106.13.42.147 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Mar 13 04:43:31 ns382633 sshd\[16022\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.147 user=root Mar 13 04:43:33 ns382633 sshd\[16022\]: Failed password for root from 106.13.42.147 port 38378 ssh2 Mar 13 04:50:17 ns382633 sshd\[17472\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.147 user=root Mar 13 04:50:18 ns382633 sshd\[17472\]: Failed password for root from 106.13.42.147 port 56876 ssh2 Mar 13 04:51:55 ns382633 sshd\[17654\]: Invalid user yangweifei from 106.13.42.147 port 47024 Mar 13 04:51:55 ns382633 sshd\[17654\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.147	2020-03-13 16:32:18
attack	Mar 10 17:23:56 ws24vmsma01 sshd[64168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.147 Mar 10 17:23:58 ws24vmsma01 sshd[64168]: Failed password for invalid user user1 from 106.13.42.147 port 41008 ssh2 ...	2020-03-11 05:40:51

Type

Details

Datetime

attackbotsspam

Mar 13 04:43:31 ns382633 sshd\[16022\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.147  user=root
Mar 13 04:43:33 ns382633 sshd\[16022\]: Failed password for root from 106.13.42.147 port 38378 ssh2
Mar 13 04:50:17 ns382633 sshd\[17472\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.147  user=root
Mar 13 04:50:18 ns382633 sshd\[17472\]: Failed password for root from 106.13.42.147 port 56876 ssh2
Mar 13 04:51:55 ns382633 sshd\[17654\]: Invalid user yangweifei from 106.13.42.147 port 47024
Mar 13 04:51:55 ns382633 sshd\[17654\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.147

2020-03-13 16:32:18

attack

Mar 10 17:23:56 ws24vmsma01 sshd[64168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.147
Mar 10 17:23:58 ws24vmsma01 sshd[64168]: Failed password for invalid user user1 from 106.13.42.147 port 41008 ssh2
...

2020-03-11 05:40:51

Comments on same subnet:

