106.13.200.7 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	ssh intrusion attempt	2020-01-11 23:32:20
attackbots	Dec 24 06:28:37 game-panel sshd[29208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.7 Dec 24 06:28:38 game-panel sshd[29208]: Failed password for invalid user dorothy from 106.13.200.7 port 44902 ssh2 Dec 24 06:30:17 game-panel sshd[29280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.7	2019-12-24 14:58:17
attackbotsspam	Invalid user admin from 106.13.200.7 port 34752	2019-11-27 22:27:57
attack	Nov 24 23:57:30 lnxweb62 sshd[18085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.7	2019-11-25 08:08:06
attackbotsspam	Invalid user ubnt from 106.13.200.7 port 37288 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.7 Failed password for invalid user ubnt from 106.13.200.7 port 37288 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.7 user=root Failed password for root from 106.13.200.7 port 44752 ssh2	2019-11-03 18:42:39
attackspambots	Invalid user web from 106.13.200.7 port 52866	2019-10-27 03:18:25
attackspam	Invalid user web from 106.13.200.7 port 52866	2019-10-24 21:28:29
attackspam	Invalid user zhanghua from 106.13.200.7 port 44048	2019-10-17 22:05:36
attackbotsspam	Oct 16 06:23:16 dedicated sshd[16679]: Invalid user sel from 106.13.200.7 port 46278	2019-10-16 12:27:07
attackspam	Oct 12 14:22:15 lnxweb61 sshd[26611]: Failed password for root from 106.13.200.7 port 36198 ssh2 Oct 12 14:22:15 lnxweb61 sshd[26611]: Failed password for root from 106.13.200.7 port 36198 ssh2	2019-10-12 20:24:07
attackspam	Sep 29 17:54:35 tdfoods sshd\[29593\]: Invalid user gui123 from 106.13.200.7 Sep 29 17:54:35 tdfoods sshd\[29593\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.7 Sep 29 17:54:37 tdfoods sshd\[29593\]: Failed password for invalid user gui123 from 106.13.200.7 port 58484 ssh2 Sep 29 17:57:24 tdfoods sshd\[29838\]: Invalid user iulian from 106.13.200.7 Sep 29 17:57:24 tdfoods sshd\[29838\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.7	2019-09-30 13:51:40
attackspam	Sep 9 00:57:48 pkdns2 sshd\[599\]: Invalid user david from 106.13.200.7Sep 9 00:57:50 pkdns2 sshd\[599\]: Failed password for invalid user david from 106.13.200.7 port 36206 ssh2Sep 9 01:00:38 pkdns2 sshd\[761\]: Invalid user 1234 from 106.13.200.7Sep 9 01:00:40 pkdns2 sshd\[761\]: Failed password for invalid user 1234 from 106.13.200.7 port 34280 ssh2Sep 9 01:03:27 pkdns2 sshd\[869\]: Invalid user oneadmin from 106.13.200.7Sep 9 01:03:29 pkdns2 sshd\[869\]: Failed password for invalid user oneadmin from 106.13.200.7 port 60588 ssh2 ...	2019-09-09 06:16:20
attackbots	2019-08-29T20:19:37.175694abusebot-2.cloudsearch.cf sshd\[2721\]: Invalid user bear from 106.13.200.7 port 34456	2019-08-30 11:57:47
attackbots	Aug 25 17:41:01 friendsofhawaii sshd\[9794\]: Invalid user aa from 106.13.200.7 Aug 25 17:41:01 friendsofhawaii sshd\[9794\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.7 Aug 25 17:41:03 friendsofhawaii sshd\[9794\]: Failed password for invalid user aa from 106.13.200.7 port 39446 ssh2 Aug 25 17:44:52 friendsofhawaii sshd\[10159\]: Invalid user dev from 106.13.200.7 Aug 25 17:44:52 friendsofhawaii sshd\[10159\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.7	2019-08-26 12:03:15

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.200.198	attackspambots	firewall-block, port(s): 445/tcp	2020-07-09 19:50:19
106.13.200.50	attackbotsspam	Apr 27 22:09:50 mail sshd\[31036\]: Invalid user demo from 106.13.200.50 Apr 27 22:09:50 mail sshd\[31036\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.50 Apr 27 22:09:52 mail sshd\[31036\]: Failed password for invalid user demo from 106.13.200.50 port 56622 ssh2 ...	2020-04-28 07:31:52
106.13.200.175	attack	Brute-force attempt banned	2020-04-19 01:13:41
