106.13.6.70 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-10-12T07:58:38+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-10-12 21:39:11
attackspambots	Bruteforce detected by fail2ban	2020-10-12 13:10:26
attackspambots	Oct 11 20:32:55 marvibiene sshd[28593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.70 Oct 11 20:32:56 marvibiene sshd[28593]: Failed password for invalid user mikita from 106.13.6.70 port 41196 ssh2 Oct 11 20:43:25 marvibiene sshd[29265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.70	2020-10-12 02:44:05
attackspambots	Brute-force attempt banned	2020-10-11 18:35:11
attack	Sep 14 08:21:27 ns381471 sshd[31532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.70 Sep 14 08:21:29 ns381471 sshd[31532]: Failed password for invalid user admin from 106.13.6.70 port 49026 ssh2	2020-09-14 20:24:14
attackspambots	"Unauthorized connection attempt on SSHD detected"	2020-09-14 12:16:18
attackbots	Sep 13 11:15:35 dignus sshd[31110]: Failed password for invalid user topomaps from 106.13.6.70 port 38418 ssh2 Sep 13 11:17:47 dignus sshd[31319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.70 user=root Sep 13 11:17:49 dignus sshd[31319]: Failed password for root from 106.13.6.70 port 38646 ssh2 Sep 13 11:20:00 dignus sshd[31505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.70 user=root Sep 13 11:20:02 dignus sshd[31505]: Failed password for root from 106.13.6.70 port 38868 ssh2 ...	2020-09-14 04:18:47
attackbots	SSH login attempts.	2020-09-07 22:54:12
attackspambots	Aug 19 02:36:07 venus sshd[25907]: Invalid user ir from 106.13.6.70 Aug 19 02:36:07 venus sshd[25907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.70 Aug 19 02:36:09 venus sshd[25907]: Failed password for invalid user ir from 106.13.6.70 port 41614 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.13.6.70	2020-08-21 15:55:56
attack	Multiple SSH authentication failures from 106.13.6.70	2020-08-19 18:56:50

