13.68.158.99 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Sep 25 19:22:04 vpn01 sshd[8736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 Sep 25 19:22:06 vpn01 sshd[8736]: Failed password for invalid user it from 13.68.158.99 port 36958 ssh2 ...	2020-09-26 04:56:54
attackspambots	Invalid user ssl from 13.68.158.99 port 38152	2020-09-25 21:48:37
attackbots	2020-09-25T08:23:55.063090snf-827550 sshd[3624]: Invalid user wkiconsole from 13.68.158.99 port 50266 2020-09-25T08:23:57.485550snf-827550 sshd[3624]: Failed password for invalid user wkiconsole from 13.68.158.99 port 50266 ssh2 2020-09-25T08:26:21.078377snf-827550 sshd[4204]: Invalid user deploy from 13.68.158.99 port 33168 ...	2020-09-25 13:28:23
attackbotsspam	2020-09-18T00:43:01.288531Z 8fd3ed8cf1d1 New connection: 13.68.158.99:49514 (172.17.0.2:2222) [session: 8fd3ed8cf1d1] 2020-09-18T00:51:04.055878Z f75d971dddd4 New connection: 13.68.158.99:49832 (172.17.0.2:2222) [session: f75d971dddd4]	2020-09-18 19:44:27
attackspambots	2020-09-18T00:43:01.288531Z 8fd3ed8cf1d1 New connection: 13.68.158.99:49514 (172.17.0.2:2222) [session: 8fd3ed8cf1d1] 2020-09-18T00:51:04.055878Z f75d971dddd4 New connection: 13.68.158.99:49832 (172.17.0.2:2222) [session: f75d971dddd4]	2020-09-18 12:01:49
attack	Sep 17 19:12:13 host2 sshd[2130438]: Failed password for root from 13.68.158.99 port 40218 ssh2 Sep 17 19:16:20 host2 sshd[2130673]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 user=root Sep 17 19:16:23 host2 sshd[2130673]: Failed password for root from 13.68.158.99 port 53750 ssh2 Sep 17 19:16:20 host2 sshd[2130673]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 user=root Sep 17 19:16:23 host2 sshd[2130673]: Failed password for root from 13.68.158.99 port 53750 ssh2 ...	2020-09-18 02:15:02
attack	Aug 29 06:23:31 srv-ubuntu-dev3 sshd[31973]: Invalid user user from 13.68.158.99 Aug 29 06:23:31 srv-ubuntu-dev3 sshd[31973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 Aug 29 06:23:31 srv-ubuntu-dev3 sshd[31973]: Invalid user user from 13.68.158.99 Aug 29 06:23:33 srv-ubuntu-dev3 sshd[31973]: Failed password for invalid user user from 13.68.158.99 port 56704 ssh2 Aug 29 06:26:22 srv-ubuntu-dev3 sshd[38260]: Invalid user xq from 13.68.158.99 Aug 29 06:26:22 srv-ubuntu-dev3 sshd[38260]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 Aug 29 06:26:22 srv-ubuntu-dev3 sshd[38260]: Invalid user xq from 13.68.158.99 Aug 29 06:26:24 srv-ubuntu-dev3 sshd[38260]: Failed password for invalid user xq from 13.68.158.99 port 40666 ssh2 Aug 29 06:29:03 srv-ubuntu-dev3 sshd[38594]: Invalid user wzt from 13.68.158.99 ...	2020-08-29 12:35:07
attack	Aug 28 16:27:08 vpn01 sshd[23420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 Aug 28 16:27:10 vpn01 sshd[23420]: Failed password for invalid user lxw from 13.68.158.99 port 45828 ssh2 ...	2020-08-28 22:37:37
attackbots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-08-28 17:24:02
attack	failed root login	2020-08-24 09:22:42
attackbots	2020-08-18T09:51:28.565541afi-git.jinr.ru sshd[12282]: Invalid user temp1 from 13.68.158.99 port 49462 2020-08-18T09:51:28.568837afi-git.jinr.ru sshd[12282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 2020-08-18T09:51:28.565541afi-git.jinr.ru sshd[12282]: Invalid user temp1 from 13.68.158.99 port 49462 2020-08-18T09:51:30.607317afi-git.jinr.ru sshd[12282]: Failed password for invalid user temp1 from 13.68.158.99 port 49462 ssh2 2020-08-18T09:55:37.347197afi-git.jinr.ru sshd[13319]: Invalid user centos from 13.68.158.99 port 58772 ...	2020-08-18 15:25:53
