106.13.48.105 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Jan 23 14:14:57 eddieflores sshd\[29899\]: Invalid user cvs from 106.13.48.105 Jan 23 14:14:57 eddieflores sshd\[29899\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.105 Jan 23 14:15:00 eddieflores sshd\[29899\]: Failed password for invalid user cvs from 106.13.48.105 port 51790 ssh2 Jan 23 14:18:00 eddieflores sshd\[30321\]: Invalid user faris from 106.13.48.105 Jan 23 14:18:00 eddieflores sshd\[30321\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.105	2020-01-24 08:40:39
attackspam	Dec 11 22:22:15 sachi sshd\[26948\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.105 user=backup Dec 11 22:22:17 sachi sshd\[26948\]: Failed password for backup from 106.13.48.105 port 40572 ssh2 Dec 11 22:28:15 sachi sshd\[28095\]: Invalid user ident from 106.13.48.105 Dec 11 22:28:15 sachi sshd\[28095\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.105 Dec 11 22:28:16 sachi sshd\[28095\]: Failed password for invalid user ident from 106.13.48.105 port 38846 ssh2	2019-12-12 21:12:10
attackspam	Dec 12 03:05:26 vps691689 sshd[15068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.105 Dec 12 03:05:28 vps691689 sshd[15068]: Failed password for invalid user admin from 106.13.48.105 port 58896 ssh2 ...	2019-12-12 10:13:07
attack	Dec 11 11:31:57 loxhost sshd\[6315\]: Invalid user radhat9 from 106.13.48.105 port 60902 Dec 11 11:31:57 loxhost sshd\[6315\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.105 Dec 11 11:31:59 loxhost sshd\[6315\]: Failed password for invalid user radhat9 from 106.13.48.105 port 60902 ssh2 Dec 11 11:37:44 loxhost sshd\[6497\]: Invalid user fazzino from 106.13.48.105 port 58968 Dec 11 11:37:44 loxhost sshd\[6497\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.105 ...	2019-12-11 19:00:08
attack	Dec 8 04:48:43 sachi sshd\[8333\]: Invalid user sherlock from 106.13.48.105 Dec 8 04:48:43 sachi sshd\[8333\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.105 Dec 8 04:48:45 sachi sshd\[8333\]: Failed password for invalid user sherlock from 106.13.48.105 port 44524 ssh2 Dec 8 04:56:22 sachi sshd\[9083\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.105 user=root Dec 8 04:56:24 sachi sshd\[9083\]: Failed password for root from 106.13.48.105 port 39914 ssh2	2019-12-08 23:11:07
attackspambots	Dec 1 10:16:03 home sshd[17443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.105 user=root Dec 1 10:16:05 home sshd[17443]: Failed password for root from 106.13.48.105 port 58598 ssh2 Dec 1 10:38:39 home sshd[17634]: Invalid user kiyohara from 106.13.48.105 port 50584 Dec 1 10:38:39 home sshd[17634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.105 Dec 1 10:38:39 home sshd[17634]: Invalid user kiyohara from 106.13.48.105 port 50584 Dec 1 10:38:41 home sshd[17634]: Failed password for invalid user kiyohara from 106.13.48.105 port 50584 ssh2 Dec 1 10:42:11 home sshd[17655]: Invalid user carrabin from 106.13.48.105 port 52786 Dec 1 10:42:11 home sshd[17655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.105 Dec 1 10:42:11 home sshd[17655]: Invalid user carrabin from 106.13.48.105 port 52786 Dec 1 10:42:13 home sshd[17655]: Failed password for in	2019-12-02 03:38:37
attackbotsspam	Nov 21 15:56:36 vps647732 sshd[19539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.105 Nov 21 15:56:38 vps647732 sshd[19539]: Failed password for invalid user server from 106.13.48.105 port 41294 ssh2 ...	2019-11-21 23:04:46

Comments on same subnet:

