106.13.30.143 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	2019-08-07T00:08:49.648892abusebot-2.cloudsearch.cf sshd\[10594\]: Invalid user lines from 106.13.30.143 port 39444	2019-08-07 08:38:48
attackbotsspam	Automatic report - Banned IP Access	2019-07-29 15:53:07

Comments on same subnet:

IP	Type	Details	Datetime
106.13.30.99	attackbotsspam	fail2ban	2020-08-11 01:27:11
106.13.30.99	attackbotsspam	2020-08-07T14:03:04.532300amanda2.illicoweb.com sshd\[43453\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.99 user=root 2020-08-07T14:03:06.503975amanda2.illicoweb.com sshd\[43453\]: Failed password for root from 106.13.30.99 port 59930 ssh2 2020-08-07T14:05:27.781028amanda2.illicoweb.com sshd\[43867\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.99 user=root 2020-08-07T14:05:29.049938amanda2.illicoweb.com sshd\[43867\]: Failed password for root from 106.13.30.99 port 39308 ssh2 2020-08-07T14:07:41.497539amanda2.illicoweb.com sshd\[44189\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.99 user=root ...	2020-08-07 21:33:15
106.13.30.99	attack	Jul 30 09:07:14 plex-server sshd[2407821]: Invalid user zhangjunzhe from 106.13.30.99 port 48186 Jul 30 09:07:14 plex-server sshd[2407821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.99 Jul 30 09:07:14 plex-server sshd[2407821]: Invalid user zhangjunzhe from 106.13.30.99 port 48186 Jul 30 09:07:16 plex-server sshd[2407821]: Failed password for invalid user zhangjunzhe from 106.13.30.99 port 48186 ssh2 Jul 30 09:10:17 plex-server sshd[2409402]: Invalid user huyi from 106.13.30.99 port 57990 ...	2020-07-30 17:17:09
106.13.30.99	attackbotsspam	SSH BruteForce Attack	2020-07-19 12:11:59
106.13.30.99	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-11T11:56:38Z and 2020-07-11T12:01:39Z	2020-07-11 20:44:40
106.13.30.99	attack	$f2bV_matches	2020-07-09 18:10:38
106.13.30.99	attack	Jul 7 00:40:53 vps647732 sshd[10432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.99 Jul 7 00:40:55 vps647732 sshd[10432]: Failed password for invalid user tanghua from 106.13.30.99 port 45332 ssh2 ...	2020-07-07 06:59:50
106.13.30.99	attack	2020-06-29T04:39:32 t 22d[54496]: pam_unix(22d:auth): authentication failure, logname= uid=0 euid=0 tty=22 ruser= rhost=106.13.30.99 ", "Jun 29 04:39:35 t 22d[54496]: Failed password for invalid user jenkins from 106.13.30.99 port 35344 222"], "failures": 3, "mlfid": " t 22d[54496]: ", "user": "jenkins", "ip4": "106.13.30.99"}	2020-06-29 22:51:33
106.13.30.80	attack	Invalid user tsf from 106.13.30.80 port 57910	2020-02-15 08:43:40
106.13.30.80	attackbots	Unauthorized connection attempt detected from IP address 106.13.30.80 to port 2220 [J]	2020-01-22 20:53:34
106.13.30.80	attackbotsspam	Invalid user bandel from 106.13.30.80 port 35940 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80 Failed password for invalid user bandel from 106.13.30.80 port 35940 ssh2 Invalid user el from 106.13.30.80 port 57032 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80	2019-12-25 01:42:33
106.13.30.80	attackbots	Nov 26 20:56:55 game-panel sshd[16997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80 Nov 26 20:56:57 game-panel sshd[16997]: Failed password for invalid user meineke from 106.13.30.80 port 51780 ssh2 Nov 26 21:04:09 game-panel sshd[17216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80	2019-11-27 05:20:24
106.13.30.80	attack	Oct 21 12:41:38 penfold sshd[18648]: Invalid user Adminixxxr from 106.13.30.80 port 40146 Oct 21 12:41:38 penfold sshd[18648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80 Oct 21 12:41:40 penfold sshd[18648]: Failed password for invalid user Adminixxxr from 106.13.30.80 port 40146 ssh2 Oct 21 12:41:42 penfold sshd[18648]: Received disconnect from 106.13.30.80 port 40146:11: Bye Bye [preauth] Oct 21 12:41:42 penfold sshd[18648]: Disconnected from 106.13.30.80 port 40146 [preauth] Oct 21 13:06:44 penfold sshd[19601]: Invalid user dev from 106.13.30.80 port 54170 Oct 21 13:06:44 penfold sshd[19601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80 Oct 21 13:06:46 penfold sshd[19601]: Failed password for invalid user dev from 106.13.30.80 port 54170 ssh2 Oct 21 13:06:47 penfold sshd[19601]: Received disconnect from 106.13.30.80 port 54170:11: Bye Bye [preauth] Oct 2........ -------------------------------	2019-10-26 16:24:20