attackspambots	Failed password for invalid user cm from 13.68.158.99 port 46674 ssh2	2020-07-20 16:29:06
attackbots	2020-07-11T14:36:08.585082mail.broermann.family sshd[17241]: Invalid user trips from 13.68.158.99 port 51974 2020-07-11T14:36:08.591732mail.broermann.family sshd[17241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 2020-07-11T14:36:08.585082mail.broermann.family sshd[17241]: Invalid user trips from 13.68.158.99 port 51974 2020-07-11T14:36:10.122144mail.broermann.family sshd[17241]: Failed password for invalid user trips from 13.68.158.99 port 51974 ssh2 2020-07-11T14:38:56.627913mail.broermann.family sshd[17321]: Invalid user tianxin from 13.68.158.99 port 40594 ...	2020-07-11 23:52:06
attackbots	(sshd) Failed SSH login from 13.68.158.99 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 10 08:53:38 amsweb01 sshd[20886]: Invalid user dhar from 13.68.158.99 port 38252 Jul 10 08:53:41 amsweb01 sshd[20886]: Failed password for invalid user dhar from 13.68.158.99 port 38252 ssh2 Jul 10 09:02:09 amsweb01 sshd[22354]: Invalid user help from 13.68.158.99 port 57434 Jul 10 09:02:11 amsweb01 sshd[22354]: Failed password for invalid user help from 13.68.158.99 port 57434 ssh2 Jul 10 09:05:22 amsweb01 sshd[22808]: Invalid user klaus from 13.68.158.99 port 55212	2020-07-10 18:45:17
attackbotsspam	$f2bV_matches	2020-07-10 05:04:11
attackspambots	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-07-05 17:13:28
attack	Invalid user chaowei from 13.68.158.99 port 43374	2020-06-18 02:22:39
attack	Jun 16 15:27:06 vpn01 sshd[28948]: Failed password for root from 13.68.158.99 port 54424 ssh2 ...	2020-06-16 21:41:34
attackspambots	2020-06-14T14:49:33.5425271240 sshd\[13991\]: Invalid user nadjani from 13.68.158.99 port 41680 2020-06-14T14:49:33.5461661240 sshd\[13991\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 2020-06-14T14:49:35.1115701240 sshd\[13991\]: Failed password for invalid user nadjani from 13.68.158.99 port 41680 ssh2 ...	2020-06-14 22:20:17
attack	DATE:2020-06-04 22:24:23, IP:13.68.158.99, PORT:ssh SSH brute force auth (docker-dc)	2020-06-05 04:44:42
attackbotsspam	Jun 3 13:43:16 vlre-nyc-1 sshd\[12719\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 user=root Jun 3 13:43:18 vlre-nyc-1 sshd\[12719\]: Failed password for root from 13.68.158.99 port 47200 ssh2 Jun 3 13:47:03 vlre-nyc-1 sshd\[12800\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 user=root Jun 3 13:47:04 vlre-nyc-1 sshd\[12800\]: Failed password for root from 13.68.158.99 port 53046 ssh2 Jun 3 13:50:41 vlre-nyc-1 sshd\[12882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 user=root ...	2020-06-03 23:10:14
attackspambots	May 29 07:50:14 home sshd[22996]: Failed password for root from 13.68.158.99 port 41946 ssh2 May 29 07:54:27 home sshd[23356]: Failed password for root from 13.68.158.99 port 50140 ssh2 ...	2020-05-29 14:24:32
