106.13.41.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Apr 6 07:31:17 ourumov-web sshd\[6130\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.42 user=root Apr 6 07:31:19 ourumov-web sshd\[6130\]: Failed password for root from 106.13.41.42 port 42352 ssh2 Apr 6 07:41:20 ourumov-web sshd\[6880\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.42 user=root ...	2020-04-06 15:31:11
attackbots	Mar 31 16:04:59 markkoudstaal sshd[30024]: Failed password for root from 106.13.41.42 port 57058 ssh2 Mar 31 16:07:39 markkoudstaal sshd[30385]: Failed password for root from 106.13.41.42 port 54524 ssh2 Mar 31 16:10:03 markkoudstaal sshd[30766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.42	2020-03-31 22:26:04
attack	Mar 24 14:53:20 nextcloud sshd\[29589\]: Invalid user day from 106.13.41.42 Mar 24 14:53:20 nextcloud sshd\[29589\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.42 Mar 24 14:53:22 nextcloud sshd\[29589\]: Failed password for invalid user day from 106.13.41.42 port 38462 ssh2	2020-03-25 01:11:40
attackspambots	Mar 23 05:16:54 haigwepa sshd[17377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.42 Mar 23 05:16:56 haigwepa sshd[17377]: Failed password for invalid user ishana from 106.13.41.42 port 42704 ssh2 ...	2020-03-23 12:18:12
attackspam	Mar 17 19:59:43 ns3042688 sshd\[13839\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.42 user=root Mar 17 19:59:45 ns3042688 sshd\[13839\]: Failed password for root from 106.13.41.42 port 60094 ssh2 Mar 17 20:03:16 ns3042688 sshd\[18745\]: Invalid user wangdc from 106.13.41.42 Mar 17 20:03:16 ns3042688 sshd\[18745\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.42 Mar 17 20:03:18 ns3042688 sshd\[18745\]: Failed password for invalid user wangdc from 106.13.41.42 port 52400 ssh2 ...	2020-03-18 03:06:07

Comments on same subnet:

IP	Type	Details	Datetime
106.13.41.87	attack	2020-10-10T21:33:05.633586hostname sshd[29936]: Failed password for invalid user ark from 106.13.41.87 port 39526 ssh2 2020-10-10T21:36:13.475247hostname sshd[31217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.87 user=root 2020-10-10T21:36:15.718396hostname sshd[31217]: Failed password for root from 106.13.41.87 port 38682 ssh2 ...	2020-10-10 23:09:58
106.13.41.87	attackspam	$f2bV_matches	2020-10-10 15:00:24
106.13.41.87	attackspam	2020-08-29T05:55:18.581280vps751288.ovh.net sshd\[28780\]: Invalid user osman from 106.13.41.87 port 41516 2020-08-29T05:55:18.587995vps751288.ovh.net sshd\[28780\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.87 2020-08-29T05:55:20.581813vps751288.ovh.net sshd\[28780\]: Failed password for invalid user osman from 106.13.41.87 port 41516 ssh2 2020-08-29T05:59:45.603174vps751288.ovh.net sshd\[28809\]: Invalid user zl from 106.13.41.87 port 43118 2020-08-29T05:59:45.611360vps751288.ovh.net sshd\[28809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.87	2020-08-29 12:23:32
106.13.41.87	attack	SSH Brute Force	2020-08-23 03:28:49
106.13.41.87	attackbots	Invalid user backups from 106.13.41.87 port 57670	2020-08-21 17:10:03
106.13.41.87	attack	Aug 18 12:26:33 fhem-rasp sshd[4460]: Invalid user erik from 106.13.41.87 port 36794 ...	2020-08-18 18:27:41
106.13.41.87	attackspam	B: Abusive ssh attack	2020-08-17 16:36:01
106.13.41.87	attackspambots	Aug 11 22:24:37 lunarastro sshd[25544]: Failed password for root from 106.13.41.87 port 50008 ssh2 Aug 11 22:31:30 lunarastro sshd[25842]: Failed password for root from 106.13.41.87 port 35798 ssh2	2020-08-12 02:06:53
106.13.41.87	attack	2020-08-07T22:19:21.685393v22018076590370373 sshd[12093]: Failed password for root from 106.13.41.87 port 49836 ssh2 2020-08-07T22:23:57.334993v22018076590370373 sshd[6127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.87 user=root 2020-08-07T22:23:59.729392v22018076590370373 sshd[6127]: Failed password for root from 106.13.41.87 port 55430 ssh2 2020-08-07T22:28:29.786020v22018076590370373 sshd[28201]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.87 user=root 2020-08-07T22:28:32.186316v22018076590370373 sshd[28201]: Failed password for root from 106.13.41.87 port 32792 ssh2 ...	2020-08-08 04:55:28
106.13.41.93	attackspambots	Aug 2 22:16:32 rocket sshd[4367]: Failed password for root from 106.13.41.93 port 47160 ssh2 Aug 2 22:19:15 rocket sshd[4702]: Failed password for root from 106.13.41.93 port 36404 ssh2 ...	2020-08-03 05:53:05
106.13.41.25	attack	Failed password for root from 106.13.41.25 port 52524 ssh2	2020-08-01 19:12:20
106.13.41.25	attackspambots	TCP (SYN) 106.13.41.25:58475 -> port 1834, len 44	2020-07-16 15:40:02
106.13.41.87	attackspam	$f2bV_matches	2020-07-15 05:08:19
106.13.41.87	attack	Jul 13 08:23:14 nas sshd[28743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.87 Jul 13 08:23:16 nas sshd[28743]: Failed password for invalid user ajit from 106.13.41.87 port 39206 ssh2 Jul 13 08:38:29 nas sshd[29290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.41.87 ...	2020-07-13 15:22:13
106.13.41.25	attackbots	Unauthorized connection attempt detected from IP address 106.13.41.25 to port 251	2020-07-13 03:06:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.41.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17265
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.41.42.			IN	A

