106.13.126.141

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	BF attempts	2020-07-14 16:53:42
attackbots	SSH BruteForce Attack	2020-07-14 04:39:24
attackbotsspam	Jul 1 00:02:25 home sshd[31479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.141 Jul 1 00:02:26 home sshd[31479]: Failed password for invalid user ty from 106.13.126.141 port 57902 ssh2 Jul 1 00:04:39 home sshd[31839]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.141 ...	2020-07-02 05:42:44
attackbotsspam	Jun 28 13:52:30 mockhub sshd[22678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.141 Jun 28 13:52:32 mockhub sshd[22678]: Failed password for invalid user steam from 106.13.126.141 port 57028 ssh2 ...	2020-06-29 08:28:33
attack	Invalid user user from 106.13.126.141 port 47364	2020-06-28 14:55:47
attackspambots	SSH brute-force: detected 11 distinct username(s) / 12 distinct password(s) within a 24-hour window.	2020-06-22 14:25:26

Comments on same subnet:

IP	Type	Details	Datetime
106.13.126.15	attack	(sshd) Failed SSH login from 106.13.126.15 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 28 12:06:40 server sshd[4482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.15 user=root Sep 28 12:06:41 server sshd[4482]: Failed password for root from 106.13.126.15 port 41050 ssh2 Sep 28 12:20:44 server sshd[8216]: Invalid user vlc from 106.13.126.15 port 46318 Sep 28 12:20:46 server sshd[8216]: Failed password for invalid user vlc from 106.13.126.15 port 46318 ssh2 Sep 28 12:24:48 server sshd[9210]: Invalid user cloud_user from 106.13.126.15 port 59846	2020-09-29 02:32:18
106.13.126.15	attackspam	Sep 27 20:06:13 eddieflores sshd\[21117\]: Invalid user caixa from 106.13.126.15 Sep 27 20:06:13 eddieflores sshd\[21117\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.15 Sep 27 20:06:15 eddieflores sshd\[21117\]: Failed password for invalid user caixa from 106.13.126.15 port 51486 ssh2 Sep 27 20:10:38 eddieflores sshd\[21570\]: Invalid user manager from 106.13.126.15 Sep 27 20:10:38 eddieflores sshd\[21570\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.15	2020-09-28 18:39:44
106.13.126.15	attackbots	2020-09-17T09:03:38.048129abusebot-5.cloudsearch.cf sshd[22865]: Invalid user deploy from 106.13.126.15 port 59936 2020-09-17T09:03:38.056471abusebot-5.cloudsearch.cf sshd[22865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.15 2020-09-17T09:03:38.048129abusebot-5.cloudsearch.cf sshd[22865]: Invalid user deploy from 106.13.126.15 port 59936 2020-09-17T09:03:40.534284abusebot-5.cloudsearch.cf sshd[22865]: Failed password for invalid user deploy from 106.13.126.15 port 59936 ssh2 2020-09-17T09:08:30.998131abusebot-5.cloudsearch.cf sshd[22933]: Invalid user asterisk from 106.13.126.15 port 60770 2020-09-17T09:08:31.005942abusebot-5.cloudsearch.cf sshd[22933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.15 2020-09-17T09:08:30.998131abusebot-5.cloudsearch.cf sshd[22933]: Invalid user asterisk from 106.13.126.15 port 60770 2020-09-17T09:08:33.041946abusebot-5.cloudsearch.cf sshd[22933 ...	2020-09-17 20:15:09
106.13.126.15	attack	Sep 17 03:45:37 vps647732 sshd[16333]: Failed password for root from 106.13.126.15 port 60510 ssh2 ...	2020-09-17 12:25:54
106.13.126.15	attackspam	Invalid user test from 106.13.126.15 port 52314	2020-09-05 20:57:55
