106.13.70.63 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Oct 4 23:48:53 pve1 sshd[12571]: Failed password for root from 106.13.70.63 port 50412 ssh2 ...	2020-10-05 06:53:12
attack	$f2bV_matches	2020-10-04 22:58:47
attackspam	$f2bV_matches	2020-10-04 14:43:51
attack	Aug 6 08:56:54 hosting sshd[15615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 user=root Aug 6 08:56:56 hosting sshd[15615]: Failed password for root from 106.13.70.63 port 34174 ssh2 ...	2020-08-06 14:52:23
attackspambots	Jul 25 17:04:29 server1 sshd\[31647\]: Invalid user pawan from 106.13.70.63 Jul 25 17:04:29 server1 sshd\[31647\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 Jul 25 17:04:31 server1 sshd\[31647\]: Failed password for invalid user pawan from 106.13.70.63 port 51818 ssh2 Jul 25 17:09:24 server1 sshd\[602\]: Invalid user satou from 106.13.70.63 Jul 25 17:09:24 server1 sshd\[602\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 ...	2020-07-26 07:11:11
attackbots	Jul 24 13:02:44 server sshd[40460]: Failed password for invalid user dominik from 106.13.70.63 port 48624 ssh2 Jul 24 13:06:29 server sshd[41858]: Failed password for invalid user store from 106.13.70.63 port 60078 ssh2 Jul 24 13:07:55 server sshd[42285]: Failed password for invalid user vnc from 106.13.70.63 port 47172 ssh2	2020-07-24 19:55:11
attackspambots	2020-07-18T20:44:22.058018mail.csmailer.org sshd[8589]: Invalid user admin from 106.13.70.63 port 57292 2020-07-18T20:44:22.063260mail.csmailer.org sshd[8589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 2020-07-18T20:44:22.058018mail.csmailer.org sshd[8589]: Invalid user admin from 106.13.70.63 port 57292 2020-07-18T20:44:23.992175mail.csmailer.org sshd[8589]: Failed password for invalid user admin from 106.13.70.63 port 57292 ssh2 2020-07-18T20:48:21.042820mail.csmailer.org sshd[8911]: Invalid user ansible from 106.13.70.63 port 58268 ...	2020-07-19 05:03:30
attack	Jul 18 03:54:18 onepixel sshd[3996731]: Invalid user eder from 106.13.70.63 port 40798 Jul 18 03:54:18 onepixel sshd[3996731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 Jul 18 03:54:18 onepixel sshd[3996731]: Invalid user eder from 106.13.70.63 port 40798 Jul 18 03:54:19 onepixel sshd[3996731]: Failed password for invalid user eder from 106.13.70.63 port 40798 ssh2 Jul 18 03:56:23 onepixel sshd[3997813]: Invalid user lois from 106.13.70.63 port 39898	2020-07-18 12:22:26
attack	2020-07-11T22:11:19+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-07-12 04:57:17
attackspambots	Multiple SSH authentication failures from 106.13.70.63	2020-07-01 14:39:32
attackbots	DATE:2020-06-16 00:13:43, IP:106.13.70.63, PORT:ssh SSH brute force auth (docker-dc)	2020-06-16 06:53:42
attack	2020-05-28T18:58:07.352007billing sshd[30283]: Failed password for operator from 106.13.70.63 port 33604 ssh2 2020-05-28T19:01:37.984458billing sshd[5964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 user=root 2020-05-28T19:01:39.734723billing sshd[5964]: Failed password for root from 106.13.70.63 port 51052 ssh2 ...	2020-05-28 22:51:45
attackbots	May 20 14:39:25 Tower sshd[2439]: refused connect from 122.51.24.177 (122.51.24.177) May 20 23:50:10 Tower sshd[2439]: refused connect from 64.183.37.139 (64.183.37.139) May 21 02:38:27 Tower sshd[2439]: Connection from 106.13.70.63 port 50966 on 192.168.10.220 port 22 rdomain "" May 21 02:38:31 Tower sshd[2439]: Invalid user qes from 106.13.70.63 port 50966 May 21 02:38:31 Tower sshd[2439]: error: Could not get shadow information for NOUSER May 21 02:38:31 Tower sshd[2439]: Failed password for invalid user qes from 106.13.70.63 port 50966 ssh2 May 21 02:38:31 Tower sshd[2439]: Received disconnect from 106.13.70.63 port 50966:11: Bye Bye [preauth] May 21 02:38:31 Tower sshd[2439]: Disconnected from invalid user qes 106.13.70.63 port 50966 [preauth]	2020-05-21 19:53:33
