106.13.121.180

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Sep 8 11:13:39 server01 sshd\[8398\]: Invalid user gitlab-runner from 106.13.121.180 Sep 8 11:13:39 server01 sshd\[8398\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.180 Sep 8 11:13:41 server01 sshd\[8398\]: Failed password for invalid user gitlab-runner from 106.13.121.180 port 51464 ssh2 ...	2019-09-08 20:53:11

Type

Details

Datetime

attackspambots

Sep  8 11:13:39 server01 sshd\[8398\]: Invalid user gitlab-runner from 106.13.121.180
Sep  8 11:13:39 server01 sshd\[8398\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.180
Sep  8 11:13:41 server01 sshd\[8398\]: Failed password for invalid user gitlab-runner from 106.13.121.180 port 51464 ssh2
...

2019-09-08 20:53:11

Comments on same subnet:

IP	Type	Details	Datetime
106.13.121.62	attackspam	odoo8 ...	2020-04-23 00:53:34
106.13.121.175	attackspam	SSH login attempts.	2020-03-11 20:16:20
106.13.121.175	attackspambots	Mar 4 08:36:00 MK-Soft-VM6 sshd[15715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.175 Mar 4 08:36:02 MK-Soft-VM6 sshd[15715]: Failed password for invalid user shiyic from 106.13.121.175 port 53458 ssh2 ...	2020-03-04 15:43:16
106.13.121.175	attack	Automatic report - Banned IP Access	2020-02-20 06:22:10
106.13.121.175	attackspam	Feb 11 07:57:46 pornomens sshd\[25862\]: Invalid user epe from 106.13.121.175 port 42065 Feb 11 07:57:46 pornomens sshd\[25862\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.175 Feb 11 07:57:48 pornomens sshd\[25862\]: Failed password for invalid user epe from 106.13.121.175 port 42065 ssh2 ...	2020-02-11 15:02:12
106.13.121.175	attack	$f2bV_matches	2020-02-09 10:39:51
106.13.121.175	attack	Jan 31 23:02:03 srv-ubuntu-dev3 sshd[85929]: Invalid user deployer from 106.13.121.175 Jan 31 23:02:03 srv-ubuntu-dev3 sshd[85929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.175 Jan 31 23:02:03 srv-ubuntu-dev3 sshd[85929]: Invalid user deployer from 106.13.121.175 Jan 31 23:02:06 srv-ubuntu-dev3 sshd[85929]: Failed password for invalid user deployer from 106.13.121.175 port 35586 ssh2 Jan 31 23:04:54 srv-ubuntu-dev3 sshd[86190]: Invalid user uftp from 106.13.121.175 Jan 31 23:04:54 srv-ubuntu-dev3 sshd[86190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.175 Jan 31 23:04:54 srv-ubuntu-dev3 sshd[86190]: Invalid user uftp from 106.13.121.175 Jan 31 23:04:57 srv-ubuntu-dev3 sshd[86190]: Failed password for invalid user uftp from 106.13.121.175 port 49125 ssh2 Jan 31 23:07:52 srv-ubuntu-dev3 sshd[86448]: Invalid user admin from 106.13.121.175 ...	2020-02-01 07:44:16
106.13.121.175	attackspambots	Unauthorized connection attempt detected from IP address 106.13.121.175 to port 2220 [J]	2020-01-23 21:01:29
106.13.121.8	attack	Jan 8 08:33:24 MK-Soft-VM8 sshd[7410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.8 Jan 8 08:33:26 MK-Soft-VM8 sshd[7410]: Failed password for invalid user gr from 106.13.121.8 port 58726 ssh2 ...	2020-01-08 15:34:59
106.13.121.175	attack	Invalid user asterisk from 106.13.121.175 port 48503	2020-01-03 19:16:34
106.13.121.175	attackspam	SSH login attempts.	2020-01-01 01:44:21
106.13.121.8	attack	Invalid user test from 106.13.121.8 port 53072	2019-12-29 07:48:20
106.13.121.8	attack	Dec 14 23:45:28 meumeu sshd[12450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.8 Dec 14 23:45:30 meumeu sshd[12450]: Failed password for invalid user webadmin from 106.13.121.8 port 50246 ssh2 Dec 14 23:52:12 meumeu sshd[13791]: Failed password for root from 106.13.121.8 port 53494 ssh2 ...	2019-12-15 07:04:22
106.13.121.175	attack	Dec 1 01:27:02 hosting sshd[20392]: Invalid user sunyna from 106.13.121.175 port 41204 Dec 1 01:27:02 hosting sshd[20392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.175 Dec 1 01:27:02 hosting sshd[20392]: Invalid user sunyna from 106.13.121.175 port 41204 Dec 1 01:27:04 hosting sshd[20392]: Failed password for invalid user sunyna from 106.13.121.175 port 41204 ssh2 Dec 1 01:41:23 hosting sshd[21373]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.175 user=root Dec 1 01:41:24 hosting sshd[21373]: Failed password for root from 106.13.121.175 port 57555 ssh2 ...	2019-12-01 07:15:16
