106.13.140.252

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	5x Failed Password	2020-03-29 02:27:22
attackbots	Mar 21 18:10:12 mout sshd[28191]: Invalid user porsche from 106.13.140.252 port 41102 Mar 21 18:10:13 mout sshd[28191]: Failed password for invalid user porsche from 106.13.140.252 port 41102 ssh2 Mar 21 18:25:22 mout sshd[29489]: Connection closed by 106.13.140.252 port 60338 [preauth]	2020-03-22 02:41:05
attackbots	Invalid user xmc from 106.13.140.252 port 42016	2020-02-15 21:51:01
attack	Feb 12 09:57:49 sshd\[29479\]: Invalid user postgres from 106.13.140.252Feb 12 09:57:51 sshd\[29479\]: Failed password for invalid user postgres from 106.13.140.252 port 37944 ssh2 ...	2020-02-12 20:00:40
attack	Feb 12 01:35:20 legacy sshd[17534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.252 Feb 12 01:35:22 legacy sshd[17534]: Failed password for invalid user siobhan from 106.13.140.252 port 41388 ssh2 Feb 12 01:38:55 legacy sshd[17808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.252 ...	2020-02-12 08:56:03
attackbotsspam	Jan 23 01:45:50 www1 sshd\[13798\]: Failed password for root from 106.13.140.252 port 42612 ssh2Jan 23 01:47:23 www1 sshd\[13897\]: Invalid user ubuntu from 106.13.140.252Jan 23 01:47:26 www1 sshd\[13897\]: Failed password for invalid user ubuntu from 106.13.140.252 port 56232 ssh2Jan 23 01:49:01 www1 sshd\[14040\]: Invalid user test1 from 106.13.140.252Jan 23 01:49:02 www1 sshd\[14040\]: Failed password for invalid user test1 from 106.13.140.252 port 41620 ssh2Jan 23 01:50:42 www1 sshd\[14400\]: Invalid user sandi from 106.13.140.252Jan 23 01:50:43 www1 sshd\[14400\]: Failed password for invalid user sandi from 106.13.140.252 port 55244 ssh2 ...	2020-01-23 08:38:28
attackspambots	$f2bV_matches	2020-01-19 00:12:30
attackbots	Unauthorized connection attempt detected from IP address 106.13.140.252 to port 2220 [J]	2020-01-18 03:05:41
attackspambots	Oct 29 21:34:51 legacy sshd[4575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.252 Oct 29 21:34:54 legacy sshd[4575]: Failed password for invalid user Irmeli from 106.13.140.252 port 41510 ssh2 Oct 29 21:38:52 legacy sshd[4744]: Failed password for root from 106.13.140.252 port 50690 ssh2 ...	2019-10-30 04:49:46
attack	Oct 10 02:01:44 hanapaa sshd\[7963\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.252 user=root Oct 10 02:01:46 hanapaa sshd\[7963\]: Failed password for root from 106.13.140.252 port 40898 ssh2 Oct 10 02:06:36 hanapaa sshd\[8364\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.252 user=root Oct 10 02:06:38 hanapaa sshd\[8364\]: Failed password for root from 106.13.140.252 port 46822 ssh2 Oct 10 02:11:34 hanapaa sshd\[8882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.252 user=root	2019-10-11 04:00:35
attackbots	Sep 16 06:50:04 xtremcommunity sshd\[142634\]: Invalid user ubuntu from 106.13.140.252 port 36504 Sep 16 06:50:04 xtremcommunity sshd\[142634\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.252 Sep 16 06:50:07 xtremcommunity sshd\[142634\]: Failed password for invalid user ubuntu from 106.13.140.252 port 36504 ssh2 Sep 16 06:53:51 xtremcommunity sshd\[142686\]: Invalid user isadmin from 106.13.140.252 port 39460 Sep 16 06:53:51 xtremcommunity sshd\[142686\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.252 ...	2019-09-16 19:22:19
