106.13.209.16 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Jun 28 15:49:59 meumeu sshd[31352]: Invalid user afp from 106.13.209.16 port 50332 Jun 28 15:49:59 meumeu sshd[31352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.16 Jun 28 15:49:59 meumeu sshd[31352]: Invalid user afp from 106.13.209.16 port 50332 Jun 28 15:50:01 meumeu sshd[31352]: Failed password for invalid user afp from 106.13.209.16 port 50332 ssh2 Jun 28 15:52:38 meumeu sshd[31397]: Invalid user deamon from 106.13.209.16 port 51712 Jun 28 15:52:38 meumeu sshd[31397]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.16 Jun 28 15:52:38 meumeu sshd[31397]: Invalid user deamon from 106.13.209.16 port 51712 Jun 28 15:52:40 meumeu sshd[31397]: Failed password for invalid user deamon from 106.13.209.16 port 51712 ssh2 Jun 28 15:55:24 meumeu sshd[31468]: Invalid user pc from 106.13.209.16 port 53104 ...	2020-06-28 23:04:52
attackbots	web-1 [ssh_2] SSH Attack	2020-06-25 14:24:35
attackspam	5x Failed Password	2020-06-24 15:58:10
attackspam	Jun 6 03:24:49 itv-usvr-02 sshd[23421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.16 user=root Jun 6 03:28:40 itv-usvr-02 sshd[23545]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.16 user=root Jun 6 03:32:21 itv-usvr-02 sshd[23675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.16 user=root	2020-06-06 05:21:00
attackspam	Jun 3 03:02:26 php1 sshd\[1882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.16 user=root Jun 3 03:02:29 php1 sshd\[1882\]: Failed password for root from 106.13.209.16 port 33314 ssh2 Jun 3 03:06:18 php1 sshd\[2223\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.16 user=root Jun 3 03:06:20 php1 sshd\[2223\]: Failed password for root from 106.13.209.16 port 51312 ssh2 Jun 3 03:10:06 php1 sshd\[2685\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.16 user=root	2020-06-03 21:48:52
attackbotsspam	May 28 21:46:47 web1 sshd[25744]: Invalid user admin from 106.13.209.16 port 47812 May 28 21:46:47 web1 sshd[25744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.16 May 28 21:46:47 web1 sshd[25744]: Invalid user admin from 106.13.209.16 port 47812 May 28 21:46:49 web1 sshd[25744]: Failed password for invalid user admin from 106.13.209.16 port 47812 ssh2 May 28 21:54:11 web1 sshd[27514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.16 user=root May 28 21:54:12 web1 sshd[27514]: Failed password for root from 106.13.209.16 port 38394 ssh2 May 28 21:58:42 web1 sshd[28624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.16 user=root May 28 21:58:44 web1 sshd[28624]: Failed password for root from 106.13.209.16 port 34724 ssh2 May 28 22:03:09 web1 sshd[29732]: Invalid user saturn from 106.13.209.16 port 59288 ...	2020-05-28 21:04:30
attackspam	May 21 08:25:37 pixelmemory sshd[1486275]: Invalid user pir from 106.13.209.16 port 45342 May 21 08:25:37 pixelmemory sshd[1486275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.16 May 21 08:25:37 pixelmemory sshd[1486275]: Invalid user pir from 106.13.209.16 port 45342 May 21 08:25:39 pixelmemory sshd[1486275]: Failed password for invalid user pir from 106.13.209.16 port 45342 ssh2 May 21 08:29:38 pixelmemory sshd[1491340]: Invalid user vrx from 106.13.209.16 port 58274 ...	2020-05-22 02:31:35
attackspambots	Invalid user jake from 106.13.209.16 port 47682	2020-04-18 18:32:48
attackbotsspam	Apr 9 05:46:15 vserver sshd\[25133\]: Invalid user test from 106.13.209.16Apr 9 05:46:17 vserver sshd\[25133\]: Failed password for invalid user test from 106.13.209.16 port 59890 ssh2Apr 9 05:49:17 vserver sshd\[25180\]: Invalid user ubuntu from 106.13.209.16Apr 9 05:49:19 vserver sshd\[25180\]: Failed password for invalid user ubuntu from 106.13.209.16 port 33030 ssh2 ...	2020-04-09 19:24:38
attackspambots	Apr 3 23:39:18 srv01 sshd[11783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.16 user=root Apr 3 23:39:20 srv01 sshd[11783]: Failed password for root from 106.13.209.16 port 59510 ssh2 Apr 3 23:41:58 srv01 sshd[11935]: Invalid user my from 106.13.209.16 port 41230 Apr 3 23:41:58 srv01 sshd[11935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.16 Apr 3 23:41:58 srv01 sshd[11935]: Invalid user my from 106.13.209.16 port 41230 Apr 3 23:42:00 srv01 sshd[11935]: Failed password for invalid user my from 106.13.209.16 port 41230 ssh2 ...	2020-04-04 05:47:33
attackbots	$f2bV_matches	2020-03-30 19:31:25
attack	Invalid user tlp from 106.13.209.16 port 55488	2020-03-28 03:47:24
attackbots	SSH invalid-user multiple login try	2020-03-13 07:07:46
attack	Mar 11 17:41:28 XXX sshd[25368]: Invalid user couchdb from 106.13.209.16 port 53810	2020-03-12 08:37:05