attack	(sshd) Failed SSH login from 106.13.70.63 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 11 23:28:41 srv sshd[15072]: Invalid user vnc from 106.13.70.63 port 49062 May 11 23:28:43 srv sshd[15072]: Failed password for invalid user vnc from 106.13.70.63 port 49062 ssh2 May 11 23:45:02 srv sshd[17151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 user=root May 11 23:45:04 srv sshd[17151]: Failed password for root from 106.13.70.63 port 41666 ssh2 May 11 23:50:30 srv sshd[17827]: Invalid user admin from 106.13.70.63 port 42158	2020-05-12 05:40:11
attackspambots	$f2bV_matches	2020-04-30 19:15:27
attackbots	Invalid user ubuntu from 106.13.70.63 port 51332	2020-04-23 16:03:15
attackbotsspam	2020-04-11T09:46:46.898896 sshd[15973]: Invalid user oracle from 106.13.70.63 port 41030 2020-04-11T09:46:46.914303 sshd[15973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 2020-04-11T09:46:46.898896 sshd[15973]: Invalid user oracle from 106.13.70.63 port 41030 2020-04-11T09:46:49.029109 sshd[15973]: Failed password for invalid user oracle from 106.13.70.63 port 41030 ssh2 ...	2020-04-11 18:35:04
attackbotsspam	2020-04-08T23:43:21.825904amanda2.illicoweb.com sshd\[21522\]: Invalid user gfs1 from 106.13.70.63 port 51854 2020-04-08T23:43:21.829237amanda2.illicoweb.com sshd\[21522\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 2020-04-08T23:43:23.527984amanda2.illicoweb.com sshd\[21522\]: Failed password for invalid user gfs1 from 106.13.70.63 port 51854 ssh2 2020-04-08T23:50:23.541631amanda2.illicoweb.com sshd\[22012\]: Invalid user postgres from 106.13.70.63 port 47382 2020-04-08T23:50:23.544412amanda2.illicoweb.com sshd\[22012\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 ...	2020-04-09 06:34:46
attackbotsspam	sshd jail - ssh hack attempt	2020-03-25 09:34:34

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.70.233	attackbots	Aug 3 23:34:37 buvik sshd[9204]: Failed password for root from 106.13.70.233 port 50722 ssh2 Aug 3 23:39:57 buvik sshd[10053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.233 user=root Aug 3 23:39:59 buvik sshd[10053]: Failed password for root from 106.13.70.233 port 58694 ssh2 ...	2020-08-04 05:44:56
106.13.70.60	attack	Jul 20 00:56:44 serwer sshd\[5731\]: User ftpuser from 106.13.70.60 not allowed because not listed in AllowUsers Jul 20 00:56:44 serwer sshd\[5731\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.60 user=ftpuser Jul 20 00:56:46 serwer sshd\[5731\]: Failed password for invalid user ftpuser from 106.13.70.60 port 37546 ssh2 ...	2020-07-20 07:25:44
106.13.70.233	attack	Invalid user stephane from 106.13.70.233 port 50952	2020-07-18 22:42:36
106.13.70.233	attack	2020-07-14T14:51:49.933497snf-827550 sshd[1912]: Invalid user avila from 106.13.70.233 port 53388 2020-07-14T14:51:52.089766snf-827550 sshd[1912]: Failed password for invalid user avila from 106.13.70.233 port 53388 ssh2 2020-07-14T14:59:44.447028snf-827550 sshd[2984]: Invalid user vmail from 106.13.70.233 port 44640 ...	2020-07-14 20:26:03
106.13.70.60	attack	TCP (SYN) 106.13.70.60:44556 -> port 3570, len 44	2020-07-12 18:09:37
106.13.70.60	attackspam	$f2bV_matches	2020-06-29 12:28:53
106.13.70.60	attackbots	TCP (SYN) 106.13.70.60:49289 -> port 17211, len 44	2020-06-24 02:43:00
