JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 106.13.122.198

106.13.122.198 was found in our database!

This IP was reported 276 times. Confidence of Abuse is 100%: ?

100%

ISP	Beijing Baidu Netcom Science and Technology Co., Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS38365
Domain Name	baidu.com
Country	🇨🇳 China
City	Beijing, Beijing

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 106.13.122.198

Whois 106.13.122.198

IP Abuse Reports for 106.13.122.198:

This IP address has been reported a total of 276 times from 147 distinct sources. 106.13.122.198 was first reported on April 29th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 skocherhan	2026-05-16 17:26:55 (2 weeks ago)	Honeypot: Aggressive scanning detected on port 23. Threshold met.	Port Scan Brute-Force
🇺🇸 CBJ	2026-05-16 12:34:40 (2 weeks ago)	fail2ban: apache-filepath-recon ...	Web App Attack
🇫🇷 vtchost.com	2026-05-16 12:20:50 (2 weeks ago)	minux.cc:443 106.13.122.198 - - [16/May/2026:14:20:50 +0200] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e ... show more minux.cc:443 106.13.122.198 - - [16/May/2026:14:20:50 +0200] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 3007 "-" "libredtail-http" ... show less	Bad Web Bot
🇺🇸 shaunc	2026-05-16 11:09:53 (2 weeks ago)	May 16 06:09:43 [redacted] sshd[30583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 ... show more May 16 06:09:43 [redacted] sshd[30583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.122.198 May 16 06:09:45 [redacted] sshd[30583]: Failed password for invalid user admin from 106.13.122.198 port 47648 ssh2 May 16 06:09:50 [redacted] sshd[30583]: Connection closed by 106.13.122.198 port 47648 [preauth] show less	Brute-Force SSH
🇩🇪 london2038.com	2026-05-16 07:30:28 (2 weeks ago)	Malformed or malicious web request 106.13.122.198 - - [16/May/2026:09:30:23 +0200] "POST /cgi-bin/.% ... show more Malformed or malicious web request 106.13.122.198 - - [16/May/2026:09:30:23 +0200] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 157 "-" "-" show less	Hacking Web App Attack
🇦🇹 urnilxfgbez	2026-05-15 22:45:00 (2 weeks ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 RAP	2026-05-15 18:27:24 (2 weeks ago)	2026-05-15 18:27:24 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇬🇧 PeravixGroup	2026-05-15 16:45:13 (2 weeks ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 MPL	2026-05-15 15:30:59 (2 weeks ago)	tcp/2375 (2 or more attempts)	Port Scan
🇺🇸 MPL	2026-05-15 13:12:05 (2 weeks ago)	tcp/23 (4 or more attempts)	Port Scan
🇨🇳 ThreatBook.io	2026-05-14 22:59:14 (2 weeks ago)	ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/106.13.122.198	Brute-Force
🇩🇪 barbarella	2026-05-14 19:29:22 (2 weeks ago)	illegal attempt to access local shell (POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.% ... show more illegal attempt to access local shell (POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh) show less	Hacking Web App Attack
🇺🇸 MPL	2026-05-14 18:15:01 (2 weeks ago)	tcp/80 (2 or more attempts)	Port Scan
Anonymous	2026-05-14 13:08:32 (2 weeks ago)	106.13.122.198 - - [14/May/2026:15:08:31 +0200] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.% ... show more 106.13.122.198 - - [14/May/2026:15:08:31 +0200] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 150 "-" "-" ... show less	Brute-Force Web App Attack
🇺🇸 MPL	2026-05-14 04:54:20 (3 weeks ago)	tcp/2222	Port Scan

Showing 151 to 165 of 276 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.140

🇺🇸 205.210.31.76

🇺🇸 195.184.76.210

🇳🇱 185.242.226.73

🇺🇸 184.105.247.254

🇭🇰 150.5.131.119

🇺🇸 147.185.132.36

🇹🇼 114.35.59.237

🇩🇪 69.5.169.173

🇺🇸 66.132.186.139

🇺🇸 65.49.1.145

🇯🇵 8.209.208.8

🇧🇷 2804:7f0:b400:a097:9eb:6255:265a:15d0

🇬🇧 193.163.125.106

🇳🇱 176.65.139.185

🇸🇬 172.217.97.16

🇺🇸 157.245.1.7

🇸🇬 103.250.11.63

🇬🇧 89.37.172.155

🇺🇸 65.49.1.212