106.13.6.116 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jul 18 18:39:05 ny01 sshd[22484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 Jul 18 18:39:07 ny01 sshd[22484]: Failed password for invalid user nie from 106.13.6.116 port 36810 ssh2 Jul 18 18:43:01 ny01 sshd[23011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116	2020-07-19 06:47:47
attackbots	Jul 9 06:22:20 PorscheCustomer sshd[18477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 Jul 9 06:22:22 PorscheCustomer sshd[18477]: Failed password for invalid user loan from 106.13.6.116 port 60330 ssh2 Jul 9 06:24:44 PorscheCustomer sshd[18543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 ...	2020-07-09 12:39:47
attack	Jul 7 19:03:33 Tower sshd[27142]: Connection from 106.13.6.116 port 34578 on 192.168.10.220 port 22 rdomain ""	2020-07-08 07:34:22
attackspam	Jul 6 05:44:34 srv-ubuntu-dev3 sshd[36272]: Invalid user tom from 106.13.6.116 Jul 6 05:44:34 srv-ubuntu-dev3 sshd[36272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 Jul 6 05:44:34 srv-ubuntu-dev3 sshd[36272]: Invalid user tom from 106.13.6.116 Jul 6 05:44:36 srv-ubuntu-dev3 sshd[36272]: Failed password for invalid user tom from 106.13.6.116 port 60676 ssh2 Jul 6 05:47:24 srv-ubuntu-dev3 sshd[36776]: Invalid user cym from 106.13.6.116 Jul 6 05:47:24 srv-ubuntu-dev3 sshd[36776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 Jul 6 05:47:24 srv-ubuntu-dev3 sshd[36776]: Invalid user cym from 106.13.6.116 Jul 6 05:47:26 srv-ubuntu-dev3 sshd[36776]: Failed password for invalid user cym from 106.13.6.116 port 35272 ssh2 Jul 6 05:50:42 srv-ubuntu-dev3 sshd[37249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 user=root ...	2020-07-06 16:25:36
attackspambots	Jul 4 15:56:49 onepixel sshd[1336663]: Failed password for invalid user centos from 106.13.6.116 port 60746 ssh2 Jul 4 15:59:23 onepixel sshd[1337971]: Invalid user rich from 106.13.6.116 port 53962 Jul 4 15:59:23 onepixel sshd[1337971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 Jul 4 15:59:23 onepixel sshd[1337971]: Invalid user rich from 106.13.6.116 port 53962 Jul 4 15:59:25 onepixel sshd[1337971]: Failed password for invalid user rich from 106.13.6.116 port 53962 ssh2	2020-07-05 04:19:37
attack	Invalid user ubuntu from 106.13.6.116 port 50978	2020-06-28 15:44:14
attackbotsspam	Jun 22 09:13:50 srv sshd[13242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116	2020-06-22 15:47:49
attackspam	Jun 12 22:00:31 ajax sshd[25745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 Jun 12 22:00:34 ajax sshd[25745]: Failed password for invalid user ryanwowie from 106.13.6.116 port 60406 ssh2	2020-06-13 05:29:09
attack	k+ssh-bruteforce	2020-05-28 15:52:20
attack	$f2bV_matches	2020-05-23 20:22:31
attackbotsspam	(sshd) Failed SSH login from 106.13.6.116 (CN/China/-): 5 in the last 3600 secs	2020-05-23 05:50:29
attackbotsspam	May 9 03:16:06 host sshd[10631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 user=root May 9 03:16:08 host sshd[10631]: Failed password for root from 106.13.6.116 port 47350 ssh2 ...	2020-05-09 13:10:27
attack	May 8 11:25:19 prox sshd[14824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 May 8 11:25:20 prox sshd[14824]: Failed password for invalid user rabbitmq from 106.13.6.116 port 38482 ssh2	2020-05-08 17:55:27
attackspam	2020-05-01T22:15:23.4044531240 sshd\[5355\]: Invalid user 22 from 106.13.6.116 port 46868 2020-05-01T22:15:23.4082611240 sshd\[5355\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 2020-05-01T22:15:25.4812771240 sshd\[5355\]: Failed password for invalid user 22 from 106.13.6.116 port 46868 ssh2 ...	2020-05-02 04:56:31
