106.13.198.131

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Jun 2 22:21:00 vps639187 sshd\[9296\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.198.131 user=root Jun 2 22:21:01 vps639187 sshd\[9296\]: Failed password for root from 106.13.198.131 port 53674 ssh2 Jun 2 22:23:45 vps639187 sshd\[9361\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.198.131 user=root ...	2020-06-03 08:09:44
attack	2020-06-02T15:10:41.031080mail.standpoint.com.ua sshd[26209]: Failed password for root from 106.13.198.131 port 45894 ssh2 2020-06-02T15:12:07.222649mail.standpoint.com.ua sshd[26426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.198.131 user=root 2020-06-02T15:12:09.200487mail.standpoint.com.ua sshd[26426]: Failed password for root from 106.13.198.131 port 35314 ssh2 2020-06-02T15:13:39.400395mail.standpoint.com.ua sshd[26653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.198.131 user=root 2020-06-02T15:13:41.675451mail.standpoint.com.ua sshd[26653]: Failed password for root from 106.13.198.131 port 52966 ssh2 ...	2020-06-02 20:22:27
attack	SSH Brute-Force attacks	2020-05-27 13:57:55
attackspam	bruteforce detected	2020-05-05 03:50:59
attackbotsspam	ssh brute force	2020-04-27 12:59:49
attackbotsspam	Apr 5 13:49:01 localhost sshd[1219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.198.131 user=root Apr 5 13:49:03 localhost sshd[1219]: Failed password for root from 106.13.198.131 port 37768 ssh2 Apr 5 13:51:07 localhost sshd[1375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.198.131 user=root Apr 5 13:51:09 localhost sshd[1375]: Failed password for root from 106.13.198.131 port 34960 ssh2 Apr 5 13:53:21 localhost sshd[1548]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.198.131 user=root Apr 5 13:53:23 localhost sshd[1548]: Failed password for root from 106.13.198.131 port 60396 ssh2 ...	2020-04-05 23:24:12
attackbotsspam	B: Abusive ssh attack	2020-03-25 08:50:20
attackspambots	Mar 23 20:21:02 ny01 sshd[26449]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.198.131 Mar 23 20:21:04 ny01 sshd[26449]: Failed password for invalid user lev from 106.13.198.131 port 49962 ssh2 Mar 23 20:24:04 ny01 sshd[27657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.198.131	2020-03-24 08:27:00

Comments on same subnet:

IP	Type	Details	Datetime
106.13.198.167	attackbotsspam	DATE:2020-08-05 06:05:36,IP:106.13.198.167,MATCHES:10,PORT:ssh	2020-08-05 12:44:48
106.13.198.167	attackbots	Port scan: Attack repeated for 24 hours	2020-07-28 20:52:07
106.13.198.167	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-07-28 05:44:08
106.13.198.167	attackbotsspam	TCP (SYN) 106.13.198.167:41904 -> port 29814, len 44	2020-07-26 20:06:15
106.13.198.167	attackbotsspam	Port Scan ...	2020-07-14 12:14:40
106.13.198.167	attack	Jun 26 20:36:52 mail sshd[6877]: Failed password for invalid user vncuser from 106.13.198.167 port 50978 ssh2 ...	2020-06-29 04:41:28
106.13.198.167	attackspam	Jun 21 14:08:48 onepixel sshd[15300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.198.167 user=root Jun 21 14:08:50 onepixel sshd[15300]: Failed password for root from 106.13.198.167 port 58972 ssh2 Jun 21 14:11:17 onepixel sshd[16596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.198.167 user=root Jun 21 14:11:19 onepixel sshd[16596]: Failed password for root from 106.13.198.167 port 60328 ssh2 Jun 21 14:13:50 onepixel sshd[17810]: Invalid user test2 from 106.13.198.167 port 33446	2020-06-21 22:26:28
106.13.198.167	attackspambots	$f2bV_matches	2020-06-09 19:03:15
106.13.198.93	attack	Unauthorized connection attempt detected from IP address 106.13.198.93 to port 23 [T]	2020-05-09 04:49:40
106.13.198.167	attackbots	$f2bV_matches	2020-05-06 15:43:12
106.13.198.70	attackbotsspam	Automatic report - Port Scan	2019-12-05 05:31:25
106.13.198.162	attackspambots	Nov 6 01:28:44 h2065291 sshd[26148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.198.162 user=r.r Nov 6 01:28:46 h2065291 sshd[26148]: Failed password for r.r from 106.13.198.162 port 44950 ssh2 Nov 6 01:28:46 h2065291 sshd[26148]: Received disconnect from 106.13.198.162: 11: Bye Bye [preauth] Nov 6 01:34:59 h2065291 sshd[26177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.198.162 user=r.r Nov 6 01:35:01 h2065291 sshd[26177]: Failed password for r.r from 106.13.198.162 port 35068 ssh2 Nov 6 01:35:02 h2065291 sshd[26177]: Received disconnect from 106.13.198.162: 11: Bye Bye [preauth] Nov 6 01:39:55 h2065291 sshd[26278]: Invalid user fy from 106.13.198.162 Nov 6 01:39:55 h2065291 sshd[26278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.198.162 Nov 6 01:39:57 h2065291 sshd[26278]: Failed password for invalid us........ -------------------------------	2019-11-09 15:18:18
106.13.198.162	attackspam	Nov 6 01:28:44 h2065291 sshd[26148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.198.162 user=r.r Nov 6 01:28:46 h2065291 sshd[26148]: Failed password for r.r from 106.13.198.162 port 44950 ssh2 Nov 6 01:28:46 h2065291 sshd[26148]: Received disconnect from 106.13.198.162: 11: Bye Bye [preauth] Nov 6 01:34:59 h2065291 sshd[26177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.198.162 user=r.r Nov 6 01:35:01 h2065291 sshd[26177]: Failed password for r.r from 106.13.198.162 port 35068 ssh2 Nov 6 01:35:02 h2065291 sshd[26177]: Received disconnect from 106.13.198.162: 11: Bye Bye [preauth] Nov 6 01:39:55 h2065291 sshd[26278]: Invalid user fy from 106.13.198.162 Nov 6 01:39:55 h2065291 sshd[26278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.198.162 Nov 6 01:39:57 h2065291 sshd[26278]: Failed password for invalid us........ -------------------------------	2019-11-09 06:35:36
106.13.198.162	attackspam	Nov 7 10:40:36 vps647732 sshd[26632]: Failed password for root from 106.13.198.162 port 33012 ssh2 ...	2019-11-07 17:56:29
106.13.198.162	attack	Nov 7 06:56:16 dedicated sshd[16167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.198.162 user=root Nov 7 06:56:18 dedicated sshd[16167]: Failed password for root from 106.13.198.162 port 58730 ssh2	2019-11-07 14:02:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.198.131
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7880
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.198.131.			IN	A

;; AUTHORITY SECTION:
.			550	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032301 1800 900 604800 86400

