106.13.141.202

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Feb 15 15:19:37 dedicated sshd[2198]: Invalid user ab from 106.13.141.202 port 49628	2020-02-16 01:30:20
attackspambots	5x Failed Password	2020-02-12 18:07:03
attack	Feb 9 18:38:39 cvbnet sshd[20253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.202 Feb 9 18:38:40 cvbnet sshd[20253]: Failed password for invalid user zwd from 106.13.141.202 port 45986 ssh2 ...	2020-02-10 02:09:25
attack	Jan 11 05:46:25 ovpn sshd\[18898\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.202 user=root Jan 11 05:46:27 ovpn sshd\[18898\]: Failed password for root from 106.13.141.202 port 39022 ssh2 Jan 11 05:49:58 ovpn sshd\[19783\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.202 user=root Jan 11 05:49:59 ovpn sshd\[19783\]: Failed password for root from 106.13.141.202 port 44024 ssh2 Jan 11 05:54:23 ovpn sshd\[20911\]: Invalid user open from 106.13.141.202 Jan 11 05:54:23 ovpn sshd\[20911\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.202	2020-01-11 16:01:52
attack	Automatic report - SSH Brute-Force Attack	2020-01-04 06:57:46
attackspam	Jan 1 01:00:17 XXX sshd[45739]: Invalid user news from 106.13.141.202 port 42924	2020-01-02 08:58:29
attackbots	Dec 21 13:54:40 ny01 sshd[19538]: Failed password for root from 106.13.141.202 port 44220 ssh2 Dec 21 14:00:47 ny01 sshd[20621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.202 Dec 21 14:00:48 ny01 sshd[20621]: Failed password for invalid user gavron from 106.13.141.202 port 36104 ssh2	2019-12-22 03:10:36
attack	Dec 9 17:42:30 loxhost sshd\[18919\]: Invalid user wz from 106.13.141.202 port 39678 Dec 9 17:42:30 loxhost sshd\[18919\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.202 Dec 9 17:42:32 loxhost sshd\[18919\]: Failed password for invalid user wz from 106.13.141.202 port 39678 ssh2 Dec 9 17:48:37 loxhost sshd\[19057\]: Invalid user machika from 106.13.141.202 port 54014 Dec 9 17:48:37 loxhost sshd\[19057\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.202 ...	2019-12-10 01:02:56

Comments on same subnet:

