120.132.13.131

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Netcom Broadband Corporation Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Sep 10 08:45:10 ns382633 sshd\[3157\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131 user=root Sep 10 08:45:11 ns382633 sshd\[3157\]: Failed password for root from 120.132.13.131 port 49245 ssh2 Sep 10 08:51:01 ns382633 sshd\[4387\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131 user=root Sep 10 08:51:03 ns382633 sshd\[4387\]: Failed password for root from 120.132.13.131 port 45776 ssh2 Sep 10 08:52:52 ns382633 sshd\[4505\]: Invalid user admin from 120.132.13.131 port 55223 Sep 10 08:52:52 ns382633 sshd\[4505\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131	2020-09-10 20:35:23
attackbots	Sep 10 01:51:17 ovpn sshd\[17965\]: Invalid user steamsrv from 120.132.13.131 Sep 10 01:51:17 ovpn sshd\[17965\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131 Sep 10 01:51:19 ovpn sshd\[17965\]: Failed password for invalid user steamsrv from 120.132.13.131 port 48244 ssh2 Sep 10 02:02:45 ovpn sshd\[20771\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131 user=games Sep 10 02:02:47 ovpn sshd\[20771\]: Failed password for games from 120.132.13.131 port 57511 ssh2	2020-09-10 12:23:28
attackspambots	SSH BruteForce Attack	2020-09-10 03:09:57
attackbots	Invalid user weixin from 120.132.13.131 port 47785	2020-09-04 03:46:25
attackspam	Invalid user cpanel from 120.132.13.131 port 43692	2020-09-03 19:21:59
attack	Aug 7 23:27:38 nextcloud sshd\[23564\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131 user=root Aug 7 23:27:39 nextcloud sshd\[23564\]: Failed password for root from 120.132.13.131 port 52208 ssh2 Aug 7 23:31:54 nextcloud sshd\[27688\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131 user=root	2020-08-08 06:19:35
attackspam	Aug 6 16:54:54 ovpn sshd\[1656\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131 user=root Aug 6 16:54:56 ovpn sshd\[1656\]: Failed password for root from 120.132.13.131 port 50992 ssh2 Aug 6 16:58:16 ovpn sshd\[3449\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131 user=root Aug 6 16:58:19 ovpn sshd\[3449\]: Failed password for root from 120.132.13.131 port 46540 ssh2 Aug 6 17:01:41 ovpn sshd\[5009\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131 user=root	2020-08-06 23:22:46
attackbotsspam	frenzy	2020-08-02 05:10:26
attack	Jul 27 02:57:22 lanister sshd[18840]: Invalid user server from 120.132.13.131 Jul 27 02:57:22 lanister sshd[18840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131 Jul 27 02:57:22 lanister sshd[18840]: Invalid user server from 120.132.13.131 Jul 27 02:57:24 lanister sshd[18840]: Failed password for invalid user server from 120.132.13.131 port 42229 ssh2	2020-07-27 15:38:49
attack	Jun 21 16:15:00 lnxweb62 sshd[8759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131	2020-06-22 00:41:38
attackbotsspam	Jun 16 16:34:36 buvik sshd[21219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131 user=root Jun 16 16:34:38 buvik sshd[21219]: Failed password for root from 120.132.13.131 port 39290 ssh2 Jun 16 16:37:24 buvik sshd[21619]: Invalid user oracle from 120.132.13.131 ...	2020-06-17 01:23:00
