106.13.99.221 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	$f2bV_matches	2020-03-19 08:14:06
attackspam	bruteforce detected	2020-03-18 13:46:06
attackbotsspam	Invalid user test from 106.13.99.221 port 40784	2020-01-04 04:39:44
attackbotsspam	Jan 3 09:44:39 ws26vmsma01 sshd[52265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.221 Jan 3 09:44:41 ws26vmsma01 sshd[52265]: Failed password for invalid user vision from 106.13.99.221 port 60056 ssh2 ...	2020-01-03 17:48:27
attack	Apr 21 02:27:36 yesfletchmain sshd\[9071\]: Invalid user Anttoni from 106.13.99.221 port 56222 Apr 21 02:27:36 yesfletchmain sshd\[9071\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.221 Apr 21 02:27:38 yesfletchmain sshd\[9071\]: Failed password for invalid user Anttoni from 106.13.99.221 port 56222 ssh2 Apr 21 02:31:17 yesfletchmain sshd\[9303\]: Invalid user sftptest from 106.13.99.221 port 51190 Apr 21 02:31:17 yesfletchmain sshd\[9303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.221 ...	2019-12-23 21:44:33
attackspambots	Dec 18 12:26:51 server sshd\[5879\]: Invalid user wwwrun from 106.13.99.221 Dec 18 12:26:51 server sshd\[5879\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.221 Dec 18 12:26:52 server sshd\[5879\]: Failed password for invalid user wwwrun from 106.13.99.221 port 40386 ssh2 Dec 18 12:36:52 server sshd\[8716\]: Invalid user caserza from 106.13.99.221 Dec 18 12:36:52 server sshd\[8716\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.221 ...	2019-12-18 21:19:05
attackspambots	Dec 14 12:47:12 eddieflores sshd\[7110\]: Invalid user vl from 106.13.99.221 Dec 14 12:47:12 eddieflores sshd\[7110\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.221 Dec 14 12:47:14 eddieflores sshd\[7110\]: Failed password for invalid user vl from 106.13.99.221 port 43288 ssh2 Dec 14 12:52:08 eddieflores sshd\[7531\]: Invalid user iitd from 106.13.99.221 Dec 14 12:52:08 eddieflores sshd\[7531\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.221	2019-12-15 07:08:20
attack	Automated report - ssh fail2ban: Jul 27 09:09:03 wrong password, user=root, port=41250, ssh2 Jul 27 09:11:41 wrong password, user=root, port=33876, ssh2	2019-07-27 20:11:13
attack	$f2bV_matches	2019-07-15 03:35:06
attackbotsspam	Jul 11 17:43:22 MK-Soft-VM4 sshd\[15254\]: Invalid user svn from 106.13.99.221 port 38158 Jul 11 17:43:22 MK-Soft-VM4 sshd\[15254\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.221 Jul 11 17:43:24 MK-Soft-VM4 sshd\[15254\]: Failed password for invalid user svn from 106.13.99.221 port 38158 ssh2 ...	2019-07-12 06:09:04

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.99.39	attackspam	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-09-25 04:46:58
106.13.99.107	attack	prod8 ...	2020-09-19 20:48:12
106.13.99.107	attackbotsspam	2020-09-18T22:48:25.464526paragon sshd[167838]: Failed password for root from 106.13.99.107 port 45590 ssh2 2020-09-18T22:50:45.072868paragon sshd[167914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root 2020-09-18T22:50:46.818378paragon sshd[167914]: Failed password for root from 106.13.99.107 port 52748 ssh2 2020-09-18T22:53:07.949543paragon sshd[167997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root 2020-09-18T22:53:10.522963paragon sshd[167997]: Failed password for root from 106.13.99.107 port 59898 ssh2 ...	2020-09-19 04:22:09
106.13.99.107	attackspambots	Sep 13 08:21:21 george sshd[28987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root Sep 13 08:21:24 george sshd[28987]: Failed password for root from 106.13.99.107 port 51700 ssh2 Sep 13 08:26:08 george sshd[30645]: Invalid user aster from 106.13.99.107 port 56496 Sep 13 08:26:08 george sshd[30645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 Sep 13 08:26:10 george sshd[30645]: Failed password for invalid user aster from 106.13.99.107 port 56496 ssh2 ...	2020-09-13 21:20:38
106.13.99.107	attack	SSH-BruteForce	2020-09-13 13:14:05
