201.99.106.67 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Mexico

Internet Service Provider: Uninet S.A. de C.V.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Invalid user ansible from 201.99.106.67 port 48097	2020-09-30 06:24:52
attackbotsspam	Invalid user ansible from 201.99.106.67 port 48097	2020-09-29 22:38:12
attack	(sshd) Failed SSH login from 201.99.106.67 (MX/Mexico/dsl-201-99-106-67-sta.prod-empresarial.com.mx): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 29 01:38:26 optimus sshd[19832]: Invalid user gpadmin from 201.99.106.67 Sep 29 01:38:26 optimus sshd[19832]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.99.106.67 Sep 29 01:38:28 optimus sshd[19832]: Failed password for invalid user gpadmin from 201.99.106.67 port 7073 ssh2 Sep 29 01:43:06 optimus sshd[24163]: Invalid user ed from 201.99.106.67 Sep 29 01:43:06 optimus sshd[24163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.99.106.67	2020-09-29 14:56:04
attack	2020-09-15T16:21:32.246676upcloud.m0sh1x2.com sshd[14348]: Invalid user postgres from 201.99.106.67 port 53185	2020-09-16 00:58:46
attackbotsspam	Sep 14 21:43:46 vmd26974 sshd[5997]: Failed password for root from 201.99.106.67 port 47073 ssh2 ...	2020-09-15 16:50:47
attackbots	3x Failed Password	2020-07-12 17:35:09
attackspambots	Jul 10 10:09:07 sso sshd[15002]: Failed password for mail from 201.99.106.67 port 58497 ssh2 ...	2020-07-10 16:58:06
attack	Invalid user prasad from 201.99.106.67 port 49570	2020-06-19 14:29:38

Comments on same subnet:

IP	Type	Details	Datetime
201.99.106.153	attackspambots	Scanning random ports - tries to find possible vulnerable services	2020-03-02 07:15:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.99.106.67
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60641
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.99.106.67.			IN	A

;; AUTHORITY SECTION:
.			269	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061900 1800 900 604800 86400

;; Query time: 36 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 19 14:29:32 CST 2020
;; MSG SIZE  rcvd: 117

