106.13.207.159

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-16 22:06:23
attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-16 14:36:16
attackbotsspam	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-16 06:26:50
attack	firewall-block, port(s): 24243/tcp	2020-07-11 04:33:12
attackbots	Jun 20 05:56:17 buvik sshd[23575]: Invalid user shc from 106.13.207.159 Jun 20 05:56:17 buvik sshd[23575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 Jun 20 05:56:19 buvik sshd[23575]: Failed password for invalid user shc from 106.13.207.159 port 53918 ssh2 ...	2020-06-20 12:17:36
attackspambots	2020-06-11T17:43:46.852344abusebot-7.cloudsearch.cf sshd[14220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 user=root 2020-06-11T17:43:49.556014abusebot-7.cloudsearch.cf sshd[14220]: Failed password for root from 106.13.207.159 port 51762 ssh2 2020-06-11T17:49:01.708012abusebot-7.cloudsearch.cf sshd[14483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 user=root 2020-06-11T17:49:03.324443abusebot-7.cloudsearch.cf sshd[14483]: Failed password for root from 106.13.207.159 port 44434 ssh2 2020-06-11T17:52:08.728103abusebot-7.cloudsearch.cf sshd[14639]: Invalid user airsupply from 106.13.207.159 port 52516 2020-06-11T17:52:08.734410abusebot-7.cloudsearch.cf sshd[14639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 2020-06-11T17:52:08.728103abusebot-7.cloudsearch.cf sshd[14639]: Invalid user airsupply from 106.13.207 ...	2020-06-12 03:57:07
attackspam	Total attacks: 2	2020-05-22 20:23:07
attackbots	Apr 29 14:19:22 melroy-server sshd[31477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 Apr 29 14:19:24 melroy-server sshd[31477]: Failed password for invalid user catchall from 106.13.207.159 port 57336 ssh2 ...	2020-04-30 01:39:53
attack	Apr 26 22:32:45 roki-contabo sshd\[24527\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 user=root Apr 26 22:32:46 roki-contabo sshd\[24527\]: Failed password for root from 106.13.207.159 port 60578 ssh2 Apr 26 22:36:23 roki-contabo sshd\[24560\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 user=root Apr 26 22:36:25 roki-contabo sshd\[24560\]: Failed password for root from 106.13.207.159 port 41078 ssh2 Apr 26 22:38:13 roki-contabo sshd\[24605\]: Invalid user exp from 106.13.207.159 Apr 26 22:38:13 roki-contabo sshd\[24605\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 ...	2020-04-27 06:52:47
attackspambots	SSH bruteforce	2020-04-25 02:51:33
attack	SSH auth scanning - multiple failed logins	2020-04-22 04:02:10
attackbotsspam	Apr 11 06:05:48 vps sshd[237579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 Apr 11 06:05:50 vps sshd[237579]: Failed password for invalid user nuwer from 106.13.207.159 port 54062 ssh2 Apr 11 06:09:28 vps sshd[255797]: Invalid user jakob from 106.13.207.159 port 42124 Apr 11 06:09:28 vps sshd[255797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 Apr 11 06:09:30 vps sshd[255797]: Failed password for invalid user jakob from 106.13.207.159 port 42124 ssh2 ...	2020-04-11 16:30:25
attackspam	Apr 9 04:48:11 pi sshd[1238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 Apr 9 04:48:13 pi sshd[1238]: Failed password for invalid user admin from 106.13.207.159 port 52428 ssh2	2020-04-09 20:07:55
attack	invalid login attempt (jenkins)	2020-04-08 16:04:38
attack	ssh brute force	2020-04-02 19:52:02
attackbots	SSH login attempts brute force.	2020-03-18 17:40:17