attackspam	May 10 09:14:49 web1 sshd[31917]: Invalid user ventas from 13.68.158.99 port 56318 May 10 09:14:49 web1 sshd[31917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 May 10 09:14:49 web1 sshd[31917]: Invalid user ventas from 13.68.158.99 port 56318 May 10 09:14:51 web1 sshd[31917]: Failed password for invalid user ventas from 13.68.158.99 port 56318 ssh2 May 10 09:26:15 web1 sshd[2320]: Invalid user hadoop from 13.68.158.99 port 46330 May 10 09:26:15 web1 sshd[2320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 May 10 09:26:15 web1 sshd[2320]: Invalid user hadoop from 13.68.158.99 port 46330 May 10 09:26:17 web1 sshd[2320]: Failed password for invalid user hadoop from 13.68.158.99 port 46330 ssh2 May 10 09:30:15 web1 sshd[3340]: Invalid user postgres from 13.68.158.99 port 56402 ...	2020-05-10 08:26:23
attack	May 7 01:59:20 ncomp sshd[16939]: Invalid user testtest from 13.68.158.99 May 7 01:59:20 ncomp sshd[16939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 May 7 01:59:20 ncomp sshd[16939]: Invalid user testtest from 13.68.158.99 May 7 01:59:23 ncomp sshd[16939]: Failed password for invalid user testtest from 13.68.158.99 port 37070 ssh2	2020-05-07 08:29:26
attackbots	Lines containing failures of 13.68.158.99 (max 1000) May 4 01:50:37 localhost sshd[21305]: Invalid user cosmos from 13.68.158.99 port 40338 May 4 01:50:37 localhost sshd[21305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 May 4 01:50:38 localhost sshd[21305]: Failed password for invalid user cosmos from 13.68.158.99 port 40338 ssh2 May 4 01:50:40 localhost sshd[21305]: Received disconnect from 13.68.158.99 port 40338:11: Bye Bye [preauth] May 4 01:50:40 localhost sshd[21305]: Disconnected from invalid user cosmos 13.68.158.99 port 40338 [preauth] May 4 02:02:54 localhost sshd[26826]: Invalid user nal from 13.68.158.99 port 47146 May 4 02:02:54 localhost sshd[26826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 May 4 02:02:56 localhost sshd[26826]: Failed password for invalid user nal from 13.68.158.99 port 47146 ssh2 May 4 02:02:59 localhost sshd[26........ ------------------------------	2020-05-06 05:15:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.68.158.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19535
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;13.68.158.99.			IN	A

;; AUTHORITY SECTION:
.			561	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050501 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 06 05:15:38 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 99.158.68.13.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 99.158.68.13.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.249.79.149	attackbotsspam	Automatic report BANNED IP	2020-06-17 04:13:50
216.45.23.6	attackspam	Jun 16 18:08:23 ns381471 sshd[20222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.45.23.6 Jun 16 18:08:24 ns381471 sshd[20222]: Failed password for invalid user ta from 216.45.23.6 port 55319 ssh2	2020-06-17 04:26:25
139.59.243.224	attack	5x Failed Password	2020-06-17 04:37:00
103.250.145.150	attackspambots	Unauthorized connection attempt from IP address 103.250.145.150 on Port 445(SMB)	2020-06-17 04:26:43
124.123.80.97	attack	Unauthorized connection attempt from IP address 124.123.80.97 on Port 445(SMB)	2020-06-17 04:40:14
111.229.57.138	attackbotsspam	Jun 16 14:50:54 Tower sshd[10298]: Connection from 111.229.57.138 port 48462 on 192.168.10.220 port 22 rdomain "" Jun 16 14:50:58 Tower sshd[10298]: Invalid user leonardo from 111.229.57.138 port 48462 Jun 16 14:50:58 Tower sshd[10298]: error: Could not get shadow information for NOUSER Jun 16 14:50:58 Tower sshd[10298]: Failed password for invalid user leonardo from 111.229.57.138 port 48462 ssh2 Jun 16 14:50:59 Tower sshd[10298]: Received disconnect from 111.229.57.138 port 48462:11: Bye Bye [preauth] Jun 16 14:50:59 Tower sshd[10298]: Disconnected from invalid user leonardo 111.229.57.138 port 48462 [preauth]	2020-06-17 04:44:45