IP	Type	Details	Datetime
106.13.141.110	attackspam	2 SSH login attempts.	2020-10-07 04:24:41
106.13.141.110	attack	Brute%20Force%20SSH	2020-10-06 20:28:50
106.13.141.110	attackspambots	Oct 6 04:21:19 ns382633 sshd\[2901\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.110 user=root Oct 6 04:21:21 ns382633 sshd\[2901\]: Failed password for root from 106.13.141.110 port 54932 ssh2 Oct 6 04:30:01 ns382633 sshd\[3929\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.110 user=root Oct 6 04:30:03 ns382633 sshd\[3929\]: Failed password for root from 106.13.141.110 port 57220 ssh2 Oct 6 04:34:07 ns382633 sshd\[4448\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.110 user=root	2020-10-06 12:08:48
106.13.141.110	attack	Sep 7 14:53:33 mavik sshd[24909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.110 Sep 7 14:53:36 mavik sshd[24909]: Failed password for invalid user volition from 106.13.141.110 port 36598 ssh2 Sep 7 14:57:01 mavik sshd[25041]: Invalid user mada from 106.13.141.110 Sep 7 14:57:01 mavik sshd[25041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.110 Sep 7 14:57:03 mavik sshd[25041]: Failed password for invalid user mada from 106.13.141.110 port 47344 ssh2 ...	2020-09-08 00:00:22
106.13.141.110	attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2020-09-07 07:57:56
106.13.141.110	attackbots	Brute-force attempt banned	2020-08-31 15:43:53
106.13.141.135	attackbots	Unauthorized connection attempt detected from IP address 106.13.141.135 to port 2220 [J]	2020-02-06 08:25:47
106.13.141.135	attack	Jan 11 21:44:10 ns382633 sshd\[9704\]: Invalid user registry from 106.13.141.135 port 52498 Jan 11 21:44:10 ns382633 sshd\[9704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.135 Jan 11 21:44:12 ns382633 sshd\[9704\]: Failed password for invalid user registry from 106.13.141.135 port 52498 ssh2 Jan 11 22:05:25 ns382633 sshd\[13855\]: Invalid user vbox from 106.13.141.135 port 47114 Jan 11 22:05:25 ns382633 sshd\[13855\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.135	2020-01-12 07:36:43
106.13.141.135	attackspam	Tried sshing with brute force.	2020-01-01 05:51:36
106.13.141.135	attackspambots	Dec 31 04:10:30 v11 sshd[4252]: Invalid user guest from 106.13.141.135 port 57518 Dec 31 04:10:32 v11 sshd[4252]: Failed password for invalid user guest from 106.13.141.135 port 57518 ssh2 Dec 31 04:10:32 v11 sshd[4252]: Received disconnect from 106.13.141.135 port 57518:11: Bye Bye [preauth] Dec 31 04:10:32 v11 sshd[4252]: Disconnected from 106.13.141.135 port 57518 [preauth] Dec 31 04:19:08 v11 sshd[5167]: Invalid user xalan from 106.13.141.135 port 46230 Dec 31 04:19:11 v11 sshd[5167]: Failed password for invalid user xalan from 106.13.141.135 port 46230 ssh2 Dec 31 04:19:11 v11 sshd[5167]: Received disconnect from 106.13.141.135 port 46230:11: Bye Bye [preauth] Dec 31 04:19:11 v11 sshd[5167]: Disconnected from 106.13.141.135 port 46230 [preauth] Dec 31 04:20:37 v11 sshd[5268]: Invalid user cj from 106.13.141.135 port 59088 Dec 31 04:20:39 v11 sshd[5268]: Failed password for invalid user cj from 106.13.141.135 port 59088 ssh2 Dec 31 04:20:39 v11 sshd[5268]: Received ........ -------------------------------	2019-12-31 16:16:28
106.13.141.135	attack	Dec 29 18:58:56 vps46666688 sshd[23055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.135 Dec 29 18:58:58 vps46666688 sshd[23055]: Failed password for invalid user fordcom from 106.13.141.135 port 44902 ssh2 ...	2019-12-30 06:26:01
106.13.141.135	attack	Dec 14 13:00:11 web9 sshd\[12406\]: Invalid user ncim from 106.13.141.135 Dec 14 13:00:11 web9 sshd\[12406\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.135 Dec 14 13:00:13 web9 sshd\[12406\]: Failed password for invalid user ncim from 106.13.141.135 port 55964 ssh2 Dec 14 13:05:56 web9 sshd\[13236\]: Invalid user smmsp from 106.13.141.135 Dec 14 13:05:56 web9 sshd\[13236\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.135	2019-12-15 07:17:39
106.13.141.135	attackbots	Dec 3 19:03:50 microserver sshd[28953]: Invalid user ident from 106.13.141.135 port 47258 Dec 3 19:03:50 microserver sshd[28953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.135 Dec 3 19:03:52 microserver sshd[28953]: Failed password for invalid user ident from 106.13.141.135 port 47258 ssh2 Dec 3 19:11:42 microserver sshd[30257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.135 user=root Dec 3 19:11:45 microserver sshd[30257]: Failed password for root from 106.13.141.135 port 41476 ssh2 Dec 3 19:26:16 microserver sshd[32465]: Invalid user triggiano from 106.13.141.135 port 58152 Dec 3 19:26:16 microserver sshd[32465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.135 Dec 3 19:26:18 microserver sshd[32465]: Failed password for invalid user triggiano from 106.13.141.135 port 58152 ssh2 Dec 3 19:33:51 microserver sshd[33402]: pam_unix(sshd:au	2019-12-04 02:27:50
106.13.141.135	attackspam	Nov 25 15:30:47 minden010 sshd[836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.135 Nov 25 15:30:49 minden010 sshd[836]: Failed password for invalid user webadmin from 106.13.141.135 port 37700 ssh2 Nov 25 15:33:57 minden010 sshd[1967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.141.135 ...	2019-11-26 03:36:43
106.13.141.173	attackbotsspam	SSH invalid-user multiple login try	2019-11-03 19:47:49

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.141.202
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35480
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.141.202.			IN	A

;; AUTHORITY SECTION:
.			461	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120900 1800 900 604800 86400