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.60.222	attack	Oct 9 06:29:17 lnxmysql61 sshd[14894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.60.222	2020-10-10 04:10:05
106.13.60.222	attackbots	Oct 9 06:29:17 lnxmysql61 sshd[14894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.60.222	2020-10-09 20:06:21
106.13.68.190	attack	2020-10-05 12:31:14 server sshd[82072]: Failed password for invalid user root from 106.13.68.190 port 44152 ssh2	2020-10-06 08:20:41
106.13.68.190	attackspambots	Oct 5 15:02:32 OPSO sshd\[6404\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.68.190 user=root Oct 5 15:02:35 OPSO sshd\[6404\]: Failed password for root from 106.13.68.190 port 58054 ssh2 Oct 5 15:06:48 OPSO sshd\[7208\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.68.190 user=root Oct 5 15:06:50 OPSO sshd\[7208\]: Failed password for root from 106.13.68.190 port 47736 ssh2 Oct 5 15:11:07 OPSO sshd\[7913\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.68.190 user=root	2020-10-06 00:47:30
106.13.68.190	attackspam	SSH login attempts.	2020-10-05 16:46:38
106.13.61.120	attackspam	Invalid user eva from 106.13.61.120 port 42178	2020-10-04 02:15:28
106.13.61.120	attack	2020-10-03T04:54:48.396393yoshi.linuxbox.ninja sshd[3004635]: Failed password for invalid user ping from 106.13.61.120 port 58002 ssh2 2020-10-03T04:57:55.580274yoshi.linuxbox.ninja sshd[3006454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.61.120 user=backup 2020-10-03T04:57:57.630428yoshi.linuxbox.ninja sshd[3006454]: Failed password for backup from 106.13.61.120 port 40414 ssh2 ...	2020-10-03 18:00:46
106.13.63.120	attack	Sep 21 23:20:49 ip-172-31-16-56 sshd\[16633\]: Invalid user test from 106.13.63.120\ Sep 21 23:20:51 ip-172-31-16-56 sshd\[16633\]: Failed password for invalid user test from 106.13.63.120 port 50312 ssh2\ Sep 21 23:25:04 ip-172-31-16-56 sshd\[16724\]: Invalid user stunnel from 106.13.63.120\ Sep 21 23:25:06 ip-172-31-16-56 sshd\[16724\]: Failed password for invalid user stunnel from 106.13.63.120 port 59322 ssh2\ Sep 21 23:29:23 ip-172-31-16-56 sshd\[16784\]: Failed password for root from 106.13.63.120 port 40066 ssh2\	2020-09-23 03:23:16
106.13.63.120	attackspam	Sep 21 23:20:49 ip-172-31-16-56 sshd\[16633\]: Invalid user test from 106.13.63.120\ Sep 21 23:20:51 ip-172-31-16-56 sshd\[16633\]: Failed password for invalid user test from 106.13.63.120 port 50312 ssh2\ Sep 21 23:25:04 ip-172-31-16-56 sshd\[16724\]: Invalid user stunnel from 106.13.63.120\ Sep 21 23:25:06 ip-172-31-16-56 sshd\[16724\]: Failed password for invalid user stunnel from 106.13.63.120 port 59322 ssh2\ Sep 21 23:29:23 ip-172-31-16-56 sshd\[16784\]: Failed password for root from 106.13.63.120 port 40066 ssh2\	2020-09-22 19:34:59
106.13.68.145	attackbots	Jul 19 21:42:27 ms-srv sshd[20684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.68.145 Jul 19 21:42:30 ms-srv sshd[20684]: Failed password for invalid user master from 106.13.68.145 port 41324 ssh2	2020-09-02 22:26:20
106.13.68.145	attackspambots	Port scan denied	2020-09-02 14:15:15
106.13.68.145	attackspambots	prod8 ...	2020-09-02 07:15:43
106.13.63.120	attackspam	2020-08-31T12:10:47.833033ks3355764 sshd[5037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.63.120 user=root 2020-08-31T12:10:50.430462ks3355764 sshd[5037]: Failed password for root from 106.13.63.120 port 45882 ssh2 ...	2020-08-31 19:57:10
106.13.60.222	attackspam	Aug 31 13:23:52 h2779839 sshd[25886]: Invalid user nfe from 106.13.60.222 port 59598 Aug 31 13:23:52 h2779839 sshd[25886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.60.222 Aug 31 13:23:52 h2779839 sshd[25886]: Invalid user nfe from 106.13.60.222 port 59598 Aug 31 13:23:54 h2779839 sshd[25886]: Failed password for invalid user nfe from 106.13.60.222 port 59598 ssh2 Aug 31 13:26:24 h2779839 sshd[25933]: Invalid user opo from 106.13.60.222 port 56382 Aug 31 13:26:24 h2779839 sshd[25933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.60.222 Aug 31 13:26:24 h2779839 sshd[25933]: Invalid user opo from 106.13.60.222 port 56382 Aug 31 13:26:26 h2779839 sshd[25933]: Failed password for invalid user opo from 106.13.60.222 port 56382 ssh2 Aug 31 13:28:51 h2779839 sshd[25959]: Invalid user magno from 106.13.60.222 port 53170 ...	2020-08-31 19:42:12
106.13.64.132	attack	Aug 30 13:54:26 root sshd[31080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.132 Aug 30 13:54:29 root sshd[31080]: Failed password for invalid user eng from 106.13.64.132 port 37378 ssh2 Aug 30 14:16:22 root sshd[1526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.64.132 ...	2020-08-30 20:34:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.6.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30105
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.6.70.			IN	A

;; AUTHORITY SECTION:
.			536	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081900 1800 900 604800 86400

