106.13.5.1 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	SSH login attempts with user root.	2019-11-30 06:52:27

Comments on same subnet:

IP	Type	Details	Datetime
106.13.56.204	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-05 05:33:41
106.13.56.204	attack	" "	2020-10-04 21:28:25
106.13.56.204	attackspambots	24241/tcp 17910/tcp 7001/tcp... [2020-08-04/10-03]22pkt,22pt.(tcp)	2020-10-04 13:15:53
106.13.50.219	attackbotsspam	Sep 3 19:47:59 lnxweb61 sshd[30349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.219	2020-09-04 03:50:33
106.13.50.219	attackspam	(sshd) Failed SSH login from 106.13.50.219 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 3 01:43:25 server sshd[13990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.219 user=root Sep 3 01:43:27 server sshd[13990]: Failed password for root from 106.13.50.219 port 49370 ssh2 Sep 3 02:00:52 server sshd[18563]: Invalid user guest from 106.13.50.219 port 50700 Sep 3 02:00:54 server sshd[18563]: Failed password for invalid user guest from 106.13.50.219 port 50700 ssh2 Sep 3 02:03:49 server sshd[19321]: Invalid user postgres from 106.13.50.219 port 56616	2020-09-03 19:25:41
106.13.50.219	attack	Aug 30 16:04:11 vpn01 sshd[30284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.219 Aug 30 16:04:13 vpn01 sshd[30284]: Failed password for invalid user jordi from 106.13.50.219 port 59596 ssh2 ...	2020-08-30 23:54:36
106.13.50.145	attack	Aug 29 16:10:12 lukav-desktop sshd\[27316\]: Invalid user user from 106.13.50.145 Aug 29 16:10:12 lukav-desktop sshd\[27316\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 Aug 29 16:10:13 lukav-desktop sshd\[27316\]: Failed password for invalid user user from 106.13.50.145 port 50782 ssh2 Aug 29 16:15:05 lukav-desktop sshd\[24216\]: Invalid user smbguest from 106.13.50.145 Aug 29 16:15:05 lukav-desktop sshd\[24216\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145	2020-08-30 01:35:18
106.13.50.145	attackbotsspam	Aug 28 03:47:35 lanister sshd[1746]: Invalid user francis from 106.13.50.145 Aug 28 03:47:37 lanister sshd[1746]: Failed password for invalid user francis from 106.13.50.145 port 56854 ssh2 Aug 28 03:49:55 lanister sshd[1811]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 user=root Aug 28 03:49:57 lanister sshd[1811]: Failed password for root from 106.13.50.145 port 51058 ssh2	2020-08-28 17:07:51
106.13.50.219	attack	SSH BruteForce Attack	2020-08-27 22:14:32
106.13.52.107	attackbots	20 attempts against mh-ssh on echoip	2020-08-26 20:28:49
106.13.50.145	attackspam	Aug 26 10:28:43 dhoomketu sshd[2669964]: Invalid user relay from 106.13.50.145 port 45712 Aug 26 10:28:43 dhoomketu sshd[2669964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 Aug 26 10:28:43 dhoomketu sshd[2669964]: Invalid user relay from 106.13.50.145 port 45712 Aug 26 10:28:45 dhoomketu sshd[2669964]: Failed password for invalid user relay from 106.13.50.145 port 45712 ssh2 Aug 26 10:31:55 dhoomketu sshd[2670037]: Invalid user eswar from 106.13.50.145 port 56230 ...	2020-08-26 13:24:05
106.13.50.145	attackspambots	Aug 25 16:56:38 fhem-rasp sshd[8571]: Invalid user hugo from 106.13.50.145 port 59826 ...	2020-08-26 03:51:41
106.13.52.107	attackspam	Aug 25 05:08:10 serwer sshd\[21470\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.107 user=root Aug 25 05:08:13 serwer sshd\[21470\]: Failed password for root from 106.13.52.107 port 40932 ssh2 Aug 25 05:15:21 serwer sshd\[28095\]: Invalid user mc from 106.13.52.107 port 34882 Aug 25 05:15:21 serwer sshd\[28095\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.107 ...	2020-08-25 21:13:36
106.13.50.145	attack	Aug 25 13:25:59 itv-usvr-01 sshd[6902]: Invalid user superman from 106.13.50.145 Aug 25 13:25:59 itv-usvr-01 sshd[6902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 Aug 25 13:25:59 itv-usvr-01 sshd[6902]: Invalid user superman from 106.13.50.145 Aug 25 13:26:01 itv-usvr-01 sshd[6902]: Failed password for invalid user superman from 106.13.50.145 port 38080 ssh2 Aug 25 13:34:37 itv-usvr-01 sshd[7235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145 user=root Aug 25 13:34:38 itv-usvr-01 sshd[7235]: Failed password for root from 106.13.50.145 port 59844 ssh2	2020-08-25 16:04:57
106.13.50.145	attack	Unauthorized SSH login attempts	2020-08-23 17:21:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.5.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10297
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.5.1.			IN	A

;; AUTHORITY SECTION:
.			163	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112901 1800 900 604800 86400

;; Query time: 121 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 30 06:52:24 CST 2019
;; MSG SIZE  rcvd: 114