attackspambots	Feb 14 20:04:18 hpm sshd\[8741\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 user=root Feb 14 20:04:20 hpm sshd\[8741\]: Failed password for root from 106.13.207.159 port 33144 ssh2 Feb 14 20:07:17 hpm sshd\[9110\]: Invalid user user from 106.13.207.159 Feb 14 20:07:17 hpm sshd\[9110\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 Feb 14 20:07:19 hpm sshd\[9110\]: Failed password for invalid user user from 106.13.207.159 port 52616 ssh2	2020-02-15 14:08:46
attackspambots	Unauthorized connection attempt detected from IP address 106.13.207.159 to port 2220 [J]	2020-01-06 08:51:57

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.207.54	spam	Группа объявлений Челябинск в telegram. Постинг частных объявлений бесплатно! Рекламные и коммерческие объявления, согласно правил группы. Подпишись, чтобы не потерять.. Челябинск в телеграмм	2024-04-05 19:05:49
106.13.207.113	attackbots	Aug 20 22:04:52 rush sshd[8208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 Aug 20 22:04:54 rush sshd[8208]: Failed password for invalid user fxl from 106.13.207.113 port 47392 ssh2 Aug 20 22:07:25 rush sshd[8288]: Failed password for root from 106.13.207.113 port 55474 ssh2 ...	2020-08-21 06:28:24
106.13.207.113	attack	Aug 16 10:47:11 webhost01 sshd[12442]: Failed password for root from 106.13.207.113 port 42604 ssh2 ...	2020-08-16 18:08:47
106.13.207.225	attackbotsspam	Aug 1 07:46:46 buvik sshd[7523]: Failed password for root from 106.13.207.225 port 36640 ssh2 Aug 1 07:49:22 buvik sshd[7931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.225 user=root Aug 1 07:49:25 buvik sshd[7931]: Failed password for root from 106.13.207.225 port 35050 ssh2 ...	2020-08-01 14:05:33
106.13.207.225	attackspam	Invalid user teamspeak from 106.13.207.225 port 41832	2020-07-31 14:38:53
106.13.207.113	attackspambots	Jul 27 10:44:42 plex-server sshd[4133526]: Invalid user ajl from 106.13.207.113 port 55642 Jul 27 10:44:42 plex-server sshd[4133526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 Jul 27 10:44:42 plex-server sshd[4133526]: Invalid user ajl from 106.13.207.113 port 55642 Jul 27 10:44:44 plex-server sshd[4133526]: Failed password for invalid user ajl from 106.13.207.113 port 55642 ssh2 Jul 27 10:48:35 plex-server sshd[4136287]: Invalid user jira from 106.13.207.113 port 50992 ...	2020-07-27 19:55:10
106.13.207.225	attackspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-27 03:46:43
106.13.207.225	attack	Jul 22 05:59:21 ns381471 sshd[11569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.225 Jul 22 05:59:23 ns381471 sshd[11569]: Failed password for invalid user oem from 106.13.207.225 port 59908 ssh2	2020-07-22 12:22:54
106.13.207.113	attackbotsspam	Jul 21 00:59:01 host sshd[23793]: Invalid user mxx from 106.13.207.113 port 35684 ...	2020-07-21 08:13:29
106.13.207.113	attackspambots	Jul 12 13:58:40 ns382633 sshd\[22098\]: Invalid user farren from 106.13.207.113 port 54570 Jul 12 13:58:40 ns382633 sshd\[22098\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 Jul 12 13:58:41 ns382633 sshd\[22098\]: Failed password for invalid user farren from 106.13.207.113 port 54570 ssh2 Jul 12 13:59:40 ns382633 sshd\[22178\]: Invalid user dan from 106.13.207.113 port 33894 Jul 12 13:59:40 ns382633 sshd\[22178\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113	2020-07-12 20:22:14
106.13.207.113	attack	Failed password for invalid user chenoa from 106.13.207.113 port 40792 ssh2	2020-07-11 02:27:52
106.13.207.225	attack	$lgm	2020-06-20 18:17:48
106.13.207.113	attack	Jun 10 11:03:32 lukav-desktop sshd\[30871\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 user=root Jun 10 11:03:34 lukav-desktop sshd\[30871\]: Failed password for root from 106.13.207.113 port 54984 ssh2 Jun 10 11:04:48 lukav-desktop sshd\[30895\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 user=root Jun 10 11:04:50 lukav-desktop sshd\[30895\]: Failed password for root from 106.13.207.113 port 41758 ssh2 Jun 10 11:06:02 lukav-desktop sshd\[6487\]: Invalid user braxton from 106.13.207.113	2020-06-10 17:05:03
