23:57:51 kvm05 sshd[29315]: Did not receive identification string from 138.197.188.208 port 60826 Oct 18 23:57:51 kvm05 sshd[29317]: Did not receive identification string from 138.197.188.208 port 44214 Oct 19 00:01:27 kvm05 sshd[29572]: Invalid user postgres from 138.197.188.208 port 54130 Oct 19 00:01:27 kvm05 sshd[29573]: Invalid user postgres from 138.197.188.208 port 42510 Oct 19 00:01:27 kvm05 sshd[29572]: Received disconnect from 138.197.188.208 port 54130:11: Normal Shutdown, Thank you for playing [preauth] Oct 19 00:01:27 kvm05 sshd[29572]: Disconnected from invalid user postgres 138.197.188.208 port 54130 [preauth] Oct 19 00:01:27 kvm05 sshd[29573]: Received disconnect from 138.197.188.208 port 42510:11: Normal Shutdown, Thank you for playing [preauth] Oct 19 00:01:27 kvm05 sshd[29573]: Disconnected from invalid user postgres 138.197.188.208 port 42510 [preauth] Oct 19 00:01:54 kvm05 sshd[29592]: Invalid user ........ ------------------------------	2019-10-19 14:53:29
164.132.102.168	attack	Invalid user demo from 164.132.102.168 port 39812	2019-10-19 14:40:30
61.76.169.138	attackspambots	Oct 19 03:06:51 firewall sshd[4947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.76.169.138 Oct 19 03:06:51 firewall sshd[4947]: Invalid user weed from 61.76.169.138 Oct 19 03:06:53 firewall sshd[4947]: Failed password for invalid user weed from 61.76.169.138 port 23655 ssh2 ...	2019-10-19 14:56:24
165.22.189.217	attackbots	$f2bV_matches	2019-10-19 14:38:29
185.173.35.1	attackspam	scan z	2019-10-19 14:24:49
198.108.67.128	attack	10/19/2019-01:59:17.560070 198.108.67.128 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-19 15:00:34
104.131.189.116	attack	Oct 19 08:04:54 * sshd[1396]: Failed password for root from 104.131.189.116 port 45536 ssh2	2019-10-19 14:25:36
186.209.72.144	attackbotsspam	Oct 19 06:19:31 game-panel sshd[9508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.209.72.144 Oct 19 06:19:33 game-panel sshd[9508]: Failed password for invalid user pi from 186.209.72.144 port 41928 ssh2 Oct 19 06:24:52 game-panel sshd[9695]: Failed password for root from 186.209.72.144 port 55880 ssh2	2019-10-19 14:37:43
51.77.137.211	attackspam	Oct 19 07:13:16 legacy sshd[31696]: Failed password for root from 51.77.137.211 port 57400 ssh2 Oct 19 07:17:06 legacy sshd[31786]: Failed password for root from 51.77.137.211 port 41628 ssh2 ...	2019-10-19 14:40:02

Recently Reported IPs

104.248.200.247	142.93.223.11	27.115.119.150	77.49.238.215
217.113.19.38	85.174.236.58	218.147.189.191	221.34.6.82
45.92.126.106	79.76.140.40	151.247.105.23	219.59.6.116
219.59.6.118	162.182.1.1	52.151.23.153	52.152.217.68
40.121.85.248	104.81.234.36	202.187.242.200	155.133.250.6