106.13.30.80	attackspam	Automatic report - Banned IP Access	2019-10-24 15:57:51
106.13.30.80	attack	Oct 21 12:41:38 penfold sshd[18648]: Invalid user Adminixxxr from 106.13.30.80 port 40146 Oct 21 12:41:38 penfold sshd[18648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80 Oct 21 12:41:40 penfold sshd[18648]: Failed password for invalid user Adminixxxr from 106.13.30.80 port 40146 ssh2 Oct 21 12:41:42 penfold sshd[18648]: Received disconnect from 106.13.30.80 port 40146:11: Bye Bye [preauth] Oct 21 12:41:42 penfold sshd[18648]: Disconnected from 106.13.30.80 port 40146 [preauth] Oct 21 13:06:44 penfold sshd[19601]: Invalid user dev from 106.13.30.80 port 54170 Oct 21 13:06:44 penfold sshd[19601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80 Oct 21 13:06:46 penfold sshd[19601]: Failed password for invalid user dev from 106.13.30.80 port 54170 ssh2 Oct 21 13:06:47 penfold sshd[19601]: Received disconnect from 106.13.30.80 port 54170:11: Bye Bye [preauth] Oct 2........ -------------------------------	2019-10-24 00:31:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.30.143
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35949
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.30.143.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 29 15:53:01 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 143.30.13.106.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 143.30.13.106.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
210.97.40.34	attackspambots	bruteforce detected	2020-06-17 19:27:55
83.110.212.85	attackspam	Invalid user gm from 83.110.212.85 port 25431	2020-06-17 19:41:04
139.59.43.196	attackspam	Trolling for resource vulnerabilities	2020-06-17 19:16:20
208.109.53.185	attackspam	CMS (WordPress or Joomla) login attempt.	2020-06-17 19:23:55
2607:f298:6:a036::ca8:dc93	attackbots	LGS,WP GET /cms/wp-login.php	2020-06-17 19:29:57
118.24.231.93	attack	Invalid user Joshua from 118.24.231.93 port 60750	2020-06-17 19:46:06
111.229.120.31	attack	Jun 17 09:07:42 pve1 sshd[24565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.120.31 Jun 17 09:07:44 pve1 sshd[24565]: Failed password for invalid user demo from 111.229.120.31 port 41788 ssh2 ...	2020-06-17 19:15:05
185.176.27.30	attack	Jun 17 13:00:45 debian-2gb-nbg1-2 kernel: \[14650343.986557\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.30 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=48247 PROTO=TCP SPT=49741 DPT=24384 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-17 19:10:26
121.122.76.63	attack	Port Scan detected! ...	2020-06-17 19:27:33
198.143.180.115	attack	Invalid user valerie from 198.143.180.115 port 34018	2020-06-17 19:19:41
69.84.96.63	attack	Unauthorized connection attempt detected from IP address 69.84.96.63 to port 23	2020-06-17 19:16:51
175.126.62.163	attack	CMS (WordPress or Joomla) login attempt.	2020-06-17 19:11:46
213.176.36.4	attackspambots	Jun 17 11:35:59 sip sshd[681551]: Invalid user og from 213.176.36.4 port 59320 Jun 17 11:36:02 sip sshd[681551]: Failed password for invalid user og from 213.176.36.4 port 59320 ssh2 Jun 17 11:37:36 sip sshd[681555]: Invalid user admin from 213.176.36.4 port 52734 ...	2020-06-17 19:33:37
129.204.88.17	attackbotsspam	Jun 17 05:00:46 vlre-nyc-1 sshd\[24599\]: Invalid user sai from 129.204.88.17 Jun 17 05:00:46 vlre-nyc-1 sshd\[24599\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.88.17 Jun 17 05:00:48 vlre-nyc-1 sshd\[24599\]: Failed password for invalid user sai from 129.204.88.17 port 44950 ssh2 Jun 17 05:04:42 vlre-nyc-1 sshd\[24731\]: Invalid user lai from 129.204.88.17 Jun 17 05:04:42 vlre-nyc-1 sshd\[24731\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.88.17 ...	2020-06-17 19:33:24
223.99.217.214	attackbotsspam	TCP (SYN) 223.99.217.214:50050 -> port 1433, len 52	2020-06-17 19:27:01

Recently Reported IPs

197.55.237.46	176.119.158.72	154.41.4.130	239.82.155.68
207.180.207.46	49.88.112.73	189.91.7.252	175.141.220.169
122.114.254.176	173.71.216.135	245.152.155.75	165.22.22.158
173.249.35.213	173.239.37.152	173.161.242.221	117.92.16.115
174.0.0.116	34.77.191.52	62.173.154.76	3.213.119.219