106.13.207.113	attackbots	2020-06-07T05:51:01.959523sd-86998 sshd[34105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 user=root 2020-06-07T05:51:03.477330sd-86998 sshd[34105]: Failed password for root from 106.13.207.113 port 52100 ssh2 2020-06-07T05:53:02.890792sd-86998 sshd[34326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 user=root 2020-06-07T05:53:04.353301sd-86998 sshd[34326]: Failed password for root from 106.13.207.113 port 50850 ssh2 2020-06-07T05:55:02.192797sd-86998 sshd[34632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 user=root 2020-06-07T05:55:04.463059sd-86998 sshd[34632]: Failed password for root from 106.13.207.113 port 49600 ssh2 ...	2020-06-07 14:43:42
106.13.207.225	attackbotsspam	20 attempts against mh-ssh on echoip	2020-06-03 12:20:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.207.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32570
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.207.159.			IN	A

;; AUTHORITY SECTION:
.			432	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010501 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 06 08:51:53 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 159.207.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 159.207.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
218.2.105.133	attackbotsspam	Oct 20 11:44:05 ks10 sshd[28043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.2.105.133 Oct 20 11:44:07 ks10 sshd[28043]: Failed password for invalid user applmgr from 218.2.105.133 port 54091 ssh2 ...	2019-10-20 19:51:10
123.58.6.216	attackbots	PHP DIESCAN Information Disclosure Vulnerability	2019-10-20 19:36:16
207.46.13.17	attackbots	Automatic report - Banned IP Access	2019-10-20 19:46:29
185.175.25.52	attackspam	Oct 20 11:35:03 sshgateway sshd\[19383\]: Invalid user riley from 185.175.25.52 Oct 20 11:35:03 sshgateway sshd\[19383\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.175.25.52 Oct 20 11:35:05 sshgateway sshd\[19383\]: Failed password for invalid user riley from 185.175.25.52 port 43456 ssh2	2019-10-20 19:47:29
45.142.195.5	attackspambots	Oct 20 11:47:10 heicom postfix/smtpd\[4247\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: authentication failure Oct 20 11:47:59 heicom postfix/smtpd\[4187\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: authentication failure Oct 20 11:48:48 heicom postfix/smtpd\[4187\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: authentication failure Oct 20 11:49:37 heicom postfix/smtpd\[4187\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: authentication failure Oct 20 11:50:26 heicom postfix/smtpd\[4247\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: authentication failure ...	2019-10-20 19:56:35
167.71.90.216	attack	(Oct 20) LEN=40 TTL=54 ID=49586 TCP DPT=8080 WINDOW=60076 SYN (Oct 20) LEN=40 TTL=54 ID=62161 TCP DPT=8080 WINDOW=10069 SYN (Oct 20) LEN=40 TTL=54 ID=38286 TCP DPT=8080 WINDOW=60076 SYN (Oct 19) LEN=40 TTL=54 ID=43873 TCP DPT=8080 WINDOW=60076 SYN (Oct 19) LEN=40 TTL=54 ID=20468 TCP DPT=8080 WINDOW=10069 SYN (Oct 18) LEN=40 TTL=54 ID=26190 TCP DPT=8080 WINDOW=60076 SYN (Oct 18) LEN=40 TTL=54 ID=44572 TCP DPT=8080 WINDOW=60076 SYN (Oct 18) LEN=40 TTL=54 ID=30040 TCP DPT=8080 WINDOW=10069 SYN (Oct 18) LEN=40 TTL=54 ID=26473 TCP DPT=8080 WINDOW=10069 SYN (Oct 17) LEN=40 TTL=54 ID=21106 TCP DPT=8080 WINDOW=10069 SYN (Oct 17) LEN=40 TTL=54 ID=11894 TCP DPT=8080 WINDOW=10069 SYN (Oct 16) LEN=40 TTL=54 ID=37822 TCP DPT=8080 WINDOW=60076 SYN (Oct 15) LEN=40 TTL=54 ID=44841 TCP DPT=8080 WINDOW=10069 SYN (Oct 15) LEN=40 TTL=54 ID=27067 TCP DPT=8080 WINDOW=10069 SYN	2019-10-20 19:35:45
