JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 106.13.167.239

106.13.167.239 was found in our database!

This IP was reported 590 times. Confidence of Abuse is 100%: ?

100%

ISP	Beijing Baidu Netcom Science and Technology Co., Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS38365
Domain Name	baidu.com
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 106.13.167.239

Whois 106.13.167.239

IP Abuse Reports for 106.13.167.239:

This IP address has been reported a total of 590 times from 292 distinct sources. 106.13.167.239 was first reported on April 10th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 pr0vieh	2026-04-17 16:16:41 (1 month ago)	2026-04-17T17:16:06.055128+01:00 Linux14 sshd-session[3610985]: pam_unix(sshd:auth): authentication ... show more 2026-04-17T17:16:06.055128+01:00 Linux14 sshd-session[3610985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.167.239 user=root 2026-04-17T17:16:08.423681+01:00 Linux14 sshd-session[3610985]: Failed password for root from 106.13.167.239 port 57648 ssh2 2026-04-17T17:16:12.917351+01:00 Linux14 sshd-session[3611290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.167.239 user=root 2026-04-17T17:16:14.707704+01:00 Linux14 sshd-session[3611290]: Failed password for root from 106.13.167.239 port 57650 ssh2 2026-04-17T17:16:19.025198+01:00 Linux14 sshd-session[3611691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.167.239 user=root 2026-04-17T17:16:20.874677+01:00 Linux14 sshd-session[3611691]: Failed password for root from 106.13.167.239 port 54170 ssh2 2026-04-17T17:16:27.821061+01:00 Linux14 sshd-session[3612186]: pam_unix(sshd:auth): authen ... show less	Brute-Force SSH
🇮🇹 alph44	2026-04-17 06:41:52 (1 month ago)	SSH brute force attack detected: 5 failed attempts	Brute-Force
🇩🇪 NetWatch	2026-04-17 04:35:56 (1 month ago)	The IP 106.13.167.239 tried multiple SSH_BRUTE_FORCE logins	Brute-Force
🇮🇩 Diskominfo Lumajang	2026-04-16 20:20:06 (1 month ago)	Security Event Detected by SOC Diskominfo Lumajang: event=ssh, hits=3	Brute-Force SSH
🇩🇪 30p87	2026-04-16 18:58:55 (1 month ago)	2026-04-16T20:58:54.717333+02:00 30p87-server sshd-session[459236]: Connection closed by 106.13.167. ... show more 2026-04-16T20:58:54.717333+02:00 30p87-server sshd-session[459236]: Connection closed by 106.13.167.239 port 49188 [preauth] ... show less	Brute-Force SSH
🇳🇱 Alboweb B.V.	2026-04-16 13:11:50 (1 month ago)	SSH abuse or brute-force attack detected by Fail2Ban in ssh jail	Brute-Force SSH
🇩🇪 Veslys	2026-04-16 11:26:08 (1 month ago)	2026-04-16T11:26:01.343364+00:00 UbR36csQ sshd[950595]: Failed password for root from 106.13.167.239 ... show more 2026-04-16T11:26:01.343364+00:00 UbR36csQ sshd[950595]: Failed password for root from 106.13.167.239 port 45546 ssh2 2026-04-16T11:26:04.709189+00:00 UbR36csQ sshd[950597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.167.239 user=root 2026-04-16T11:26:07.098400+00:00 UbR36csQ sshd[950597]: Failed password for root from 106.13.167.239 port 45558 ssh2 ... show less	Brute-Force SSH
🇩🇪 dispaisyenterprises	2026-04-16 08:21:43 (1 month ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 2323 [1] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 2323 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇨🇳 ThreatBook.io	2026-04-16 00:07:25 (1 month ago)	ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/106.13.167.239	Brute-Force
🇳🇴 thorn5011	2026-04-15 16:05:06 (1 month ago)	Cowrie Honeypot: 2 unauthorised SSH/Telnet login attempts between 2026-04-15T16:05:02Z and 2026-04-1 ... show more Cowrie Honeypot: 2 unauthorised SSH/Telnet login attempts between 2026-04-15T16:05:02Z and 2026-04-15T16:05:05Z show less	Brute-Force SSH
🇫🇷 menibit	2026-04-15 03:35:49 (1 month ago)	[ks7-AI-SEC] SSH brute-force attack - 3 failed attempts from 106.13.167.239	Brute-Force SSH
🇺🇸 MU-star.net	2026-04-15 03:26:09 (1 month ago)	2026-04-15T12:25:58.204368 mustar-kr-miso sshd[583260]: Failed password for root from 106.13.167.239 ... show more 2026-04-15T12:25:58.204368 mustar-kr-miso sshd[583260]: Failed password for root from 106.13.167.239 port 44842 ssh2 2026-04-15T12:26:01.510111 mustar-kr-miso sshd[583263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.167.239 user=root 2026-04-15T12:26:03.532841 mustar-kr-miso sshd[583263]: Failed password for root from 106.13.167.239 port 44846 ssh2 2026-04-15T12:26:07.096989 mustar-kr-miso sshd[583266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.167.239 user=root 2026-04-15T12:26:09.275443 mustar-kr-miso sshd[583266]: Failed password for root from 106.13.167.239 port 57144 ssh2 ... show less	Hacking Brute-Force SSH
🇩🇪 grassau.com	2026-04-11 09:54:05 (1 month ago)	(sshd) Failed SSH login from 106.13.167.239 (CN/China/-/-/-)	Brute-Force SSH
🇫🇷 HerrWolf	2026-04-11 02:15:03 (1 month ago)	CrowdSec Detection: crowdsecurity/ssh-bf	Brute-Force SSH
🇨🇳 ThreatBook.io	2026-04-10 23:58:48 (1 month ago)	ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/106.13.167.239 2026-04-1 ... show more ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/106.13.167.239 2026-04-10 13:55:47 ["uname -s -m"] show less	Brute-Force

Showing 571 to 585 of 590 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 137.184.228.138

🇮🇳 125.23.41.122

🇨🇳 115.190.171.196

🇺🇸 35.188.112.111

🇺🇸 23.95.48.146

🇵🇰 223.123.72.210

🇬🇧 198.244.183.81

🇩🇪 194.88.98.106

🇬🇧 185.247.137.41

🇧🇷 177.126.132.44

🇺🇸 165.22.156.250

🇺🇸 162.144.73.123

🇺🇸 151.240.67.39

🇩🇪 69.5.169.36

🇺🇸 66.132.186.239

🇺🇸 65.181.127.40

🇺🇸 193.26.115.76

🇬🇧 185.249.74.198

🇺🇸 157.230.142.126

🇺🇸 135.180.153.48