106.13.67.54 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	4x Failed Password	2020-01-13 14:17:43
attackbotsspam	Dec 4 21:16:24 vibhu-HP-Z238-Microtower-Workstation sshd\[22900\]: Invalid user fortman from 106.13.67.54 Dec 4 21:16:24 vibhu-HP-Z238-Microtower-Workstation sshd\[22900\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54 Dec 4 21:16:26 vibhu-HP-Z238-Microtower-Workstation sshd\[22900\]: Failed password for invalid user fortman from 106.13.67.54 port 35816 ssh2 Dec 4 21:24:52 vibhu-HP-Z238-Microtower-Workstation sshd\[23319\]: Invalid user wily123 from 106.13.67.54 Dec 4 21:24:52 vibhu-HP-Z238-Microtower-Workstation sshd\[23319\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54 ...	2019-12-05 00:23:31
attack	Dec 3 20:33:53 gw1 sshd[30156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54 Dec 3 20:33:55 gw1 sshd[30156]: Failed password for invalid user chinea from 106.13.67.54 port 36072 ssh2 ...	2019-12-04 00:34:10
attackspambots	Invalid user jboss from 106.13.67.54 port 55188	2019-11-20 04:07:11
attackbotsspam	2019-11-18T23:39:29.147269shield sshd\[23352\]: Invalid user cloudtest from 106.13.67.54 port 53662 2019-11-18T23:39:29.151925shield sshd\[23352\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54 2019-11-18T23:39:31.213975shield sshd\[23352\]: Failed password for invalid user cloudtest from 106.13.67.54 port 53662 ssh2 2019-11-18T23:43:47.126688shield sshd\[23810\]: Invalid user scofield from 106.13.67.54 port 60992 2019-11-18T23:43:47.131065shield sshd\[23810\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54	2019-11-19 07:58:14
attack	5x Failed Password	2019-11-15 19:54:00
attackspam	Nov 11 23:20:12 php1 sshd\[8700\]: Invalid user rpm from 106.13.67.54 Nov 11 23:20:12 php1 sshd\[8700\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54 Nov 11 23:20:14 php1 sshd\[8700\]: Failed password for invalid user rpm from 106.13.67.54 port 58614 ssh2 Nov 11 23:24:38 php1 sshd\[9069\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54 user=root Nov 11 23:24:40 php1 sshd\[9069\]: Failed password for root from 106.13.67.54 port 36340 ssh2	2019-11-12 18:49:42
attack	Nov 8 01:21:49 server sshd\[4404\]: Invalid user abel from 106.13.67.54 Nov 8 01:21:49 server sshd\[4404\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54 Nov 8 01:21:51 server sshd\[4404\]: Failed password for invalid user abel from 106.13.67.54 port 47532 ssh2 Nov 8 01:41:35 server sshd\[9573\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54 user=root Nov 8 01:41:37 server sshd\[9573\]: Failed password for root from 106.13.67.54 port 47932 ssh2 ...	2019-11-08 08:43:50
attackspam	Nov 3 22:30:33 mockhub sshd[32402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54 Nov 3 22:30:35 mockhub sshd[32402]: Failed password for invalid user carmen from 106.13.67.54 port 57920 ssh2 ...	2019-11-04 15:51:51
attackbots	Oct 31 19:28:30 server sshd\[5265\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54 user=root Oct 31 19:28:32 server sshd\[5265\]: Failed password for root from 106.13.67.54 port 43190 ssh2 Oct 31 19:38:56 server sshd\[7834\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54 user=root Oct 31 19:38:58 server sshd\[7834\]: Failed password for root from 106.13.67.54 port 45384 ssh2 Oct 31 19:44:24 server sshd\[9219\]: Invalid user 22 from 106.13.67.54 Oct 31 19:44:24 server sshd\[9219\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54 ...	2019-11-01 01:09:43
attack	Sep 27 21:12:46 MK-Soft-VM3 sshd[28355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54 Sep 27 21:12:48 MK-Soft-VM3 sshd[28355]: Failed password for invalid user rosalie from 106.13.67.54 port 42558 ssh2 ...	2019-09-28 03:13:51
attack	SSH bruteforce	2019-09-22 08:20:39
attack	Sep 20 00:29:41 hcbbdb sshd\[5487\]: Invalid user placrim from 106.13.67.54 Sep 20 00:29:41 hcbbdb sshd\[5487\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54 Sep 20 00:29:43 hcbbdb sshd\[5487\]: Failed password for invalid user placrim from 106.13.67.54 port 47536 ssh2 Sep 20 00:34:26 hcbbdb sshd\[6111\]: Invalid user tara from 106.13.67.54 Sep 20 00:34:26 hcbbdb sshd\[6111\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54	2019-09-20 08:41:56
attack	2019-09-11T06:19:01.721620enmeeting.mahidol.ac.th sshd\[15182\]: Invalid user web from 106.13.67.54 port 44900 2019-09-11T06:19:01.735217enmeeting.mahidol.ac.th sshd\[15182\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.54 2019-09-11T06:19:04.031951enmeeting.mahidol.ac.th sshd\[15182\]: Failed password for invalid user web from 106.13.67.54 port 44900 ssh2 ...	2019-09-11 07:31:04

