106.13.45.203 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port Scan ...	2020-08-01 22:32:22
attack	Unauthorized connection attempt detected from IP address 106.13.45.203 to port 4555	2020-07-13 01:51:22
attackspambots	[Thu Jul 02 01:00:32 2020] - DDoS Attack From IP: 106.13.45.203 Port: 51736	2020-07-06 03:03:46
attackspam	TCP (SYN) 106.13.45.203:59846 -> port 2905, len 44	2020-07-01 15:05:27

Comments on same subnet:

IP	Type	Details	Datetime
106.13.45.212	attack	Invalid user tester from 106.13.45.212 port 53136	2020-10-02 05:19:42
106.13.45.212	attack	Invalid user tester from 106.13.45.212 port 53136	2020-10-01 21:38:20
106.13.45.212	attack	Oct 1 05:43:13 *** sshd[22577]: Invalid user phoenix from 106.13.45.212	2020-10-01 13:54:46
106.13.45.212	attack	$f2bV_matches	2020-08-19 15:37:45
106.13.45.212	attackspambots	Aug 10 06:51:55 pve1 sshd[24414]: Failed password for root from 106.13.45.212 port 51342 ssh2 ...	2020-08-10 17:44:52
106.13.45.243	attackbotsspam	Aug 8 09:13:27 hosting sshd[26061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.45.243 user=root Aug 8 09:13:29 hosting sshd[26061]: Failed password for root from 106.13.45.243 port 44352 ssh2 ...	2020-08-08 15:25:39
106.13.45.212	attack	Aug 3 12:07:44 scw-tender-jepsen sshd[1506]: Failed password for root from 106.13.45.212 port 53718 ssh2	2020-08-04 00:58:43
106.13.45.212	attackspambots	Jul 25 08:09:33 prod4 sshd\[30121\]: Invalid user qtx from 106.13.45.212 Jul 25 08:09:34 prod4 sshd\[30121\]: Failed password for invalid user qtx from 106.13.45.212 port 57038 ssh2 Jul 25 08:13:01 prod4 sshd\[31342\]: Invalid user st2 from 106.13.45.212 ...	2020-07-25 15:30:13
106.13.45.212	attack	Jul 23 22:20:33 mellenthin sshd[23653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.45.212 Jul 23 22:20:34 mellenthin sshd[23653]: Failed password for invalid user wave from 106.13.45.212 port 40230 ssh2	2020-07-24 04:38:32
106.13.45.243	attackbots	2020-07-17T09:14:20.439458v22018076590370373 sshd[11896]: Invalid user minecraft from 106.13.45.243 port 41530 2020-07-17T09:14:20.444593v22018076590370373 sshd[11896]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.45.243 2020-07-17T09:14:20.439458v22018076590370373 sshd[11896]: Invalid user minecraft from 106.13.45.243 port 41530 2020-07-17T09:14:22.615918v22018076590370373 sshd[11896]: Failed password for invalid user minecraft from 106.13.45.243 port 41530 ssh2 2020-07-17T09:23:21.929121v22018076590370373 sshd[15296]: Invalid user ehkwon from 106.13.45.243 port 40952 ...	2020-07-17 18:13:52
106.13.45.243	attack	2020-07-16T23:46:32.191509shield sshd\[6395\]: Invalid user money from 106.13.45.243 port 49028 2020-07-16T23:46:32.207351shield sshd\[6395\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.45.243 2020-07-16T23:46:33.884599shield sshd\[6395\]: Failed password for invalid user money from 106.13.45.243 port 49028 ssh2 2020-07-16T23:52:22.711331shield sshd\[7866\]: Invalid user vss from 106.13.45.243 port 38428 2020-07-16T23:52:22.719860shield sshd\[7866\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.45.243	2020-07-17 08:06:08
106.13.45.243	attackbotsspam	Failed password for invalid user zxincsap from 106.13.45.243 port 49754 ssh2	2020-07-01 00:00:24
106.13.45.243	attackspambots	Jun 18 13:31:21 vps647732 sshd[5918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.45.243 Jun 18 13:31:23 vps647732 sshd[5918]: Failed password for invalid user toto from 106.13.45.243 port 39772 ssh2 ...	2020-06-18 19:32:55
106.13.45.212	attackspam	Unauthorised connection attempt detected at AUO FR1 NODE2. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-14 13:31:37
106.13.45.212	attack	Jun 2 06:39:20 PorscheCustomer sshd[12108]: Failed password for root from 106.13.45.212 port 38166 ssh2 Jun 2 06:40:25 PorscheCustomer sshd[12151]: Failed password for root from 106.13.45.212 port 49630 ssh2 ...	2020-06-02 16:40:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.45.203
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19138
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.45.203.			IN	A

;; AUTHORITY SECTION:
.			359	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070101 1800 900 604800 86400