Host info

Host 1.5.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 1.5.13.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
113.251.37.89	attack	Scanning	2019-12-15 17:25:34
114.67.70.94	attack	Dec 15 10:28:42 sd-53420 sshd\[9443\]: Invalid user 123 from 114.67.70.94 Dec 15 10:28:42 sd-53420 sshd\[9443\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.70.94 Dec 15 10:28:44 sd-53420 sshd\[9443\]: Failed password for invalid user 123 from 114.67.70.94 port 56100 ssh2 Dec 15 10:34:25 sd-53420 sshd\[11020\]: Invalid user root123467 from 114.67.70.94 Dec 15 10:34:25 sd-53420 sshd\[11020\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.70.94 ...	2019-12-15 17:35:23
69.17.153.139	attackspambots	2019-12-15T10:17:10.262506scmdmz1 sshd\[2151\]: Invalid user kt from 69.17.153.139 port 37769 2019-12-15T10:17:10.266081scmdmz1 sshd\[2151\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.17.153.139 2019-12-15T10:17:12.274398scmdmz1 sshd\[2151\]: Failed password for invalid user kt from 69.17.153.139 port 37769 ssh2 ...	2019-12-15 17:33:09
113.135.85.107	attackspambots	FTP Brute Force	2019-12-15 17:31:51
164.132.62.233	attackspambots	Dec 14 21:45:46 web9 sshd\[28618\]: Invalid user asterisk from 164.132.62.233 Dec 14 21:45:46 web9 sshd\[28618\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.62.233 Dec 14 21:45:48 web9 sshd\[28618\]: Failed password for invalid user asterisk from 164.132.62.233 port 38190 ssh2 Dec 14 21:51:07 web9 sshd\[29453\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.62.233 user=root Dec 14 21:51:09 web9 sshd\[29453\]: Failed password for root from 164.132.62.233 port 47030 ssh2	2019-12-15 16:56:40
128.199.185.42	attack	Dec 14 22:44:13 wbs sshd\[29747\]: Invalid user loretta from 128.199.185.42 Dec 14 22:44:13 wbs sshd\[29747\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.185.42 Dec 14 22:44:16 wbs sshd\[29747\]: Failed password for invalid user loretta from 128.199.185.42 port 39990 ssh2 Dec 14 22:51:02 wbs sshd\[30416\]: Invalid user yunIDC000!@\#\$% from 128.199.185.42 Dec 14 22:51:02 wbs sshd\[30416\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.185.42	2019-12-15 17:07:14
182.247.166.89	attack	FTP Brute Force	2019-12-15 17:11:13
154.66.113.78	attack	<6 unauthorized SSH connections	2019-12-15 17:10:07
185.220.101.60	attackspambots	Automatic report - XMLRPC Attack	2019-12-15 17:30:59
51.75.17.228	attack	Dec 15 07:43:03 markkoudstaal sshd[12653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.17.228 Dec 15 07:43:05 markkoudstaal sshd[12653]: Failed password for invalid user skaarberg from 51.75.17.228 port 35713 ssh2 Dec 15 07:47:54 markkoudstaal sshd[13295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.17.228	2019-12-15 17:00:09
103.100.209.174	attackspambots	Dec 15 10:47:36 sauna sshd[123756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.100.209.174 Dec 15 10:47:37 sauna sshd[123756]: Failed password for invalid user hayim from 103.100.209.174 port 14107 ssh2 ...	2019-12-15 17:20:43
118.89.153.229	attackbots	Dec 15 09:38:46 Ubuntu-1404-trusty-64-minimal sshd\[2875\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.153.229 user=root Dec 15 09:38:49 Ubuntu-1404-trusty-64-minimal sshd\[2875\]: Failed password for root from 118.89.153.229 port 33740 ssh2 Dec 15 09:50:45 Ubuntu-1404-trusty-64-minimal sshd\[9427\]: Invalid user nozaki from 118.89.153.229 Dec 15 09:50:45 Ubuntu-1404-trusty-64-minimal sshd\[9427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.153.229 Dec 15 09:50:47 Ubuntu-1404-trusty-64-minimal sshd\[9427\]: Failed password for invalid user nozaki from 118.89.153.229 port 46532 ssh2	2019-12-15 17:26:49
106.54.221.104	attackspam	[Aegis] @ 2019-12-15 09:33:28 0000 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-12-15 17:20:32
167.71.56.82	attackspam	Dec 15 09:17:00 mail sshd[21746]: Invalid user fmonsalve from 167.71.56.82 Dec 15 09:17:00 mail sshd[21746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.56.82 Dec 15 09:17:00 mail sshd[21746]: Invalid user fmonsalve from 167.71.56.82 Dec 15 09:17:01 mail sshd[21746]: Failed password for invalid user fmonsalve from 167.71.56.82 port 43736 ssh2 ...	2019-12-15 17:06:24
148.72.65.10	attackspambots	Dec 15 09:09:48 server sshd\[25310\]: Invalid user news from 148.72.65.10 Dec 15 09:09:48 server sshd\[25310\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-65-10.ip.secureserver.net Dec 15 09:09:49 server sshd\[25310\]: Failed password for invalid user news from 148.72.65.10 port 48642 ssh2 Dec 15 09:27:46 server sshd\[30965\]: Invalid user brychcy from 148.72.65.10 Dec 15 09:27:46 server sshd\[30965\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-65-10.ip.secureserver.net ...	2019-12-15 17:34:56

Recently Reported IPs

81.169.246.201	111.253.205.156	103.73.183.1	68.15.246.4
103.70.61.1	233.119.2.28	218.205.203.114	117.72.208.42
103.66.16.1	119.157.144.162	31.1.63.187	176.31.131.255
158.214.139.170	227.59.11.146	120.132.27.181	103.58.248.1
103.56.113.6	103.27.238.2	103.229.83.1	103.206.102.1