IP	Type	Details	Datetime
106.13.48.9	attackbotsspam	Oct 8 21:59:31 hidden sshd[4418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.9 Oct 8 21:59:33 hidden sshd[4418]: Failed password for invalid user kevin from 106.13.48.9 port 40514 ssh2 Oct 8 22:16:27 hidden sshd[11400]: Invalid user info from 106.13.48.9 port 38028	2020-10-10 04:46:19
106.13.48.9	attack	SSH bruteforce	2020-10-09 20:45:22
106.13.48.9	attackspam	2020-10-09T04:48:40+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-10-09 12:31:36
106.13.48.122	attack	firewall-block, port(s): 14602/tcp	2020-09-06 20:34:34
106.13.48.122	attackspam	TCP (SYN) 106.13.48.122:47133 -> port 27055, len 44	2020-09-06 12:14:05
106.13.48.122	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-06 04:36:40
106.13.48.122	attack	Aug 11 22:32:14 Ubuntu-1404-trusty-64-minimal sshd\[13632\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 user=root Aug 11 22:32:16 Ubuntu-1404-trusty-64-minimal sshd\[13632\]: Failed password for root from 106.13.48.122 port 42005 ssh2 Aug 11 22:35:19 Ubuntu-1404-trusty-64-minimal sshd\[14456\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 user=root Aug 11 22:35:21 Ubuntu-1404-trusty-64-minimal sshd\[14456\]: Failed password for root from 106.13.48.122 port 61109 ssh2 Aug 11 22:36:39 Ubuntu-1404-trusty-64-minimal sshd\[14851\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 user=root	2020-08-12 05:44:27
106.13.48.122	attack	Unauthorized connection attempt detected from IP address 106.13.48.122 to port 8812	2020-07-25 16:06:07
106.13.48.122	attack	Unauthorized connection attempt detected from IP address 106.13.48.122 to port 768 [T]	2020-07-08 02:06:02
106.13.48.122	attackbots	Jul 6 16:56:18 ift sshd\[32718\]: Invalid user zxc from 106.13.48.122Jul 6 16:56:19 ift sshd\[32718\]: Failed password for invalid user zxc from 106.13.48.122 port 29093 ssh2Jul 6 16:59:16 ift sshd\[33111\]: Failed password for invalid user admin from 106.13.48.122 port 50249 ssh2Jul 6 17:02:02 ift sshd\[34103\]: Invalid user zhangfeng from 106.13.48.122Jul 6 17:02:04 ift sshd\[34103\]: Failed password for invalid user zhangfeng from 106.13.48.122 port 14912 ssh2 ...	2020-07-07 01:17:17
106.13.48.122	attackspam	Jul 5 05:48:37 meumeu sshd[538171]: Invalid user wor from 106.13.48.122 port 40808 Jul 5 05:48:37 meumeu sshd[538171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 Jul 5 05:48:37 meumeu sshd[538171]: Invalid user wor from 106.13.48.122 port 40808 Jul 5 05:48:39 meumeu sshd[538171]: Failed password for invalid user wor from 106.13.48.122 port 40808 ssh2 Jul 5 05:54:07 meumeu sshd[538299]: Invalid user cloud from 106.13.48.122 port 25505 Jul 5 05:54:07 meumeu sshd[538299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 Jul 5 05:54:07 meumeu sshd[538299]: Invalid user cloud from 106.13.48.122 port 25505 Jul 5 05:54:09 meumeu sshd[538299]: Failed password for invalid user cloud from 106.13.48.122 port 25505 ssh2 Jul 5 05:55:56 meumeu sshd[538334]: Invalid user crb from 106.13.48.122 port 39249 ...	2020-07-05 12:46:16
106.13.48.122	attack	Jul 4 03:27:17 PorscheCustomer sshd[13634]: Failed password for root from 106.13.48.122 port 10034 ssh2 Jul 4 03:28:58 PorscheCustomer sshd[13646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 Jul 4 03:29:00 PorscheCustomer sshd[13646]: Failed password for invalid user vegeta from 106.13.48.122 port 24280 ssh2 ...	2020-07-04 10:26:34
106.13.48.122	attackbots	(sshd) Failed SSH login from 106.13.48.122 (CN/China/-): 5 in the last 3600 secs	2020-06-30 14:19:30
106.13.48.122	attackbotsspam	Unauthorized connection attempt detected from IP address 106.13.48.122 to port 1741	2020-06-29 03:37:13
106.13.48.122	attackspambots	TCP (SYN) 106.13.48.122:44166 -> port 9066, len 44	2020-06-25 19:55:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.48.105
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7753
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.48.105.			IN	A