;; Query time: 50 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 19 18:56:42 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 70.6.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 70.6.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
139.255.83.52	attackspam	Jul 4 04:38:13 nas sshd[8735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.255.83.52 Jul 4 04:38:15 nas sshd[8735]: Failed password for invalid user arlene from 139.255.83.52 port 36016 ssh2 Jul 4 04:47:44 nas sshd[9220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.255.83.52 ...	2020-07-04 10:54:00
41.60.195.79	attackbots	Honeypot attack, port: 445, PTR: 41.60.195.79.liquidtelecom.net.	2020-07-04 10:23:51
189.142.92.12	attackbots	Unauthorized connection attempt from IP address 189.142.92.12 on Port 445(SMB)	2020-07-04 10:15:07
137.220.138.252	attackbots	[ssh] SSH attack	2020-07-04 10:45:40
211.72.91.222	attack	Honeypot attack, port: 81, PTR: 211-72-91-222.HINET-IP.hinet.net.	2020-07-04 10:14:31
36.67.66.202	attackspambots	VNC brute force attack detected by fail2ban	2020-07-04 10:40:11
179.127.145.251	attackspam	(smtpauth) Failed SMTP AUTH login from 179.127.145.251 (BR/Brazil/179.127.145.251.osjnet.com.br): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-04 03:45:16 plain authenticator failed for ([179.127.145.251]) [179.127.145.251]: 535 Incorrect authentication data (set_id=ardestani@taninsanat.com)	2020-07-04 10:33:56
136.232.185.198	attackspambots	Unauthorized connection attempt from IP address 136.232.185.198 on Port 445(SMB)	2020-07-04 10:31:37
140.227.187.144	attackspambots	Unauthorized connection attempt from IP address 140.227.187.144 on Port 445(SMB)	2020-07-04 10:21:21
68.183.81.243	attack	Jul 4 02:07:37 vm0 sshd[30663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.81.243 Jul 4 02:07:40 vm0 sshd[30663]: Failed password for invalid user ftp-user from 68.183.81.243 port 50888 ssh2 ...	2020-07-04 10:46:46
141.98.9.137	attackspam	Jul 3 23:34:21 dns1 sshd[32010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.137 Jul 3 23:34:23 dns1 sshd[32010]: Failed password for invalid user operator from 141.98.9.137 port 36920 ssh2 Jul 3 23:35:04 dns1 sshd[32095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.137	2020-07-04 10:42:44
14.160.39.138	attackspam	Dovecot Invalid User Login Attempt.	2020-07-04 10:52:36
51.145.0.150	attackspambots	Jul 3 22:47:16 server sshd[6030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.145.0.150 user=r.r Jul 3 22:47:18 server sshd[6030]: Failed password for r.r from 51.145.0.150 port 57348 ssh2 Jul 3 22:47:18 server sshd[6030]: Received disconnect from 51.145.0.150: 11: Bye Bye [preauth] Jul 3 23:04:01 server sshd[6866]: Failed password for invalid user sa from 51.145.0.150 port 48882 ssh2 Jul 3 23:04:02 server sshd[6866]: Received disconnect from 51.145.0.150: 11: Bye Bye [preauth] Jul 3 23:07:00 server sshd[7020]: Failed password for invalid user alarm from 51.145.0.150 port 53474 ssh2 Jul 3 23:07:00 server sshd[7020]: Received disconnect from 51.145.0.150: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=51.145.0.150	2020-07-04 10:34:57
117.131.60.58	attack	Jul 4 01:45:54 ip-172-31-62-245 sshd\[31804\]: Invalid user rizal from 117.131.60.58\ Jul 4 01:45:56 ip-172-31-62-245 sshd\[31804\]: Failed password for invalid user rizal from 117.131.60.58 port 19736 ssh2\ Jul 4 01:49:18 ip-172-31-62-245 sshd\[31842\]: Invalid user paul from 117.131.60.58\ Jul 4 01:49:20 ip-172-31-62-245 sshd\[31842\]: Failed password for invalid user paul from 117.131.60.58 port 27717 ssh2\ Jul 4 01:52:50 ip-172-31-62-245 sshd\[31899\]: Invalid user vnc from 117.131.60.58\	2020-07-04 10:37:09
41.190.151.134	attackbots	Jul 4 04:35:33 ns3164893 sshd[20210]: Failed password for root from 41.190.151.134 port 33237 ssh2 Jul 4 04:35:36 ns3164893 sshd[20210]: Failed password for root from 41.190.151.134 port 33237 ssh2 ...	2020-07-04 10:42:21

最近上报的IP列表

32.212.216.229	202.40.20.29	254.65.35.180	178.98.139.221
49.67.28.187	188.57.163.62	34.112.48.149	94.217.106.44
141.24.48.80	142.69.140.238	98.84.100.199	202.62.47.166
40.85.123.203	49.68.255.161	45.187.113.121	218.212.92.90
193.46.199.245	13.76.253.107	222.95.133.41	35.225.119.72