IP	Type	Details	Datetime
106.13.42.140	attack	Oct 11 22:12:43 ip-172-31-16-56 sshd\[26755\]: Invalid user ion from 106.13.42.140\ Oct 11 22:12:45 ip-172-31-16-56 sshd\[26755\]: Failed password for invalid user ion from 106.13.42.140 port 59816 ssh2\ Oct 11 22:15:55 ip-172-31-16-56 sshd\[26810\]: Invalid user oracle from 106.13.42.140\ Oct 11 22:15:57 ip-172-31-16-56 sshd\[26810\]: Failed password for invalid user oracle from 106.13.42.140 port 57116 ssh2\ Oct 11 22:19:12 ip-172-31-16-56 sshd\[26875\]: Invalid user jjonglee from 106.13.42.140\	2020-10-12 07:26:45
106.13.42.140	attack	Oct 11 15:24:05 serwer sshd\[24282\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.140 user=root Oct 11 15:24:08 serwer sshd\[24282\]: Failed password for root from 106.13.42.140 port 35530 ssh2 Oct 11 15:29:06 serwer sshd\[24929\]: Invalid user ellen from 106.13.42.140 port 58314 Oct 11 15:29:06 serwer sshd\[24929\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.140 ...	2020-10-11 23:41:38
106.13.42.140	attackbots	leo_www	2020-10-11 15:40:49
106.13.42.140	attack	5x Failed Password	2020-10-11 08:58:30
106.13.42.140	attackbotsspam	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-07 06:41:45
106.13.42.140	attackbots	Jul 17 12:54:32 plex-server sshd[2612471]: Invalid user webmaster from 106.13.42.140 port 40552 Jul 17 12:54:32 plex-server sshd[2612471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.140 Jul 17 12:54:32 plex-server sshd[2612471]: Invalid user webmaster from 106.13.42.140 port 40552 Jul 17 12:54:34 plex-server sshd[2612471]: Failed password for invalid user webmaster from 106.13.42.140 port 40552 ssh2 Jul 17 12:59:02 plex-server sshd[2613970]: Invalid user wrk from 106.13.42.140 port 38494 ...	2020-07-17 21:15:09
106.13.42.140	attack	Jul 13 16:03:06 home sshd[32643]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.140 Jul 13 16:03:08 home sshd[32643]: Failed password for invalid user milani from 106.13.42.140 port 53904 ssh2 Jul 13 16:06:20 home sshd[539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.140 ...	2020-07-13 22:13:44
106.13.42.52	attackbotsspam	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-07-13 15:02:53
106.13.42.52	attackspambots	Multiple SSH authentication failures from 106.13.42.52	2020-07-10 19:43:09
106.13.42.52	attack	2020-07-06T18:42:20.777779ns386461 sshd\[14817\]: Invalid user ghost from 106.13.42.52 port 54106 2020-07-06T18:42:20.782550ns386461 sshd\[14817\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.52 2020-07-06T18:42:22.509478ns386461 sshd\[14817\]: Failed password for invalid user ghost from 106.13.42.52 port 54106 ssh2 2020-07-06T18:43:24.652386ns386461 sshd\[15723\]: Invalid user students from 106.13.42.52 port 33896 2020-07-06T18:43:24.657199ns386461 sshd\[15723\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.52 ...	2020-07-07 02:11:56
106.13.42.140	attackbots	Invalid user deploy from 106.13.42.140 port 55010	2020-07-02 01:55:27
106.13.42.52	attackspambots	$f2bV_matches	2020-06-28 13:52:36
106.13.42.52	attack	SSH Invalid Login	2020-06-28 07:38:48
106.13.42.140	attackspambots	2020-06-04T00:44:00.8701101495-001 sshd[38708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.140 user=root 2020-06-04T00:44:03.4981121495-001 sshd[38708]: Failed password for root from 106.13.42.140 port 42664 ssh2 2020-06-04T00:47:50.1308451495-001 sshd[38839]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.140 user=root 2020-06-04T00:47:52.0009451495-001 sshd[38839]: Failed password for root from 106.13.42.140 port 37100 ssh2 2020-06-04T00:51:33.8793131495-001 sshd[38953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.140 user=root 2020-06-04T00:51:35.6945201495-001 sshd[38953]: Failed password for root from 106.13.42.140 port 59770 ssh2 ...	2020-06-04 17:55:35
106.13.42.140	attack	Apr 7 12:05:02 lanister sshd[22929]: Invalid user secretaria from 106.13.42.140 Apr 7 12:05:02 lanister sshd[22929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.42.140 Apr 7 12:05:02 lanister sshd[22929]: Invalid user secretaria from 106.13.42.140 Apr 7 12:05:04 lanister sshd[22929]: Failed password for invalid user secretaria from 106.13.42.140 port 60358 ssh2	2020-04-08 04:38:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.42.147
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30420
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.42.147.			IN	A

