106.13.168.107

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	21 attempts against mh-ssh on echoip	2020-09-19 03:27:26
attackspambots	$f2bV_matches	2020-09-18 19:30:02
attackbots	Aug 25 00:19:51 vps sshd[30866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.107 Aug 25 00:19:53 vps sshd[30866]: Failed password for invalid user bots from 106.13.168.107 port 44816 ssh2 Aug 25 00:32:19 vps sshd[31519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.107 ...	2020-08-25 08:00:43
attackspambots	Aug 5 03:20:14 web9 sshd\[31600\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.107 user=root Aug 5 03:20:15 web9 sshd\[31600\]: Failed password for root from 106.13.168.107 port 33588 ssh2 Aug 5 03:23:56 web9 sshd\[32132\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.107 user=root Aug 5 03:23:58 web9 sshd\[32132\]: Failed password for root from 106.13.168.107 port 41058 ssh2 Aug 5 03:27:39 web9 sshd\[32761\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.107 user=root	2020-08-06 02:54:43
attack	Jun 6 06:13:06 buvik sshd[14759]: Failed password for root from 106.13.168.107 port 44884 ssh2 Jun 6 06:15:02 buvik sshd[14971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.107 user=root Jun 6 06:15:05 buvik sshd[14971]: Failed password for root from 106.13.168.107 port 35886 ssh2 ...	2020-06-06 18:14:36
attackbots	Tried sshing with brute force.	2020-06-04 03:05:01
attackbots	2020-05-07T03:51:28.588747abusebot-4.cloudsearch.cf sshd[13197]: Invalid user admin from 106.13.168.107 port 34068 2020-05-07T03:51:28.595163abusebot-4.cloudsearch.cf sshd[13197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.107 2020-05-07T03:51:28.588747abusebot-4.cloudsearch.cf sshd[13197]: Invalid user admin from 106.13.168.107 port 34068 2020-05-07T03:51:30.481363abusebot-4.cloudsearch.cf sshd[13197]: Failed password for invalid user admin from 106.13.168.107 port 34068 ssh2 2020-05-07T03:52:55.728995abusebot-4.cloudsearch.cf sshd[13276]: Invalid user dara from 106.13.168.107 port 45218 2020-05-07T03:52:55.735951abusebot-4.cloudsearch.cf sshd[13276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.107 2020-05-07T03:52:55.728995abusebot-4.cloudsearch.cf sshd[13276]: Invalid user dara from 106.13.168.107 port 45218 2020-05-07T03:52:57.230937abusebot-4.cloudsearch.cf sshd[13276]: F ...	2020-05-07 15:59:03
attackspam	SSH Brute Force	2020-04-27 04:21:00
attackbots	prod11 ...	2020-04-26 13:04:44
attackbotsspam	Apr 17 17:20:04 lukav-desktop sshd\[25812\]: Invalid user vo from 106.13.168.107 Apr 17 17:20:04 lukav-desktop sshd\[25812\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.107 Apr 17 17:20:05 lukav-desktop sshd\[25812\]: Failed password for invalid user vo from 106.13.168.107 port 39764 ssh2 Apr 17 17:23:55 lukav-desktop sshd\[25974\]: Invalid user ubuntu from 106.13.168.107 Apr 17 17:23:55 lukav-desktop sshd\[25974\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.107	2020-04-18 01:49:22
attack	Invalid user rey from 106.13.168.107 port 49392	2020-04-04 07:46:18
attack	Apr 1 21:01:34 ns382633 sshd\[30536\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.107 user=root Apr 1 21:01:36 ns382633 sshd\[30536\]: Failed password for root from 106.13.168.107 port 57536 ssh2 Apr 1 21:20:43 ns382633 sshd\[2003\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.107 user=root Apr 1 21:20:45 ns382633 sshd\[2003\]: Failed password for root from 106.13.168.107 port 56758 ssh2 Apr 1 21:27:14 ns382633 sshd\[3146\]: Invalid user zhanglingxiao from 106.13.168.107 port 59988 Apr 1 21:27:14 ns382633 sshd\[3146\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.107	2020-04-02 03:41:35
attackbotsspam	SSH login attempts.	2020-03-29 12:12:37
attackbots	Invalid user santusi from 106.13.168.107 port 60720	2020-02-02 07:06:52
attackspambots	Jan 25 20:07:15 marvibiene sshd[55119]: Invalid user siu from 106.13.168.107 port 51400 Jan 25 20:07:15 marvibiene sshd[55119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.107 Jan 25 20:07:15 marvibiene sshd[55119]: Invalid user siu from 106.13.168.107 port 51400 Jan 25 20:07:17 marvibiene sshd[55119]: Failed password for invalid user siu from 106.13.168.107 port 51400 ssh2 ...	2020-01-26 04:15:11