attack	Apr 24 22:53:36 plex sshd[9356]: Invalid user kishori from 106.13.6.116 port 47046	2020-04-25 04:53:39
attackbotsspam	Invalid user ubuntu from 106.13.6.116 port 34798	2020-04-24 08:12:08
attackbots	prod3 ...	2020-04-16 23:01:36
attackbots	2020-04-08T05:50:38.012837centos sshd[25020]: Invalid user sinusbot from 106.13.6.116 port 57502 2020-04-08T05:50:39.804257centos sshd[25020]: Failed password for invalid user sinusbot from 106.13.6.116 port 57502 ssh2 2020-04-08T05:53:51.735406centos sshd[25237]: Invalid user ut99server from 106.13.6.116 port 41042 ...	2020-04-08 17:58:51
attackbots	Mar 30 08:34:42 internal-server-tf sshd\[9582\]: Invalid user ppk from 106.13.6.116Mar 30 08:36:49 internal-server-tf sshd\[9632\]: Invalid user ppk from 106.13.6.116 ...	2020-03-30 16:37:05
attackspam	Mar 28 13:36:47 vps58358 sshd\[25777\]: Invalid user vhc from 106.13.6.116Mar 28 13:36:49 vps58358 sshd\[25777\]: Failed password for invalid user vhc from 106.13.6.116 port 53102 ssh2Mar 28 13:39:41 vps58358 sshd\[25941\]: Invalid user rohina from 106.13.6.116Mar 28 13:39:43 vps58358 sshd\[25941\]: Failed password for invalid user rohina from 106.13.6.116 port 43482 ssh2Mar 28 13:42:50 vps58358 sshd\[26044\]: Invalid user hiroshi from 106.13.6.116Mar 28 13:42:52 vps58358 sshd\[26044\]: Failed password for invalid user hiroshi from 106.13.6.116 port 46634 ssh2 ...	2020-03-28 23:49:44
attackbots	Mar 22 13:57:28 dev0-dcde-rnet sshd[2764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 Mar 22 13:57:30 dev0-dcde-rnet sshd[2764]: Failed password for invalid user cis42 from 106.13.6.116 port 34820 ssh2 Mar 22 14:01:55 dev0-dcde-rnet sshd[2778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116	2020-03-22 22:57:42
attackbots	Mar 12 00:46:35 DAAP sshd[8288]: Invalid user 156.252.3.208 from 106.13.6.116 port 37912 Mar 12 00:46:35 DAAP sshd[8288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 Mar 12 00:46:35 DAAP sshd[8288]: Invalid user 156.252.3.208 from 106.13.6.116 port 37912 Mar 12 00:46:37 DAAP sshd[8288]: Failed password for invalid user 156.252.3.208 from 106.13.6.116 port 37912 ssh2 Mar 12 00:48:32 DAAP sshd[8316]: Invalid user 167.99.49.35 from 106.13.6.116 port 54498 ...	2020-03-12 08:22:47
attack	Invalid user tc from 106.13.6.116 port 50434	2020-03-11 16:28:25
attack	Mar 4 22:54:40 lnxded63 sshd[15144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116	2020-03-05 06:02:34
attackbots	Feb 18 04:38:10 auw2 sshd\[20337\]: Invalid user adm from 106.13.6.116 Feb 18 04:38:10 auw2 sshd\[20337\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 Feb 18 04:38:13 auw2 sshd\[20337\]: Failed password for invalid user adm from 106.13.6.116 port 55204 ssh2 Feb 18 04:40:22 auw2 sshd\[20653\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 user=root Feb 18 04:40:24 auw2 sshd\[20653\]: Failed password for root from 106.13.6.116 port 44324 ssh2	2020-02-18 23:09:53
attack	...	2020-02-03 19:26:22
attackspam	Unauthorized connection attempt detected from IP address 106.13.6.116 to port 2220 [J]	2020-01-19 20:02:07
attackspam	Invalid user uiu from 106.13.6.116 port 45934	2020-01-10 23:46:10
attackbots	Unauthorized connection attempt detected from IP address 106.13.6.116 to port 2220 [J]	2020-01-08 05:32:26
attack	Dec 30 13:20:14 legacy sshd[30059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 Dec 30 13:20:17 legacy sshd[30059]: Failed password for invalid user nicoleta from 106.13.6.116 port 55536 ssh2 Dec 30 13:21:59 legacy sshd[30122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 ...	2019-12-30 20:33:33