175.211.112.246	attack	Oct 20 13:52:41 icinga sshd[27088]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.211.112.246 Oct 20 13:52:43 icinga sshd[27088]: Failed password for invalid user arpit from 175.211.112.246 port 35652 ssh2 ...	2019-10-20 20:03:25
54.200.255.72	attackbots	Automatic report - Web App Attack	2019-10-20 19:52:00
46.1.207.204	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/46.1.207.204/ TR - 1H : (66) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TR NAME ASN : ASN34296 IP : 46.1.207.204 CIDR : 46.1.206.0/23 PREFIX COUNT : 281 UNIQUE IP COUNT : 111360 ATTACKS DETECTED ASN34296 : 1H - 1 3H - 1 6H - 2 12H - 3 24H - 4 DateTime : 2019-10-20 05:44:37 INFO : Server 403 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-10-20 19:54:28
37.59.110.165	attackspam	Invalid user caijie from 37.59.110.165 port 51364	2019-10-20 19:35:32
89.46.109.248	attack	xmlrpc attack	2019-10-20 19:29:30
72.94.181.219	attackbotsspam	Oct 20 12:26:52 server sshd\[20938\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=static-72-94-181-219.phlapa.fios.verizon.net user=root Oct 20 12:26:54 server sshd\[20938\]: Failed password for root from 72.94.181.219 port 9557 ssh2 Oct 20 12:33:23 server sshd\[22373\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=static-72-94-181-219.phlapa.fios.verizon.net user=root Oct 20 12:33:25 server sshd\[22373\]: Failed password for root from 72.94.181.219 port 9566 ssh2 Oct 20 12:44:57 server sshd\[25064\]: Invalid user munich from 72.94.181.219 Oct 20 12:44:57 server sshd\[25064\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=static-72-94-181-219.phlapa.fios.verizon.net ...	2019-10-20 19:38:03
159.203.75.13	attackspambots	Invalid user oracle from 159.203.75.13 port 40782	2019-10-20 19:55:39
186.53.27.196	attackbotsspam	2019-10-20T05:45:24.870697MailD postfix/smtpd[24600]: NOQUEUE: reject: RCPT from r186-53-27-196.dialup.adsl.anteldata.net.uy[186.53.27.196]: 554 5.7.1 : Relay access denied; from= to= proto=ESMTP helo= 2019-10-20T05:45:28.187072MailD postfix/smtpd[24600]: NOQUEUE: reject: RCPT from r186-53-27-196.dialup.adsl.anteldata.net.uy[186.53.27.196]: 554 5.7.1 : Relay access denied; from= to= proto=ESMTP helo= 2019-10-20T05:45:29.870325MailD postfix/smtpd[24600]: NOQUEUE: reject: RCPT from r186-53-27-196.dialup.adsl.anteldata.net.uy[186.53.27.196]: 554 5.7.1 : Relay access denied; from= to= proto=ESMTP helo=	2019-10-20 19:30:43
139.99.76.120	attack	Oct 16 19:21:16 localhost postfix/smtpd[2773]: disconnect from unknown[139.99.76.120] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Oct 16 19:50:45 localhost postfix/smtpd[10820]: disconnect from unknown[139.99.76.120] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Oct 16 19:51:08 localhost postfix/smtpd[10820]: disconnect from unknown[139.99.76.120] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Oct 16 19:51:25 localhost postfix/smtpd[10820]: disconnect from unknown[139.99.76.120] ehlo=1 auth=0/1 quhostname=1 commands=2/3 Oct 16 20:23:21 localhost postfix/smtpd[18930]: disconnect from unknown[139.99.76.120] ehlo=1 auth=0/1 quhostname=1 commands=2/3 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=139.99.76.120	2019-10-20 19:44:45

最近上报的IP列表

188.26.5.6	255.101.191.79	118.71.86.200	101.109.253.194
97.224.217.225	174.61.85.238	82.51.22.159	106.13.36.103
78.112.107.123	113.236.0.131	31.13.127.19	120.57.54.17
60.26.203.130	168.232.129.103	162.222.179.81	90.15.207.7
2.86.37.114	123.0.198.186	181.115.240.195	139.99.219.75