106.13.207.159

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-16 22:06:23
attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-16 14:36:16
attackbotsspam	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-16 06:26:50
attack	firewall-block, port(s): 24243/tcp	2020-07-11 04:33:12
attackbots	Jun 20 05:56:17 buvik sshd[23575]: Invalid user shc from 106.13.207.159 Jun 20 05:56:17 buvik sshd[23575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 Jun 20 05:56:19 buvik sshd[23575]: Failed password for invalid user shc from 106.13.207.159 port 53918 ssh2 ...	2020-06-20 12:17:36
attackspambots	2020-06-11T17:43:46.852344abusebot-7.cloudsearch.cf sshd[14220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 user=root 2020-06-11T17:43:49.556014abusebot-7.cloudsearch.cf sshd[14220]: Failed password for root from 106.13.207.159 port 51762 ssh2 2020-06-11T17:49:01.708012abusebot-7.cloudsearch.cf sshd[14483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 user=root 2020-06-11T17:49:03.324443abusebot-7.cloudsearch.cf sshd[14483]: Failed password for root from 106.13.207.159 port 44434 ssh2 2020-06-11T17:52:08.728103abusebot-7.cloudsearch.cf sshd[14639]: Invalid user airsupply from 106.13.207.159 port 52516 2020-06-11T17:52:08.734410abusebot-7.cloudsearch.cf sshd[14639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 2020-06-11T17:52:08.728103abusebot-7.cloudsearch.cf sshd[14639]: Invalid user airsupply from 106.13.207 ...	2020-06-12 03:57:07
attackspam	Total attacks: 2	2020-05-22 20:23:07
attackbots	Apr 29 14:19:22 melroy-server sshd[31477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 Apr 29 14:19:24 melroy-server sshd[31477]: Failed password for invalid user catchall from 106.13.207.159 port 57336 ssh2 ...	2020-04-30 01:39:53
attack	Apr 26 22:32:45 roki-contabo sshd\[24527\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 user=root Apr 26 22:32:46 roki-contabo sshd\[24527\]: Failed password for root from 106.13.207.159 port 60578 ssh2 Apr 26 22:36:23 roki-contabo sshd\[24560\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 user=root Apr 26 22:36:25 roki-contabo sshd\[24560\]: Failed password for root from 106.13.207.159 port 41078 ssh2 Apr 26 22:38:13 roki-contabo sshd\[24605\]: Invalid user exp from 106.13.207.159 Apr 26 22:38:13 roki-contabo sshd\[24605\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 ...	2020-04-27 06:52:47
attackspambots	SSH bruteforce	2020-04-25 02:51:33
attack	SSH auth scanning - multiple failed logins	2020-04-22 04:02:10
attackbotsspam	Apr 11 06:05:48 vps sshd[237579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 Apr 11 06:05:50 vps sshd[237579]: Failed password for invalid user nuwer from 106.13.207.159 port 54062 ssh2 Apr 11 06:09:28 vps sshd[255797]: Invalid user jakob from 106.13.207.159 port 42124 Apr 11 06:09:28 vps sshd[255797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 Apr 11 06:09:30 vps sshd[255797]: Failed password for invalid user jakob from 106.13.207.159 port 42124 ssh2 ...	2020-04-11 16:30:25
attackspam	Apr 9 04:48:11 pi sshd[1238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 Apr 9 04:48:13 pi sshd[1238]: Failed password for invalid user admin from 106.13.207.159 port 52428 ssh2	2020-04-09 20:07:55
attack	invalid login attempt (jenkins)	2020-04-08 16:04:38
attack	ssh brute force	2020-04-02 19:52:02
attackbots	SSH login attempts brute force.	2020-03-18 17:40:17