106.13.200.175	attackspam	Apr 16 09:49:20 ws22vmsma01 sshd[126933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.175 Apr 16 09:49:21 ws22vmsma01 sshd[126933]: Failed password for invalid user ol from 106.13.200.175 port 49824 ssh2 ...	2020-04-16 22:25:05
106.13.200.50	attack	Apr 12 23:45:50 silence02 sshd[1171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.50 Apr 12 23:45:53 silence02 sshd[1171]: Failed password for invalid user john from 106.13.200.50 port 59296 ssh2 Apr 12 23:47:42 silence02 sshd[1403]: Failed password for root from 106.13.200.50 port 41828 ssh2	2020-04-13 08:26:18
106.13.200.50	attackbots	Apr 5 00:48:35 vps sshd[601221]: Failed password for root from 106.13.200.50 port 33232 ssh2 Apr 5 00:49:32 vps sshd[605413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.50 user=root Apr 5 00:49:35 vps sshd[605413]: Failed password for root from 106.13.200.50 port 41778 ssh2 Apr 5 00:50:33 vps sshd[614153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.50 user=root Apr 5 00:50:35 vps sshd[614153]: Failed password for root from 106.13.200.50 port 50308 ssh2 ...	2020-04-05 08:55:46
106.13.200.50	attack	2019-11-11T06:29:44.523402suse-nuc sshd[1660]: Invalid user traska from 106.13.200.50 port 48400 ...	2020-02-18 04:55:54
106.13.200.50	attack	Feb 15 23:18:25 mout sshd[13656]: Invalid user rhodecode from 106.13.200.50 port 39182	2020-02-16 08:35:54
106.13.200.50	attack	Feb 12 15:54:31 h1745522 sshd[5086]: Invalid user 123456 from 106.13.200.50 port 37824 Feb 12 15:54:31 h1745522 sshd[5086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.50 Feb 12 15:54:31 h1745522 sshd[5086]: Invalid user 123456 from 106.13.200.50 port 37824 Feb 12 15:54:33 h1745522 sshd[5086]: Failed password for invalid user 123456 from 106.13.200.50 port 37824 ssh2 Feb 12 15:58:26 h1745522 sshd[5228]: Invalid user ship from 106.13.200.50 port 59264 Feb 12 15:58:26 h1745522 sshd[5228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.50 Feb 12 15:58:26 h1745522 sshd[5228]: Invalid user ship from 106.13.200.50 port 59264 Feb 12 15:58:29 h1745522 sshd[5228]: Failed password for invalid user ship from 106.13.200.50 port 59264 ssh2 Feb 12 16:02:22 h1745522 sshd[5357]: Invalid user zen123 from 106.13.200.50 port 52526 ...	2020-02-13 09:36:38
106.13.200.50	attack	Unauthorized connection attempt detected from IP address 106.13.200.50 to port 2220 [J]	2020-02-01 09:45:41
106.13.200.50	attack	Jan 8 14:03:13 ArkNodeAT sshd\[22487\]: Invalid user sre from 106.13.200.50 Jan 8 14:03:13 ArkNodeAT sshd\[22487\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.50 Jan 8 14:03:15 ArkNodeAT sshd\[22487\]: Failed password for invalid user sre from 106.13.200.50 port 52086 ssh2	2020-01-09 05:07:04
106.13.200.50	attackbots	Dec 19 18:47:53 MK-Soft-Root2 sshd[31845]: Failed password for bin from 106.13.200.50 port 45536 ssh2 ...	2019-12-20 02:05:03
106.13.200.50	attackspam	Dec 4 05:13:23 venus sshd\[29976\]: Invalid user admin from 106.13.200.50 port 36986 Dec 4 05:13:23 venus sshd\[29976\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.50 Dec 4 05:13:25 venus sshd\[29976\]: Failed password for invalid user admin from 106.13.200.50 port 36986 ssh2 ...	2019-12-04 13:31:45
106.13.200.50	attackspambots	SSH invalid-user multiple login attempts	2019-11-27 08:45:28
106.13.200.50	attack	SSH bruteforce (Triggered fail2ban)	2019-11-25 04:20:53

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.200.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25670
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.200.7.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082201 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 23 08:36:52 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 7.200.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 7.200.13.106.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