attackspam	Sep 15 00:45:13 ny01 sshd[10290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.252 Sep 15 00:45:15 ny01 sshd[10290]: Failed password for invalid user lsfadmin from 106.13.140.252 port 46376 ssh2 Sep 15 00:50:48 ny01 sshd[11397]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.252	2019-09-15 13:03:36
attack	Sep 12 17:52:01 localhost sshd\[4584\]: Invalid user oracle from 106.13.140.252 port 59606 Sep 12 17:52:01 localhost sshd\[4584\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.252 Sep 12 17:52:04 localhost sshd\[4584\]: Failed password for invalid user oracle from 106.13.140.252 port 59606 ssh2	2019-09-13 04:57:36
attackbots	Invalid user enigma from 106.13.140.252 port 49922	2019-08-27 13:54:57
attackbotsspam	Aug 6 09:31:22 master sshd[23082]: Failed password for invalid user miller from 106.13.140.252 port 41450 ssh2	2019-08-07 02:05:46
attackspambots	Jul 30 14:40:04 dedicated sshd[11554]: Invalid user attach from 106.13.140.252 port 49878	2019-07-30 20:47:07
attack	Jul 15 10:14:20 eventyay sshd[15240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.252 Jul 15 10:14:22 eventyay sshd[15240]: Failed password for invalid user guillermo from 106.13.140.252 port 51324 ssh2 Jul 15 10:18:16 eventyay sshd[16269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.252 ...	2019-07-15 17:15:30

Comments on same subnet:

IP	Type	Details	Datetime
106.13.140.33	attackspam	Aug 26 11:16:22 abendstille sshd\[8819\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.33 user=root Aug 26 11:16:25 abendstille sshd\[8819\]: Failed password for root from 106.13.140.33 port 33908 ssh2 Aug 26 11:19:57 abendstille sshd\[12929\]: Invalid user trs from 106.13.140.33 Aug 26 11:19:57 abendstille sshd\[12929\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.33 Aug 26 11:19:58 abendstille sshd\[12929\]: Failed password for invalid user trs from 106.13.140.33 port 46722 ssh2 ...	2020-08-26 17:24:41
106.13.140.138	attack	Aug 13 13:20:31 gospond sshd[28698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.138 Aug 13 13:20:31 gospond sshd[28698]: Invalid user guest111 from 106.13.140.138 port 35214 Aug 13 13:20:33 gospond sshd[28698]: Failed password for invalid user guest111 from 106.13.140.138 port 35214 ssh2 ...	2020-08-13 20:49:54
106.13.140.33	attackspam	Aug 12 14:38:42 vmd36147 sshd[24804]: Failed password for root from 106.13.140.33 port 39560 ssh2 Aug 12 14:43:37 vmd36147 sshd[3305]: Failed password for root from 106.13.140.33 port 33568 ssh2 ...	2020-08-12 21:14:52
106.13.140.33	attackbotsspam	Aug 10 13:29:02 game-panel sshd[20582]: Failed password for root from 106.13.140.33 port 43066 ssh2 Aug 10 13:32:41 game-panel sshd[20718]: Failed password for root from 106.13.140.33 port 49052 ssh2	2020-08-10 23:06:53
106.13.140.200	attack	firewall-block, port(s): 1425/tcp	2020-07-31 04:06:32
106.13.140.33	attack	Jul 23 20:01:48 web1 sshd\[2060\]: Invalid user test from 106.13.140.33 Jul 23 20:01:48 web1 sshd\[2060\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.33 Jul 23 20:01:50 web1 sshd\[2060\]: Failed password for invalid user test from 106.13.140.33 port 38844 ssh2 Jul 23 20:05:57 web1 sshd\[2430\]: Invalid user ts3server from 106.13.140.33 Jul 23 20:05:57 web1 sshd\[2430\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.33	2020-07-24 16:23:54
106.13.140.33	attack	$f2bV_matches	2020-07-15 09:08:43