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.168.43	attackbotsspam	Invalid user devuser from 106.13.168.43 port 43214	2020-08-30 14:53:30
106.13.168.43	attack	Aug 25 17:27:11 lukav-desktop sshd\[2500\]: Invalid user teste from 106.13.168.43 Aug 25 17:27:11 lukav-desktop sshd\[2500\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.43 Aug 25 17:27:13 lukav-desktop sshd\[2500\]: Failed password for invalid user teste from 106.13.168.43 port 47750 ssh2 Aug 25 17:31:44 lukav-desktop sshd\[2546\]: Invalid user niv from 106.13.168.43 Aug 25 17:31:44 lukav-desktop sshd\[2546\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.43	2020-08-25 22:44:17
106.13.168.43	attackbots	Aug 16 19:58:47 mailserver sshd\[10834\]: Invalid user testing from 106.13.168.43 ...	2020-08-17 02:59:28
106.13.168.43	attack	Aug 14 06:08:57 ip106 sshd[2662]: Failed password for root from 106.13.168.43 port 36808 ssh2 ...	2020-08-14 15:17:25
106.13.168.43	attackspam	$f2bV_matches	2020-08-10 12:43:47
106.13.168.43	attackbots	Failed password for root from 106.13.168.43 port 51774 ssh2	2020-08-10 04:10:27
106.13.168.43	attackspambots	Invalid user sinusbot from 106.13.168.43 port 46862	2020-07-30 13:11:35
106.13.168.43	attack	$f2bV_matches	2020-07-25 16:31:34
106.13.168.43	attack	Jul 22 16:55:07 ws22vmsma01 sshd[121379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.43 Jul 22 16:55:09 ws22vmsma01 sshd[121379]: Failed password for invalid user hm from 106.13.168.43 port 55968 ssh2 ...	2020-07-23 04:41:11
106.13.168.43	attackbots	sshd: Failed password for invalid user .... from 106.13.168.43 port 48290 ssh2 (6 attempts)	2020-07-17 18:18:59
106.13.168.31	attack	Jun 24 05:50:55 ns37 sshd[13170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.31	2020-06-24 18:08:52
106.13.168.31	attack	$f2bV_matches	2020-06-17 02:53:35
106.13.168.31	attackspambots	Jun 14 11:10:33 eventyay sshd[8070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.31 Jun 14 11:10:36 eventyay sshd[8070]: Failed password for invalid user hhchung from 106.13.168.31 port 45522 ssh2 Jun 14 11:14:21 eventyay sshd[8166]: Failed password for root from 106.13.168.31 port 35846 ssh2 ...	2020-06-14 17:39:23
106.13.168.31	attackspam	Invalid user atul from 106.13.168.31 port 50742	2020-06-13 05:19:09
106.13.168.31	attackspambots	2020-06-05T13:42:39.416559ns386461 sshd\[13226\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.31 user=root 2020-06-05T13:42:40.991283ns386461 sshd\[13226\]: Failed password for root from 106.13.168.31 port 48164 ssh2 2020-06-05T13:58:40.367103ns386461 sshd\[28263\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.31 user=root 2020-06-05T13:58:41.872510ns386461 sshd\[28263\]: Failed password for root from 106.13.168.31 port 52444 ssh2 2020-06-05T14:02:52.128448ns386461 sshd\[31996\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.168.31 user=root ...	2020-06-05 21:17:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.168.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8313
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.168.107.			IN	A

;; AUTHORITY SECTION:
.			439	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012501 1800 900 604800 86400