222.186.15.62	attackbots	Sep 2 14:56:38 OPSO sshd\[28356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.62 user=root Sep 2 14:56:41 OPSO sshd\[28356\]: Failed password for root from 222.186.15.62 port 45892 ssh2 Sep 2 14:56:43 OPSO sshd\[28356\]: Failed password for root from 222.186.15.62 port 45892 ssh2 Sep 2 14:56:45 OPSO sshd\[28356\]: Failed password for root from 222.186.15.62 port 45892 ssh2 Sep 2 14:56:49 OPSO sshd\[28359\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.62 user=root	2020-09-02 21:02:53
218.92.0.224	attackbots	[MK-VM2] SSH login failed	2020-09-02 21:20:08
103.100.209.222	attackspam	Invalid user sysadmin from 103.100.209.222 port 58744	2020-09-02 21:10:20
113.141.70.227	attackspam	Port Scan ...	2020-09-02 21:02:22
104.206.128.26	attack	SmallBizIT.US 1 packets to tcp(3389)	2020-09-02 21:12:50
129.226.61.157	attackspam	Invalid user clarice from 129.226.61.157 port 40024	2020-09-02 21:05:31
202.143.112.193	attack	Sep 1 17:28:13 freedom sshd\[24896\]: Invalid user ftpuser from 202.143.112.193 port 9802 Sep 1 17:29:20 freedom sshd\[24902\]: Invalid user git from 202.143.112.193 port 43011 Sep 1 17:30:26 freedom sshd\[24915\]: Invalid user oracle from 202.143.112.193 port 19710 Sep 1 17:32:41 freedom sshd\[24936\]: Invalid user ftpuser from 202.143.112.193 port 29610 Sep 1 17:33:52 freedom sshd\[24940\]: Invalid user oracle from 202.143.112.193 port 62813 ...	2020-09-02 21:14:42
185.10.58.215	attackspam	From return-atendimento=fredextintores.com.br@pegaabomba.we.bs Tue Sep 01 13:48:29 2020 Received: from mail-sor-856323c05ac4-13.pegaabomba.we.bs ([185.10.58.215]:42913)	2020-09-02 20:42:11
191.220.58.55	attackspambots	Automatic report - XMLRPC Attack	2020-09-02 21:03:23
200.46.4.237	attackbotsspam	2020-09-01 11:43:07.921575-0500 localhost smtpd[1384]: NOQUEUE: reject: RCPT from unknown[200.46.4.237]: 554 5.7.1 Service unavailable; Client host [200.46.4.237] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/200.46.4.237 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[200.46.4.237]>	2020-09-02 21:04:53
45.79.159.200	attack	IP 45.79.159.200 attacked honeypot on port: 5001 at 9/1/2020 9:48:01 AM	2020-09-02 20:55:24
111.68.98.152	attackbots	Feb 15 16:53:09 ms-srv sshd[29826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.98.152 Feb 15 16:53:11 ms-srv sshd[29826]: Failed password for invalid user apache from 111.68.98.152 port 41740 ssh2	2020-09-02 20:43:31
208.109.8.138	attackspambots	208.109.8.138 - - [02/Sep/2020:12:15:44 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 208.109.8.138 - - [02/Sep/2020:12:15:49 +0200] "POST /wp-login.php HTTP/1.1" 200 2698 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 208.109.8.138 - - [02/Sep/2020:12:15:50 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 208.109.8.138 - - [02/Sep/2020:12:15:51 +0200] "POST /wp-login.php HTTP/1.1" 200 2672 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 208.109.8.138 - - [02/Sep/2020:12:15:52 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 208.109.8.138 - - [02/Sep/2020:12:15:53 +0200] "POST /wp-login.php HTTP/1.1" 200 2673 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Fir ...	2020-09-02 21:17:42
62.92.48.242	attack	$f2bV_matches	2020-09-02 21:03:50
167.250.52.240	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-02 21:20:26

最近上报的IP列表

45.182.138.146	209.130.220.55	199.88.190.140	62.66.0.123
46.123.240.156	190.167.84.171	27.5.157.108	193.105.62.255
103.122.65.42	191.53.59.7	114.67.107.78	178.34.12.62
88.238.243.196	153.194.117.105	186.54.133.231	178.128.87.245
168.228.114.57	1.9.155.84	111.93.58.18	190.225.49.236