106.13.6.70 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-10-12T07:58:38+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-10-12 21:39:11
attackspambots	Bruteforce detected by fail2ban	2020-10-12 13:10:26
attackspambots	Oct 11 20:32:55 marvibiene sshd[28593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.70 Oct 11 20:32:56 marvibiene sshd[28593]: Failed password for invalid user mikita from 106.13.6.70 port 41196 ssh2 Oct 11 20:43:25 marvibiene sshd[29265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.70	2020-10-12 02:44:05
attackspambots	Brute-force attempt banned	2020-10-11 18:35:11
attack	Sep 14 08:21:27 ns381471 sshd[31532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.70 Sep 14 08:21:29 ns381471 sshd[31532]: Failed password for invalid user admin from 106.13.6.70 port 49026 ssh2	2020-09-14 20:24:14
attackspambots	"Unauthorized connection attempt on SSHD detected"	2020-09-14 12:16:18
attackbots	Sep 13 11:15:35 dignus sshd[31110]: Failed password for invalid user topomaps from 106.13.6.70 port 38418 ssh2 Sep 13 11:17:47 dignus sshd[31319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.70 user=root Sep 13 11:17:49 dignus sshd[31319]: Failed password for root from 106.13.6.70 port 38646 ssh2 Sep 13 11:20:00 dignus sshd[31505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.70 user=root Sep 13 11:20:02 dignus sshd[31505]: Failed password for root from 106.13.6.70 port 38868 ssh2 ...	2020-09-14 04:18:47
attackbots	SSH login attempts.	2020-09-07 22:54:12
attackspambots	Aug 19 02:36:07 venus sshd[25907]: Invalid user ir from 106.13.6.70 Aug 19 02:36:07 venus sshd[25907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.70 Aug 19 02:36:09 venus sshd[25907]: Failed password for invalid user ir from 106.13.6.70 port 41614 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.13.6.70	2020-08-21 15:55:56
attack	Multiple SSH authentication failures from 106.13.6.70	2020-08-19 18:56:50

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.60.222	attack	Oct 9 06:29:17 lnxmysql61 sshd[14894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.60.222	2020-10-10 04:10:05
106.13.60.222	attackbots	Oct 9 06:29:17 lnxmysql61 sshd[14894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.60.222	2020-10-09 20:06:21
106.13.68.190	attack	2020-10-05 12:31:14 server sshd[82072]: Failed password for invalid user root from 106.13.68.190 port 44152 ssh2	2020-10-06 08:20:41
106.13.68.190	attackspambots	Oct 5 15:02:32 OPSO sshd\[6404\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.68.190 user=root Oct 5 15:02:35 OPSO sshd\[6404\]: Failed password for root from 106.13.68.190 port 58054 ssh2 Oct 5 15:06:48 OPSO sshd\[7208\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.68.190 user=root Oct 5 15:06:50 OPSO sshd\[7208\]: Failed password for root from 106.13.68.190 port 47736 ssh2 Oct 5 15:11:07 OPSO sshd\[7913\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.68.190 user=root	2020-10-06 00:47:30
106.13.68.190	attackspam	SSH login attempts.	2020-10-05 16:46:38
106.13.61.120	attackspam	Invalid user eva from 106.13.61.120 port 42178	2020-10-04 02:15:28
106.13.61.120	attack	2020-10-03T04:54:48.396393yoshi.linuxbox.ninja sshd[3004635]: Failed password for invalid user ping from 106.13.61.120 port 58002 ssh2 2020-10-03T04:57:55.580274yoshi.linuxbox.ninja sshd[3006454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.61.120 user=backup 2020-10-03T04:57:57.630428yoshi.linuxbox.ninja sshd[3006454]: Failed password for backup from 106.13.61.120 port 40414 ssh2 ...	2020-10-03 18:00:46
106.13.63.120	attack	Sep 21 23:20:49 ip-172-31-16-56 sshd\[16633\]: Invalid user test from 106.13.63.120\ Sep 21 23:20:51 ip-172-31-16-56 sshd\[16633\]: Failed password for invalid user test from 106.13.63.120 port 50312 ssh2\ Sep 21 23:25:04 ip-172-31-16-56 sshd\[16724\]: Invalid user stunnel from 106.13.63.120\ Sep 21 23:25:06 ip-172-31-16-56 sshd\[16724\]: Failed password for invalid user stunnel from 106.13.63.120 port 59322 ssh2\ Sep 21 23:29:23 ip-172-31-16-56 sshd\[16784\]: Failed password for root from 106.13.63.120 port 40066 ssh2\	2020-09-23 03:23:16
106.13.63.120	attackspam	Sep 21 23:20:49 ip-172-31-16-56 sshd\[16633\]: Invalid user test from 106.13.63.120\ Sep 21 23:20:51 ip-172-31-16-56 sshd\[16633\]: Failed password for invalid user test from 106.13.63.120 port 50312 ssh2\ Sep 21 23:25:04 ip-172-31-16-56 sshd\[16724\]: Invalid user stunnel from 106.13.63.120\ Sep 21 23:25:06 ip-172-31-16-56 sshd\[16724\]: Failed password for invalid user stunnel from 106.13.63.120 port 59322 ssh2\ Sep 21 23:29:23 ip-172-31-16-56 sshd\[16784\]: Failed password for root from 106.13.63.120 port 40066 ssh2\	2020-09-22 19:34:59
106.13.68.145	attackbots	Jul 19 21:42:27 ms-srv sshd[20684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.68.145 Jul 19 21:42:30 ms-srv sshd[20684]: Failed password for invalid user master from 106.13.68.145 port 41324 ssh2	2020-09-02 22:26:20
106.13.68.145	attackspambots	Port scan denied	2020-09-02 14:15:15
106.13.68.145	attackspambots	prod8 ...	2020-09-02 07:15:43
106.13.63.120	attackspam	2020-08-31T12:10:47.833033ks3355764 sshd[5037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.63.120 user=root 2020-08-31T12:10:50.430462ks3355764 sshd[5037]: Failed password for root from 106.13.63.120 port 45882 ssh2 ...	2020-08-31 19:57:10
106.13.60.222	attackspam	Aug 31 13:23:52 h2779839 sshd[25886]: Invalid user nfe from 106.13.60.222 port 59598 Aug 31 13:23:52 h2779839 sshd[25886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.60.222 Aug 31 13:23:52 h2779839 sshd[25886]: Invalid user nfe from 106.13.60.222 port 59598 Aug 31 13:23:54 h2779839 sshd[25886]: Failed password for invalid user nfe from 106.13.60.222 port 59598 ssh2 Aug 31 13:26:24 h2779839 sshd[25933]: Invalid user opo from 106.13.60.222 port 56382 Aug 31 13:26:24 h2779839 sshd[25933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.60.222 Aug 31 13:26:24 h2779839 sshd[25933]: Invalid user opo from 106.13.60.222 port 56382 Aug 31 13:26:26 h2779839 sshd[25933]: Failed password for invalid user opo from 106.13.60.222 port 56382 ssh2 Aug 31 13:28:51 h2779839 sshd[25959]: Invalid user magno from 106.13.60.222 port 53170 ...	2020-08-31 19:42:12
106.13.64.132	attack	Aug 30 13:54:26 root sshd[31080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.132 Aug 30 13:54:29 root sshd[31080]: Failed password for invalid user eng from 106.13.64.132 port 37378 ssh2 Aug 30 14:16:22 root sshd[1526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.132 ...	2020-08-30 20:34:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.6.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30105
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.6.70.			IN	A

