106.13.200.7 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	ssh intrusion attempt	2020-01-11 23:32:20
attackbots	Dec 24 06:28:37 game-panel sshd[29208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.7 Dec 24 06:28:38 game-panel sshd[29208]: Failed password for invalid user dorothy from 106.13.200.7 port 44902 ssh2 Dec 24 06:30:17 game-panel sshd[29280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.7	2019-12-24 14:58:17
attackbotsspam	Invalid user admin from 106.13.200.7 port 34752	2019-11-27 22:27:57
attack	Nov 24 23:57:30 lnxweb62 sshd[18085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.7	2019-11-25 08:08:06
attackbotsspam	Invalid user ubnt from 106.13.200.7 port 37288 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.7 Failed password for invalid user ubnt from 106.13.200.7 port 37288 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.7 user=root Failed password for root from 106.13.200.7 port 44752 ssh2	2019-11-03 18:42:39
attackspambots	Invalid user web from 106.13.200.7 port 52866	2019-10-27 03:18:25
attackspam	Invalid user web from 106.13.200.7 port 52866	2019-10-24 21:28:29
attackspam	Invalid user zhanghua from 106.13.200.7 port 44048	2019-10-17 22:05:36
attackbotsspam	Oct 16 06:23:16 dedicated sshd[16679]: Invalid user sel from 106.13.200.7 port 46278	2019-10-16 12:27:07
attackspam	Oct 12 14:22:15 lnxweb61 sshd[26611]: Failed password for root from 106.13.200.7 port 36198 ssh2 Oct 12 14:22:15 lnxweb61 sshd[26611]: Failed password for root from 106.13.200.7 port 36198 ssh2	2019-10-12 20:24:07
attackspam	Sep 29 17:54:35 tdfoods sshd\[29593\]: Invalid user gui123 from 106.13.200.7 Sep 29 17:54:35 tdfoods sshd\[29593\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.7 Sep 29 17:54:37 tdfoods sshd\[29593\]: Failed password for invalid user gui123 from 106.13.200.7 port 58484 ssh2 Sep 29 17:57:24 tdfoods sshd\[29838\]: Invalid user iulian from 106.13.200.7 Sep 29 17:57:24 tdfoods sshd\[29838\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.7	2019-09-30 13:51:40
attackspam	Sep 9 00:57:48 pkdns2 sshd\[599\]: Invalid user david from 106.13.200.7Sep 9 00:57:50 pkdns2 sshd\[599\]: Failed password for invalid user david from 106.13.200.7 port 36206 ssh2Sep 9 01:00:38 pkdns2 sshd\[761\]: Invalid user 1234 from 106.13.200.7Sep 9 01:00:40 pkdns2 sshd\[761\]: Failed password for invalid user 1234 from 106.13.200.7 port 34280 ssh2Sep 9 01:03:27 pkdns2 sshd\[869\]: Invalid user oneadmin from 106.13.200.7Sep 9 01:03:29 pkdns2 sshd\[869\]: Failed password for invalid user oneadmin from 106.13.200.7 port 60588 ssh2 ...	2019-09-09 06:16:20
attackbots	2019-08-29T20:19:37.175694abusebot-2.cloudsearch.cf sshd\[2721\]: Invalid user bear from 106.13.200.7 port 34456	2019-08-30 11:57:47
attackbots	Aug 25 17:41:01 friendsofhawaii sshd\[9794\]: Invalid user aa from 106.13.200.7 Aug 25 17:41:01 friendsofhawaii sshd\[9794\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.7 Aug 25 17:41:03 friendsofhawaii sshd\[9794\]: Failed password for invalid user aa from 106.13.200.7 port 39446 ssh2 Aug 25 17:44:52 friendsofhawaii sshd\[10159\]: Invalid user dev from 106.13.200.7 Aug 25 17:44:52 friendsofhawaii sshd\[10159\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.7	2019-08-26 12:03:15

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.200.198	attackspambots	firewall-block, port(s): 445/tcp	2020-07-09 19:50:19
106.13.200.50	attackbotsspam	Apr 27 22:09:50 mail sshd\[31036\]: Invalid user demo from 106.13.200.50 Apr 27 22:09:50 mail sshd\[31036\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.50 Apr 27 22:09:52 mail sshd\[31036\]: Failed password for invalid user demo from 106.13.200.50 port 56622 ssh2 ...	2020-04-28 07:31:52
106.13.200.175	attack	Brute-force attempt banned	2020-04-19 01:13:41
106.13.200.175	attackspam	Apr 16 09:49:20 ws22vmsma01 sshd[126933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.175 Apr 16 09:49:21 ws22vmsma01 sshd[126933]: Failed password for invalid user ol from 106.13.200.175 port 49824 ssh2 ...	2020-04-16 22:25:05