attack	k+ssh-bruteforce	2020-06-15 19:34:11
attackspambots	May 15 16:38:21 sip sshd[273930]: Invalid user halflifeserver from 120.132.13.131 port 37040 May 15 16:38:23 sip sshd[273930]: Failed password for invalid user halflifeserver from 120.132.13.131 port 37040 ssh2 May 15 16:42:41 sip sshd[273952]: Invalid user test from 120.132.13.131 port 60270 ...	2020-05-16 00:58:21
attackspambots	k+ssh-bruteforce	2020-05-10 05:23:37
attackbotsspam	Apr 25 01:29:58 legacy sshd[12298]: Failed password for root from 120.132.13.131 port 51225 ssh2 Apr 25 01:34:47 legacy sshd[12649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131 Apr 25 01:34:50 legacy sshd[12649]: Failed password for invalid user test3 from 120.132.13.131 port 52734 ssh2 ...	2020-04-25 08:03:02
attackbotsspam	2020-04-19T14:02:21.146753 sshd[18004]: Invalid user im from 120.132.13.131 port 46516 2020-04-19T14:02:21.161847 sshd[18004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131 2020-04-19T14:02:21.146753 sshd[18004]: Invalid user im from 120.132.13.131 port 46516 2020-04-19T14:02:23.225458 sshd[18004]: Failed password for invalid user im from 120.132.13.131 port 46516 ssh2 ...	2020-04-19 23:27:39
attackbots	20 attempts against mh-ssh on echoip	2020-04-09 07:21:17
attack	2020-04-03T21:58:25.443197abusebot-4.cloudsearch.cf sshd[20702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131 user=root 2020-04-03T21:58:27.168410abusebot-4.cloudsearch.cf sshd[20702]: Failed password for root from 120.132.13.131 port 36304 ssh2 2020-04-03T22:02:30.385478abusebot-4.cloudsearch.cf sshd[20936]: Invalid user sw from 120.132.13.131 port 38088 2020-04-03T22:02:30.390722abusebot-4.cloudsearch.cf sshd[20936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131 2020-04-03T22:02:30.385478abusebot-4.cloudsearch.cf sshd[20936]: Invalid user sw from 120.132.13.131 port 38088 2020-04-03T22:02:32.086813abusebot-4.cloudsearch.cf sshd[20936]: Failed password for invalid user sw from 120.132.13.131 port 38088 ssh2 2020-04-03T22:06:42.143167abusebot-4.cloudsearch.cf sshd[21252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.13 ...	2020-04-04 07:54:47
attackspam	Invalid user agostina from 120.132.13.131 port 58588	2020-03-26 07:20:57
attackbots	-	2020-03-23 10:11:18
attack	SSH invalid-user multiple login try	2020-03-20 12:37:24
attackbots	SSH login attempts.	2020-03-19 12:27:59
attackbotsspam	Mar 7 11:41:25 areeb-Workstation sshd[10480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131 Mar 7 11:41:26 areeb-Workstation sshd[10480]: Failed password for invalid user a from 120.132.13.131 port 48113 ssh2 ...	2020-03-07 14:28:04
attackbotsspam	Invalid user cloudera from 120.132.13.131 port 45928 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131 Failed password for invalid user cloudera from 120.132.13.131 port 45928 ssh2 Invalid user athos from 120.132.13.131 port 58960 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131	2020-02-13 08:52:56