106.13.70.133	attack	Apr 18 17:09:16 h1745522 sshd[18780]: Invalid user mj from 106.13.70.133 port 51186 Apr 18 17:09:16 h1745522 sshd[18780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.133 Apr 18 17:09:16 h1745522 sshd[18780]: Invalid user mj from 106.13.70.133 port 51186 Apr 18 17:09:17 h1745522 sshd[18780]: Failed password for invalid user mj from 106.13.70.133 port 51186 ssh2 Apr 18 17:11:22 h1745522 sshd[18970]: Invalid user oracle from 106.13.70.133 port 44734 Apr 18 17:11:22 h1745522 sshd[18970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.133 Apr 18 17:11:22 h1745522 sshd[18970]: Invalid user oracle from 106.13.70.133 port 44734 Apr 18 17:11:24 h1745522 sshd[18970]: Failed password for invalid user oracle from 106.13.70.133 port 44734 ssh2 Apr 18 17:13:28 h1745522 sshd[19128]: Invalid user xv from 106.13.70.133 port 38282 ...	2020-04-19 03:43:27
106.13.70.133	attackspam	Apr 17 22:29:50 sshd[19103]: Failed password for invalid user oracle from 106.13.70.133 port 48738 ssh2	2020-04-18 05:18:36
106.13.70.133	attackspambots	Apr 15 20:21:59 game-panel sshd[7903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.133 Apr 15 20:22:01 game-panel sshd[7903]: Failed password for invalid user ky from 106.13.70.133 port 51856 ssh2 Apr 15 20:25:54 game-panel sshd[8132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.133	2020-04-16 04:50:12
106.13.70.133	attack	20 attempts against mh-ssh on cloud	2020-04-12 00:56:16
106.13.70.145	attack	Feb 10 17:50:00 MK-Soft-VM3 sshd[7579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.145 Feb 10 17:50:02 MK-Soft-VM3 sshd[7579]: Failed password for invalid user bvx from 106.13.70.145 port 43058 ssh2 ...	2020-02-11 02:18:15
106.13.70.145	attack	Feb 7 13:26:22 auw2 sshd\[26825\]: Invalid user jxi from 106.13.70.145 Feb 7 13:26:22 auw2 sshd\[26825\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.145 Feb 7 13:26:24 auw2 sshd\[26825\]: Failed password for invalid user jxi from 106.13.70.145 port 40788 ssh2 Feb 7 13:29:24 auw2 sshd\[27095\]: Invalid user ghg from 106.13.70.145 Feb 7 13:29:24 auw2 sshd\[27095\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.145	2020-02-08 11:10:56
106.13.70.145	attack	Unauthorized connection attempt detected from IP address 106.13.70.145 to port 2220 [J]	2020-01-19 16:05:58
106.13.70.29	attackspam	Invalid user difeo from 106.13.70.29 port 38390	2020-01-02 14:05:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.70.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9928
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.70.63.			IN	A

;; AUTHORITY SECTION:
.			546	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032402 1800 900 604800 86400

;; Query time: 152 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 25 09:34:30 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 63.70.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 63.70.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
190.13.173.67	attackspam	Mar 23 00:22:58 silence02 sshd[11246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.13.173.67 Mar 23 00:23:00 silence02 sshd[11246]: Failed password for invalid user jv from 190.13.173.67 port 38132 ssh2 Mar 23 00:28:00 silence02 sshd[11512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.13.173.67	2020-03-23 07:39:28
5.135.165.138	attackspambots	Invalid user qscand from 5.135.165.138 port 53728	2020-03-23 07:11:27
185.221.135.138	attackbots	[2020-03-22 17:57:06] NOTICE[1148][C-00014bac] chan_sip.c: Call from '' (185.221.135.138:5070) to extension '8011972598087932' rejected because extension not found in context 'public'. [2020-03-22 17:57:06] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-22T17:57:06.573-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="8011972598087932",SessionID="0x7fd82c43c848",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.221.135.138/5070",ACLName="no_extension_match" [2020-03-22 18:04:45] NOTICE[1148][C-00014bb8] chan_sip.c: Call from '' (185.221.135.138:5081) to extension '1011972598087932' rejected because extension not found in context 'public'. [2020-03-22 18:04:45] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-22T18:04:45.728-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="1011972598087932",SessionID="0x7fd82c7969d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IP ...	2020-03-23 07:49:36