;; Query time: 200 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 26 04:15:08 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 107.168.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.168.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
193.35.51.23	attackbots	Sep 27 20:32:35 galaxy event: galaxy/lswi: smtp: martha.stritzel@wi.uni-potsdam.de [193.35.51.23] authentication failure using internet password Sep 27 20:32:36 galaxy event: galaxy/lswi: smtp: martha.stritzel [193.35.51.23] authentication failure using internet password Sep 27 20:33:08 galaxy event: galaxy/lswi: smtp: juliane.meier@wi.uni-potsdam.de [193.35.51.23] authentication failure using internet password Sep 27 20:33:10 galaxy event: galaxy/lswi: smtp: juliane.meier [193.35.51.23] authentication failure using internet password Sep 27 20:33:16 galaxy event: galaxy/lswi: smtp: anne-kathrin.leo@wi.uni-potsdam.de [193.35.51.23] authentication failure using internet password ...	2020-09-28 02:36:20
193.112.1.26	attackspam	Sep 27 11:02:42 mockhub sshd[71881]: Invalid user ubuntu from 193.112.1.26 port 36476 Sep 27 11:02:44 mockhub sshd[71881]: Failed password for invalid user ubuntu from 193.112.1.26 port 36476 ssh2 Sep 27 11:05:59 mockhub sshd[71965]: Invalid user abcd from 193.112.1.26 port 42792 ...	2020-09-28 02:12:54
218.75.210.46	attack	SSH invalid-user multiple login attempts	2020-09-28 02:36:42
91.225.196.20	attackspam	2020-09-27T19:07:28.508125lavrinenko.info sshd[2185]: Invalid user robert from 91.225.196.20 port 36346 2020-09-27T19:07:28.518162lavrinenko.info sshd[2185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.225.196.20 2020-09-27T19:07:28.508125lavrinenko.info sshd[2185]: Invalid user robert from 91.225.196.20 port 36346 2020-09-27T19:07:30.911894lavrinenko.info sshd[2185]: Failed password for invalid user robert from 91.225.196.20 port 36346 ssh2 2020-09-27T19:11:43.591049lavrinenko.info sshd[2302]: Invalid user teamspeak from 91.225.196.20 port 46252 ...	2020-09-28 02:42:52
157.245.99.119	attackbots	Invalid user minecraft from 157.245.99.119 port 41538	2020-09-28 02:18:03
167.172.98.207	attackbotsspam	srv02 SSH BruteForce Attacks 22 ..	2020-09-28 02:46:17
183.16.208.177	attack	TCP (SYN) 183.16.208.177:37548 -> port 8080, len 40	2020-09-28 02:38:50
104.248.169.127	attack	SSHD brute force attack detected from [104.248.169.127]	2020-09-28 02:40:35
49.234.96.210	attackbots	(sshd) Failed SSH login from 49.234.96.210 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 27 14:03:48 server2 sshd[16671]: Invalid user alvin from 49.234.96.210 Sep 27 14:03:48 server2 sshd[16671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.96.210 Sep 27 14:03:51 server2 sshd[16671]: Failed password for invalid user alvin from 49.234.96.210 port 40298 ssh2 Sep 27 14:19:41 server2 sshd[16789]: Invalid user johan from 49.234.96.210 Sep 27 14:19:41 server2 sshd[16789]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.96.210	2020-09-28 02:48:16
190.151.37.21	attackspambots	Bruteforce detected by fail2ban	2020-09-28 02:24:38
59.78.85.210	attackspam	Sep 27 17:47:11 prox sshd[1900]: Failed password for root from 59.78.85.210 port 64681 ssh2	2020-09-28 02:35:55
178.128.90.9	attackspam	178.128.90.9 - - [27/Sep/2020:17:28:54 +0100] "POST /wp-login.php HTTP/1.1" 200 1861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.128.90.9 - - [27/Sep/2020:17:28:57 +0100] "POST /wp-login.php HTTP/1.1" 200 1839 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.128.90.9 - - [27/Sep/2020:17:29:04 +0100] "POST /wp-login.php HTTP/1.1" 200 1845 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-28 02:14:04
14.120.32.151	attackspambots	Invalid user pruebas from 14.120.32.151 port 21322	2020-09-28 02:20:41
193.201.214.49	attack	TCP (SYN) 193.201.214.49:50629 -> port 23, len 44	2020-09-28 02:27:22
69.55.54.65	attack	2020-09-26 05:19:58 server sshd[32601]: Failed password for invalid user jenkins from 69.55.54.65 port 48734 ssh2	2020-09-28 02:21:53

最近上报的IP列表

82.48.143.29	82.76.197.187	56.171.120.58	91.16.113.89
178.79.87.203	45.161.160.91	58.116.45.102	107.173.128.250
170.233.57.193	79.32.78.155	52.0.54.83	78.167.235.115
108.70.64.102	78.231.31.245	77.79.191.32	194.127.96.143
60.174.105.237	175.112.253.240	59.19.81.97	119.71.30.228