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.209.80	attackspam	Aug 12 05:11:19 Ubuntu-1404-trusty-64-minimal sshd\[2798\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.80 user=root Aug 12 05:11:21 Ubuntu-1404-trusty-64-minimal sshd\[2798\]: Failed password for root from 106.13.209.80 port 41158 ssh2 Aug 12 05:36:37 Ubuntu-1404-trusty-64-minimal sshd\[15155\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.80 user=root Aug 12 05:36:38 Ubuntu-1404-trusty-64-minimal sshd\[15155\]: Failed password for root from 106.13.209.80 port 40990 ssh2 Aug 12 05:46:36 Ubuntu-1404-trusty-64-minimal sshd\[22327\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.80 user=root	2020-08-12 19:18:33
106.13.209.80	attack	TCP (SYN) 106.13.209.80:44476 -> port 1711, len 44	2020-08-08 02:22:10
106.13.209.80	attackbotsspam	Jul 22 01:20:07 pkdns2 sshd\[16129\]: Invalid user nicolas from 106.13.209.80Jul 22 01:20:08 pkdns2 sshd\[16129\]: Failed password for invalid user nicolas from 106.13.209.80 port 55116 ssh2Jul 22 01:25:37 pkdns2 sshd\[16431\]: Invalid user curtis from 106.13.209.80Jul 22 01:25:39 pkdns2 sshd\[16431\]: Failed password for invalid user curtis from 106.13.209.80 port 60534 ssh2Jul 22 01:27:32 pkdns2 sshd\[16508\]: Invalid user alex from 106.13.209.80Jul 22 01:27:33 pkdns2 sshd\[16508\]: Failed password for invalid user alex from 106.13.209.80 port 43544 ssh2 ...	2020-07-22 07:07:26
106.13.209.80	attack	May 14 20:47:17 vps687878 sshd\[32528\]: Failed password for invalid user developer from 106.13.209.80 port 38508 ssh2 May 14 20:48:48 vps687878 sshd\[32613\]: Invalid user oracle from 106.13.209.80 port 55936 May 14 20:48:48 vps687878 sshd\[32613\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.80 May 14 20:48:50 vps687878 sshd\[32613\]: Failed password for invalid user oracle from 106.13.209.80 port 55936 ssh2 May 14 20:50:18 vps687878 sshd\[433\]: Invalid user ubuntu from 106.13.209.80 port 45122 May 14 20:50:18 vps687878 sshd\[433\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.80 ...	2020-05-15 03:09:29
106.13.209.80	attackbotsspam	Invalid user postgres from 106.13.209.80 port 58220	2020-05-13 07:00:29
106.13.209.80	attack	May 8 16:40:40 mail sshd\[4913\]: Invalid user opo from 106.13.209.80 May 8 16:40:40 mail sshd\[4913\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.80 ...	2020-05-09 23:20:01
106.13.209.80	attackspambots	Apr 18 05:40:06 server sshd[30701]: Failed password for invalid user testadmin from 106.13.209.80 port 51968 ssh2 Apr 18 05:54:46 server sshd[871]: Failed password for invalid user test from 106.13.209.80 port 42732 ssh2 Apr 18 05:58:06 server sshd[1561]: Failed password for invalid user d from 106.13.209.80 port 55992 ssh2	2020-04-18 12:02:12
106.13.209.94	attackbots	Sep 30 02:41:15 xxxxxxx0 sshd[14126]: Invalid user suporte from 106.13.209.94 port 40910 Sep 30 02:41:15 xxxxxxx0 sshd[14126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.94 Sep 30 02:41:16 xxxxxxx0 sshd[14126]: Failed password for invalid user suporte from 106.13.209.94 port 40910 ssh2 Sep 30 02:57:23 xxxxxxx0 sshd[16598]: Invalid user lucy from 106.13.209.94 port 54762 Sep 30 02:57:23 xxxxxxx0 sshd[16598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.94 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.13.209.94	2019-10-01 16:17:24
106.13.209.94	attackbots	2019-09-27T19:41:47.975588centos sshd\[7098\]: Invalid user sun from 106.13.209.94 port 60102 2019-09-27T19:41:47.981128centos sshd\[7098\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.209.94 2019-09-27T19:41:50.160100centos sshd\[7098\]: Failed password for invalid user sun from 106.13.209.94 port 60102 ssh2	2019-09-28 03:16:17