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.6.70	attack	2020-10-12T07:58:38+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-10-12 21:39:11
106.13.6.70	attackspambots	Bruteforce detected by fail2ban	2020-10-12 13:10:26
106.13.6.70	attackspambots	Oct 11 20:32:55 marvibiene sshd[28593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.70 Oct 11 20:32:56 marvibiene sshd[28593]: Failed password for invalid user mikita from 106.13.6.70 port 41196 ssh2 Oct 11 20:43:25 marvibiene sshd[29265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.70	2020-10-12 02:44:05
106.13.6.70	attackspambots	Brute-force attempt banned	2020-10-11 18:35:11
106.13.60.222	attack	Oct 9 06:29:17 lnxmysql61 sshd[14894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.60.222	2020-10-10 04:10:05
106.13.60.222	attackbots	Oct 9 06:29:17 lnxmysql61 sshd[14894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.60.222	2020-10-09 20:06:21
106.13.68.190	attack	2020-10-05 12:31:14 server sshd[82072]: Failed password for invalid user root from 106.13.68.190 port 44152 ssh2	2020-10-06 08:20:41
106.13.68.190	attackspambots	Oct 5 15:02:32 OPSO sshd\[6404\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.68.190 user=root Oct 5 15:02:35 OPSO sshd\[6404\]: Failed password for root from 106.13.68.190 port 58054 ssh2 Oct 5 15:06:48 OPSO sshd\[7208\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.68.190 user=root Oct 5 15:06:50 OPSO sshd\[7208\]: Failed password for root from 106.13.68.190 port 47736 ssh2 Oct 5 15:11:07 OPSO sshd\[7913\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.68.190 user=root	2020-10-06 00:47:30
106.13.68.190	attackspam	SSH login attempts.	2020-10-05 16:46:38
106.13.61.120	attackspam	Invalid user eva from 106.13.61.120 port 42178	2020-10-04 02:15:28
106.13.61.120	attack	2020-10-03T04:54:48.396393yoshi.linuxbox.ninja sshd[3004635]: Failed password for invalid user ping from 106.13.61.120 port 58002 ssh2 2020-10-03T04:57:55.580274yoshi.linuxbox.ninja sshd[3006454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.61.120 user=backup 2020-10-03T04:57:57.630428yoshi.linuxbox.ninja sshd[3006454]: Failed password for backup from 106.13.61.120 port 40414 ssh2 ...	2020-10-03 18:00:46
106.13.63.120	attack	Sep 21 23:20:49 ip-172-31-16-56 sshd\[16633\]: Invalid user test from 106.13.63.120\ Sep 21 23:20:51 ip-172-31-16-56 sshd\[16633\]: Failed password for invalid user test from 106.13.63.120 port 50312 ssh2\ Sep 21 23:25:04 ip-172-31-16-56 sshd\[16724\]: Invalid user stunnel from 106.13.63.120\ Sep 21 23:25:06 ip-172-31-16-56 sshd\[16724\]: Failed password for invalid user stunnel from 106.13.63.120 port 59322 ssh2\ Sep 21 23:29:23 ip-172-31-16-56 sshd\[16784\]: Failed password for root from 106.13.63.120 port 40066 ssh2\	2020-09-23 03:23:16
106.13.63.120	attackspam	Sep 21 23:20:49 ip-172-31-16-56 sshd\[16633\]: Invalid user test from 106.13.63.120\ Sep 21 23:20:51 ip-172-31-16-56 sshd\[16633\]: Failed password for invalid user test from 106.13.63.120 port 50312 ssh2\ Sep 21 23:25:04 ip-172-31-16-56 sshd\[16724\]: Invalid user stunnel from 106.13.63.120\ Sep 21 23:25:06 ip-172-31-16-56 sshd\[16724\]: Failed password for invalid user stunnel from 106.13.63.120 port 59322 ssh2\ Sep 21 23:29:23 ip-172-31-16-56 sshd\[16784\]: Failed password for root from 106.13.63.120 port 40066 ssh2\	2020-09-22 19:34:59
106.13.6.70	attack	Sep 14 08:21:27 ns381471 sshd[31532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.70 Sep 14 08:21:29 ns381471 sshd[31532]: Failed password for invalid user admin from 106.13.6.70 port 49026 ssh2	2020-09-14 20:24:14
106.13.6.70	attackspambots	"Unauthorized connection attempt on SSHD detected"	2020-09-14 12:16:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.6.116
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18865
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.6.116.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082100 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 22 00:07:14 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 116.6.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

