106.13.163.1 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
106.13.163.236	attackbotsspam	Oct 5 00:47:15 web1 sshd[24131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.163.236 user=root Oct 5 00:47:17 web1 sshd[24131]: Failed password for root from 106.13.163.236 port 45054 ssh2 Oct 5 00:59:00 web1 sshd[28017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.163.236 user=root Oct 5 00:59:02 web1 sshd[28017]: Failed password for root from 106.13.163.236 port 44164 ssh2 Oct 5 01:02:28 web1 sshd[30530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.163.236 user=root Oct 5 01:02:30 web1 sshd[30530]: Failed password for root from 106.13.163.236 port 42462 ssh2 Oct 5 01:06:05 web1 sshd[26908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.163.236 user=root Oct 5 01:06:07 web1 sshd[26908]: Failed password for root from 106.13.163.236 port 40762 ssh2 Oct 5 01:09:46 web1 sshd[28 ...	2020-10-05 05:55:19
106.13.163.236	attackspambots	24694/tcp 5983/tcp 19360/tcp... [2020-07-22/09-20]23pkt,23pt.(tcp)	2020-09-20 23:46:08
106.13.163.236	attackbots	106.13.163.236 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 20 00:39:08 server4 sshd[29097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.163.236 user=root Sep 20 00:39:10 server4 sshd[29097]: Failed password for root from 106.13.163.236 port 44696 ssh2 Sep 20 00:39:10 server4 sshd[29040]: Failed password for root from 93.149.12.2 port 60092 ssh2 Sep 20 00:33:50 server4 sshd[26066]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.97.184 user=root Sep 20 00:33:51 server4 sshd[26066]: Failed password for root from 81.68.97.184 port 52812 ssh2 Sep 20 00:33:13 server4 sshd[25425]: Failed password for root from 78.139.216.117 port 55360 ssh2 IP Addresses Blocked:	2020-09-20 15:36:15
106.13.163.236	attack	Sep 19 18:56:11 DAAP sshd[3039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.163.236 user=root Sep 19 18:56:13 DAAP sshd[3039]: Failed password for root from 106.13.163.236 port 51176 ssh2 Sep 19 19:00:54 DAAP sshd[3092]: Invalid user jenkins from 106.13.163.236 port 33530 Sep 19 19:00:54 DAAP sshd[3092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.163.236 Sep 19 19:00:54 DAAP sshd[3092]: Invalid user jenkins from 106.13.163.236 port 33530 Sep 19 19:00:56 DAAP sshd[3092]: Failed password for invalid user jenkins from 106.13.163.236 port 33530 ssh2 ...	2020-09-20 07:30:42
106.13.163.236	attack	Port scan: Attack repeated for 24 hours	2020-09-18 23:31:59
106.13.163.236	attackspam	Sep 18 03:57:39 gospond sshd[32251]: Failed password for root from 106.13.163.236 port 35756 ssh2 Sep 18 04:01:03 gospond sshd[32292]: Invalid user nathaniel from 106.13.163.236 port 40030 Sep 18 04:01:03 gospond sshd[32292]: Invalid user nathaniel from 106.13.163.236 port 40030 ...	2020-09-18 15:41:27
106.13.163.236	attackspambots	Sep 17 22:05:24 lunarastro sshd[22894]: Failed password for root from 106.13.163.236 port 39056 ssh2	2020-09-18 05:57:03
106.13.163.39	attackspambots	SIP/5060 Probe, BF, Hack -	2020-08-20 16:18:29
106.13.163.236	attackbots	TCP (SYN) 106.13.163.236:59582 -> port 24190, len 44	2020-08-18 19:24:12
106.13.163.236	attackbots	" "	2020-08-16 08:36:07
106.13.163.39	attackbots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-08-06 18:06:58
106.13.163.39	attackbots	Jul 27 13:12:03 h1946882 sshd[2891]: pam_unix(sshd:auth): authenticatio= n failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D106.1= 3.163.39=20 Jul 27 13:12:05 h1946882 sshd[2891]: Failed password for invalid user t= omcat from 106.13.163.39 port 34442 ssh2 Jul 27 13:12:06 h1946882 sshd[2891]: Received disconnect from 106.13.16= 3.39: 11: Bye Bye [preauth] Jul 27 13:40:47 h1946882 sshd[3568]: pam_unix(sshd:auth): authenticatio= n failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D106.1= 3.163.39=20 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.13.163.39	2020-07-28 03:31:01
106.13.163.236	attack	Jun 23 15:21:06 vps sshd[3899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.163.236 Jun 23 15:21:08 vps sshd[3899]: Failed password for invalid user jenkins from 106.13.163.236 port 43864 ssh2 Jun 23 15:41:09 vps sshd[5266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.163.236 ...	2020-06-23 22:19:30
106.13.163.39	attackbots	Lines containing failures of 106.13.163.39 Jun 7 11:55:58 zabbix sshd[60280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.163.39 user=r.r Jun 7 11:55:59 zabbix sshd[60280]: Failed password for r.r from 106.13.163.39 port 37864 ssh2 Jun 7 11:55:59 zabbix sshd[60280]: Received disconnect from 106.13.163.39 port 37864:11: Bye Bye [preauth] Jun 7 11:55:59 zabbix sshd[60280]: Disconnected from authenticating user r.r 106.13.163.39 port 37864 [preauth] Jun 7 12:08:43 zabbix sshd[61266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.163.39 user=r.r Jun 7 12:08:45 zabbix sshd[61266]: Failed password for r.r from 106.13.163.39 port 42862 ssh2 Jun 7 12:08:46 zabbix sshd[61266]: Received disconnect from 106.13.163.39 port 42862:11: Bye Bye [preauth] Jun 7 12:08:46 zabbix sshd[61266]: Disconnected from authenticating user r.r 106.13.163.39 port 42862 [preauth] Jun 7 12:13:1........ ------------------------------	2020-06-08 01:10:25

