106.13.107.196

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	detected by Fail2Ban	2020-10-14 03:40:12
attackspambots	SSH Brute Force (V)	2020-10-13 18:59:17
attackspambots	SSH login attempts.	2020-10-12 04:15:49
attackspam	SSH login attempts.	2020-10-11 20:15:24
attackspam	Oct 11 05:40:56 mout sshd[4485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196 user=root Oct 11 05:40:58 mout sshd[4485]: Failed password for root from 106.13.107.196 port 34328 ssh2	2020-10-11 12:14:09
attackbots	SSH Brute Force	2020-10-11 05:37:58
attackspambots	pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196 Failed password for invalid user jairo from 106.13.107.196 port 53292 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196	2020-10-04 06:46:20
attackbotsspam	Jul 29 00:20:52 vpn01 sshd[12267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196 Jul 29 00:20:54 vpn01 sshd[12267]: Failed password for invalid user xwang from 106.13.107.196 port 36334 ssh2 ...	2020-07-29 07:17:42
attackbots	Jun 24 14:07:02 cdc sshd[24604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196 Jun 24 14:07:05 cdc sshd[24604]: Failed password for invalid user vsftpd from 106.13.107.196 port 55848 ssh2	2020-06-25 01:08:58
attackspambots	2020-06-19T16:39:55.724384devel sshd[18712]: Invalid user ts3bot from 106.13.107.196 port 33418 2020-06-19T16:39:58.431622devel sshd[18712]: Failed password for invalid user ts3bot from 106.13.107.196 port 33418 ssh2 2020-06-19T16:42:54.762354devel sshd[19107]: Invalid user hjy from 106.13.107.196 port 40672	2020-06-20 05:09:54
attackbots	Jun 4 07:54:30 ny01 sshd[1009]: Failed password for root from 106.13.107.196 port 48046 ssh2 Jun 4 07:58:31 ny01 sshd[2390]: Failed password for root from 106.13.107.196 port 42586 ssh2	2020-06-05 02:28:23
attackbotsspam	May 14 11:16:22 electroncash sshd[18375]: Failed password for root from 106.13.107.196 port 40930 ssh2 May 14 11:20:21 electroncash sshd[19469]: Invalid user rob from 106.13.107.196 port 58488 May 14 11:20:21 electroncash sshd[19469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196 May 14 11:20:21 electroncash sshd[19469]: Invalid user rob from 106.13.107.196 port 58488 May 14 11:20:23 electroncash sshd[19469]: Failed password for invalid user rob from 106.13.107.196 port 58488 ssh2 ...	2020-05-14 18:42:25
attackspambots	Invalid user mcj from 106.13.107.196 port 39944	2020-05-01 15:12:42
attackbotsspam	Apr 30 00:18:04 minden010 sshd[8765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196 Apr 30 00:18:06 minden010 sshd[8765]: Failed password for invalid user pom from 106.13.107.196 port 53592 ssh2 Apr 30 00:21:11 minden010 sshd[9802]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196 ...	2020-04-30 07:44:38
attackbots	fail2ban/Apr 29 07:32:49 h1962932 sshd[21843]: Invalid user poster from 106.13.107.196 port 54570 Apr 29 07:32:49 h1962932 sshd[21843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196 Apr 29 07:32:49 h1962932 sshd[21843]: Invalid user poster from 106.13.107.196 port 54570 Apr 29 07:32:51 h1962932 sshd[21843]: Failed password for invalid user poster from 106.13.107.196 port 54570 ssh2 Apr 29 07:37:50 h1962932 sshd[22016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196 user=root Apr 29 07:37:53 h1962932 sshd[22016]: Failed password for root from 106.13.107.196 port 55402 ssh2	2020-04-29 16:25:19
attackspambots	Invalid user uploader from 106.13.107.196 port 51802	2020-04-28 13:12:11
attackspam	Apr 19 07:45:53 odroid64 sshd\[28841\]: Invalid user test2 from 106.13.107.196 Apr 19 07:45:53 odroid64 sshd\[28841\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196 ...	2020-04-19 13:47:31