201.191.152.99	attackspambots	Automatic report - Port Scan Attack	2020-06-17 04:11:13
49.234.98.155	attackspam	2020-06-16T17:57:24.926353abusebot-8.cloudsearch.cf sshd[31871]: Invalid user tomcat from 49.234.98.155 port 60998 2020-06-16T17:57:24.939710abusebot-8.cloudsearch.cf sshd[31871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.98.155 2020-06-16T17:57:24.926353abusebot-8.cloudsearch.cf sshd[31871]: Invalid user tomcat from 49.234.98.155 port 60998 2020-06-16T17:57:26.682127abusebot-8.cloudsearch.cf sshd[31871]: Failed password for invalid user tomcat from 49.234.98.155 port 60998 ssh2 2020-06-16T18:02:20.501801abusebot-8.cloudsearch.cf sshd[32127]: Invalid user leon from 49.234.98.155 port 56718 2020-06-16T18:02:20.513683abusebot-8.cloudsearch.cf sshd[32127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.98.155 2020-06-16T18:02:20.501801abusebot-8.cloudsearch.cf sshd[32127]: Invalid user leon from 49.234.98.155 port 56718 2020-06-16T18:02:22.557394abusebot-8.cloudsearch.cf sshd[32127]: Faile ...	2020-06-17 04:35:49
198.245.51.185	attackspam	IP blocked	2020-06-17 04:08:28
111.93.60.154	attack	Unauthorized connection attempt from IP address 111.93.60.154 on Port 445(SMB)	2020-06-17 04:17:35
209.150.146.126	attack	Unauthorized connection attempt from IP address 209.150.146.126 on Port 445(SMB)	2020-06-17 04:19:01
69.59.79.3	attackbots	Jun 16 19:26:32 sso sshd[32598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.59.79.3 Jun 16 19:26:34 sso sshd[32598]: Failed password for invalid user ernest from 69.59.79.3 port 60568 ssh2 ...	2020-06-17 04:23:32
194.61.24.37	attackspambots	trying to access non-authorized port	2020-06-17 04:07:04
77.247.181.162	attackspambots	SSH brutforce	2020-06-17 04:09:16
156.96.156.37	attackbotsspam	[2020-06-16 16:09:02] NOTICE[1273][C-000017e9] chan_sip.c: Call from '' (156.96.156.37:64699) to extension '+01146462607512' rejected because extension not found in context 'public'. [2020-06-16 16:09:02] SECURITY[1288] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-06-16T16:09:02.225-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="+01146462607512",SessionID="0x7f31c018ea98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/156.96.156.37/64699",ACLName="no_extension_match" [2020-06-16 16:10:26] NOTICE[1273][C-000017ea] chan_sip.c: Call from '' (156.96.156.37:52181) to extension '501146462607512' rejected because extension not found in context 'public'. [2020-06-16 16:10:26] SECURITY[1288] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-06-16T16:10:26.609-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="501146462607512",SessionID="0x7f31c02f7128",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/ ...	2020-06-17 04:27:20

Recently Reported IPs

51.15.220.241	49.232.9.198	112.133.219.236	1.162.145.143
159.65.4.147	90.63.235.122	69.195.234.8	203.115.107.227
192.180.88.122	175.139.194.125	202.90.199.206	4.16.36.18
157.245.1.189	212.1.76.83	177.28.166.124	212.156.82.102
111.150.90.90	78.26.143.31	117.87.2.121	218.210.62.96