;; AUTHORITY SECTION:
.			138	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112003 1800 900 604800 86400

;; Query time: 675 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Nov 21 23:04:41 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 105.48.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 105.48.13.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
187.111.220.93	attack	SSH Authentication Attempts Exceeded	2020-03-09 08:05:18
154.8.232.112	attackspambots	Brute-force attempt banned	2020-03-09 08:07:56
116.106.194.85	attackbotsspam	9530/tcp [2020-03-08]1pkt	2020-03-09 08:11:45
123.18.125.151	attackspam	Unauthorized connection attempt from IP address 123.18.125.151 on Port 445(SMB)	2020-03-09 08:18:50
128.68.37.107	attackspambots	Unauthorized connection attempt from IP address 128.68.37.107 on Port 445(SMB)	2020-03-09 08:29:43
71.6.233.202	attackbotsspam	40443/tcp 3001/tcp 2323/tcp... [2020-01-27/03-08]4pkt,4pt.(tcp)	2020-03-09 08:07:39
123.207.78.83	attackspambots	Mar 9 00:41:18 server sshd[3370115]: Failed password for games from 123.207.78.83 port 43354 ssh2 Mar 9 00:44:14 server sshd[3374275]: Failed password for invalid user ocean from 123.207.78.83 port 49720 ssh2 Mar 9 00:47:10 server sshd[3378787]: Failed password for invalid user airflow from 123.207.78.83 port 56088 ssh2	2020-03-09 08:23:10
89.208.153.50	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/89.208.153.50/ RU - 1H : (3) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RU NAME ASN : ASN12695 IP : 89.208.153.50 CIDR : 89.208.144.0/20 PREFIX COUNT : 133 UNIQUE IP COUNT : 166912 ATTACKS DETECTED ASN12695 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2020-03-08 22:31:24 INFO : DNS DENIED Scan Detected and Blocked by ADMIN - data recovery	2020-03-09 08:04:04
113.106.11.116	attack	3306/tcp [2020-03-08]1pkt	2020-03-09 08:30:46
195.2.92.151	attackbotsspam	5498/tcp [2020-03-08]1pkt	2020-03-09 08:09:59
91.218.137.86	attackbotsspam	8080/tcp 23/tcp [2020-02-17/03-08]2pkt	2020-03-09 07:48:37
45.136.110.25	attack	Mar 9 00:46:54 debian-2gb-nbg1-2 kernel: \[5970368.159838\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=43699 PROTO=TCP SPT=53340 DPT=5288 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-09 08:27:58
156.96.114.110	attackbots	[2020-03-08 19:41:23] NOTICE[1148] chan_sip.c: Registration from '' failed for '156.96.114.110:58973' - Wrong password [2020-03-08 19:41:23] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-08T19:41:23.919-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="41001",SessionID="0x7fd82cdb8718",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/156.96.114.110/58973",Challenge="4f83d4e9",ReceivedChallenge="4f83d4e9",ReceivedHash="5666822b6777d06f68a750715fbbb2bb" [2020-03-08 19:41:49] NOTICE[1148] chan_sip.c: Registration from '' failed for '156.96.114.110:57911' - Wrong password [2020-03-08 19:41:49] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-08T19:41:49.943-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2222222222",SessionID="0x7fd82c40d3d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/ ...	2020-03-09 07:49:28
182.53.222.91	attackbots	Unauthorized connection attempt from IP address 182.53.222.91 on Port 445(SMB)	2020-03-09 08:21:40
220.137.94.141	attackspambots	Unauthorized connection attempt from IP address 220.137.94.141 on Port 445(SMB)	2020-03-09 07:45:26

Recently Reported IPs

89.208.208.40	124.156.63.192	43.252.178.50	151.53.130.100
124.156.55.20	124.156.55.156	191.5.162.200	149.202.18.206
196.245.175.199	63.88.23.244	54.249.53.250	192.141.113.7
1.201.24.166	124.156.50.129	69.217.239.156	92.176.102.213
91.3.200.8	4.81.90.213	173.103.28.220	241.202.36.113