106.13.126.15	attack	Time: Fri Sep 4 22:27:19 2020 +0000 IP: 106.13.126.15 (-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 4 22:19:35 ca-16-ede1 sshd[7022]: Invalid user mns from 106.13.126.15 port 54058 Sep 4 22:19:37 ca-16-ede1 sshd[7022]: Failed password for invalid user mns from 106.13.126.15 port 54058 ssh2 Sep 4 22:24:34 ca-16-ede1 sshd[7660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.15 user=root Sep 4 22:24:36 ca-16-ede1 sshd[7660]: Failed password for root from 106.13.126.15 port 59896 ssh2 Sep 4 22:27:17 ca-16-ede1 sshd[8054]: Invalid user maruyama from 106.13.126.15 port 46818	2020-09-05 12:35:17
106.13.126.15	attackbotsspam	Sep 4 18:53:04 haigwepa sshd[14908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.15 Sep 4 18:53:06 haigwepa sshd[14908]: Failed password for invalid user pep from 106.13.126.15 port 35674 ssh2 ...	2020-09-05 05:21:16
106.13.126.15	attackspambots	Invalid user mis from 106.13.126.15 port 50854	2020-08-26 02:17:22
106.13.126.15	attackbotsspam	Aug 15 06:49:38 lukav-desktop sshd\[17105\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.15 user=root Aug 15 06:49:40 lukav-desktop sshd\[17105\]: Failed password for root from 106.13.126.15 port 37404 ssh2 Aug 15 06:53:45 lukav-desktop sshd\[19963\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.15 user=root Aug 15 06:53:48 lukav-desktop sshd\[19963\]: Failed password for root from 106.13.126.15 port 60734 ssh2 Aug 15 06:58:05 lukav-desktop sshd\[22837\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.15 user=root	2020-08-15 12:02:23
106.13.126.15	attackspambots	Aug 14 16:37:17 vps639187 sshd\[23883\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.15 user=root Aug 14 16:37:19 vps639187 sshd\[23883\]: Failed password for root from 106.13.126.15 port 41766 ssh2 Aug 14 16:40:13 vps639187 sshd\[23942\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.15 user=root ...	2020-08-15 01:16:50
106.13.126.15	attackbotsspam	Aug 3 05:52:48 * sshd[24052]: Failed password for root from 106.13.126.15 port 51682 ssh2	2020-08-03 12:36:52
106.13.126.15	attackspam	Invalid user Test from 106.13.126.15 port 36220	2020-07-23 19:04:52
106.13.126.15	attackspambots	Invalid user Test from 106.13.126.15 port 37064	2020-07-21 13:41:34
106.13.126.15	attackspambots	2020-07-11T22:18:20.608351server.espacesoutien.com sshd[24144]: Invalid user bart from 106.13.126.15 port 60312 2020-07-11T22:18:20.621793server.espacesoutien.com sshd[24144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.15 2020-07-11T22:18:20.608351server.espacesoutien.com sshd[24144]: Invalid user bart from 106.13.126.15 port 60312 2020-07-11T22:18:22.705943server.espacesoutien.com sshd[24144]: Failed password for invalid user bart from 106.13.126.15 port 60312 ssh2 ...	2020-07-12 06:42:47
106.13.126.15	attack	2020-07-09T18:46:31.203954mail.broermann.family sshd[12090]: Invalid user alfredo from 106.13.126.15 port 37006 2020-07-09T18:46:31.207976mail.broermann.family sshd[12090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.126.15 2020-07-09T18:46:31.203954mail.broermann.family sshd[12090]: Invalid user alfredo from 106.13.126.15 port 37006 2020-07-09T18:46:33.706211mail.broermann.family sshd[12090]: Failed password for invalid user alfredo from 106.13.126.15 port 37006 ssh2 2020-07-09T18:49:54.127539mail.broermann.family sshd[12207]: Invalid user gk from 106.13.126.15 port 50512 ...	2020-07-10 00:59:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.126.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14919
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.126.141.			IN	A