;; AUTHORITY SECTION:
.			130	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031701 1800 900 604800 86400

;; Query time: 79 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 18 03:06:04 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 42.41.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.41.13.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
34.107.188.34	attackbotsspam	1 Attack(s) Detected [DoS Attack: SYN/ACK Scan] from source: 34.107.188.34, port 80, Tuesday, August 11, 2020 21:10:31	2020-08-13 15:37:26
197.221.129.110	attack	srvr3: (mod_security) mod_security (id:920350) triggered by 197.221.129.110 (UG/Uganda/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/13 05:52:44 [error] 37437#0: 997 [client 197.221.129.110] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159729076419.670520"] [ref "o0,17v21,17"], client: 197.221.129.110, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-08-13 15:46:16
36.90.177.60	attackbotsspam	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-08-13 15:59:00
115.238.181.22	attack	Aug 13 09:22:24 vps639187 sshd\[22466\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.238.181.22 user=root Aug 13 09:22:25 vps639187 sshd\[22466\]: Failed password for root from 115.238.181.22 port 60002 ssh2 Aug 13 09:24:53 vps639187 sshd\[22487\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.238.181.22 user=root ...	2020-08-13 15:49:19
45.55.180.7	attack	Aug 13 09:24:59 piServer sshd[20358]: Failed password for root from 45.55.180.7 port 34332 ssh2 Aug 13 09:30:10 piServer sshd[21039]: Failed password for root from 45.55.180.7 port 48719 ssh2 ...	2020-08-13 15:56:15
141.98.9.157	attackspam	2020-08-13T08:04:12.832935abusebot-4.cloudsearch.cf sshd[27469]: Invalid user admin from 141.98.9.157 port 39585 2020-08-13T08:04:12.839407abusebot-4.cloudsearch.cf sshd[27469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.157 2020-08-13T08:04:12.832935abusebot-4.cloudsearch.cf sshd[27469]: Invalid user admin from 141.98.9.157 port 39585 2020-08-13T08:04:15.236804abusebot-4.cloudsearch.cf sshd[27469]: Failed password for invalid user admin from 141.98.9.157 port 39585 ssh2 2020-08-13T08:04:36.216091abusebot-4.cloudsearch.cf sshd[27481]: Invalid user test from 141.98.9.157 port 46113 2020-08-13T08:04:36.224426abusebot-4.cloudsearch.cf sshd[27481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.157 2020-08-13T08:04:36.216091abusebot-4.cloudsearch.cf sshd[27481]: Invalid user test from 141.98.9.157 port 46113 2020-08-13T08:04:38.250195abusebot-4.cloudsearch.cf sshd[27481]: Failed password ...	2020-08-13 16:07:39
141.98.9.161	attackspambots	SSH Brute-Force attacks	2020-08-13 15:55:37
187.242.185.106	attack	Icarus honeypot on github	2020-08-13 15:51:42
211.140.151.5	attackspam	port scan and connect, tcp 1433 (ms-sql-s)	2020-08-13 16:04:35
177.131.6.15	attackspam	"Unauthorized connection attempt on SSHD detected"	2020-08-13 16:05:51
2.229.205.17	attack	Automatic report - Banned IP Access	2020-08-13 15:41:55
216.6.201.3	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-13 16:18:11
125.165.224.27	attack	1597290762 - 08/13/2020 05:52:42 Host: 125.165.224.27/125.165.224.27 Port: 445 TCP Blocked	2020-08-13 15:50:20
50.116.17.183	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: scan-59.security.ipip.net.	2020-08-13 16:03:47
15.236.154.163	attack	1 Attack(s) Detected [DoS Attack: Ping Sweep] from source: 15.236.154.163, Tuesday, August 11, 2020 01:26:57	2020-08-13 15:40:30

Recently Reported IPs

43.243.37.227	46.173.4.36	40.92.91.68	187.26.218.240
59.115.41.46	41.242.136.23	40.71.171.120	51.75.141.202
250.13.37.171	127.143.182.223	61.134.142.109	84.17.47.62
41.63.1.43	1.174.27.44	188.166.75.239	112.235.63.41
175.139.221.183	45.115.113.114	172.105.19.16	113.179.37.113