attack	Apr 17 13:10:00 srv-ubuntu-dev3 sshd[53260]: Invalid user hadoop from 106.13.107.196 Apr 17 13:10:00 srv-ubuntu-dev3 sshd[53260]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196 Apr 17 13:10:00 srv-ubuntu-dev3 sshd[53260]: Invalid user hadoop from 106.13.107.196 Apr 17 13:10:03 srv-ubuntu-dev3 sshd[53260]: Failed password for invalid user hadoop from 106.13.107.196 port 51680 ssh2 Apr 17 13:16:27 srv-ubuntu-dev3 sshd[54327]: Invalid user zv from 106.13.107.196 Apr 17 13:16:27 srv-ubuntu-dev3 sshd[54327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196 Apr 17 13:16:27 srv-ubuntu-dev3 sshd[54327]: Invalid user zv from 106.13.107.196 Apr 17 13:16:29 srv-ubuntu-dev3 sshd[54327]: Failed password for invalid user zv from 106.13.107.196 port 44036 ssh2 ...	2020-04-17 20:08:41
attackbots	Apr 12 07:43:46 ns382633 sshd\[15243\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196 user=root Apr 12 07:43:48 ns382633 sshd\[15243\]: Failed password for root from 106.13.107.196 port 39014 ssh2 Apr 12 07:46:39 ns382633 sshd\[15952\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196 user=root Apr 12 07:46:40 ns382633 sshd\[15952\]: Failed password for root from 106.13.107.196 port 34266 ssh2 Apr 12 07:47:31 ns382633 sshd\[16025\]: Invalid user fnjoroge from 106.13.107.196 port 41562 Apr 12 07:47:31 ns382633 sshd\[16025\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196	2020-04-12 14:17:30
attack	Repeated brute force against a port	2020-03-28 01:38:21
attackbotsspam	Mar 22 12:27:56 sd-53420 sshd\[19857\]: Invalid user ph from 106.13.107.196 Mar 22 12:27:56 sd-53420 sshd\[19857\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196 Mar 22 12:27:58 sd-53420 sshd\[19857\]: Failed password for invalid user ph from 106.13.107.196 port 57478 ssh2 Mar 22 12:33:12 sd-53420 sshd\[21504\]: Invalid user zeus from 106.13.107.196 Mar 22 12:33:12 sd-53420 sshd\[21504\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196 ...	2020-03-22 19:40:05

Comments on same subnet:

IP	Type	Details	Datetime
106.13.107.185	attack	Attempted connection to port 2375.	2020-08-01 14:00:13
106.13.107.13	attackspam	$f2bV_matches	2020-06-15 19:42:36
106.13.107.13	attack	Jun 10 23:02:36 OPSO sshd\[19393\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.13 user=root Jun 10 23:02:38 OPSO sshd\[19393\]: Failed password for root from 106.13.107.13 port 49486 ssh2 Jun 10 23:03:44 OPSO sshd\[19454\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.13 user=root Jun 10 23:03:46 OPSO sshd\[19454\]: Failed password for root from 106.13.107.13 port 36178 ssh2 Jun 10 23:04:50 OPSO sshd\[19766\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.13 user=apache	2020-06-11 05:22:01
106.13.107.13	attackbotsspam	Jun 1 01:07:39 euve59663 sshd[22624]: pam_unix(sshd:auth): authenticat= ion failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D106= .13.107.13 user=3Dr.r Jun 1 01:07:41 euve59663 sshd[22624]: Failed password for r.r from 10= 6.13.107.13 port 50158 ssh2 Jun 1 01:07:42 euve59663 sshd[22624]: Received disconnect from 106.13.= 107.13: 11: Bye Bye [preauth] Jun 1 01:24:41 euve59663 sshd[23011]: pam_unix(sshd:auth): authenticat= ion failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D106= .13.107.13 user=3Dr.r Jun 1 01:24:44 euve59663 sshd[23011]: Failed password for r.r from 10= 6.13.107.13 port 40452 ssh2 Jun 1 01:24:44 euve59663 sshd[23011]: Received disconnect from 106.13.= 107.13: 11: Bye Bye [preauth] Jun 1 01:28:39 euve59663 sshd[23087]: pam_unix(sshd:auth): authenticat= ion failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D106= .13.107.13 user=3Dr.r Jun 1 01:28:41 euve59663 sshd[23087]: Failed password for r.r from 10=........ -------------------------------	2020-06-01 15:26:33