;; AUTHORITY SECTION:
.			536	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081900 1800 900 604800 86400

;; Query time: 50 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 19 18:56:42 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 70.6.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 70.6.13.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
114.33.135.178	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 11:59:00,781 INFO [shellcode_manager] (114.33.135.178) no match, writing hexdump (db9ab791613f3b8adddffcf8ce1097f0 :2218582) - MS17010 (EternalBlue)	2019-07-04 22:40:00
45.122.222.193	attack	Automatic report - Web App Attack	2019-07-04 22:07:56
185.36.81.169	attackbots	Rude login attack (12 tries in 1d)	2019-07-04 22:53:38
185.220.101.27	attack	Automatic report - Web App Attack	2019-07-04 21:56:19
62.80.161.162	attack	Many RDP login attempts detected by IDS script	2019-07-04 22:17:04
77.40.40.180	attackspambots	Rude login attack (30 tries in 1d)	2019-07-04 22:34:46
197.227.109.100	attack	$f2bV_matches	2019-07-04 22:08:50
146.148.105.126	attackbotsspam	Jul 4 13:13:07 ip-172-31-1-72 sshd\[32137\]: Invalid user kl from 146.148.105.126 Jul 4 13:13:07 ip-172-31-1-72 sshd\[32137\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.148.105.126 Jul 4 13:13:09 ip-172-31-1-72 sshd\[32137\]: Failed password for invalid user kl from 146.148.105.126 port 47954 ssh2 Jul 4 13:16:10 ip-172-31-1-72 sshd\[32174\]: Invalid user maria from 146.148.105.126 Jul 4 13:16:10 ip-172-31-1-72 sshd\[32174\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.148.105.126	2019-07-04 22:14:17
109.173.101.134	attackspambots	port scan and connect, tcp 22 (ssh)	2019-07-04 22:10:57
77.43.209.87	attack	Unauthorised access (Jul 4) SRC=77.43.209.87 LEN=40 TTL=52 ID=46752 TCP DPT=23 WINDOW=40821 SYN	2019-07-04 21:57:54
141.98.10.42	attackspambots	Rude login attack (11 tries in 1d)	2019-07-04 22:42:40
218.92.0.135	attackbots	2019-07-04T14:15:34.565769abusebot.cloudsearch.cf sshd\[10773\]: Failed password for root from 218.92.0.135 port 46309 ssh2	2019-07-04 22:41:19
78.46.90.120	attack	Attacks websites by trying to access known vulnerables of plugins, brute-force of backends or probing of administrative tools	2019-07-04 21:52:33
23.94.69.34	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-07-04 22:09:47
31.148.3.41	attack	2019-07-04T13:16:30.520848abusebot-8.cloudsearch.cf sshd\[7120\]: Invalid user stortora from 31.148.3.41 port 40371	2019-07-04 22:07:30

最近上报的IP列表

32.212.216.229	202.40.20.29	254.65.35.180	178.98.139.221
49.67.28.187	188.57.163.62	34.112.48.149	94.217.106.44
141.24.48.80	142.69.140.238	98.84.100.199	202.62.47.166
40.85.123.203	49.68.255.161	45.187.113.121	218.212.92.90
193.46.199.245	13.76.253.107	222.95.133.41	35.225.119.72