106.13.200.50	attack	Apr 12 23:45:50 silence02 sshd[1171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.50 Apr 12 23:45:53 silence02 sshd[1171]: Failed password for invalid user john from 106.13.200.50 port 59296 ssh2 Apr 12 23:47:42 silence02 sshd[1403]: Failed password for root from 106.13.200.50 port 41828 ssh2	2020-04-13 08:26:18
106.13.200.50	attackbots	Apr 5 00:48:35 vps sshd[601221]: Failed password for root from 106.13.200.50 port 33232 ssh2 Apr 5 00:49:32 vps sshd[605413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.50 user=root Apr 5 00:49:35 vps sshd[605413]: Failed password for root from 106.13.200.50 port 41778 ssh2 Apr 5 00:50:33 vps sshd[614153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.50 user=root Apr 5 00:50:35 vps sshd[614153]: Failed password for root from 106.13.200.50 port 50308 ssh2 ...	2020-04-05 08:55:46
106.13.200.50	attack	2019-11-11T06:29:44.523402suse-nuc sshd[1660]: Invalid user traska from 106.13.200.50 port 48400 ...	2020-02-18 04:55:54
106.13.200.50	attack	Feb 15 23:18:25 mout sshd[13656]: Invalid user rhodecode from 106.13.200.50 port 39182	2020-02-16 08:35:54
106.13.200.50	attack	Feb 12 15:54:31 h1745522 sshd[5086]: Invalid user 123456 from 106.13.200.50 port 37824 Feb 12 15:54:31 h1745522 sshd[5086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.50 Feb 12 15:54:31 h1745522 sshd[5086]: Invalid user 123456 from 106.13.200.50 port 37824 Feb 12 15:54:33 h1745522 sshd[5086]: Failed password for invalid user 123456 from 106.13.200.50 port 37824 ssh2 Feb 12 15:58:26 h1745522 sshd[5228]: Invalid user ship from 106.13.200.50 port 59264 Feb 12 15:58:26 h1745522 sshd[5228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.50 Feb 12 15:58:26 h1745522 sshd[5228]: Invalid user ship from 106.13.200.50 port 59264 Feb 12 15:58:29 h1745522 sshd[5228]: Failed password for invalid user ship from 106.13.200.50 port 59264 ssh2 Feb 12 16:02:22 h1745522 sshd[5357]: Invalid user zen123 from 106.13.200.50 port 52526 ...	2020-02-13 09:36:38
106.13.200.50	attack	Unauthorized connection attempt detected from IP address 106.13.200.50 to port 2220 [J]	2020-02-01 09:45:41
106.13.200.50	attack	Jan 8 14:03:13 ArkNodeAT sshd\[22487\]: Invalid user sre from 106.13.200.50 Jan 8 14:03:13 ArkNodeAT sshd\[22487\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.50 Jan 8 14:03:15 ArkNodeAT sshd\[22487\]: Failed password for invalid user sre from 106.13.200.50 port 52086 ssh2	2020-01-09 05:07:04
106.13.200.50	attackbots	Dec 19 18:47:53 MK-Soft-Root2 sshd[31845]: Failed password for bin from 106.13.200.50 port 45536 ssh2 ...	2019-12-20 02:05:03
106.13.200.50	attackspam	Dec 4 05:13:23 venus sshd\[29976\]: Invalid user admin from 106.13.200.50 port 36986 Dec 4 05:13:23 venus sshd\[29976\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.50 Dec 4 05:13:25 venus sshd\[29976\]: Failed password for invalid user admin from 106.13.200.50 port 36986 ssh2 ...	2019-12-04 13:31:45
106.13.200.50	attackspambots	SSH invalid-user multiple login attempts	2019-11-27 08:45:28
106.13.200.50	attack	SSH bruteforce (Triggered fail2ban)	2019-11-25 04:20:53

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.200.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25670
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.200.7.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082201 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 23 08:36:52 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 7.200.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 7.200.13.106.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
82.171.113.33	attack	DATE:2020-05-14 23:20:14, IP:82.171.113.33, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-05-15 08:54:26
