106.13.207.159

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-16 22:06:23
attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-16 14:36:16
attackbotsspam	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-16 06:26:50
attack	firewall-block, port(s): 24243/tcp	2020-07-11 04:33:12
attackbots	Jun 20 05:56:17 buvik sshd[23575]: Invalid user shc from 106.13.207.159 Jun 20 05:56:17 buvik sshd[23575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 Jun 20 05:56:19 buvik sshd[23575]: Failed password for invalid user shc from 106.13.207.159 port 53918 ssh2 ...	2020-06-20 12:17:36
attackspambots	2020-06-11T17:43:46.852344abusebot-7.cloudsearch.cf sshd[14220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 user=root 2020-06-11T17:43:49.556014abusebot-7.cloudsearch.cf sshd[14220]: Failed password for root from 106.13.207.159 port 51762 ssh2 2020-06-11T17:49:01.708012abusebot-7.cloudsearch.cf sshd[14483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 user=root 2020-06-11T17:49:03.324443abusebot-7.cloudsearch.cf sshd[14483]: Failed password for root from 106.13.207.159 port 44434 ssh2 2020-06-11T17:52:08.728103abusebot-7.cloudsearch.cf sshd[14639]: Invalid user airsupply from 106.13.207.159 port 52516 2020-06-11T17:52:08.734410abusebot-7.cloudsearch.cf sshd[14639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 2020-06-11T17:52:08.728103abusebot-7.cloudsearch.cf sshd[14639]: Invalid user airsupply from 106.13.207 ...	2020-06-12 03:57:07
attackspam	Total attacks: 2	2020-05-22 20:23:07
attackbots	Apr 29 14:19:22 melroy-server sshd[31477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 Apr 29 14:19:24 melroy-server sshd[31477]: Failed password for invalid user catchall from 106.13.207.159 port 57336 ssh2 ...	2020-04-30 01:39:53
attack	Apr 26 22:32:45 roki-contabo sshd\[24527\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 user=root Apr 26 22:32:46 roki-contabo sshd\[24527\]: Failed password for root from 106.13.207.159 port 60578 ssh2 Apr 26 22:36:23 roki-contabo sshd\[24560\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 user=root Apr 26 22:36:25 roki-contabo sshd\[24560\]: Failed password for root from 106.13.207.159 port 41078 ssh2 Apr 26 22:38:13 roki-contabo sshd\[24605\]: Invalid user exp from 106.13.207.159 Apr 26 22:38:13 roki-contabo sshd\[24605\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 ...	2020-04-27 06:52:47
attackspambots	SSH bruteforce	2020-04-25 02:51:33
attack	SSH auth scanning - multiple failed logins	2020-04-22 04:02:10
attackbotsspam	Apr 11 06:05:48 vps sshd[237579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 Apr 11 06:05:50 vps sshd[237579]: Failed password for invalid user nuwer from 106.13.207.159 port 54062 ssh2 Apr 11 06:09:28 vps sshd[255797]: Invalid user jakob from 106.13.207.159 port 42124 Apr 11 06:09:28 vps sshd[255797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 Apr 11 06:09:30 vps sshd[255797]: Failed password for invalid user jakob from 106.13.207.159 port 42124 ssh2 ...	2020-04-11 16:30:25
attackspam	Apr 9 04:48:11 pi sshd[1238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 Apr 9 04:48:13 pi sshd[1238]: Failed password for invalid user admin from 106.13.207.159 port 52428 ssh2	2020-04-09 20:07:55
attack	invalid login attempt (jenkins)	2020-04-08 16:04:38
attack	ssh brute force	2020-04-02 19:52:02
attackbots	SSH login attempts brute force.	2020-03-18 17:40:17
attackspambots	Feb 14 20:04:18 hpm sshd\[8741\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 user=root Feb 14 20:04:20 hpm sshd\[8741\]: Failed password for root from 106.13.207.159 port 33144 ssh2 Feb 14 20:07:17 hpm sshd\[9110\]: Invalid user user from 106.13.207.159 Feb 14 20:07:17 hpm sshd\[9110\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 Feb 14 20:07:19 hpm sshd\[9110\]: Failed password for invalid user user from 106.13.207.159 port 52616 ssh2	2020-02-15 14:08:46
attackspambots	Unauthorized connection attempt detected from IP address 106.13.207.159 to port 2220 [J]	2020-01-06 08:51:57