Comments on same subnet:

IP	Type	Details	Datetime
120.132.13.206	attackbots	Invalid user ronald from 120.132.13.206 port 45530	2020-10-05 07:08:52
120.132.13.206	attack	Invalid user ronald from 120.132.13.206 port 45530	2020-10-04 23:19:27
120.132.13.206	attack	SSH Login Bruteforce	2020-10-04 15:03:20
120.132.13.206	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-29T16:19:09Z and 2020-09-29T16:24:53Z	2020-09-30 01:40:56
120.132.13.206	attackbotsspam	(sshd) Failed SSH login from 120.132.13.206 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 29 03:05:13 optimus sshd[10684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.206 user=root Sep 29 03:05:15 optimus sshd[10684]: Failed password for root from 120.132.13.206 port 57276 ssh2 Sep 29 03:08:30 optimus sshd[12190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.206 user=mysql Sep 29 03:08:32 optimus sshd[12190]: Failed password for mysql from 120.132.13.206 port 43466 ssh2 Sep 29 03:11:50 optimus sshd[13874]: Invalid user delphine from 120.132.13.206	2020-09-29 17:40:36
120.132.13.206	attackbotsspam	Time: Thu Sep 10 05:21:03 2020 +0000 IP: 120.132.13.206 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 10 05:09:45 vps1 sshd[25375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.206 user=root Sep 10 05:09:47 vps1 sshd[25375]: Failed password for root from 120.132.13.206 port 43866 ssh2 Sep 10 05:18:11 vps1 sshd[26097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.206 user=root Sep 10 05:18:13 vps1 sshd[26097]: Failed password for root from 120.132.13.206 port 47786 ssh2 Sep 10 05:20:59 vps1 sshd[26302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.206 user=root	2020-09-11 01:12:48
120.132.13.206	attackspambots	Time: Thu Sep 10 05:21:03 2020 +0000 IP: 120.132.13.206 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 10 05:09:45 vps1 sshd[25375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.206 user=root Sep 10 05:09:47 vps1 sshd[25375]: Failed password for root from 120.132.13.206 port 43866 ssh2 Sep 10 05:18:11 vps1 sshd[26097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.206 user=root Sep 10 05:18:13 vps1 sshd[26097]: Failed password for root from 120.132.13.206 port 47786 ssh2 Sep 10 05:20:59 vps1 sshd[26302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.206 user=root	2020-09-10 16:32:31
120.132.13.206	attack	Sep 10 00:04:40 * sshd[2611]: Failed password for root from 120.132.13.206 port 47638 ssh2	2020-09-10 07:09:55
120.132.13.206	attackspambots	Invalid user benny from 120.132.13.206 port 34246	2020-08-29 18:39:17
120.132.13.206	attackspambots	frenzy	2020-08-15 16:43:17
120.132.13.206	attack	detected by Fail2Ban	2020-08-06 03:55:16
120.132.13.206	attackspam	Aug 3 20:33:53 ip-172-31-61-156 sshd[22656]: Failed password for root from 120.132.13.206 port 47508 ssh2 Aug 3 20:33:51 ip-172-31-61-156 sshd[22656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.206 user=root Aug 3 20:33:53 ip-172-31-61-156 sshd[22656]: Failed password for root from 120.132.13.206 port 47508 ssh2 Aug 3 20:36:51 ip-172-31-61-156 sshd[22818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.206 user=root Aug 3 20:36:52 ip-172-31-61-156 sshd[22818]: Failed password for root from 120.132.13.206 port 36348 ssh2 ...	2020-08-04 05:30:08
120.132.13.206	attackspam	2020-07-17T15:33:50.877323morrigan.ad5gb.com sshd[780376]: Invalid user mdk from 120.132.13.206 port 42184 2020-07-17T15:33:52.162177morrigan.ad5gb.com sshd[780376]: Failed password for invalid user mdk from 120.132.13.206 port 42184 ssh2	2020-07-18 05:03:21
120.132.13.206	attack	Jul 11 05:40:35 nas sshd[29691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.206 Jul 11 05:40:37 nas sshd[29691]: Failed password for invalid user rosemary from 120.132.13.206 port 48638 ssh2 Jul 11 05:53:46 nas sshd[30224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.206 ...	2020-07-11 15:38:51
120.132.13.206	attackspam	Jul 10 15:34:38 hosting sshd[21393]: Invalid user foobar from 120.132.13.206 port 50232 ...	2020-07-10 22:30:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.132.13.131
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61929
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.132.13.131.			IN	A

;; AUTHORITY SECTION:
.			137	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021202 1800 900 604800 86400