106.13.140.33	attack	Jul 12 00:11:14 server1 sshd\[7062\]: Invalid user policy from 106.13.140.33 Jul 12 00:11:14 server1 sshd\[7062\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.33 Jul 12 00:11:16 server1 sshd\[7062\]: Failed password for invalid user policy from 106.13.140.33 port 45038 ssh2 Jul 12 00:14:32 server1 sshd\[8009\]: Invalid user dan from 106.13.140.33 Jul 12 00:14:32 server1 sshd\[8009\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.33 ...	2020-07-12 14:25:38
106.13.140.200	attackspam	Unauthorized connection attempt detected from IP address 106.13.140.200 to port 3996	2020-07-09 05:01:15
106.13.140.200	attackbots	Jul 8 00:27:22 onepixel sshd[97234]: Invalid user mike from 106.13.140.200 port 49924 Jul 8 00:27:22 onepixel sshd[97234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.200 Jul 8 00:27:22 onepixel sshd[97234]: Invalid user mike from 106.13.140.200 port 49924 Jul 8 00:27:24 onepixel sshd[97234]: Failed password for invalid user mike from 106.13.140.200 port 49924 ssh2 Jul 8 00:33:13 onepixel sshd[100018]: Invalid user lcd from 106.13.140.200 port 56016	2020-07-08 11:28:50
106.13.140.83	attack	Failed password for invalid user montse from 106.13.140.83 port 53072 ssh2	2020-07-06 01:14:33
106.13.140.83	attackspam	Invalid user baum from 106.13.140.83 port 43214	2020-06-28 14:50:08
106.13.140.33	attack	Jun 13 22:42:26 askasleikir sshd[29906]: Failed password for invalid user Administrator from 106.13.140.33 port 40856 ssh2 Jun 13 22:26:27 askasleikir sshd[29873]: Failed password for invalid user oscar from 106.13.140.33 port 43878 ssh2 Jun 13 22:36:49 askasleikir sshd[29895]: Failed password for invalid user golf from 106.13.140.33 port 51232 ssh2	2020-06-14 20:52:13
106.13.140.200	attackspambots	Invalid user Administrator from 106.13.140.200 port 35714	2020-06-13 20:07:24
106.13.140.200	attackbots	Jun 9 20:15:52 django-0 sshd\[6369\]: Invalid user yjj from 106.13.140.200Jun 9 20:15:53 django-0 sshd\[6369\]: Failed password for invalid user yjj from 106.13.140.200 port 46486 ssh2Jun 9 20:25:11 django-0 sshd\[6572\]: Invalid user kshitiz from 106.13.140.200 ...	2020-06-10 06:37:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.140.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13646
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.140.252.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 15 17:15:16 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 252.140.13.106.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 252.140.13.106.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
85.93.20.85	attack	200508 7:55:40 [Warning] Access denied for user 'root'@'85.93.20.85' (using password: YES) 200508 7:55:44 [Warning] Access denied for user 'admin'@'85.93.20.85' (using password: YES) 200508 7:55:49 [Warning] Access denied for user 'Admin'@'85.93.20.85' (using password: YES) ...	2020-05-08 23:02:51
188.165.210.176	attack	20 attempts against mh-ssh on echoip	2020-05-08 23:11:20
70.79.239.180	attackbots	udp 49246	2020-05-08 22:58:27
195.54.167.8	attackbotsspam	May 8 16:21:02 debian-2gb-nbg1-2 kernel: \[11206542.765718\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.167.8 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=32113 PROTO=TCP SPT=55382 DPT=37616 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-08 23:00:47