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.207.54	spam	Группа объявлений Челябинск в telegram. Постинг частных объявлений бесплатно! Рекламные и коммерческие объявления, согласно правил группы. Подпишись, чтобы не потерять.. Челябинск в телеграмм	2024-04-05 19:05:49
106.13.207.113	attackbots	Aug 20 22:04:52 rush sshd[8208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 Aug 20 22:04:54 rush sshd[8208]: Failed password for invalid user fxl from 106.13.207.113 port 47392 ssh2 Aug 20 22:07:25 rush sshd[8288]: Failed password for root from 106.13.207.113 port 55474 ssh2 ...	2020-08-21 06:28:24
106.13.207.113	attack	Aug 16 10:47:11 webhost01 sshd[12442]: Failed password for root from 106.13.207.113 port 42604 ssh2 ...	2020-08-16 18:08:47
106.13.207.225	attackbotsspam	Aug 1 07:46:46 buvik sshd[7523]: Failed password for root from 106.13.207.225 port 36640 ssh2 Aug 1 07:49:22 buvik sshd[7931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.225 user=root Aug 1 07:49:25 buvik sshd[7931]: Failed password for root from 106.13.207.225 port 35050 ssh2 ...	2020-08-01 14:05:33
106.13.207.225	attackspam	Invalid user teamspeak from 106.13.207.225 port 41832	2020-07-31 14:38:53
106.13.207.113	attackspambots	Jul 27 10:44:42 plex-server sshd[4133526]: Invalid user ajl from 106.13.207.113 port 55642 Jul 27 10:44:42 plex-server sshd[4133526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 Jul 27 10:44:42 plex-server sshd[4133526]: Invalid user ajl from 106.13.207.113 port 55642 Jul 27 10:44:44 plex-server sshd[4133526]: Failed password for invalid user ajl from 106.13.207.113 port 55642 ssh2 Jul 27 10:48:35 plex-server sshd[4136287]: Invalid user jira from 106.13.207.113 port 50992 ...	2020-07-27 19:55:10
106.13.207.225	attackspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-27 03:46:43
106.13.207.225	attack	Jul 22 05:59:21 ns381471 sshd[11569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.225 Jul 22 05:59:23 ns381471 sshd[11569]: Failed password for invalid user oem from 106.13.207.225 port 59908 ssh2	2020-07-22 12:22:54
106.13.207.113	attackbotsspam	Jul 21 00:59:01 host sshd[23793]: Invalid user mxx from 106.13.207.113 port 35684 ...	2020-07-21 08:13:29
106.13.207.113	attackspambots	Jul 12 13:58:40 ns382633 sshd\[22098\]: Invalid user farren from 106.13.207.113 port 54570 Jul 12 13:58:40 ns382633 sshd\[22098\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 Jul 12 13:58:41 ns382633 sshd\[22098\]: Failed password for invalid user farren from 106.13.207.113 port 54570 ssh2 Jul 12 13:59:40 ns382633 sshd\[22178\]: Invalid user dan from 106.13.207.113 port 33894 Jul 12 13:59:40 ns382633 sshd\[22178\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113	2020-07-12 20:22:14
106.13.207.113	attack	Failed password for invalid user chenoa from 106.13.207.113 port 40792 ssh2	2020-07-11 02:27:52
106.13.207.225	attack	$lgm	2020-06-20 18:17:48
106.13.207.113	attack	Jun 10 11:03:32 lukav-desktop sshd\[30871\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 user=root Jun 10 11:03:34 lukav-desktop sshd\[30871\]: Failed password for root from 106.13.207.113 port 54984 ssh2 Jun 10 11:04:48 lukav-desktop sshd\[30895\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 user=root Jun 10 11:04:50 lukav-desktop sshd\[30895\]: Failed password for root from 106.13.207.113 port 41758 ssh2 Jun 10 11:06:02 lukav-desktop sshd\[6487\]: Invalid user braxton from 106.13.207.113	2020-06-10 17:05:03
106.13.207.113	attackbots	2020-06-07T05:51:01.959523sd-86998 sshd[34105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 user=root 2020-06-07T05:51:03.477330sd-86998 sshd[34105]: Failed password for root from 106.13.207.113 port 52100 ssh2 2020-06-07T05:53:02.890792sd-86998 sshd[34326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 user=root 2020-06-07T05:53:04.353301sd-86998 sshd[34326]: Failed password for root from 106.13.207.113 port 50850 ssh2 2020-06-07T05:55:02.192797sd-86998 sshd[34632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 user=root 2020-06-07T05:55:04.463059sd-86998 sshd[34632]: Failed password for root from 106.13.207.113 port 49600 ssh2 ...	2020-06-07 14:43:42
106.13.207.225	attackbotsspam	20 attempts against mh-ssh on echoip	2020-06-03 12:20:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.207.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32570
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.207.159.			IN	A