Comments on same subnet:

IP	Type	Details	Datetime
106.13.67.1	attackbots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-08-03 02:33:19
106.13.67.187	attackspam	SSH login attempts brute force.	2020-03-23 18:33:14
106.13.67.22	attackbots	SSH Invalid Login	2020-03-18 09:25:17
106.13.67.22	attack	Mar 11 05:19:20 ns382633 sshd\[27212\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.22 user=root Mar 11 05:19:22 ns382633 sshd\[27212\]: Failed password for root from 106.13.67.22 port 60024 ssh2 Mar 11 05:23:00 ns382633 sshd\[27941\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.22 user=root Mar 11 05:23:02 ns382633 sshd\[27941\]: Failed password for root from 106.13.67.22 port 42560 ssh2 Mar 11 05:25:15 ns382633 sshd\[28615\]: Invalid user ftptest from 106.13.67.22 port 41224 Mar 11 05:25:15 ns382633 sshd\[28615\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.22	2020-03-11 12:40:24
106.13.67.22	attack	Mar 8 07:58:55 jane sshd[16951]: Failed password for root from 106.13.67.22 port 46346 ssh2 ...	2020-03-08 16:30:44
106.13.67.187	attackspambots	Mar 4 02:20:57 silence02 sshd[22790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.187 Mar 4 02:20:59 silence02 sshd[22790]: Failed password for invalid user zhucm from 106.13.67.187 port 59786 ssh2 Mar 4 02:30:35 silence02 sshd[23555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.187	2020-03-04 09:44:55
106.13.67.22	attackbots	20 attempts against mh-ssh on cloud	2020-03-03 20:17:29
106.13.67.90	attackbots	Feb 16 19:57:46 sshd\[27244\]: Invalid user webuser from 106.13.67.90Feb 16 19:57:49 sshd\[27244\]: Failed password for invalid user webuser from 106.13.67.90 port 58018 ssh2 ...	2020-02-17 05:43:39
106.13.67.22	attack	Feb 9 15:39:38 hpm sshd\[14149\]: Invalid user qcf from 106.13.67.22 Feb 9 15:39:38 hpm sshd\[14149\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.22 Feb 9 15:39:40 hpm sshd\[14149\]: Failed password for invalid user qcf from 106.13.67.22 port 46542 ssh2 Feb 9 15:43:02 hpm sshd\[14561\]: Invalid user ywr from 106.13.67.22 Feb 9 15:43:02 hpm sshd\[14561\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.22	2020-02-10 09:46:41
106.13.67.90	attackbots	Feb 9 05:49:27 srv-ubuntu-dev3 sshd[56504]: Invalid user qfm from 106.13.67.90 Feb 9 05:49:27 srv-ubuntu-dev3 sshd[56504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.90 Feb 9 05:49:27 srv-ubuntu-dev3 sshd[56504]: Invalid user qfm from 106.13.67.90 Feb 9 05:49:29 srv-ubuntu-dev3 sshd[56504]: Failed password for invalid user qfm from 106.13.67.90 port 41546 ssh2 Feb 9 05:53:01 srv-ubuntu-dev3 sshd[56813]: Invalid user omj from 106.13.67.90 Feb 9 05:53:01 srv-ubuntu-dev3 sshd[56813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.90 Feb 9 05:53:01 srv-ubuntu-dev3 sshd[56813]: Invalid user omj from 106.13.67.90 Feb 9 05:53:04 srv-ubuntu-dev3 sshd[56813]: Failed password for invalid user omj from 106.13.67.90 port 38554 ssh2 Feb 9 05:56:31 srv-ubuntu-dev3 sshd[57113]: Invalid user mqm from 106.13.67.90 ...	2020-02-09 14:46:36
106.13.67.127	attackspambots	Invalid user rdc from 106.13.67.127 port 55904	2020-02-02 07:23:51
106.13.67.90	attackspambots	Jan 26 19:39:25 eddieflores sshd\[13038\]: Invalid user rachel from 106.13.67.90 Jan 26 19:39:25 eddieflores sshd\[13038\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.90 Jan 26 19:39:27 eddieflores sshd\[13038\]: Failed password for invalid user rachel from 106.13.67.90 port 48950 ssh2 Jan 26 19:43:16 eddieflores sshd\[13788\]: Invalid user alex from 106.13.67.90 Jan 26 19:43:16 eddieflores sshd\[13788\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.67.90	2020-01-27 13:58:11
106.13.67.22	attack	"SSH brute force auth login attempt."	2020-01-23 18:28:27
106.13.67.90	attackbotsspam	Invalid user jperez from 106.13.67.90 port 35764	2020-01-21 07:42:39
106.13.67.90	attackspam	Unauthorized connection attempt detected from IP address 106.13.67.90 to port 2220 [J]	2020-01-19 00:37:02