;; Query time: 99 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 24 08:26:57 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 131.198.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 131.198.13.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.63.77.157	attackbotsspam	3389BruteforceFW22	2019-09-23 03:56:49
117.185.62.146	attackspam	2019-09-22T17:27:42.485891abusebot-4.cloudsearch.cf sshd\[23261\]: Invalid user teamspeak from 117.185.62.146 port 35776	2019-09-23 04:08:35
83.48.89.147	attackbots	Sep 22 03:41:12 hcbb sshd\[17306\]: Invalid user nagiosadmin from 83.48.89.147 Sep 22 03:41:12 hcbb sshd\[17306\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.red-83-48-89.staticip.rima-tde.net Sep 22 03:41:13 hcbb sshd\[17306\]: Failed password for invalid user nagiosadmin from 83.48.89.147 port 55937 ssh2 Sep 22 03:45:24 hcbb sshd\[17663\]: Invalid user 12345 from 83.48.89.147 Sep 22 03:45:24 hcbb sshd\[17663\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.red-83-48-89.staticip.rima-tde.net	2019-09-23 03:52:46
37.24.118.239	attackbotsspam	Sep 22 20:38:36 xeon sshd[10184]: Failed password for invalid user dolores from 37.24.118.239 port 35190 ssh2	2019-09-23 03:48:39
58.87.67.142	attackspambots	Sep 22 09:40:31 lcprod sshd\[6734\]: Invalid user zha from 58.87.67.142 Sep 22 09:40:31 lcprod sshd\[6734\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.67.142 Sep 22 09:40:32 lcprod sshd\[6734\]: Failed password for invalid user zha from 58.87.67.142 port 59302 ssh2 Sep 22 09:45:25 lcprod sshd\[7159\]: Invalid user marton from 58.87.67.142 Sep 22 09:45:25 lcprod sshd\[7159\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.67.142	2019-09-23 03:45:43
148.70.23.131	attack	Sep 22 20:54:29 MK-Soft-VM6 sshd[2149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.23.131 Sep 22 20:54:32 MK-Soft-VM6 sshd[2149]: Failed password for invalid user tomcat from 148.70.23.131 port 41933 ssh2 ...	2019-09-23 03:51:41
49.235.134.72	attack	ssh failed login	2019-09-23 03:57:15
103.106.247.148	attack	2019-09-22T16:30:17.258100abusebot-8.cloudsearch.cf sshd\[8660\]: Invalid user chris from 103.106.247.148 port 59926	2019-09-23 03:55:21
51.254.199.97	attack	Scanning random ports - tries to find possible vulnerable services	2019-09-23 04:05:18
178.150.216.229	attack	Sep 22 02:52:53 wbs sshd\[3847\]: Invalid user macintosh from 178.150.216.229 Sep 22 02:52:53 wbs sshd\[3847\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.150.216.229 Sep 22 02:52:56 wbs sshd\[3847\]: Failed password for invalid user macintosh from 178.150.216.229 port 50112 ssh2 Sep 22 02:57:49 wbs sshd\[4287\]: Invalid user 1a2b3c from 178.150.216.229 Sep 22 02:57:49 wbs sshd\[4287\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.150.216.229	2019-09-23 04:03:33
193.112.219.228	attack	Sep 22 11:46:12 ny01 sshd[12824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.219.228 Sep 22 11:46:15 ny01 sshd[12824]: Failed password for invalid user cmcginn from 193.112.219.228 port 58782 ssh2 Sep 22 11:52:36 ny01 sshd[13971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.219.228	2019-09-23 04:01:41
112.85.42.179	attackbots	Sep 22 05:38:04 aiointranet sshd\[21088\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.179 user=root Sep 22 05:38:06 aiointranet sshd\[21088\]: Failed password for root from 112.85.42.179 port 62858 ssh2 Sep 22 05:38:09 aiointranet sshd\[21088\]: Failed password for root from 112.85.42.179 port 62858 ssh2 Sep 22 05:38:12 aiointranet sshd\[21088\]: Failed password for root from 112.85.42.179 port 62858 ssh2 Sep 22 05:38:15 aiointranet sshd\[21088\]: Failed password for root from 112.85.42.179 port 62858 ssh2	2019-09-23 03:28:58
194.186.187.70	attack	Brute force attempt	2019-09-23 03:33:18
116.50.29.50	attackbots	2019-09-22 07:38:03 H=(luvass.it) [116.50.29.50]:36740 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/116.50.29.50) 2019-09-22 07:38:04 H=(luvass.it) [116.50.29.50]:36740 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-09-22 07:38:05 H=(luvass.it) [116.50.29.50]:36740 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/116.50.29.50) ...	2019-09-23 04:08:08
106.12.92.88	attack	Sep 22 07:45:58 hiderm sshd\[30515\]: Invalid user andreas from 106.12.92.88 Sep 22 07:45:58 hiderm sshd\[30515\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.88 Sep 22 07:46:00 hiderm sshd\[30515\]: Failed password for invalid user andreas from 106.12.92.88 port 52018 ssh2 Sep 22 07:51:12 hiderm sshd\[30987\]: Invalid user ubnt from 106.12.92.88 Sep 22 07:51:12 hiderm sshd\[30987\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.88	2019-09-23 03:27:56

Recently Reported IPs

122.191.127.39	121.141.216.231	87.126.21.88	132.232.115.47
51.254.246.40	13.91.46.118	191.250.60.118	45.83.65.156
182.50.132.89	218.16.121.2	162.248.88.152	69.94.141.68
111.229.54.82	48.63.94.174	84.17.51.144	36.42.215.221
120.79.222.186	94.55.10.139	208.180.131.204	120.77.65.160