attackspambots	Feb 14 20:04:18 hpm sshd\[8741\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 user=root Feb 14 20:04:20 hpm sshd\[8741\]: Failed password for root from 106.13.207.159 port 33144 ssh2 Feb 14 20:07:17 hpm sshd\[9110\]: Invalid user user from 106.13.207.159 Feb 14 20:07:17 hpm sshd\[9110\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.159 Feb 14 20:07:19 hpm sshd\[9110\]: Failed password for invalid user user from 106.13.207.159 port 52616 ssh2	2020-02-15 14:08:46
attackspambots	Unauthorized connection attempt detected from IP address 106.13.207.159 to port 2220 [J]	2020-01-06 08:51:57

Comments on same subnet:

IP	Type	Details	Datetime
106.13.207.54	spam	Группа объявлений Челябинск в telegram. Постинг частных объявлений бесплатно! Рекламные и коммерческие объявления, согласно правил группы. Подпишись, чтобы не потерять.. Челябинск в телеграмм	2024-04-05 19:05:49
106.13.207.113	attackbots	Aug 20 22:04:52 rush sshd[8208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 Aug 20 22:04:54 rush sshd[8208]: Failed password for invalid user fxl from 106.13.207.113 port 47392 ssh2 Aug 20 22:07:25 rush sshd[8288]: Failed password for root from 106.13.207.113 port 55474 ssh2 ...	2020-08-21 06:28:24
106.13.207.113	attack	Aug 16 10:47:11 webhost01 sshd[12442]: Failed password for root from 106.13.207.113 port 42604 ssh2 ...	2020-08-16 18:08:47
106.13.207.225	attackbotsspam	Aug 1 07:46:46 buvik sshd[7523]: Failed password for root from 106.13.207.225 port 36640 ssh2 Aug 1 07:49:22 buvik sshd[7931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.225 user=root Aug 1 07:49:25 buvik sshd[7931]: Failed password for root from 106.13.207.225 port 35050 ssh2 ...	2020-08-01 14:05:33
106.13.207.225	attackspam	Invalid user teamspeak from 106.13.207.225 port 41832	2020-07-31 14:38:53
106.13.207.113	attackspambots	Jul 27 10:44:42 plex-server sshd[4133526]: Invalid user ajl from 106.13.207.113 port 55642 Jul 27 10:44:42 plex-server sshd[4133526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 Jul 27 10:44:42 plex-server sshd[4133526]: Invalid user ajl from 106.13.207.113 port 55642 Jul 27 10:44:44 plex-server sshd[4133526]: Failed password for invalid user ajl from 106.13.207.113 port 55642 ssh2 Jul 27 10:48:35 plex-server sshd[4136287]: Invalid user jira from 106.13.207.113 port 50992 ...	2020-07-27 19:55:10
106.13.207.225	attackspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-27 03:46:43
106.13.207.225	attack	Jul 22 05:59:21 ns381471 sshd[11569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.225 Jul 22 05:59:23 ns381471 sshd[11569]: Failed password for invalid user oem from 106.13.207.225 port 59908 ssh2	2020-07-22 12:22:54
106.13.207.113	attackbotsspam	Jul 21 00:59:01 host sshd[23793]: Invalid user mxx from 106.13.207.113 port 35684 ...	2020-07-21 08:13:29
106.13.207.113	attackspambots	Jul 12 13:58:40 ns382633 sshd\[22098\]: Invalid user farren from 106.13.207.113 port 54570 Jul 12 13:58:40 ns382633 sshd\[22098\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 Jul 12 13:58:41 ns382633 sshd\[22098\]: Failed password for invalid user farren from 106.13.207.113 port 54570 ssh2 Jul 12 13:59:40 ns382633 sshd\[22178\]: Invalid user dan from 106.13.207.113 port 33894 Jul 12 13:59:40 ns382633 sshd\[22178\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113	2020-07-12 20:22:14
106.13.207.113	attack	Failed password for invalid user chenoa from 106.13.207.113 port 40792 ssh2	2020-07-11 02:27:52
106.13.207.225	attack	$lgm	2020-06-20 18:17:48