106.13.99.107	attackspambots	Sep 12 22:48:03 vpn01 sshd[24871]: Failed password for root from 106.13.99.107 port 33648 ssh2 ...	2020-09-13 05:00:19
106.13.99.107	attackspam	[SID2] Fail2ban detected 5 failed SSH login attempts within 30 minutes. This report was submitted automatically.	2020-09-11 20:43:33
106.13.99.107	attackspam	Sep 11 05:24:29 ovpn sshd\[23699\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root Sep 11 05:24:30 ovpn sshd\[23699\]: Failed password for root from 106.13.99.107 port 47644 ssh2 Sep 11 05:33:51 ovpn sshd\[26025\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root Sep 11 05:33:54 ovpn sshd\[26025\]: Failed password for root from 106.13.99.107 port 33540 ssh2 Sep 11 05:38:40 ovpn sshd\[27190\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root	2020-09-11 12:51:28
106.13.99.107	attackbotsspam	Sep 10 18:54:17 marvibiene sshd[11503]: Failed password for root from 106.13.99.107 port 39592 ssh2 Sep 10 18:56:35 marvibiene sshd[11627]: Failed password for root from 106.13.99.107 port 34220 ssh2 Sep 10 18:58:36 marvibiene sshd[11730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107	2020-09-11 05:10:43
106.13.99.107	attackbotsspam	2020-09-09T23:28:42.869692dreamphreak.com sshd[268803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root 2020-09-09T23:28:45.228163dreamphreak.com sshd[268803]: Failed password for root from 106.13.99.107 port 45136 ssh2 ...	2020-09-10 20:22:33
106.13.99.107	attackbots	Sep 9 23:40:42 ovpn sshd\[29522\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root Sep 9 23:40:44 ovpn sshd\[29522\]: Failed password for root from 106.13.99.107 port 38290 ssh2 Sep 9 23:53:30 ovpn sshd\[32680\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root Sep 9 23:53:32 ovpn sshd\[32680\]: Failed password for root from 106.13.99.107 port 60394 ssh2 Sep 9 23:57:33 ovpn sshd\[1223\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 user=root	2020-09-10 12:12:25
106.13.99.107	attackbots	$f2bV_matches	2020-09-10 02:58:45
106.13.99.107	attackspam	Sep 3 00:08:01 itv-usvr-01 sshd[15170]: Invalid user biadmin from 106.13.99.107 Sep 3 00:08:01 itv-usvr-01 sshd[15170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 Sep 3 00:08:01 itv-usvr-01 sshd[15170]: Invalid user biadmin from 106.13.99.107 Sep 3 00:08:04 itv-usvr-01 sshd[15170]: Failed password for invalid user biadmin from 106.13.99.107 port 40956 ssh2 Sep 3 00:17:02 itv-usvr-01 sshd[15710]: Invalid user back from 106.13.99.107	2020-09-03 02:43:17
106.13.99.107	attackbotsspam	May 4 20:30:10 ms-srv sshd[52612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.99.107 May 4 20:30:12 ms-srv sshd[52612]: Failed password for invalid user p from 106.13.99.107 port 41922 ssh2	2020-09-02 18:15:10
106.13.99.107	attackspam	SSH Invalid Login	2020-08-29 08:25:24

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.99.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16342
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.99.221.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 16 22:09:20 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 221.99.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.3, trying next server
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 221.99.13.106.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
160.116.78.168	spamattack	Attempted to hack my Binanca Account	2021-06-30 04:06:14
95.172.59.182	attack	Attack Mikrotik via Dude	2021-06-20 19:31:03
142.247.0.27	spambotsattackproxynormal	Check the all host in the ip also point the effect Device if find it	2021-06-23 12:59:24
182.112.30.207	attack	ET EXPLOIT Netgear DGN Remote Command Execution Attempted Information Leak	2021-06-29 00:19:11
91.196.38.10	spambotsattackproxynormal	Fenkyu	2021-07-04 05:04:31