;; Query time: 179 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 01 15:05:11 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 203.45.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 203.45.13.106.in-addr.arpa.: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.7.192.139	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-04 21:50:56
222.186.15.158	attack	Apr 4 10:26:39 plusreed sshd[26916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.158 user=root Apr 4 10:26:41 plusreed sshd[26916]: Failed password for root from 222.186.15.158 port 49016 ssh2 ...	2020-04-04 22:27:23
222.186.175.182	attackbots	Apr 4 16:13:54 minden010 sshd[32485]: Failed password for root from 222.186.175.182 port 12876 ssh2 Apr 4 16:13:58 minden010 sshd[32485]: Failed password for root from 222.186.175.182 port 12876 ssh2 Apr 4 16:14:01 minden010 sshd[32485]: Failed password for root from 222.186.175.182 port 12876 ssh2 Apr 4 16:14:05 minden010 sshd[32485]: Failed password for root from 222.186.175.182 port 12876 ssh2 ...	2020-04-04 22:20:04
122.114.207.34	attack	Apr 4 15:38:42 nextcloud sshd\[14962\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.207.34 user=root Apr 4 15:38:44 nextcloud sshd\[14962\]: Failed password for root from 122.114.207.34 port 3083 ssh2 Apr 4 15:41:27 nextcloud sshd\[18319\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.207.34 user=root	2020-04-04 22:21:07
23.108.50.22	attack	(From eric@talkwithwebvisitor.com) Hey, this is Eric and I ran across brinkchiro.com a few minutes ago. Looks great… but now what? By that I mean, when someone like me finds your website – either through Search or just bouncing around – what happens next? Do you get a lot of leads from your site, or at least enough to make you happy? Honestly, most business websites fall a bit short when it comes to generating paying customers. Studies show that 70% of a site’s visitors disappear and are gone forever after just a moment. Here’s an idea… How about making it really EASY for every visitor who shows up to get a personal phone call you as soon as they hit your site… You can – Talk With Web Visitor is a software widget that’s works on your site, ready to capture any visitor’s Name, Email address and Phone Number. It signals you the moment they let you know they’re interested – so that you can talk to that lead while they’re literally looking over your site. CLICK HERE http://www.talkwi	2020-04-04 21:34:09
116.111.93.127	attack	Automatic report - Port Scan Attack	2020-04-04 22:33:59
137.74.172.1	attack	$f2bV_matches	2020-04-04 22:28:32
51.38.135.86	attack	RDP	2020-04-04 22:26:40
59.103.167.187	attackspambots	Automatic report - Port Scan Attack	2020-04-04 22:35:23
106.13.97.110	attackbotsspam	Apr 4 11:50:03 nxxxxxxx sshd[3493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.97.110 user=r.r Apr 4 11:50:05 nxxxxxxx sshd[3493]: Failed password for r.r from 106.13.97.110 port 38704 ssh2 Apr 4 11:50:05 nxxxxxxx sshd[3493]: Received disconnect from 106.13.97.110: 11: Bye Bye [preauth] Apr 4 11:54:08 nxxxxxxx sshd[3980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.97.110 user=r.r Apr 4 11:54:10 nxxxxxxx sshd[3980]: Failed password for r.r from 106.13.97.110 port 51016 ssh2 Apr 4 11:54:10 nxxxxxxx sshd[3980]: Received disconnect from 106.13.97.110: 11: Bye Bye [preauth] Apr 4 11:56:41 nxxxxxxx sshd[4190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.97.110 user=r.r Apr 4 11:56:43 nxxxxxxx sshd[4190]: Failed password for r.r from 106.13.97.110 port 48116 ssh2 Apr 4 11:56:43 nxxxxxxx sshd[4190]: Received disco........ -------------------------------	2020-04-04 21:53:34
36.76.214.77	attackspam	1586007703 - 04/04/2020 15:41:43 Host: 36.76.214.77/36.76.214.77 Port: 445 TCP Blocked	2020-04-04 22:02:22
40.73.78.233	attackbots	Apr 4 15:41:40 sshd\[10469\]: User root from 40.73.78.233 not allowed because not listed in AllowUsersApr 4 15:41:43 sshd\[10469\]: Failed password for invalid user root from 40.73.78.233 port 1088 ssh2 ...	2020-04-04 22:01:40
178.128.81.60	attackspambots	2020-04-04T13:33:11.947786shield sshd\[23006\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.81.60 user=root 2020-04-04T13:33:13.641810shield sshd\[23006\]: Failed password for root from 178.128.81.60 port 42040 ssh2 2020-04-04T13:37:30.911621shield sshd\[23696\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.81.60 user=root 2020-04-04T13:37:32.159389shield sshd\[23696\]: Failed password for root from 178.128.81.60 port 53858 ssh2 2020-04-04T13:41:51.525063shield sshd\[24386\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.81.60 user=root	2020-04-04 21:52:39
51.75.16.138	attackspambots	Apr 4 20:37:09 itv-usvr-01 sshd[3102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.16.138 user=root Apr 4 20:37:12 itv-usvr-01 sshd[3102]: Failed password for root from 51.75.16.138 port 52673 ssh2 Apr 4 20:41:09 itv-usvr-01 sshd[3376]: Invalid user sa from 51.75.16.138	2020-04-04 22:41:04
132.232.69.56	attackbots	Apr 4 18:38:47 gw1 sshd[28787]: Failed password for root from 132.232.69.56 port 32810 ssh2 ...	2020-04-04 21:51:41

Recently Reported IPs

63.88.188.181	178.57.185.54	92.51.205.69	76.93.52.162
145.219.7.18	103.122.159.13	63.233.72.59	102.250.0.102
62.217.185.193	51.76.100.177	126.47.92.157	13.154.61.155
27.109.198.238	17.21.255.82	180.181.168.214	122.194.80.134
176.30.214.246	54.106.244.253	39.109.201.34	59.54.190.98