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.67.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45281
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.67.54.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091003 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Sep 11 07:30:57 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 54.67.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 54.67.13.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.27.189.158	attack	Jul 31 03:22:14 server sshd\[18394\]: Invalid user ldap from 119.27.189.158 port 43344 Jul 31 03:22:14 server sshd\[18394\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.27.189.158 Jul 31 03:22:16 server sshd\[18394\]: Failed password for invalid user ldap from 119.27.189.158 port 43344 ssh2 Jul 31 03:27:31 server sshd\[8640\]: Invalid user memuser from 119.27.189.158 port 38300 Jul 31 03:27:31 server sshd\[8640\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.27.189.158	2019-07-31 08:37:03
118.97.194.110	attackbots	firewall-block, port(s): 445/tcp	2019-07-31 08:07:25
212.237.53.252	attack	Jul 31 01:08:39 mail sshd\[21960\]: Invalid user testmail from 212.237.53.252 port 38308 Jul 31 01:08:39 mail sshd\[21960\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.237.53.252 Jul 31 01:08:40 mail sshd\[21960\]: Failed password for invalid user testmail from 212.237.53.252 port 38308 ssh2 Jul 31 01:13:00 mail sshd\[22417\]: Invalid user angie from 212.237.53.252 port 60886 Jul 31 01:13:00 mail sshd\[22417\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.237.53.252	2019-07-31 08:13:45
150.109.107.178	attackbots	2019-07-30T23:15:14.358610abusebot.cloudsearch.cf sshd\[26126\]: Invalid user vnc from 150.109.107.178 port 56680	2019-07-31 08:35:38
200.115.32.36	attack	Jul 31 02:04:15 srv206 sshd[20615]: Invalid user mongo from 200.115.32.36 ...	2019-07-31 08:20:06
27.9.209.220	attackbots	Automatic report - Port Scan Attack	2019-07-31 08:45:09
54.37.157.82	attack	Jul 30 18:51:16 vps200512 sshd\[6408\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.157.82 user=www-data Jul 30 18:51:18 vps200512 sshd\[6408\]: Failed password for www-data from 54.37.157.82 port 47560 ssh2 Jul 30 18:55:36 vps200512 sshd\[6536\]: Invalid user kafka from 54.37.157.82 Jul 30 18:55:36 vps200512 sshd\[6536\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.157.82 Jul 30 18:55:38 vps200512 sshd\[6536\]: Failed password for invalid user kafka from 54.37.157.82 port 43036 ssh2	2019-07-31 08:05:00
51.75.124.76	attackbotsspam	Jul 31 01:11:10 localhost sshd\[42769\]: Invalid user tempuser from 51.75.124.76 port 49410 Jul 31 01:11:10 localhost sshd\[42769\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.124.76 ...	2019-07-31 08:16:21
62.173.154.76	attackspam	\[2019-07-30 19:54:43\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-30T19:54:43.381-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="1820048422069016",SessionID="0x7ff4d0237d78",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.173.154.76/58918",ACLName="no_extension_match" \[2019-07-30 19:58:24\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-30T19:58:24.658-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="1830048422069016",SessionID="0x7ff4d0411568",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.173.154.76/52330",ACLName="no_extension_match" \[2019-07-30 20:01:52\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-30T20:01:52.277-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="1840048422069016",SessionID="0x7ff4d0594458",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.173.154.76/62360",ACLName="no_	2019-07-31 08:16:00
77.247.181.162	attackbotsspam	[ssh] SSH attack	2019-07-31 08:04:35
13.75.94.67	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2019-07-31 08:52:13
188.64.78.226	attack	Jul 31 00:41:23 pornomens sshd\[31747\]: Invalid user test from 188.64.78.226 port 46558 Jul 31 00:41:23 pornomens sshd\[31747\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.64.78.226 Jul 31 00:41:26 pornomens sshd\[31747\]: Failed password for invalid user test from 188.64.78.226 port 46558 ssh2 ...	2019-07-31 08:10:07
131.147.197.133	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-31 08:49:18
165.22.101.199	attack	2019-07-30T23:50:00.792987abusebot-8.cloudsearch.cf sshd\[10928\]: Invalid user brad from 165.22.101.199 port 38572	2019-07-31 08:22:57
61.221.103.85	attack	Jul 31 05:42:04 staklim-malang postfix/smtpd[22063]: lost connection after CONNECT from 61-221-103-85.HINET-IP.hinet.net[61.221.103.85] ...	2019-07-31 08:03:12

Recently Reported IPs

147.57.168.48	118.170.70.134	102.148.122.123	27.104.159.70
95.148.122.104	102.153.71.7	202.144.227.146	222.237.79.46
108.22.47.198	172.229.56.164	2.152.37.56	15.230.248.132
54.193.119.1	179.218.3.181	142.211.14.235	105.110.49.66
142.119.70.220	54.186.164.207	86.162.64.244	14.221.8.82