Host info

67.106.99.201.in-addr.arpa domain name pointer dsl-201-99-106-67-sta.prod-empresarial.com.mx.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
67.106.99.201.in-addr.arpa	name = dsl-201-99-106-67-sta.prod-empresarial.com.mx.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.72.194.216	attack	Sep 6 20:08:07 srv01 postfix/smtpd\[26694\]: warning: unknown\[111.72.194.216\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 6 20:08:19 srv01 postfix/smtpd\[26694\]: warning: unknown\[111.72.194.216\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 6 20:08:35 srv01 postfix/smtpd\[26694\]: warning: unknown\[111.72.194.216\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 6 20:08:54 srv01 postfix/smtpd\[26694\]: warning: unknown\[111.72.194.216\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 6 20:09:06 srv01 postfix/smtpd\[26694\]: warning: unknown\[111.72.194.216\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-07 16:50:02
49.233.75.234	attackspam	Sep 7 07:00:51 ns308116 sshd[27476]: Invalid user chandra from 49.233.75.234 port 38420 Sep 7 07:00:51 ns308116 sshd[27476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.75.234 Sep 7 07:00:53 ns308116 sshd[27476]: Failed password for invalid user chandra from 49.233.75.234 port 38420 ssh2 Sep 7 07:08:05 ns308116 sshd[28559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.75.234 user=root Sep 7 07:08:07 ns308116 sshd[28559]: Failed password for root from 49.233.75.234 port 49202 ssh2 ...	2020-09-07 17:07:37
87.251.74.201	attackspambots	2020-09-06 04:59:54 Reject access to port(s):3389 1 times a day	2020-09-07 16:45:56
222.186.175.150	attackspambots	Sep 7 10:14:09 ajax sshd[12476]: Failed password for root from 222.186.175.150 port 17280 ssh2 Sep 7 10:14:13 ajax sshd[12476]: Failed password for root from 222.186.175.150 port 17280 ssh2	2020-09-07 17:14:49
58.213.116.170	attackspam	$f2bV_matches	2020-09-07 17:09:40
189.59.5.49	attackspam	(imapd) Failed IMAP login from 189.59.5.49 (BR/Brazil/orthosaude.static.gvt.net.br): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Sep 7 12:51:27 ir1 dovecot[3110802]: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=189.59.5.49, lip=5.63.12.44, TLS: Connection closed, session=	2020-09-07 16:43:05
104.199.36.222	attackbotsspam	Scanning an empty webserver with deny all robots.txt	2020-09-07 16:41:45
159.203.25.76	attackspambots	srv02 Mass scanning activity detected Target: 12415 ..	2020-09-07 16:55:59
172.110.8.121	attack	Port Scan: TCP/80	2020-09-07 17:04:34
106.54.208.123	attack	sshd: Failed password for .... from 106.54.208.123 port 56028 ssh2 (10 attempts)	2020-09-07 17:09:57
122.51.221.184	attack	$f2bV_matches	2020-09-07 17:02:18
122.168.125.226	attackbots	Sep 7 08:00:37 ip-172-31-16-56 sshd\[17434\]: Invalid user jboss from 122.168.125.226\ Sep 7 08:00:38 ip-172-31-16-56 sshd\[17434\]: Failed password for invalid user jboss from 122.168.125.226 port 52966 ssh2\ Sep 7 08:05:33 ip-172-31-16-56 sshd\[17486\]: Invalid user prueba from 122.168.125.226\ Sep 7 08:05:35 ip-172-31-16-56 sshd\[17486\]: Failed password for invalid user prueba from 122.168.125.226 port 56228 ssh2\ Sep 7 08:10:29 ip-172-31-16-56 sshd\[17586\]: Failed password for root from 122.168.125.226 port 59480 ssh2\	2020-09-07 16:53:27
86.248.198.40	attackspam	Lines containing failures of 86.248.198.40 Aug 31 05:17:34 newdogma sshd[21663]: Invalid user www from 86.248.198.40 port 56866 Aug 31 05:17:34 newdogma sshd[21663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.248.198.40 Aug 31 05:17:36 newdogma sshd[21663]: Failed password for invalid user www from 86.248.198.40 port 56866 ssh2 Aug 31 05:17:38 newdogma sshd[21663]: Received disconnect from 86.248.198.40 port 56866:11: Bye Bye [preauth] Aug 31 05:17:38 newdogma sshd[21663]: Disconnected from invalid user www 86.248.198.40 port 56866 [preauth] Aug 31 05:17:58 newdogma sshd[21770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.248.198.40 user=r.r Aug 31 05:18:00 newdogma sshd[21770]: Failed password for r.r from 86.248.198.40 port 57786 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=86.248.198.40	2020-09-07 17:13:55
45.142.120.179	attackspam	Sep 7 10:14:04 mail postfix/smtpd\[29958\]: warning: unknown\[45.142.120.179\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 7 10:44:34 mail postfix/smtpd\[32373\]: warning: unknown\[45.142.120.179\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 7 10:45:13 mail postfix/smtpd\[32373\]: warning: unknown\[45.142.120.179\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 7 10:45:51 mail postfix/smtpd\[32684\]: warning: unknown\[45.142.120.179\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-09-07 16:50:50
188.166.217.55	attack	Failed password for invalid user nginx from 188.166.217.55 port 50470 ssh2	2020-09-07 17:16:16

Recently Reported IPs

98.137.246.7	197.33.57.131	189.89.18.191	81.221.254.153
197.60.101.142	111.231.145.104	45.176.213.31	23.227.163.62
216.98.197.2	119.23.40.166	115.236.49.53	45.145.66.10
139.99.104.233	77.106.166.0	45.175.97.126	84.19.37.148
183.79.16.116	203.216.5.115	60.250.77.196	45.175.3.244