106.13.174.92 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Mar 2 10:33:01 vps46666688 sshd[25709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.174.92 Mar 2 10:33:04 vps46666688 sshd[25709]: Failed password for invalid user akazam from 106.13.174.92 port 43138 ssh2 ...	2020-03-03 05:02:01
attackbotsspam	Unauthorized connection attempt detected from IP address 106.13.174.92 to port 2220 [J]	2020-02-23 14:12:59
attackbotsspam	Feb 17 05:38:20 web9 sshd\[9094\]: Invalid user jnegrete from 106.13.174.92 Feb 17 05:38:20 web9 sshd\[9094\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.174.92 Feb 17 05:38:23 web9 sshd\[9094\]: Failed password for invalid user jnegrete from 106.13.174.92 port 39122 ssh2 Feb 17 05:41:32 web9 sshd\[9501\]: Invalid user tf2server from 106.13.174.92 Feb 17 05:41:32 web9 sshd\[9501\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.174.92	2020-02-17 23:48:20
attackbotsspam	Feb 6 03:31:00 silence02 sshd[1496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.174.92 Feb 6 03:31:03 silence02 sshd[1496]: Failed password for invalid user cti from 106.13.174.92 port 37220 ssh2 Feb 6 03:33:59 silence02 sshd[1763]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.174.92	2020-02-06 10:49:47
attackbots	Unauthorized connection attempt detected from IP address 106.13.174.92 to port 2220 [J]	2020-02-02 16:53:18
attackbots	Jan 23 15:28:38 MK-Soft-Root2 sshd[14031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.174.92 Jan 23 15:28:40 MK-Soft-Root2 sshd[14031]: Failed password for invalid user csgoserver from 106.13.174.92 port 50124 ssh2 ...	2020-01-23 22:57:49

Comments on same subnet:

IP	Type	Details	Datetime
106.13.174.171	attackspam	srv02 Mass scanning activity detected Target: 22611 ..	2020-10-08 02:02:11
106.13.174.171	attack	Found on 106.12.0.0/15 Dark List de / proto=6 . srcport=59891 . dstport=22611 . (1644)	2020-10-07 18:09:51
106.13.174.171	attackbotsspam	" "	2020-09-20 00:41:03
106.13.174.171	attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-19 16:29:36
106.13.174.144	attackbotsspam	SSH brute force	2020-09-09 21:20:08
106.13.174.144	attackbotsspam	SSH brute force	2020-09-09 15:14:37
106.13.174.144	attackbots	Failed password for root from 106.13.174.144 port 41072 ssh2	2020-09-09 07:25:07
106.13.174.171	attackspam	SIP/5060 Probe, BF, Hack -	2020-08-17 19:00:38
106.13.174.144	attack	Aug 17 05:41:44 l03 sshd[16210]: Invalid user pablo from 106.13.174.144 port 51412 ...	2020-08-17 14:27:02
106.13.174.171	attack	Port scan denied	2020-08-14 17:43:57
106.13.174.144	attackbotsspam	Aug 9 03:44:59 scw-tender-jepsen sshd[23217]: Failed password for root from 106.13.174.144 port 50152 ssh2	2020-08-09 16:48:25
106.13.174.144	attack	Invalid user shipeng from 106.13.174.144 port 55616	2020-07-29 05:54:15
106.13.174.144	attack	invalid user yudai from 106.13.174.144 port 33322 ssh2	2020-07-26 17:01:03
106.13.174.144	attackbotsspam	Jul 23 13:56:06 inter-technics sshd[18704]: Invalid user buyer from 106.13.174.144 port 38818 Jul 23 13:56:06 inter-technics sshd[18704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.174.144 Jul 23 13:56:06 inter-technics sshd[18704]: Invalid user buyer from 106.13.174.144 port 38818 Jul 23 13:56:08 inter-technics sshd[18704]: Failed password for invalid user buyer from 106.13.174.144 port 38818 ssh2 Jul 23 14:03:55 inter-technics sshd[19112]: Invalid user test from 106.13.174.144 port 52312 ...	2020-07-23 20:29:05
106.13.174.241	attackspam	Invalid user user2 from 106.13.174.241 port 51130	2020-07-17 18:32:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.174.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36765
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.174.92.			IN	A

