106.13.0.196 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Feb 29 19:12:21 hanapaa sshd\[3663\]: Invalid user plex from 106.13.0.196 Feb 29 19:12:21 hanapaa sshd\[3663\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.0.196 Feb 29 19:12:23 hanapaa sshd\[3663\]: Failed password for invalid user plex from 106.13.0.196 port 43998 ssh2 Feb 29 19:16:55 hanapaa sshd\[4104\]: Invalid user admin from 106.13.0.196 Feb 29 19:16:55 hanapaa sshd\[4104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.0.196	2020-03-01 13:33:28

Type

Details

Datetime

attackbots

Feb 29 19:12:21 hanapaa sshd\[3663\]: Invalid user plex from 106.13.0.196
Feb 29 19:12:21 hanapaa sshd\[3663\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.0.196
Feb 29 19:12:23 hanapaa sshd\[3663\]: Failed password for invalid user plex from 106.13.0.196 port 43998 ssh2
Feb 29 19:16:55 hanapaa sshd\[4104\]: Invalid user admin from 106.13.0.196
Feb 29 19:16:55 hanapaa sshd\[4104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.0.196

2020-03-01 13:33:28

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.0.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1473
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.0.196.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030100 1800 900 604800 86400

;; Query time: 204 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 01 13:33:22 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 196.0.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 196.0.13.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
152.136.114.118	attackbotsspam	May 11 22:30:51 localhost sshd\[9315\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.114.118 user=root May 11 22:30:53 localhost sshd\[9315\]: Failed password for root from 152.136.114.118 port 56278 ssh2 May 11 22:34:56 localhost sshd\[9392\]: Invalid user ca from 152.136.114.118 May 11 22:34:56 localhost sshd\[9392\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.114.118 May 11 22:34:58 localhost sshd\[9392\]: Failed password for invalid user ca from 152.136.114.118 port 35522 ssh2 ...	2020-05-12 06:48:10
140.238.13.206	attackspam	May 11 22:35:06 vpn01 sshd[14512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.238.13.206 May 11 22:35:08 vpn01 sshd[14512]: Failed password for invalid user customer from 140.238.13.206 port 49678 ssh2 ...	2020-05-12 06:38:40
188.166.232.14	attackspam	May 11 18:22:36 firewall sshd[22502]: Invalid user harriet from 188.166.232.14 May 11 18:22:38 firewall sshd[22502]: Failed password for invalid user harriet from 188.166.232.14 port 47658 ssh2 May 11 18:30:23 firewall sshd[22730]: Invalid user owncloud from 188.166.232.14 ...	2020-05-12 06:37:59
49.66.177.177	attackspam	Port scan on 1 port(s): 15198	2020-05-12 06:54:37
75.119.215.210	attackbots	75.119.215.210 - - [12/May/2020:00:34:19 +0200] "GET /wp-login.php HTTP/1.1" 200 6124 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 75.119.215.210 - - [12/May/2020:00:34:23 +0200] "POST /wp-login.php HTTP/1.1" 200 6354 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 75.119.215.210 - - [12/May/2020:00:34:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-12 06:45:21
139.198.121.63	attack	Invalid user clare from 139.198.121.63 port 57630	2020-05-12 06:39:45
218.92.0.168	attack	May 12 00:23:39 srv-ubuntu-dev3 sshd[39634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.168 user=root May 12 00:23:41 srv-ubuntu-dev3 sshd[39634]: Failed password for root from 218.92.0.168 port 36621 ssh2 May 12 00:23:44 srv-ubuntu-dev3 sshd[39634]: Failed password for root from 218.92.0.168 port 36621 ssh2 May 12 00:23:39 srv-ubuntu-dev3 sshd[39634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.168 user=root May 12 00:23:41 srv-ubuntu-dev3 sshd[39634]: Failed password for root from 218.92.0.168 port 36621 ssh2 May 12 00:23:44 srv-ubuntu-dev3 sshd[39634]: Failed password for root from 218.92.0.168 port 36621 ssh2 May 12 00:23:39 srv-ubuntu-dev3 sshd[39634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.168 user=root May 12 00:23:41 srv-ubuntu-dev3 sshd[39634]: Failed password for root from 218.92.0.168 port 36621 ssh2 May 12 00 ...	2020-05-12 06:28:20
49.234.99.246	attackspambots	May 11 18:37:12 firewall sshd[22936]: Invalid user deploy from 49.234.99.246 May 11 18:37:14 firewall sshd[22936]: Failed password for invalid user deploy from 49.234.99.246 port 59110 ssh2 May 11 18:41:17 firewall sshd[22982]: Invalid user anderson from 49.234.99.246 ...	2020-05-12 06:26:06
82.65.23.62	attackbotsspam	May 11 23:53:20 sip sshd[219327]: Invalid user admin from 82.65.23.62 port 45278 May 11 23:53:22 sip sshd[219327]: Failed password for invalid user admin from 82.65.23.62 port 45278 ssh2 May 11 23:56:51 sip sshd[219401]: Invalid user ferdinand from 82.65.23.62 port 48204 ...	2020-05-12 06:19:11
159.203.179.230	attack	May 11 18:04:42 ny01 sshd[8616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.179.230 May 11 18:04:44 ny01 sshd[8616]: Failed password for invalid user redmine from 159.203.179.230 port 53562 ssh2 May 11 18:08:13 ny01 sshd[9054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.179.230	2020-05-12 06:27:06
89.187.178.139	attackspam	0,50-03/07 [bc02/m41] PostRequest-Spammer scoring: zurich	2020-05-12 06:48:24
89.248.168.244	attackspam	May 12 00:28:55 debian-2gb-nbg1-2 kernel: \[11495001.166179\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=89.248.168.244 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=19354 PROTO=TCP SPT=40762 DPT=57002 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-12 06:40:46
122.178.8.218	attackspambots	Port probing on unauthorized port 23	2020-05-12 06:51:12
195.54.167.15	attackbotsspam	[MK-VM5] Blocked by UFW	2020-05-12 06:42:28
2.59.117.251	attackspam	WordPress login attempts	2020-05-12 06:41:35

Recently Reported IPs

9.146.63.64	203.211.140.72	76.208.66.176	218.99.208.249
202.16.47.160	174.246.18.8	111.49.214.179	104.176.3.189
123.152.154.225	198.51.137.216	18.106.249.203	198.25.50.118
203.29.59.15	183.145.73.164	113.184.72.2	174.183.245.148
65.23.9.164	75.96.6.10	195.109.191.224	99.89.40.38