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.209.16
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 81
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.209.16.			IN	A

;; AUTHORITY SECTION:
.			286	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031102 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 12 08:37:02 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 16.209.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 16.209.13.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
92.63.197.55	attackbots	scans 4 times in preceeding hours on the ports (in chronological order) 4889 4777 4689 4789 resulting in total of 21 scans from 92.63.192.0/20 block.	2020-06-11 01:07:58
179.191.86.42	attackbots	Honeypot attack, port: 81, PTR: mvx-179-191-86-42.mundivox.com.	2020-06-11 00:52:27
167.114.152.249	attack	SSH Brute Force	2020-06-11 01:21:57
187.178.87.159	attackbots	Honeypot attack, port: 81, PTR: 187-178-87-159.dynamic.axtel.net.	2020-06-11 00:59:00
129.146.250.102	attackbotsspam	pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.146.250.102 Invalid user anton from 129.146.250.102 port 41744 Failed password for invalid user anton from 129.146.250.102 port 41744 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.146.250.102 user=root Failed password for root from 129.146.250.102 port 43232 ssh2	2020-06-11 00:52:59
36.235.131.153	attack	Honeypot attack, port: 445, PTR: 36-235-131-153.dynamic-ip.hinet.net.	2020-06-11 01:09:42
185.180.130.229	attackspam	Firewall Dropped Connection	2020-06-11 01:06:52
120.29.157.118	attack	DATE:2020-06-10 15:19:59, IP:120.29.157.118, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-06-11 01:11:26
178.125.126.125	attackbotsspam	Jun 10 13:55:44 master sshd[17724]: Failed password for invalid user admin from 178.125.126.125 port 53150 ssh2	2020-06-11 00:59:52
104.168.57.150	attackbots	(From claudiauclement@yahoo.com) Hi, We are wondering if you would be interested in our service, where we can provide you with a dofollow link from Amazon (DA 96) back to doctorbo.com? The price is just $77 per link, via Paypal. To explain what DA is and the benefit for your website, along with a sample of an existing link, please read here: https://pastelink.net/1nm60 If you'd be interested in learning more, reply to this email but please make sure you include the word INTERESTED in the subject line field. Kind Regards, Claudia	2020-06-11 01:10:41
92.118.161.13	attackbotsspam	Fail2Ban Ban Triggered	2020-06-11 01:18:10
171.247.15.163	attackspam	Automatic report - Port Scan Attack	2020-06-11 01:21:39
118.136.224.144	attack	Honeypot attack, port: 81, PTR: fm-dyn-118-136-224-144.fast.net.id.	2020-06-11 00:46:36
115.48.142.50	attack	Jun 10 12:58:41 debian-2gb-nbg1-2 kernel: \[14045452.465614\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=115.48.142.50 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=41 ID=15471 PROTO=TCP SPT=57041 DPT=2323 WINDOW=11065 RES=0x00 SYN URGP=0	2020-06-11 00:53:31
189.47.125.45	attack	Port probing on unauthorized port 1433	2020-06-11 00:52:09

最近上报的IP列表

191.7.145.246	139.59.66.243	120.70.96.196	103.82.80.21
72.167.190.74	103.61.195.45	182.52.68.169	110.78.155.163
181.214.211.240	110.138.43.148	216.158.219.246	202.79.168.154
113.173.182.36	14.226.84.73	37.114.157.76	171.241.59.161
83.234.18.24	212.250.160.34	171.239.186.193	115.79.140.220