135.125.236.247	spamattack	PHISHING AND SPAM ATTACK 135.125.236.247 Woolworths - info@showersession.live, Woolworths is offering YOU amazing products and discounts on our best items!, 28 Jun 2021 NetName: RIPE NetRange: 135.125.0.0 - 135.125.255.255 Other emails from same group 135.125.236.247 Woolworths - info@showersession.live, Woolworths is offering YOU amazing products and discounts on our best items!, 28 Jun 2021	2021-06-29 06:51:45
185.106.31.207	attack	Down	2021-06-15 06:31:56
69.65.62.70	spamattack	PHISHING AND SPAM ATTACK 69.65.62.70 123Greetings - specials@123g.biz - Does This Fat Molecule Cause Diabetes?, 9 Jun 2021 OrgName: GigeNET NetRange: 69.65.0.0 - 69.65.63.255 Other emails from same group 69.65.62.70 123Greetings - specials@123g.biz - Does This Fat Molecule Cause Diabetes?, 9 Jun 2021 69.65.62.75 123Greetings - specials@123g.biz - This Firefighter's Secret Relaxes Blood Pressure, Wed, 21 Apr 2021 69.65.62.76 123Greetings - specials@123g.biz - How To Treat Toenail Fungus, According To Doctors, Mon, 3 May 2021 69.65.62.80 123Greetings - specials@123g.biz - Miracle Ingredients Reverse Type II Diabetes, Wed, 14 Apr 2021 69.65.62.81 123Greetings - specials@123g.biz - This Firefighter's Secret Relaxes Blood Pressure, Thu, 06 May 2021 69.65.62.87 123Greetings - specials@123g.biz - Deadly Brain Disease That Can Happen To Anyone, Tue, 20 Apr 2021 69.65.62.112 123Greetings - specials@123g.biz - This Firefighter's Secret Relaxes Blood Pressure, Sat, 17 Apr 2021 NOTE Take care with cards from 123Greetings.com, it uses 69.65.62.0/25 as above	2021-06-11 07:21:10
168.235.111.68	bots	Saya butuh prediksi hk buat bayar utang	2021-07-02 17:37:51
140.213.156.124	spambotsattackproxynormal	html.ip address140.213.156.124	2021-06-30 17:08:23
174.247.241.94	spambotsattackproxy	Hacker	2021-06-24 08:45:20
185.222.57.143	spamattack	PHISHING AND SPAM ATTACK 185.222.57.143 M. Ahmed Bilwani - jiovieno@marketresearch.com, PAYMENT REMINDER, 18 Jun 2021 person: K.M. Badrul Alam address: Naherins Domain, 134/7 B, Furfura Sharif Road, Darus Salam inetnum: 45.128.0.0 - 45.159.255.255 185.222.57.0 - 185.222.57.255 Other emails from same group are listed below as PHISHING AND SPAM ATTACK as well as; 45.137.22.37 Engr. Ghazanfar Raza - ghazanfar@sgbmdxb.com - NEW ORDER, 17 May 2021 45.137.22.37 M. Ahmed Bilwani - editorial@thejakartapost.com - OUTSTANDING PAYMENT REMINDER, 17 May 2021 45.137.22.44 Barbara Liu liuli.hgxs@sinopec.com, Req Invoice, 27 May 2021 185.222.57.140 FUKUSEN (SALES DEPT) - fukusen-ikari@alpha.ocn.ne.jp - RE: Confirmation Order for PO # B18024091/02730918, 4 May 2021 21:38:19 185.222.57.140 Julie shi - shifulan@sinotrans.com - RE: SATEMENT OF ACCOUNT, 5 May 2021 185.222.57.140 Jason Kim - jason@wscorporation.co.kr - Enquiry # A87983T - Fittings and Flanges for LNG project, 30 Apr 2021 185.222.57.140 Jason Kim - jason@wscorporation.co.kr - Enquiry # A87983T - Fittings and Flanges for LNG project, Mon, 26 Apr 2021 185.222.57.140 Jason Kim - jason@wscorporation.co.kr - Enquiry # A87983T - Fittings and Flanges for LNG project, Sun, 25 Apr 2021 185.222.57.140 Magdi Amin - areej@alamalcargo.com - RE: New Order, 6 May 2021 185.222.57.143 Mr. Ahmed Bilwani - daniel.robinson@compelo.com, OUTSTANDING PAYMENT REMINDER, 13 Jun 2021 185.222.57.143 Barbara Liu / 刘莉 - liuli.hgxs"@sinopec.com, Payment confirmation, 13 Jun 2021	2021-06-19 07:14:32
185.63.253.200	attack	Bokep	2021-07-01 00:49:36
103.156.82.33	spamattack	PHISHING AND SPAM ATTACK 103.156.82.33 Ford Puma - info@ticketone.buzz, Drive's Car of the Year Best Light SUV. Book a TEST DRIVE, 07 Jun 2021 inetnum: 103.156.82.1 - 103.156.82.127 netname: PDSA_Putrajaya org: IRT-MAMPUPDSA-MY country: MY	2021-06-24 07:17:56
196.19.205.146	attack	Try to hack my id	2021-06-29 13:32:36

最近上报的IP列表

121.46.93.230	185.65.134.174	69.90.66.150	52.3.81.77
103.102.193.146	151.25.92.233	140.115.34.206	94.158.83.31
54.38.198.97	14.137.82.140	1.54.209.110	49.76.124.121
2607:f8b0:4000:813::200e	203.190.113.180	119.123.62.155	180.248.245.61
79.106.209.205	208.123.158.212	54.38.198.195	104.244.78.233