94.54.20.213	attack	Unauthorised access (May 8) SRC=94.54.20.213 LEN=52 TTL=116 ID=8354 DF TCP DPT=445 WINDOW=8192 SYN	2020-05-08 23:28:27
139.28.206.11	attackspambots	2020-05-08 15:54:05,559 fail2ban.actions: WARNING [ssh] Ban 139.28.206.11	2020-05-08 22:59:39
109.229.173.170	attackspam	Honeypot attack, port: 5555, PTR: PTR record not found	2020-05-08 23:24:03
195.231.11.144	attackbotsspam	Lines containing failures of 195.231.11.144 May 8 09:47:59 kmh-vmh-001-fsn07 sshd[22724]: Did not receive identification string from 195.231.11.144 port 52536 May 8 09:48:42 kmh-vmh-001-fsn07 sshd[22881]: Invalid user 94.237.12.70 from 195.231.11.144 port 55874 May 8 09:48:42 kmh-vmh-001-fsn07 sshd[22881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.231.11.144 May 8 09:48:44 kmh-vmh-001-fsn07 sshd[22881]: Failed password for invalid user 94.237.12.70 from 195.231.11.144 port 55874 ssh2 May 8 09:48:44 kmh-vmh-001-fsn07 sshd[22881]: Received disconnect from 195.231.11.144 port 55874:11: Normal Shutdown, Thank you for playing [preauth] May 8 09:48:44 kmh-vmh-001-fsn07 sshd[22881]: Disconnected from invalid user 94.237.12.70 195.231.11.144 port 55874 [preauth] May 8 09:49:16 kmh-vmh-001-fsn07 sshd[23092]: Invalid user 167.172.177.102 from 195.231.11.144 port 49924 May 8 09:49:16 kmh-vmh-001-fsn07 sshd[23092]: pam_unix(........ ------------------------------	2020-05-08 23:11:05
85.93.20.92	attackspam	200508 7:55:38 [Warning] Access denied for user 'root'@'85.93.20.92' (using password: YES) 200508 7:55:43 [Warning] Access denied for user 'ADMIN'@'85.93.20.92' (using password: YES) 200508 7:55:47 [Warning] Access denied for user 'Admin'@'85.93.20.92' (using password: YES) ...	2020-05-08 23:16:56
219.144.68.15	attack	SSH Brute Force	2020-05-08 22:47:34
200.209.145.251	attackspam	May 8 16:48:28 vps sshd[582785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.209.145.251 user=root May 8 16:48:30 vps sshd[582785]: Failed password for root from 200.209.145.251 port 41717 ssh2 May 8 16:52:26 vps sshd[600640]: Invalid user brian from 200.209.145.251 port 47838 May 8 16:52:26 vps sshd[600640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.209.145.251 May 8 16:52:27 vps sshd[600640]: Failed password for invalid user brian from 200.209.145.251 port 47838 ssh2 ...	2020-05-08 23:08:58
222.186.175.182	attack	DATE:2020-05-08 16:29:16, IP:222.186.175.182, PORT:ssh SSH brute force auth on honeypot server (epe-honey1-hq)	2020-05-08 22:46:10
185.143.75.81	attackspam	May 8 16:37:55 vmanager6029 postfix/smtpd\[16506\]: warning: unknown\[185.143.75.81\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 8 16:38:35 vmanager6029 postfix/smtpd\[16506\]: warning: unknown\[185.143.75.81\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-05-08 22:51:56
109.124.65.86	attackspambots	$f2bV_matches	2020-05-08 23:12:34
106.12.123.239	attackspam	May 8 14:27:15 vmd17057 sshd[4599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.123.239 May 8 14:27:18 vmd17057 sshd[4599]: Failed password for invalid user eun from 106.12.123.239 port 35658 ssh2 ...	2020-05-08 22:57:59

Recently Reported IPs

191.53.57.57	92.172.154.170	140.198.7.230	34.203.172.181
3.0.163.200	155.158.104.98	202.72.222.185	42.53.130.70
124.127.98.230	54.157.101.0	190.237.13.185	190.181.191.241
165.225.73.88	78.166.248.173	193.188.22.186	203.223.206.228
209.62.50.4	79.27.127.184	81.227.243.216	173.56.255.218