;; AUTHORITY SECTION:
.			477	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031001 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 11 05:40:47 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 147.42.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 147.42.13.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.93.239.127	attackbots	Unauthorised access (Nov 27) SRC=119.93.239.127 LEN=52 TOS=0x08 PREC=0x20 TTL=106 ID=28446 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 27) SRC=119.93.239.127 LEN=52 TOS=0x08 PREC=0x20 TTL=106 ID=2634 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 27) SRC=119.93.239.127 LEN=52 TOS=0x08 PREC=0x20 TTL=106 ID=26037 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-27 13:54:07
181.56.69.185	attackspambots	2019-11-27T05:53:51.620042 sshd[29481]: Invalid user gamma from 181.56.69.185 port 25806 2019-11-27T05:53:51.635694 sshd[29481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.56.69.185 2019-11-27T05:53:51.620042 sshd[29481]: Invalid user gamma from 181.56.69.185 port 25806 2019-11-27T05:53:53.174686 sshd[29481]: Failed password for invalid user gamma from 181.56.69.185 port 25806 ssh2 2019-11-27T05:57:40.325383 sshd[29513]: Invalid user gladisse from 181.56.69.185 port 47215 ...	2019-11-27 13:28:18
2001:67c:2070:c8e7::1	attack	xmlrpc attack	2019-11-27 13:38:24
203.172.66.227	attackbotsspam	Nov 26 19:23:29 php1 sshd\[11799\]: Invalid user P@ssword96321 from 203.172.66.227 Nov 26 19:23:29 php1 sshd\[11799\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.172.66.227 Nov 26 19:23:30 php1 sshd\[11799\]: Failed password for invalid user P@ssword96321 from 203.172.66.227 port 47492 ssh2 Nov 26 19:31:09 php1 sshd\[12434\]: Invalid user !@\#bureq!@\# from 203.172.66.227 Nov 26 19:31:09 php1 sshd\[12434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.172.66.227	2019-11-27 13:53:42
49.51.163.30	attack	fail2ban honeypot	2019-11-27 14:01:11
80.82.77.33	attackbotsspam	80.82.77.33 was recorded 16 times by 11 hosts attempting to connect to the following ports: 9080,8880,8889,7001,5000,9200,873,37215,2404,264,2376,2082,9000,2375,9595,37777. Incident counter (4h, 24h, all-time): 16, 87, 1852	2019-11-27 13:39:09
181.28.253.123	attackspam	2019-11-27T05:46:34.096867abusebot-5.cloudsearch.cf sshd\[9693\]: Invalid user pn from 181.28.253.123 port 28289	2019-11-27 13:57:09
39.67.194.80	attack	Fail2Ban - FTP Abuse Attempt	2019-11-27 13:22:06
121.123.148.211	attack	Unauthorized connection attempt from IP address 121.123.148.211 on Port 3389(RDP)	2019-11-27 13:49:54
106.13.87.170	attackbots	Nov 27 07:31:44 sauna sshd[36852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.87.170 Nov 27 07:31:45 sauna sshd[36852]: Failed password for invalid user marlena from 106.13.87.170 port 37856 ssh2 ...	2019-11-27 13:31:54
98.239.33.88	attackspambots	Brute force attack against VPN service	2019-11-27 13:23:14
198.200.124.197	attackspambots	Nov 26 19:10:52 sachi sshd\[29076\]: Invalid user nexus from 198.200.124.197 Nov 26 19:10:52 sachi sshd\[29076\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198-200-124-197.cpe.distributel.net Nov 26 19:10:54 sachi sshd\[29076\]: Failed password for invalid user nexus from 198.200.124.197 port 60602 ssh2 Nov 26 19:14:11 sachi sshd\[29356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198-200-124-197.cpe.distributel.net user=root Nov 26 19:14:13 sachi sshd\[29356\]: Failed password for root from 198.200.124.197 port 39166 ssh2	2019-11-27 13:27:37
45.55.190.106	attack	Nov 27 06:15:36 vps666546 sshd\[19939\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.190.106 user=root Nov 27 06:15:39 vps666546 sshd\[19939\]: Failed password for root from 45.55.190.106 port 50705 ssh2 Nov 27 06:21:36 vps666546 sshd\[20168\]: Invalid user idcsz from 45.55.190.106 port 40540 Nov 27 06:21:36 vps666546 sshd\[20168\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.190.106 Nov 27 06:21:38 vps666546 sshd\[20168\]: Failed password for invalid user idcsz from 45.55.190.106 port 40540 ssh2 ...	2019-11-27 13:34:27
146.88.240.4	attackspambots	RPC Portmapper DUMP Request Detected	2019-11-27 13:59:05
96.54.228.119	attackbotsspam	Nov 26 19:43:12 hpm sshd\[6253\]: Invalid user trobz from 96.54.228.119 Nov 26 19:43:12 hpm sshd\[6253\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=s0106b8c75dd059ab.gv.shawcable.net Nov 26 19:43:14 hpm sshd\[6253\]: Failed password for invalid user trobz from 96.54.228.119 port 39993 ssh2 Nov 26 19:49:49 hpm sshd\[6799\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=s0106b8c75dd059ab.gv.shawcable.net user=backup Nov 26 19:49:50 hpm sshd\[6799\]: Failed password for backup from 96.54.228.119 port 35274 ssh2	2019-11-27 13:54:34

Recently Reported IPs

79.167.180.45	83.157.0.157	73.164.118.251	70.194.154.209
95.0.242.10	52.92.11.100	37.71.132.46	60.94.194.71
94.244.80.85	76.28.210.79	120.221.246.204	177.155.36.146
188.132.5.83	118.254.139.219	183.134.104.146	138.234.204.134
5.62.159.130	111.145.84.154	51.175.188.147	2.47.161.155