106.13.107.13	attack	SSH/22 MH Probe, BF, Hack -	2020-06-01 08:25:12
106.13.107.13	attack	May 29 12:40:02 ajax sshd[32236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.13 May 29 12:40:03 ajax sshd[32236]: Failed password for invalid user starbound from 106.13.107.13 port 36662 ssh2	2020-05-29 19:41:40
106.13.107.13	attack	k+ssh-bruteforce	2020-05-21 00:14:53
106.13.107.13	attackspam	prod3 ...	2020-05-10 13:03:25
106.13.107.106	attackbotsspam	Apr 6 13:34:15 itv-usvr-02 sshd[25890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.106 user=root Apr 6 13:40:54 itv-usvr-02 sshd[26230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.106 user=root Apr 6 13:43:41 itv-usvr-02 sshd[26347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.106 user=root	2020-04-06 15:30:43
106.13.107.106	attackspam	Invalid user gfa from 106.13.107.106 port 33608	2020-04-03 15:18:42
106.13.107.106	attackspam	Invalid user bw from 106.13.107.106 port 35780	2020-03-28 08:51:40
106.13.107.106	attackbotsspam	Mar 27 21:45:03 OPSO sshd\[24886\]: Invalid user adapter from 106.13.107.106 port 44134 Mar 27 21:45:03 OPSO sshd\[24886\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.106 Mar 27 21:45:05 OPSO sshd\[24886\]: Failed password for invalid user adapter from 106.13.107.106 port 44134 ssh2 Mar 27 21:47:05 OPSO sshd\[25571\]: Invalid user test from 106.13.107.106 port 48068 Mar 27 21:47:05 OPSO sshd\[25571\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.106	2020-03-28 05:05:01
106.13.107.106	attackbots	Invalid user bw from 106.13.107.106 port 35780	2020-03-27 07:51:17
106.13.107.106	attackbots	2020-03-19T23:20:14.752622shield sshd\[7915\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.106 user=root 2020-03-19T23:20:16.842471shield sshd\[7915\]: Failed password for root from 106.13.107.106 port 42634 ssh2 2020-03-19T23:26:02.593767shield sshd\[9259\]: Invalid user overwatch from 106.13.107.106 port 38548 2020-03-19T23:26:02.603753shield sshd\[9259\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.106 2020-03-19T23:26:04.799521shield sshd\[9259\]: Failed password for invalid user overwatch from 106.13.107.106 port 38548 ssh2	2020-03-20 08:24:46
106.13.107.106	attack	$f2bV_matches	2020-03-13 21:20:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.107.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25969
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.107.196.			IN	A

;; AUTHORITY SECTION:
.			452	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032200 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 22 19:39:59 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 196.107.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 196.107.13.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
200.56.37.42	attack	Automatic report - Port Scan Attack	2020-05-08 17:42:32
27.221.97.4	attackbots	May 8 09:30:15 gw1 sshd[1045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.221.97.4 May 8 09:30:17 gw1 sshd[1045]: Failed password for invalid user lucas from 27.221.97.4 port 54233 ssh2 ...	2020-05-08 17:14:51
92.63.194.106	attackspambots	2020-05-07 UTC: (2x) - guest,user	2020-05-08 17:43:30
115.74.92.136	attackspambots	Telnet Server BruteForce Attack	2020-05-08 17:16:58
187.174.219.142	attack	May 8 05:44:21 mail sshd\[27799\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.174.219.142 user=root May 8 05:44:23 mail sshd\[27799\]: Failed password for root from 187.174.219.142 port 34788 ssh2 May 8 05:51:59 mail sshd\[27906\]: Invalid user lcy from 187.174.219.142 May 8 05:51:59 mail sshd\[27906\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.174.219.142 ...	2020-05-08 17:19:34