;; AUTHORITY SECTION:
.			432	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010501 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 06 08:51:53 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 159.207.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 159.207.13.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
159.65.81.187	attackbotsspam	Jun 21 22:35:16 *** sshd[28617]: User root from 159.65.81.187 not allowed because not listed in AllowUsers	2019-06-22 06:47:50
89.250.220.40	attackspambots	SPF Fail sender not permitted to send mail for @lomopress.it / Spam mails sent to address hacked/leaked from Nexus Mods in July 2013	2019-06-22 06:39:09
35.197.174.124	attackspam	2019-06-21 13:30:16 dovecot_login authenticator failed for 124.174.197.35.bc.googleusercontent.com (iBXj5Z3ie) [35.197.174.124]:54775: 535 Incorrect authentication data (set_id=info) 2019-06-21 13:30:24 dovecot_login authenticator failed for 124.174.197.35.bc.googleusercontent.com (hostnameoSzE8) [35.197.174.124]:60363: 535 Incorrect authentication data (set_id=info) 2019-06-21 13:30:35 dovecot_login authenticator failed for 124.174.197.35.bc.googleusercontent.com (6Jtt3AJl) [35.197.174.124]:61065: 535 Incorrect authentication data (set_id=info) 2019-06-21 13:30:53 dovecot_login authenticator failed for 124.174.197.35.bc.googleusercontent.com (l52ATK) [35.197.174.124]:61318: 535 Incorrect authentication data 2019-06-21 13:31:04 dovecot_login authenticator failed for 124.174.197.35.bc.googleusercontent.com (YWkPGdA) [35.197.174.124]:55092: 535 Incorrect authentication data 2019-06-21 13:31:16 dovecot_login authenticator failed for 124.174.197.35.bc.googleusercontent.com (........ ------------------------------	2019-06-22 06:38:37
187.60.46.134	attack	SPF Fail sender not permitted to send mail for @lombardiplants.it / Mail sent to address hacked/leaked from Destructoid	2019-06-22 06:28:37
184.105.247.195	attack	Bad Request: "GET / HTTP/1.1"	2019-06-22 06:23:29
122.142.227.139	attackspam	23/tcp [2019-06-21]1pkt	2019-06-22 06:31:03
218.66.74.12	attack	Bad Request: "GET /index.php HTTP/1.1"	2019-06-22 06:31:33
78.166.224.3	attack	23/tcp [2019-06-21]1pkt	2019-06-22 06:48:13
46.166.186.209	attackbotsspam	Bad Bot Request: "HEAD / HTTP/1.1" Agent: "Mozilla/5.0 (compatible; Uptimebot/1.0; http://www.uptime.com/uptimebot)"	2019-06-22 06:24:14
69.25.27.115	attackspam	2019/06/21 12:42:11 -- [DOS][Block][trace_route][69.25.27.115->181.29.101.11][ICMP][HLen=20, TLen=44, Type=8, Code=0] 2019/06/21 12:42:13 -- [DOS][Block][trace_route][69.25.27.110->181.29.101.11][ICMP][HLen=20, TLen=44, Type=8, Code=0]	2019-06-22 06:50:43
125.24.168.216	attackspam	445/tcp [2019-06-21]1pkt	2019-06-22 06:22:34
43.225.193.202	attackspambots	445/tcp [2019-06-21]1pkt	2019-06-22 06:32:52
80.227.12.38	attackspambots	2019-06-21T21:41:40.658808 sshd[30142]: Invalid user san from 80.227.12.38 port 47100 2019-06-21T21:41:40.674684 sshd[30142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.227.12.38 2019-06-21T21:41:40.658808 sshd[30142]: Invalid user san from 80.227.12.38 port 47100 2019-06-21T21:41:42.570915 sshd[30142]: Failed password for invalid user san from 80.227.12.38 port 47100 ssh2 2019-06-21T21:43:28.402216 sshd[30157]: Invalid user zhui from 80.227.12.38 port 35978 ...	2019-06-22 06:44:35
61.228.152.237	attackbots	445/tcp [2019-06-21]1pkt	2019-06-22 06:21:41
142.44.211.229	attackbots	Jun 21 22:16:05 lnxweb61 sshd[19885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.211.229 Jun 21 22:16:05 lnxweb61 sshd[19885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.211.229	2019-06-22 06:26:51

最近上报的IP列表

188.26.5.6	255.101.191.79	118.71.86.200	101.109.253.194
97.224.217.225	174.61.85.238	82.51.22.159	106.13.36.103
78.112.107.123	113.236.0.131	31.13.127.19	120.57.54.17
60.26.203.130	168.232.129.103	162.222.179.81	90.15.207.7
2.86.37.114	123.0.198.186	181.115.240.195	139.99.219.75