106.13.89.144 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Aug 2 03:27:33 * sshd[4326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.89.144 Aug 2 03:27:35 * sshd[4326]: Failed password for invalid user openerp from 106.13.89.144 port 56268 ssh2	2019-08-02 09:37:51
attackspambots	v+ssh-bruteforce	2019-07-30 19:46:01

Type

Details

Datetime

attackspam

Aug  2 03:27:33 * sshd[4326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.89.144
Aug  2 03:27:35 * sshd[4326]: Failed password for invalid user openerp from 106.13.89.144 port 56268 ssh2

2019-08-02 09:37:51

attackspambots

v+ssh-bruteforce

2019-07-30 19:46:01

Comments on same subnet:

IP	Type	Details	Datetime
106.13.89.237	attackspambots	2020-10-01T02:18:26.165558hostname sshd[119945]: Failed password for invalid user minecraft from 106.13.89.237 port 48470 ssh2 ...	2020-10-02 02:17:22
106.13.89.237	attack	sshd: Failed password for invalid user .... from 106.13.89.237 port 40192 ssh2 (4 attempts)	2020-10-01 18:25:15
106.13.89.5	attackspambots	TCP (SYN) 106.13.89.5:45025 -> port 17071, len 44	2020-09-24 15:57:30
106.13.89.5	attackbotsspam	TCP (SYN) 106.13.89.5:46444 -> port 17967, len 44	2020-09-24 07:23:26
106.13.89.5	attack	Invalid user ant from 106.13.89.5 port 47270	2020-08-23 14:47:39
106.13.89.134	attackspam	ThinkPHP Remote Command Execution Vulnerability, PTR: PTR record not found	2020-08-15 21:14:09
106.13.89.5	attack	Aug 3 02:12:07 v26 sshd[28144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.89.5 user=r.r Aug 3 02:12:09 v26 sshd[28144]: Failed password for r.r from 106.13.89.5 port 55148 ssh2 Aug 3 02:12:10 v26 sshd[28144]: Received disconnect from 106.13.89.5 port 55148:11: Bye Bye [preauth] Aug 3 02:12:10 v26 sshd[28144]: Disconnected from 106.13.89.5 port 55148 [preauth] Aug 3 02:21:54 v26 sshd[29271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.89.5 user=r.r Aug 3 02:21:56 v26 sshd[29271]: Failed password for r.r from 106.13.89.5 port 53842 ssh2 Aug 3 02:21:56 v26 sshd[29271]: Received disconnect from 106.13.89.5 port 53842:11: Bye Bye [preauth] Aug 3 02:21:56 v26 sshd[29271]: Disconnected from 106.13.89.5 port 53842 [preauth] Aug 3 02:25:24 v26 sshd[29715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.89.5 user=r.r A........ -------------------------------	2020-08-10 04:33:24
106.13.89.5	attackbotsspam	Automatic report BANNED IP	2020-08-09 05:39:56
106.13.89.123	attackbotsspam	" "	2020-07-14 13:11:37
106.13.89.1	attackspambots	web Attack on Website	2019-11-19 00:23:31
106.13.89.192	attackspambots	$f2bV_matches_ltvn	2019-08-03 13:06:18
106.13.89.192	attackbots	Automated report - ssh fail2ban: Aug 2 14:27:15 wrong password, user=hansel, port=39844, ssh2 Aug 2 14:59:26 authentication failure Aug 2 14:59:27 wrong password, user=simon, port=37058, ssh2	2019-08-03 00:17:10
106.13.89.192	attackbotsspam	Jul 26 16:24:02 ip-172-31-1-72 sshd\[27797\]: Invalid user admin from 106.13.89.192 Jul 26 16:24:02 ip-172-31-1-72 sshd\[27797\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.89.192 Jul 26 16:24:04 ip-172-31-1-72 sshd\[27797\]: Failed password for invalid user admin from 106.13.89.192 port 44094 ssh2 Jul 26 16:26:33 ip-172-31-1-72 sshd\[27813\]: Invalid user cloud from 106.13.89.192 Jul 26 16:26:33 ip-172-31-1-72 sshd\[27813\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.89.192	2019-07-27 00:39:38
106.13.89.192	attackbotsspam	Jul 25 16:44:34 bouncer sshd\[9362\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.89.192 user=root Jul 25 16:44:36 bouncer sshd\[9362\]: Failed password for root from 106.13.89.192 port 36324 ssh2 Jul 25 16:46:49 bouncer sshd\[9364\]: Invalid user jin from 106.13.89.192 port 53468 ...	2019-07-25 23:08:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.89.144
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28050
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.89.144.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 29 04:07:25 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 144.89.13.106.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 144.89.13.106.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.203.203.123	attackbotsspam	...	2019-09-10 14:10:44