79.232.175.146	attack	May 8 05:52:09 vps639187 sshd\[3023\]: Invalid user duplicity from 79.232.175.146 port 56844 May 8 05:52:09 vps639187 sshd\[3023\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.232.175.146 May 8 05:52:11 vps639187 sshd\[3023\]: Failed password for invalid user duplicity from 79.232.175.146 port 56844 ssh2 ...	2020-05-08 17:12:03
177.137.250.197	attack	Automatic report - Port Scan Attack	2020-05-08 17:12:48
109.225.107.159	attackbots	May 8 10:54:36 mout sshd[10688]: Failed password for root from 109.225.107.159 port 34367 ssh2 May 8 11:03:43 mout sshd[11513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.225.107.159 user=root May 8 11:03:45 mout sshd[11513]: Failed password for root from 109.225.107.159 port 35483 ssh2	2020-05-08 17:14:06
191.54.208.70	attackbots	$f2bV_matches	2020-05-08 17:07:40
167.62.139.159	attackspambots	DATE:2020-05-08 05:51:42, IP:167.62.139.159, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-05-08 17:33:15
87.251.74.60	attackspam	May 8 10:55:46 debian-2gb-nbg1-2 kernel: \[11187027.638094\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=87.251.74.60 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=64330 PROTO=TCP SPT=46871 DPT=62431 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-08 17:10:18
217.182.95.16	attackspambots	2020-05-08T08:53:57.275460server.espacesoutien.com sshd[25933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.95.16 2020-05-08T08:53:57.263430server.espacesoutien.com sshd[25933]: Invalid user caleb from 217.182.95.16 port 45800 2020-05-08T08:53:59.585439server.espacesoutien.com sshd[25933]: Failed password for invalid user caleb from 217.182.95.16 port 45800 ssh2 2020-05-08T08:55:19.628775server.espacesoutien.com sshd[26450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.95.16 user=root 2020-05-08T08:55:21.532209server.espacesoutien.com sshd[26450]: Failed password for root from 217.182.95.16 port 55686 ssh2 ...	2020-05-08 17:05:55
45.226.105.251	attackspam	Telnet Server BruteForce Attack	2020-05-08 17:12:31
42.200.244.178	attackspambots	2020-05-08T09:23:11.247128sd-86998 sshd[35857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42-200-244-178.static.imsbiz.com user=root 2020-05-08T09:23:13.583029sd-86998 sshd[35857]: Failed password for root from 42.200.244.178 port 36034 ssh2 2020-05-08T09:25:30.079352sd-86998 sshd[36162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42-200-244-178.static.imsbiz.com user=root 2020-05-08T09:25:31.831447sd-86998 sshd[36162]: Failed password for root from 42.200.244.178 port 51833 ssh2 2020-05-08T09:27:57.975361sd-86998 sshd[36384]: Invalid user sjj from 42.200.244.178 port 39398 ...	2020-05-08 17:16:04
139.199.104.65	attack	(sshd) Failed SSH login from 139.199.104.65 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 8 09:08:22 amsweb01 sshd[10098]: Invalid user cristian from 139.199.104.65 port 58826 May 8 09:08:25 amsweb01 sshd[10098]: Failed password for invalid user cristian from 139.199.104.65 port 58826 ssh2 May 8 09:22:16 amsweb01 sshd[11353]: Invalid user sebi from 139.199.104.65 port 56792 May 8 09:22:18 amsweb01 sshd[11353]: Failed password for invalid user sebi from 139.199.104.65 port 56792 ssh2 May 8 09:34:10 amsweb01 sshd[12376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.104.65 user=root	2020-05-08 17:18:17

Recently Reported IPs

193.112.163.159	85.108.134.183	33.37.28.0	96.215.235.132
41.237.90.132	79.10.35.178	41.146.133.194	41.43.127.236
125.227.240.25	171.227.7.169	106.12.96.23	85.99.249.246
37.233.22.124	51.39.164.58	106.13.19.145	24.54.44.91
114.143.153.138	112.84.61.217	211.253.9.49	24.30.91.171