;; Query time: 122 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 13 08:52:53 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 131.13.132.120.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 131.13.132.120.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
74.82.47.57	attack	Found on Github Combined on 3 lists / proto=6 . srcport=60723 . dstport=631 . (1709)	2020-09-20 18:34:45
103.253.200.161	attackbotsspam	Repeated brute force against a port	2020-09-20 18:51:02
192.169.243.111	attackbotsspam	WordPress wp-login brute force :: 192.169.243.111 0.096 - [20/Sep/2020:09:01:59 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 2414 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-09-20 18:33:36
83.110.213.45	attackbotsspam	Sep 20 11:36:49 nextcloud sshd\[7979\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.110.213.45 user=root Sep 20 11:36:51 nextcloud sshd\[7979\]: Failed password for root from 83.110.213.45 port 44559 ssh2 Sep 20 11:41:44 nextcloud sshd\[12840\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.110.213.45 user=root	2020-09-20 18:38:38
184.105.139.108	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-09-20 18:16:38
45.138.100.138	attackspam	Chat Spam	2020-09-20 18:36:13
184.105.247.198	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-09-20 18:22:44
148.72.212.159	attack	148.72.212.159 - - \[20/Sep/2020:03:15:48 +0200\] "POST /wp-login.php HTTP/1.1" 200 11220 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 148.72.212.159 - - \[20/Sep/2020:03:48:43 +0200\] "POST /wp-login.php HTTP/1.1" 200 11220 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2020-09-20 18:23:43
134.122.31.107	attackspam	DATE:2020-09-20 12:08:59, IP:134.122.31.107, PORT:ssh SSH brute force auth (docker-dc)	2020-09-20 18:25:54
185.235.40.133	attackbotsspam	(sshd) Failed SSH login from 185.235.40.133 (IR/Iran/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 20 04:55:59 idl1-dfw sshd[223236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.235.40.133 user=root Sep 20 04:56:01 idl1-dfw sshd[223236]: Failed password for root from 185.235.40.133 port 47764 ssh2 Sep 20 05:04:03 idl1-dfw sshd[231524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.235.40.133 user=root Sep 20 05:04:05 idl1-dfw sshd[231524]: Failed password for root from 185.235.40.133 port 49258 ssh2 Sep 20 05:08:10 idl1-dfw sshd[236750]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.235.40.133 user=root	2020-09-20 18:42:59
162.245.218.151	attackspam	Sep 20 05:55:39 scw-6657dc sshd[11439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.245.218.151 user=root Sep 20 05:55:39 scw-6657dc sshd[11439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.245.218.151 user=root Sep 20 05:55:41 scw-6657dc sshd[11439]: Failed password for root from 162.245.218.151 port 38886 ssh2 ...	2020-09-20 18:48:53
192.144.232.129	attackbots	Invalid user barberapp from 192.144.232.129 port 33526	2020-09-20 18:21:14
197.255.160.225	attack	(sshd) Failed SSH login from 197.255.160.225 (NG/Nigeria/-): 5 in the last 3600 secs	2020-09-20 18:12:04
112.199.118.195	attackbotsspam	Sep 20 12:30:41 abendstille sshd\[26775\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.199.118.195 user=root Sep 20 12:30:43 abendstille sshd\[26775\]: Failed password for root from 112.199.118.195 port 62232 ssh2 Sep 20 12:35:04 abendstille sshd\[31065\]: Invalid user evil from 112.199.118.195 Sep 20 12:35:04 abendstille sshd\[31065\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.199.118.195 Sep 20 12:35:06 abendstille sshd\[31065\]: Failed password for invalid user evil from 112.199.118.195 port 61790 ssh2 ...	2020-09-20 18:35:45
112.255.155.58	attack	Portscan detected	2020-09-20 18:21:46

Recently Reported IPs

70.73.4.112	157.157.21.161	116.105.46.41	178.128.56.89
77.40.34.247	41.213.151.97	59.46.170.234	211.185.83.172
114.119.160.106	27.72.115.218	79.166.226.145	162.243.128.104
114.198.137.149	51.15.58.158	111.229.125.217	69.94.131.149
181.163.192.197	110.103.74.128	211.101.176.35	41.238.250.69