106.13.207.113	attack	Jun 10 11:03:32 lukav-desktop sshd\[30871\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 user=root Jun 10 11:03:34 lukav-desktop sshd\[30871\]: Failed password for root from 106.13.207.113 port 54984 ssh2 Jun 10 11:04:48 lukav-desktop sshd\[30895\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 user=root Jun 10 11:04:50 lukav-desktop sshd\[30895\]: Failed password for root from 106.13.207.113 port 41758 ssh2 Jun 10 11:06:02 lukav-desktop sshd\[6487\]: Invalid user braxton from 106.13.207.113	2020-06-10 17:05:03
106.13.207.113	attackbots	2020-06-07T05:51:01.959523sd-86998 sshd[34105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 user=root 2020-06-07T05:51:03.477330sd-86998 sshd[34105]: Failed password for root from 106.13.207.113 port 52100 ssh2 2020-06-07T05:53:02.890792sd-86998 sshd[34326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 user=root 2020-06-07T05:53:04.353301sd-86998 sshd[34326]: Failed password for root from 106.13.207.113 port 50850 ssh2 2020-06-07T05:55:02.192797sd-86998 sshd[34632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.207.113 user=root 2020-06-07T05:55:04.463059sd-86998 sshd[34632]: Failed password for root from 106.13.207.113 port 49600 ssh2 ...	2020-06-07 14:43:42
106.13.207.225	attackbotsspam	20 attempts against mh-ssh on echoip	2020-06-03 12:20:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.207.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32570
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.207.159.			IN	A

;; AUTHORITY SECTION:
.			432	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010501 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 06 08:51:53 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 159.207.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 159.207.13.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
62.234.66.50	attackspam	Dec 3 19:31:55 wbs sshd\[23683\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.66.50 user=root Dec 3 19:31:56 wbs sshd\[23683\]: Failed password for root from 62.234.66.50 port 48405 ssh2 Dec 3 19:39:07 wbs sshd\[24477\]: Invalid user kate from 62.234.66.50 Dec 3 19:39:07 wbs sshd\[24477\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.66.50 Dec 3 19:39:09 wbs sshd\[24477\]: Failed password for invalid user kate from 62.234.66.50 port 49510 ssh2	2019-12-04 13:43:53
92.118.38.38	attackbots	IP: 92.118.38.38 ASN: AS50360 Tamatiya EOOD Port: Message Submission 587 Found in one or more Blacklists Date: 4/12/2019 5:32:25 AM UTC	2019-12-04 13:36:20
125.27.106.5	attackspam	1575435446 - 12/04/2019 05:57:26 Host: 125.27.106.5/125.27.106.5 Port: 22 TCP Blocked	2019-12-04 13:35:11
148.70.250.207	attackspam	Dec 4 06:14:18 lnxmysql61 sshd[2016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.250.207	2019-12-04 13:44:37
139.155.45.196	attackspam	Dec 3 19:11:38 tdfoods sshd\[11252\]: Invalid user host from 139.155.45.196 Dec 3 19:11:38 tdfoods sshd\[11252\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.45.196 Dec 3 19:11:40 tdfoods sshd\[11252\]: Failed password for invalid user host from 139.155.45.196 port 52074 ssh2 Dec 3 19:18:46 tdfoods sshd\[11894\]: Invalid user yori from 139.155.45.196 Dec 3 19:18:46 tdfoods sshd\[11894\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.45.196	2019-12-04 13:43:21
80.191.185.174	attackspambots	scan z	2019-12-04 13:32:15
193.31.24.113	attack	12/04/2019-06:43:06.173953 193.31.24.113 Protocol: 6 SURICATA TLS invalid record/traffic	2019-12-04 13:45:42