49.165.96.21	attack	2020-05-15T00:27:03.735907shield sshd\[17303\]: Invalid user samba1 from 49.165.96.21 port 38890 2020-05-15T00:27:03.752009shield sshd\[17303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.165.96.21 2020-05-15T00:27:05.920878shield sshd\[17303\]: Failed password for invalid user samba1 from 49.165.96.21 port 38890 ssh2 2020-05-15T00:31:13.542094shield sshd\[18592\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.165.96.21 user=root 2020-05-15T00:31:15.365379shield sshd\[18592\]: Failed password for root from 49.165.96.21 port 47666 ssh2	2020-05-15 08:47:32
134.122.113.193	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-05-15 09:02:10
95.0.206.13	attack	SMB Server BruteForce Attack	2020-05-15 08:39:30
180.76.157.150	attackbots	May 14 17:13:53 pixelmemory sshd[1049032]: Invalid user postgres from 180.76.157.150 port 32970 May 14 17:13:53 pixelmemory sshd[1049032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.157.150 May 14 17:13:53 pixelmemory sshd[1049032]: Invalid user postgres from 180.76.157.150 port 32970 May 14 17:13:55 pixelmemory sshd[1049032]: Failed password for invalid user postgres from 180.76.157.150 port 32970 ssh2 May 14 17:17:02 pixelmemory sshd[1049511]: Invalid user rb from 180.76.157.150 port 46738 ...	2020-05-15 09:07:49
117.92.242.153	attackspambots	Port probing on unauthorized port 5555	2020-05-15 08:44:15
162.247.74.204	attackbotsspam	May 14 22:52:00 mout sshd[27467]: Failed password for root from 162.247.74.204 port 57236 ssh2 May 14 22:52:03 mout sshd[27467]: Failed password for root from 162.247.74.204 port 57236 ssh2 May 14 22:52:03 mout sshd[27467]: Connection closed by 162.247.74.204 port 57236 [preauth]	2020-05-15 08:44:57
218.92.0.145	attackbots	May 15 00:53:36 sshgateway sshd\[4974\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root May 15 00:53:38 sshgateway sshd\[4974\]: Failed password for root from 218.92.0.145 port 32992 ssh2 May 15 00:53:52 sshgateway sshd\[4974\]: error: maximum authentication attempts exceeded for root from 218.92.0.145 port 32992 ssh2 \[preauth\]	2020-05-15 09:01:45
180.248.0.46	attackbots	1589489510 - 05/14/2020 22:51:50 Host: 180.248.0.46/180.248.0.46 Port: 445 TCP Blocked	2020-05-15 08:52:30
128.199.248.65	attackspam	128.199.248.65 - - [14/May/2020:22:52:02 +0200] "GET /wp-login.php HTTP/1.1" 200 6451 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.248.65 - - [14/May/2020:22:52:10 +0200] "POST /wp-login.php HTTP/1.1" 200 6702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.248.65 - - [14/May/2020:22:52:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-15 08:35:23
144.217.243.216	attack	2020-05-14T23:29:49.741595Z f465185162da New connection: 144.217.243.216:51770 (172.17.0.6:2222) [session: f465185162da] 2020-05-14T23:35:00.218949Z fde2f4e12037 New connection: 144.217.243.216:34858 (172.17.0.6:2222) [session: fde2f4e12037]	2020-05-15 08:45:43
194.31.244.42	attack	Multiport scan : 27 ports scanned 3590 3592 3593 3595 3596 3671 3673 3675 3676 3678 3681 3683 3684 3686 3689 3690 3691 3693 3694 3701 3704 3708 3709 3712 3714 3715 3717	2020-05-15 08:32:48
185.176.27.98	attack	05/14/2020-20:02:45.047009 185.176.27.98 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-05-15 08:59:13
144.172.80.16	attackbotsspam	Email rejected due to spam filtering	2020-05-15 08:59:44
103.138.188.45	attack	103.138.188.45 - - [14/May/2020:22:52:20 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.138.188.45 - - [14/May/2020:22:52:22 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.138.188.45 - - [14/May/2020:22:52:22 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.138.188.45 - - [14/May/2020:22:52:24 +0200] "POST /wp-login.php HTTP/1.1" 200 2008 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.138.188.45 - - [14/May/2020:22:52:24 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.138.188.45 - - [14/May/2020:22:52:25 +0200] "POST /wp-login.php HTTP/1.1" 200 2009 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/201001 ...	2020-05-15 08:28:05

最近上报的IP列表

45.182.138.146	209.130.220.55	199.88.190.140	62.66.0.123
46.123.240.156	190.167.84.171	27.5.157.108	193.105.62.255
103.122.65.42	191.53.59.7	114.67.107.78	178.34.12.62
88.238.243.196	153.194.117.105	186.54.133.231	178.128.87.245
168.228.114.57	1.9.155.84	111.93.58.18	190.225.49.236