106.13.121.175	attack	SSH bruteforce	2019-11-30 02:00:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.121.180
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26992
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.121.180.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090800 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 08 20:52:56 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 180.121.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 180.121.13.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.234.217.194	attack	Mar 1 08:48:18 srv01 postfix/smtpd\[1124\]: warning: unknown\[185.234.217.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 1 08:48:24 srv01 postfix/smtpd\[1124\]: warning: unknown\[185.234.217.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 1 08:48:34 srv01 postfix/smtpd\[1124\]: warning: unknown\[185.234.217.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 1 08:50:04 srv01 postfix/smtpd\[1122\]: warning: unknown\[185.234.217.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 1 08:50:10 srv01 postfix/smtpd\[1122\]: warning: unknown\[185.234.217.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-03-01 16:08:23
198.108.67.34	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2020-03-01 16:00:45
199.122.113.50	attackbotsspam	Automatic report - XMLRPC Attack	2020-03-01 15:30:22
34.220.64.66	attack	Unauthorized connection attempt detected from IP address 34.220.64.66 to port 8080 [J]	2020-03-01 15:56:09
63.143.110.182	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-01 15:44:41
165.22.246.219	attackbotsspam	[munged]::443 165.22.246.219 - - [01/Mar/2020:05:53:33 +0100] "POST /[munged]: HTTP/1.1" 200 6016 "-" "-" [munged]::443 165.22.246.219 - - [01/Mar/2020:05:53:49 +0100] "POST /[munged]: HTTP/1.1" 200 6016 "-" "-" [munged]::443 165.22.246.219 - - [01/Mar/2020:05:54:05 +0100] "POST /[munged]: HTTP/1.1" 200 6016 "-" "-" [munged]::443 165.22.246.219 - - [01/Mar/2020:05:54:21 +0100] "POST /[munged]: HTTP/1.1" 200 6016 "-" "-" [munged]::443 165.22.246.219 - - [01/Mar/2020:05:54:37 +0100] "POST /[munged]: HTTP/1.1" 200 6016 "-" "-" [munged]::443 165.22.246.219 - - [01/Mar/2020:05:54:53 +0100] "POST /[munged]: HTTP/1.1" 200 6016 "-" "-" [munged]::443 165.22.246.219 - - [01/Mar/2020:05:55:09 +0100] "POST /[munged]: HTTP/1.1" 200 6016 "-" "-" [munged]::443 165.22.246.219 - - [01/Mar/2020:05:55:25 +0100] "POST /[munged]: HTTP/1.1" 200 6016 "-" "-" [munged]::443 165.22.246.219 - - [01/Mar/2020:05:55:41 +0100] "POST /[munged]: HTTP/1.1" 200 6016 "-" "-" [munged]::443 165.22.246.219 - - [01/Mar/2020:05:55:57 +0100] "POST /[	2020-03-01 16:01:39
84.234.96.71	attackbots	Portscan or hack attempt detected by psad/fwsnort	2020-03-01 16:03:18
200.233.231.42	attackspam	Honeypot attack, port: 81, PTR: 200-233-231-042.xd-dynamic.ctbcnetsuper.com.br.	2020-03-01 15:59:10
121.174.152.134	attackbots	Unauthorized connection attempt detected from IP address 121.174.152.134 to port 5555 [J]	2020-03-01 16:02:09
64.52.23.37	attackbotsspam	Brute force attack against VPN service	2020-03-01 15:42:13
175.29.177.38	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-01 16:01:11
114.67.74.139	attackbots	Mar 1 00:47:19 plusreed sshd[1650]: Invalid user sinus from 114.67.74.139 ...	2020-03-01 15:46:36
103.248.83.249	attackspam	Mar 1 02:42:14 plusreed sshd[32260]: Invalid user ec2-user from 103.248.83.249 ...	2020-03-01 15:54:45
176.113.74.30	attackbots	WebFormToEmail Comment SPAM	2020-03-01 15:58:17
222.112.107.46	attackspam	Mar 1 08:23:25 debian-2gb-nbg1-2 kernel: \[5306592.517288\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=222.112.107.46 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=19812 PROTO=TCP SPT=32767 DPT=8545 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-01 15:26:49

Recently Reported IPs

176.61.111.227	109.213.212.112	174.141.125.54	71.6.233.169
105.235.116.59	191.232.163.126	105.224.235.91	164.68.120.248
159.203.199.198	158.225.162.14	213.157.226.236	201.93.209.33
46.69.235.74	220.173.186.233	60.38.242.65	63.234.46.60
75.210.37.179	14.18.141.31	45.79.205.67	212.91.190.81