;; Query time: 145 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 10 01:02:51 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 202.141.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 202.141.13.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.47.92.42	attackspam	Automatic report - Port Scan Attack	2019-10-09 22:13:48
40.122.29.117	attackspam	Oct 9 14:43:00 tuxlinux sshd[43846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.122.29.117 user=root Oct 9 14:43:02 tuxlinux sshd[43846]: Failed password for root from 40.122.29.117 port 1280 ssh2 Oct 9 14:43:00 tuxlinux sshd[43846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.122.29.117 user=root Oct 9 14:43:02 tuxlinux sshd[43846]: Failed password for root from 40.122.29.117 port 1280 ssh2 Oct 9 14:52:57 tuxlinux sshd[43994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.122.29.117 user=root ...	2019-10-09 22:21:10
185.176.27.242	attackbots	Oct 9 16:03:07 mc1 kernel: \[1916181.634767\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.242 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=30040 PROTO=TCP SPT=47834 DPT=36348 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 9 16:05:02 mc1 kernel: \[1916296.547322\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.242 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=63320 PROTO=TCP SPT=47834 DPT=13505 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 9 16:06:22 mc1 kernel: \[1916376.432801\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.242 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=7065 PROTO=TCP SPT=47834 DPT=14362 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-09 22:30:23
157.230.208.92	attackbotsspam	Oct 9 14:40:32 unicornsoft sshd\[21796\]: User root from 157.230.208.92 not allowed because not listed in AllowUsers Oct 9 14:40:32 unicornsoft sshd\[21796\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.208.92 user=root Oct 9 14:40:34 unicornsoft sshd\[21796\]: Failed password for invalid user root from 157.230.208.92 port 50214 ssh2	2019-10-09 22:41:02
45.227.253.133	attackspam	Oct 9 08:04:47 xzibhostname postfix/smtpd[31199]: warning: hostname hosting-by.directwebhost.org does not resolve to address 45.227.253.133: Name or service not known Oct 9 08:04:47 xzibhostname postfix/smtpd[31199]: connect from unknown[45.227.253.133] Oct 9 08:04:47 xzibhostname postfix/smtpd[31799]: warning: hostname hosting-by.directwebhost.org does not resolve to address 45.227.253.133: Name or service not known Oct 9 08:04:47 xzibhostname postfix/smtpd[31799]: connect from unknown[45.227.253.133] Oct 9 08:04:48 xzibhostname postfix/smtpd[31199]: warning: unknown[45.227.253.133]: SASL LOGIN authentication failed: authentication failure Oct 9 08:04:48 xzibhostname postfix/smtpd[31799]: warning: unknown[45.227.253.133]: SASL LOGIN authentication failed: authentication failure Oct 9 08:04:48 xzibhostname postfix/smtpd[31199]: lost connection after AUTH from unknown[45.227.253.133] Oct 9 08:04:48 xzibhostname postfix/smtpd[31199]: disconnect from unknown[45.227........ -------------------------------	2019-10-09 22:28:21
85.21.63.173	attackbotsspam	2019-10-09T09:37:44.2136471495-001 sshd\[37962\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.21.63.173 user=root 2019-10-09T09:37:46.4135441495-001 sshd\[37962\]: Failed password for root from 85.21.63.173 port 40968 ssh2 2019-10-09T09:42:17.1647961495-001 sshd\[38262\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.21.63.173 user=root 2019-10-09T09:42:18.8424221495-001 sshd\[38262\]: Failed password for root from 85.21.63.173 port 49638 ssh2 2019-10-09T09:46:58.2412771495-001 sshd\[38530\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.21.63.173 user=root 2019-10-09T09:47:01.1628481495-001 sshd\[38530\]: Failed password for root from 85.21.63.173 port 58346 ssh2 ...	2019-10-09 22:05:44
176.123.254.206	attackspambots	" "	2019-10-09 22:27:43
80.211.79.117	attackbotsspam	Oct 9 16:11:38 vps647732 sshd[6216]: Failed password for root from 80.211.79.117 port 46672 ssh2 ...	2019-10-09 22:22:36
51.77.245.181	attack	Oct 9 16:33:31 SilenceServices sshd[6630]: Failed password for root from 51.77.245.181 port 46892 ssh2 Oct 9 16:37:49 SilenceServices sshd[7755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.245.181 Oct 9 16:37:51 SilenceServices sshd[7755]: Failed password for invalid user 123 from 51.77.245.181 port 58654 ssh2	2019-10-09 22:46:18
46.245.121.91	attackspam	Brute force attempt	2019-10-09 22:48:56
37.187.12.126	attack	Oct 9 04:11:39 php1 sshd\[3349\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.12.126 user=root Oct 9 04:11:41 php1 sshd\[3349\]: Failed password for root from 37.187.12.126 port 48726 ssh2 Oct 9 04:15:52 php1 sshd\[3698\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.12.126 user=root Oct 9 04:15:54 php1 sshd\[3698\]: Failed password for root from 37.187.12.126 port 60834 ssh2 Oct 9 04:20:06 php1 sshd\[4054\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.12.126 user=root	2019-10-09 22:36:42
222.186.175.151	attack	Oct 9 16:22:06 amit sshd\[12725\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.151 user=root Oct 9 16:22:08 amit sshd\[12725\]: Failed password for root from 222.186.175.151 port 23108 ssh2 Oct 9 16:22:40 amit sshd\[12727\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.151 user=root ...	2019-10-09 22:25:05
112.134.5.150	attack	PHI,WP GET /wp-login.php	2019-10-09 22:47:15
106.225.211.193	attackspambots	Automatic report - Banned IP Access	2019-10-09 22:20:48
54.200.167.186	attackbotsspam	10/09/2019-16:04:10.006118 54.200.167.186 Protocol: 6 SURICATA TLS invalid record/traffic	2019-10-09 22:13:00

Recently Reported IPs

207.92.164.215	217.61.1.8	38.215.233.38	219.148.37.152
63.44.250.151	106.47.41.11	171.224.94.254	106.39.90.65
202.79.56.234	200.223.238.107	113.162.159.171	194.130.9.147
240.3.11.115	102.140.211.179	241.79.105.97	129.146.235.175
63.28.107.129	66.239.48.104	137.46.83.88	106.39.90.21