;; AUTHORITY SECTION:
.			310	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012300 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 23 22:57:43 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 92.174.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 92.174.13.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
167.99.144.196	attack	Jul 24 00:18:52 v22018076622670303 sshd\[6863\]: Invalid user ftpuser from 167.99.144.196 port 51902 Jul 24 00:18:52 v22018076622670303 sshd\[6863\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.144.196 Jul 24 00:18:53 v22018076622670303 sshd\[6863\]: Failed password for invalid user ftpuser from 167.99.144.196 port 51902 ssh2 ...	2019-07-24 07:07:19
96.47.239.231	attackbotsspam	Honeypot attack, port: 445, PTR: 96.47.239.231.static.quadranet.com.	2019-07-24 07:07:36
85.50.116.141	attackbotsspam	Invalid user libuuid from 85.50.116.141 port 52370	2019-07-24 07:09:21
177.38.45.102	attack	Lines containing failures of 177.38.45.102 Jul 22 22:33:23 omfg postfix/smtpd[24687]: connect from 177-38-45-102.spacenetwork.com.br[177.38.45.102] Jul 22 22:33:23 omfg postfix-submission/smtpd[24904]: connect from 177-38-45-102.spacenetwork.com.br[177.38.45.102] Jul 22 22:33:23 omfg postfix/smtpd[24907]: connect from 177-38-45-102.spacenetwork.com.br[177.38.45.102] Jul 22 22:33:23 omfg postfix-submission/smtpd[24906]: connect from 177-38-45-102.spacenetwork.com.br[177.38.45.102] Jul 22 22:33:23 omfg postfix-submission/smtpd[24908]: connect from 177-38-45-102.spacenetwork.com.br[177.38.45.102] Jul 22 22:33:23 omfg postfix-submission/smtpd[24903]: connect from 177-38-45-102.spacenetwork.com.br[177.38.45.102] Jul 22 22:33:23 omfg postfix/smtpd[24909]: connect from 177-38-45-102.spacenetwork.com.br[177.38.45.102] Jul 22 22:33:23 omfg postfix/smtpd[24905]: connect from 177-38-45-102.spacenetwork.com.br[177.38.45.102] Jul 22 22:33:23 omfg postfix/smtpd[24907]: lost connection........ ------------------------------	2019-07-24 06:52:31
37.75.12.1	attackbots	Honeypot attack, port: 445, PTR: 37-75-12-1.rdns.saglayici.net.	2019-07-24 07:21:08
103.101.18.43	attackspambots	2019-07-23T20:18:36.327121abusebot.cloudsearch.cf sshd\[1071\]: Invalid user user1 from 103.101.18.43 port 63153	2019-07-24 06:59:39
220.181.108.99	attack	Automatic report - Banned IP Access	2019-07-24 06:51:55
47.91.245.238	attackbotsspam	Automatic report - Banned IP Access	2019-07-24 07:20:12
145.239.198.218	attackbots	Jul 24 04:16:41 vibhu-HP-Z238-Microtower-Workstation sshd\[29518\]: Invalid user pty from 145.239.198.218 Jul 24 04:16:41 vibhu-HP-Z238-Microtower-Workstation sshd\[29518\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.198.218 Jul 24 04:16:43 vibhu-HP-Z238-Microtower-Workstation sshd\[29518\]: Failed password for invalid user pty from 145.239.198.218 port 47982 ssh2 Jul 24 04:21:01 vibhu-HP-Z238-Microtower-Workstation sshd\[29660\]: Invalid user nigger from 145.239.198.218 Jul 24 04:21:01 vibhu-HP-Z238-Microtower-Workstation sshd\[29660\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.198.218 ...	2019-07-24 06:54:18
177.36.58.182	attackspambots	Jul 23 22:11:01 vtv3 sshd\[8105\]: Invalid user tara from 177.36.58.182 port 33954 Jul 23 22:11:01 vtv3 sshd\[8105\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.36.58.182 Jul 23 22:11:03 vtv3 sshd\[8105\]: Failed password for invalid user tara from 177.36.58.182 port 33954 ssh2 Jul 23 22:17:03 vtv3 sshd\[10890\]: Invalid user qf from 177.36.58.182 port 60106 Jul 23 22:17:03 vtv3 sshd\[10890\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.36.58.182 Jul 23 22:28:33 vtv3 sshd\[16526\]: Invalid user interview from 177.36.58.182 port 55930 Jul 23 22:28:33 vtv3 sshd\[16526\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.36.58.182 Jul 23 22:28:35 vtv3 sshd\[16526\]: Failed password for invalid user interview from 177.36.58.182 port 55930 ssh2 Jul 23 22:34:30 vtv3 sshd\[19431\]: Invalid user etherpad-lite from 177.36.58.182 port 53842 Jul 23 22:34:30 vtv3 sshd\[19431\	2019-07-24 07:06:14
36.66.149.211	attackspambots	Invalid user castis from 36.66.149.211 port 46986	2019-07-24 07:19:22
170.79.16.19	attack	Wordpress XMLRPC attack	2019-07-24 06:49:06
182.18.194.135	attack	Jul 24 00:23:56 OPSO sshd\[4500\]: Invalid user easy from 182.18.194.135 port 57600 Jul 24 00:23:56 OPSO sshd\[4500\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.18.194.135 Jul 24 00:23:58 OPSO sshd\[4500\]: Failed password for invalid user easy from 182.18.194.135 port 57600 ssh2 Jul 24 00:29:24 OPSO sshd\[5500\]: Invalid user drop from 182.18.194.135 port 53848 Jul 24 00:29:24 OPSO sshd\[5500\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.18.194.135	2019-07-24 06:51:39
212.83.145.12	attack	\[2019-07-23 18:28:08\] SECURITY\[20812\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-23T18:28:08.233-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="996783011972592277524",SessionID="0x7f06f8009f28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/212.83.145.12/53073",ACLName="no_extension_match" \[2019-07-23 18:31:13\] SECURITY\[20812\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-23T18:31:13.293-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="996784011972592277524",SessionID="0x7f06f804c2c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/212.83.145.12/59259",ACLName="no_extension_match" \[2019-07-23 18:34:22\] SECURITY\[20812\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-23T18:34:22.655-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="996785011972592277524",SessionID="0x7f06f8009f28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/212.83.145.12/6	2019-07-24 06:47:21
134.255.199.30	attackspambots	3389BruteforceFW23	2019-07-24 06:46:41

Recently Reported IPs

103.224.182.249	173.212.203.138	61.199.111.79	65.60.33.82
127.136.153.139	46.48.48.5	123.207.35.22	150.129.104.241
118.70.100.149	46.201.108.203	163.172.30.51	106.13.65.106
154.211.13.155	206.189.226.58	113.53.60.124	116.106.244.242
59.91.116.179	209.58.149.68	112.133.236.125	140.143.202.56