54.93.52.238	attackbots	Sep 10 01:17:53 ny01 sshd[431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.93.52.238 Sep 10 01:17:55 ny01 sshd[431]: Failed password for invalid user postgres from 54.93.52.238 port 41734 ssh2 Sep 10 01:23:50 ny01 sshd[1511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.93.52.238	2019-09-10 13:52:49
202.59.166.148	attack	Sep 10 08:06:17 [host] sshd[813]: Invalid user nagios from 202.59.166.148 Sep 10 08:06:17 [host] sshd[813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.59.166.148 Sep 10 08:06:19 [host] sshd[813]: Failed password for invalid user nagios from 202.59.166.148 port 42464 ssh2	2019-09-10 14:20:31
69.16.221.88	attackbots	Hits on port : 10022	2019-09-10 14:04:42
198.23.133.81	attackbotsspam	Sep 10 04:44:30 lnxweb62 sshd[18391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.23.133.81	2019-09-10 14:36:21
138.68.208.175	attack	Hits on port : 4786	2019-09-10 14:01:28
87.101.240.10	attackbots	Sep 10 06:00:16 microserver sshd[58623]: Invalid user nextcloud from 87.101.240.10 port 45836 Sep 10 06:00:16 microserver sshd[58623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.101.240.10 Sep 10 06:00:18 microserver sshd[58623]: Failed password for invalid user nextcloud from 87.101.240.10 port 45836 ssh2 Sep 10 06:08:11 microserver sshd[59551]: Invalid user hadoop from 87.101.240.10 port 54686 Sep 10 06:08:11 microserver sshd[59551]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.101.240.10 Sep 10 06:24:49 microserver sshd[61764]: Invalid user sftpuser from 87.101.240.10 port 44188 Sep 10 06:24:49 microserver sshd[61764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.101.240.10 Sep 10 06:24:51 microserver sshd[61764]: Failed password for invalid user sftpuser from 87.101.240.10 port 44188 ssh2 Sep 10 06:32:55 microserver sshd[63078]: Invalid user tf2server from 87.101.240.	2019-09-10 14:07:42
182.16.173.210	attackspam	[Aegis] @ 2019-09-10 02:18:23 0100 -> Multiple attempts to send e-mail from invalid/unknown sender domain.	2019-09-10 14:28:55
213.150.207.97	attackbots	Sep 9 17:17:14 hpm sshd\[31489\]: Invalid user user from 213.150.207.97 Sep 9 17:17:14 hpm sshd\[31489\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.150.207.97 Sep 9 17:17:16 hpm sshd\[31489\]: Failed password for invalid user user from 213.150.207.97 port 51545 ssh2 Sep 9 17:24:55 hpm sshd\[32155\]: Invalid user chris from 213.150.207.97 Sep 9 17:24:56 hpm sshd\[32155\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.150.207.97	2019-09-10 13:59:42
159.203.203.51	attackbotsspam	Hits on port : 8834	2019-09-10 14:00:06
190.1.203.180	attack	Sep 10 06:34:11 MK-Soft-Root1 sshd\[6812\]: Invalid user webuser from 190.1.203.180 port 57174 Sep 10 06:34:11 MK-Soft-Root1 sshd\[6812\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.1.203.180 Sep 10 06:34:13 MK-Soft-Root1 sshd\[6812\]: Failed password for invalid user webuser from 190.1.203.180 port 57174 ssh2 ...	2019-09-10 14:29:22
216.10.245.172	attack	WordPress wp-login brute force :: 216.10.245.172 0.136 BYPASS [10/Sep/2019:11:18:55 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-09-10 14:08:05
123.127.107.70	attack	Sep 10 06:46:14 vps sshd[28626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.127.107.70 Sep 10 06:46:17 vps sshd[28626]: Failed password for invalid user test7 from 123.127.107.70 port 46437 ssh2 Sep 10 07:21:56 vps sshd[30302]: Failed password for postgres from 123.127.107.70 port 37252 ssh2 ...	2019-09-10 13:53:20
78.158.204.100	attack	[portscan] Port scan	2019-09-10 14:45:02
191.7.200.174	attackspambots	Autoban 191.7.200.174 AUTH/CONNECT	2019-09-10 14:07:19

Recently Reported IPs

39.65.45.189	116.113.70.106	134.209.145.110	23.91.71.246
116.99.196.215	201.150.54.237	186.178.10.6	200.57.227.62
190.11.15.14	103.20.104.34	93.125.93.218	92.119.160.81
117.159.197.156	221.227.164.4	168.197.28.125	54.37.64.101
163.172.61.214	189.1.175.69	160.0.74.156	164.186.35.254