;; AUTHORITY SECTION:
.			577	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062200 1800 900 604800 86400

;; Query time: 88 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 22 14:25:23 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 141.126.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 141.126.13.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.75.121.252	attackbots	frenzy	2020-06-14 08:54:17
62.171.144.195	attack	[2020-06-13 21:19:45] NOTICE[1273] chan_sip.c: Registration from '' failed for '62.171.144.195:34076' - Wrong password [2020-06-13 21:19:45] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-13T21:19:45.798-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="231abc",SessionID="0x7f31c02f7128",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.171.144.195/34076",Challenge="41723184",ReceivedChallenge="41723184",ReceivedHash="609b27e7a9a8b0445575e0efcf68ff87" [2020-06-13 21:23:46] NOTICE[1273] chan_sip.c: Registration from '' failed for '62.171.144.195:53551' - Wrong password [2020-06-13 21:23:46] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-13T21:23:46.344-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="240abc",SessionID="0x7f31c018ea98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62 ...	2020-06-14 09:24:50
120.70.97.233	attackbotsspam	(sshd) Failed SSH login from 120.70.97.233 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 13 22:40:26 amsweb01 sshd[7385]: Invalid user dexter from 120.70.97.233 port 56878 Jun 13 22:40:28 amsweb01 sshd[7385]: Failed password for invalid user dexter from 120.70.97.233 port 56878 ssh2 Jun 13 22:59:22 amsweb01 sshd[10391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.97.233 user=root Jun 13 22:59:24 amsweb01 sshd[10391]: Failed password for root from 120.70.97.233 port 45010 ssh2 Jun 13 23:04:59 amsweb01 sshd[11254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.97.233 user=root	2020-06-14 09:22:52
189.240.225.205	attackspambots	Jun 14 00:19:40 ns37 sshd[23015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.240.225.205	2020-06-14 08:50:41
172.93.44.105	attack	SASL PLAIN auth failed: ruser=...	2020-06-14 09:01:20
178.128.72.80	attackspambots	Scanned 3 times in the last 24 hours on port 22	2020-06-14 09:25:51
188.166.226.26	attackspambots	Jun 14 00:56:19 ourumov-web sshd\[32458\]: Invalid user artemio from 188.166.226.26 port 36157 Jun 14 00:56:19 ourumov-web sshd\[32458\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.226.26 Jun 14 00:56:22 ourumov-web sshd\[32458\]: Failed password for invalid user artemio from 188.166.226.26 port 36157 ssh2 ...	2020-06-14 09:09:05
121.229.18.144	attack	no	2020-06-14 09:14:55
106.54.200.209	attack	(sshd) Failed SSH login from 106.54.200.209 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 13 22:49:45 amsweb01 sshd[8799]: Invalid user web-angebot from 106.54.200.209 port 59346 Jun 13 22:49:48 amsweb01 sshd[8799]: Failed password for invalid user web-angebot from 106.54.200.209 port 59346 ssh2 Jun 13 23:00:26 amsweb01 sshd[10646]: Invalid user whx from 106.54.200.209 port 60090 Jun 13 23:00:28 amsweb01 sshd[10646]: Failed password for invalid user whx from 106.54.200.209 port 60090 ssh2 Jun 13 23:04:59 amsweb01 sshd[11249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.200.209 user=root	2020-06-14 09:23:21
111.229.63.223	attackbotsspam	Jun 14 05:35:41 ns382633 sshd\[23445\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.63.223 user=root Jun 14 05:35:43 ns382633 sshd\[23445\]: Failed password for root from 111.229.63.223 port 37788 ssh2 Jun 14 05:56:42 ns382633 sshd\[27164\]: Invalid user admin from 111.229.63.223 port 55532 Jun 14 05:56:42 ns382633 sshd\[27164\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.63.223 Jun 14 05:56:44 ns382633 sshd\[27164\]: Failed password for invalid user admin from 111.229.63.223 port 55532 ssh2	2020-06-14 12:00:29
185.74.4.17	attackspambots	Jun 14 03:01:08 minden010 sshd[1654]: Failed password for root from 185.74.4.17 port 45772 ssh2 Jun 14 03:02:28 minden010 sshd[1795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.74.4.17 Jun 14 03:02:29 minden010 sshd[1795]: Failed password for invalid user user from 185.74.4.17 port 54969 ssh2 ...	2020-06-14 09:11:31
89.144.47.246	attackspambots	TCP (SYN) 89.144.47.246:50621 -> port 3389, len 44	2020-06-14 09:03:13
222.186.180.142	attackbotsspam	Jun 14 02:44:38 vps639187 sshd\[28460\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.142 user=root Jun 14 02:44:40 vps639187 sshd\[28460\]: Failed password for root from 222.186.180.142 port 24106 ssh2 Jun 14 02:44:45 vps639187 sshd\[28460\]: Failed password for root from 222.186.180.142 port 24106 ssh2 ...	2020-06-14 08:50:24
186.216.67.194	attackbots	smtp probe/invalid login attempt	2020-06-14 09:30:29
112.85.42.174	attackspam	2020-06-14T06:56:25.431238lavrinenko.info sshd[17266]: Failed password for root from 112.85.42.174 port 8109 ssh2 2020-06-14T06:56:29.503499lavrinenko.info sshd[17266]: Failed password for root from 112.85.42.174 port 8109 ssh2 2020-06-14T06:56:33.572976lavrinenko.info sshd[17266]: Failed password for root from 112.85.42.174 port 8109 ssh2 2020-06-14T06:56:38.304106lavrinenko.info sshd[17266]: Failed password for root from 112.85.42.174 port 8109 ssh2 2020-06-14T06:56:43.231811lavrinenko.info sshd[17266]: Failed password for root from 112.85.42.174 port 8109 ssh2 ...	2020-06-14 12:01:37

Recently Reported IPs

119.51.167.139	37.157.193.180	34.50.222.174	106.12.155.254
212.43.216.61	191.186.166.141	61.249.111.133	156.241.86.200
110.211.69.165	34.54.110.185	205.115.162.134	168.111.205.114
168.240.56.119	199.141.185.24	136.55.153.37	2.19.237.31
235.89.135.240	200.67.193.148	58.67.119.186	202.85.26.110