181.123.9.3	attack	Dec 3 19:32:36 sachi sshd\[8253\]: Invalid user admin from 181.123.9.3 Dec 3 19:32:36 sachi sshd\[8253\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.123.9.3 Dec 3 19:32:38 sachi sshd\[8253\]: Failed password for invalid user admin from 181.123.9.3 port 59238 ssh2 Dec 3 19:40:16 sachi sshd\[9113\]: Invalid user bl from 181.123.9.3 Dec 3 19:40:16 sachi sshd\[9113\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.123.9.3	2019-12-04 13:54:23
157.230.215.106	attack	Dec 4 05:59:47 ns382633 sshd\[7510\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.215.106 user=root Dec 4 05:59:49 ns382633 sshd\[7510\]: Failed password for root from 157.230.215.106 port 47874 ssh2 Dec 4 06:08:06 ns382633 sshd\[9183\]: Invalid user http from 157.230.215.106 port 40578 Dec 4 06:08:06 ns382633 sshd\[9183\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.215.106 Dec 4 06:08:08 ns382633 sshd\[9183\]: Failed password for invalid user http from 157.230.215.106 port 40578 ssh2	2019-12-04 13:47:20
49.70.20.13	attackspam	Unauthorised access (Dec 4) SRC=49.70.20.13 LEN=52 TTL=116 ID=6490 DF TCP DPT=3389 WINDOW=8192 SYN Unauthorised access (Dec 4) SRC=49.70.20.13 LEN=52 TTL=113 ID=30962 DF TCP DPT=1433 WINDOW=8192 SYN	2019-12-04 13:40:28
132.232.27.83	attack	Dec 3 19:13:11 hpm sshd\[23616\]: Invalid user kiejzo from 132.232.27.83 Dec 3 19:13:11 hpm sshd\[23616\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.27.83 Dec 3 19:13:12 hpm sshd\[23616\]: Failed password for invalid user kiejzo from 132.232.27.83 port 41938 ssh2 Dec 3 19:21:06 hpm sshd\[24331\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.27.83 user=root Dec 3 19:21:08 hpm sshd\[24331\]: Failed password for root from 132.232.27.83 port 53116 ssh2	2019-12-04 13:29:27
106.12.141.112	attack	Dec 3 19:14:57 hanapaa sshd\[7977\]: Invalid user tabrizi from 106.12.141.112 Dec 3 19:14:57 hanapaa sshd\[7977\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.141.112 Dec 3 19:15:00 hanapaa sshd\[7977\]: Failed password for invalid user tabrizi from 106.12.141.112 port 40016 ssh2 Dec 3 19:24:05 hanapaa sshd\[8812\]: Invalid user catja from 106.12.141.112 Dec 3 19:24:05 hanapaa sshd\[8812\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.141.112	2019-12-04 13:33:15
5.83.160.121	attackspambots	Dec 4 06:12:28 OPSO sshd\[21878\]: Invalid user mongodb2 from 5.83.160.121 port 57392 Dec 4 06:12:28 OPSO sshd\[21878\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.83.160.121 Dec 4 06:12:31 OPSO sshd\[21878\]: Failed password for invalid user mongodb2 from 5.83.160.121 port 57392 ssh2 Dec 4 06:20:09 OPSO sshd\[24155\]: Invalid user borjon from 5.83.160.121 port 39068 Dec 4 06:20:09 OPSO sshd\[24155\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.83.160.121	2019-12-04 13:32:49
49.204.83.2	attack	2019-12-04T04:57:22.145156abusebot-5.cloudsearch.cf sshd\[22504\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.204.83.2 user=root	2019-12-04 13:39:34
173.249.51.143	attackspambots	[Wed Dec 04 11:57:38.771567 2019] [:error] [pid 8278:tid 140503563605760] [client 173.249.51.143:61000] [client 173.249.51.143] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "972"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "Xec8wop5aXEFXvEedPpB8wAAAEg"] ...	2019-12-04 13:18:03

Recently Reported IPs

188.26.5.6	255.101.191.79	118.71.86.200	101.109.253.194
97.224.217.225	174.61.85.238	82.51.22.159	106.13.36.103
78.112.107.123	113.236.0.131	31.13.127.19	120.57.54.17
60.26.203.130	168.232.129.103	162.222.179.81	90.15.207.7
2.86.37.114	123.0.198.186	181.115.240.195	139.99.219.75