49.235.90.120	attackspam	Mar 22 23:05:12 ourumov-web sshd\[23555\]: Invalid user nakashima from 49.235.90.120 port 44512 Mar 22 23:05:12 ourumov-web sshd\[23555\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.90.120 Mar 22 23:05:14 ourumov-web sshd\[23555\]: Failed password for invalid user nakashima from 49.235.90.120 port 44512 ssh2 ...	2020-03-23 07:14:52
198.46.242.175	attack	Mar 22 19:49:47 firewall sshd[29172]: Invalid user cmsftp from 198.46.242.175 Mar 22 19:49:48 firewall sshd[29172]: Failed password for invalid user cmsftp from 198.46.242.175 port 33140 ssh2 Mar 22 19:56:19 firewall sshd[29574]: Invalid user cmsftp from 198.46.242.175 ...	2020-03-23 07:20:50
96.44.162.83	attack	2020-03-22 17:04:27 H=(Rweydoaq3M) [96.44.162.83]:63613 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed 2020-03-22 17:04:42 dovecot_login authenticator failed for (24kZuX) [96.44.162.83]:51416 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=bison@lerctr.org) 2020-03-22 17:04:59 dovecot_login authenticator failed for (g119nTBbmv) [96.44.162.83]:53254 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=bison@lerctr.org) ...	2020-03-23 07:33:43
218.92.0.172	attack	2020-03-23T00:26:37.989024vps773228.ovh.net sshd[8422]: Failed password for root from 218.92.0.172 port 12356 ssh2 2020-03-23T00:26:41.483696vps773228.ovh.net sshd[8422]: Failed password for root from 218.92.0.172 port 12356 ssh2 2020-03-23T00:26:45.388223vps773228.ovh.net sshd[8422]: Failed password for root from 218.92.0.172 port 12356 ssh2 2020-03-23T00:26:48.510979vps773228.ovh.net sshd[8422]: Failed password for root from 218.92.0.172 port 12356 ssh2 2020-03-23T00:26:52.042928vps773228.ovh.net sshd[8422]: Failed password for root from 218.92.0.172 port 12356 ssh2 ...	2020-03-23 07:45:19
13.233.114.178	attackspam	RDP Bruteforce	2020-03-23 07:23:12
114.233.71.221	attack	ICMP MH Probe, Scan /Distributed -	2020-03-23 07:24:47
221.8.91.3	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-23 07:38:15
112.35.0.252	attackspam	SSH Brute-Force Attack	2020-03-23 07:25:37
222.186.180.41	attack	Mar 23 04:42:35 gw1 sshd[486]: Failed password for root from 222.186.180.41 port 24118 ssh2 Mar 23 04:42:43 gw1 sshd[486]: Failed password for root from 222.186.180.41 port 24118 ssh2 ...	2020-03-23 07:43:26
2.228.163.157	attackspambots	Mar 22 18:59:15 Tower sshd[34687]: Connection from 2.228.163.157 port 56236 on 192.168.10.220 port 22 rdomain "" Mar 22 18:59:16 Tower sshd[34687]: Invalid user fgxu from 2.228.163.157 port 56236 Mar 22 18:59:16 Tower sshd[34687]: error: Could not get shadow information for NOUSER Mar 22 18:59:16 Tower sshd[34687]: Failed password for invalid user fgxu from 2.228.163.157 port 56236 ssh2 Mar 22 18:59:16 Tower sshd[34687]: Received disconnect from 2.228.163.157 port 56236:11: Bye Bye [preauth] Mar 22 18:59:16 Tower sshd[34687]: Disconnected from invalid user fgxu 2.228.163.157 port 56236 [preauth]	2020-03-23 07:41:25
179.184.152.39	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-23 07:29:20
77.79.134.90	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-23 07:50:07

最近上报的IP列表

176.210.5.219	122.225.21.142	13.47.122.75	186.170.47.96
170.219.74.133	200.68.140.56	245.127.121.165	241.252.46.129
57.184.192.72	70.37.91.244	152.44.50.79	105.126.30.142
85.33.25.223	138.51.152.3	78.189.213.245	249.190.228.248
123.113.187.136	192.195.94.168	51.83.236.19	36.5.132.162