Server:		183.60.82.98
Address:	183.60.82.98#53

Non-authoritative answer:
*** Can't find 116.6.13.106.in-addr.arpa.: No answer

Authoritative answers can be found from:

IP	类型	评论内容	时间
103.255.123.249	attackspambots	Icarus honeypot on github	2020-09-04 03:54:00
198.50.173.86	attackbots	Port Scan detected from 198.50.173.86 (US/United States/Indiana/Elkhart/-). 4 hits in the last 100 seconds	2020-09-04 04:00:25
51.75.53.141	attackbots	51.75.53.141 - - [03/Sep/2020:20:38:09 +0100] "POST /wp-login.php HTTP/1.1" 200 1792 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.75.53.141 - - [03/Sep/2020:20:38:10 +0100] "POST /wp-login.php HTTP/1.1" 200 1768 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.75.53.141 - - [03/Sep/2020:20:38:10 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-04 03:54:47
101.16.63.16	attackspam	TCP (SYN) 101.16.63.16:40615 -> port 23, len 40	2020-09-04 04:22:03
178.19.152.65	attack	TCP (SYN) 178.19.152.65:11385 -> port 23, len 44	2020-09-04 04:05:42
125.211.119.98	attackspambots	TCP (SYN) 125.211.119.98:59792 -> port 1433, len 52	2020-09-04 04:21:42
62.171.161.187	attackspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-03T20:17:57Z and 2020-09-03T20:17:57Z	2020-09-04 04:24:32
5.125.73.250	attack	TCP (SYN) 5.125.73.250:61597 -> port 445, len 52	2020-09-04 04:18:30
217.115.213.186	attackspam	Dovecot Invalid User Login Attempt.	2020-09-04 03:54:16
185.153.199.146	attackspambots	Port-scan: detected 442 distinct ports within a 24-hour window.	2020-09-04 04:20:10
81.214.57.243	attackbots	TCP (SYN) 81.214.57.243:52009 -> port 445, len 52	2020-09-04 03:58:02
91.200.39.254	attackspambots	TCP (SYN) 91.200.39.254:15148 -> port 7547, len 44	2020-09-04 04:17:25
165.22.42.154	attackbots	TCP (SYN) 165.22.42.154:51672 -> port 443, len 44	2020-09-04 04:06:16
190.114.246.149	attack	TCP (SYN) 190.114.246.149:54270 -> port 445, len 52	2020-09-04 04:14:24
178.19.250.44	attack	TCP (SYN) 178.19.250.44:64665 -> port 23, len 44	2020-09-04 04:10:30

最近上报的IP列表

39.176.89.200	215.93.53.239	109.243.174.36	119.79.17.149
109.91.45.13	159.110.243.98	96.103.140.87	99.240.31.24
43.235.127.49	94.74.84.159	82.58.219.118	5.34.151.123
72.163.107.127	147.150.63.50	125.149.180.141	191.82.107.45
71.85.78.46	140.130.211.74	104.53.170.34	218.111.137.219