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.163.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52372
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;106.13.163.1.			IN	A

;; AUTHORITY SECTION:
.			365	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022011000 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 10 14:36:56 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 1.163.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 1.163.13.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
107.170.202.101	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2019-07-05 17:56:59
198.108.67.94	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-05 18:06:43
45.7.1.94	attack	SSH/22 MH Probe, BF, Hack -	2019-07-05 18:22:36
14.116.222.170	attackbots	Jul 5 08:02:35 *** sshd[7786]: Invalid user todds from 14.116.222.170	2019-07-05 18:03:51
222.112.69.75	attackspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-05 18:43:41
69.163.196.117	attackbots	Scanning and Vuln Attempts	2019-07-05 18:18:45
46.177.91.84	attack	Honeypot attack, port: 23, PTR: ppp046177091084.access.hol.gr.	2019-07-05 18:30:44
128.199.182.235	attackbotsspam	SSH Bruteforce	2019-07-05 18:52:36
66.70.173.61	attack	Scanning and Vuln Attempts	2019-07-05 18:23:55
198.245.50.81	attackspam	Jul 5 09:58:06 MainVPS sshd[4720]: Invalid user smb from 198.245.50.81 port 45122 Jul 5 09:58:06 MainVPS sshd[4720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.245.50.81 Jul 5 09:58:06 MainVPS sshd[4720]: Invalid user smb from 198.245.50.81 port 45122 Jul 5 09:58:08 MainVPS sshd[4720]: Failed password for invalid user smb from 198.245.50.81 port 45122 ssh2 Jul 5 10:01:27 MainVPS sshd[4941]: Invalid user doku from 198.245.50.81 port 56866 ...	2019-07-05 18:50:33
113.189.214.159	attackbotsspam	Honeypot attack, port: 445, PTR: static.vnpt.vn.	2019-07-05 18:42:19
198.108.66.231	attackspambots	" "	2019-07-05 18:37:39
187.214.7.28	attackbotsspam	Honeypot attack, port: 445, PTR: dsl-187-214-7-28-dyn.prod-infinitum.com.mx.	2019-07-05 18:15:08
185.153.196.191	attackbots	05.07.2019 10:09:27 Connection to port 16143 blocked by firewall	2019-07-05 18:26:31
85.51.149.32	attackspam	Scanning and Vuln Attempts	2019-07-05 17:58:36

Recently Reported IPs

193.155.216.123	146.229.222.142	146.150.83.79	192.49.8.119
236.153.107.91	219.137.69.251	162.127.31.211	0.164.161.65
147.155.3.13	135.183.216.142	193.93.62.106	208.138.15.63
167.250.142.129	125.208.248.141	211.238.175.193	177.248.168.141
158.11.194.24	161.28.102.250	14.118.231.43	112.19.118.87