106.13.61.93 - IPInfo

Basic Info

City: unknown

Region: Beijing

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: Beijing Baidu Netcom Science and Technology Co., Ltd.

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
106.13.61.120	attackspam	Invalid user eva from 106.13.61.120 port 42178	2020-10-04 02:15:28
106.13.61.120	attack	2020-10-03T04:54:48.396393yoshi.linuxbox.ninja sshd[3004635]: Failed password for invalid user ping from 106.13.61.120 port 58002 ssh2 2020-10-03T04:57:55.580274yoshi.linuxbox.ninja sshd[3006454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.61.120 user=backup 2020-10-03T04:57:57.630428yoshi.linuxbox.ninja sshd[3006454]: Failed password for backup from 106.13.61.120 port 40414 ssh2 ...	2020-10-03 18:00:46
106.13.61.165	attackbots	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-11 01:26:55
106.13.61.165	attackbotsspam	Jul 28 07:49:31 mout sshd[26843]: Invalid user chris from 106.13.61.165 port 45356	2020-07-28 16:03:03
106.13.61.165	attackbots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-28 04:56:19
106.13.61.165	attack	DATE:2020-07-17 20:39:10,IP:106.13.61.165,MATCHES:11,PORT:ssh	2020-07-18 03:59:34
106.13.61.165	attackspam	Jun 20 06:24:23 [host] sshd[8584]: Invalid user in Jun 20 06:24:23 [host] sshd[8584]: pam_unix(sshd:a Jun 20 06:24:25 [host] sshd[8584]: Failed password	2020-06-20 14:29:56
106.13.61.165	attackbotsspam	2020-06-18T15:18:12.551768mail.standpoint.com.ua sshd[7991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.61.165 2020-06-18T15:18:12.549148mail.standpoint.com.ua sshd[7991]: Invalid user ts from 106.13.61.165 port 36382 2020-06-18T15:18:14.416198mail.standpoint.com.ua sshd[7991]: Failed password for invalid user ts from 106.13.61.165 port 36382 ssh2 2020-06-18T15:21:49.447186mail.standpoint.com.ua sshd[8541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.61.165 user=root 2020-06-18T15:21:51.436879mail.standpoint.com.ua sshd[8541]: Failed password for root from 106.13.61.165 port 57162 ssh2 ...	2020-06-19 02:09:53
106.13.61.165	attackspam	2020-05-31T18:05:41.135818 sshd[25942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.61.165 user=root 2020-05-31T18:05:43.229505 sshd[25942]: Failed password for root from 106.13.61.165 port 38300 ssh2 2020-05-31T18:09:20.175707 sshd[26008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.61.165 user=root 2020-05-31T18:09:22.333451 sshd[26008]: Failed password for root from 106.13.61.165 port 40772 ssh2 ...	2020-06-01 03:24:14
106.13.61.165	attack	2020-05-27T20:14:12.824686vps773228.ovh.net sshd[26624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.61.165 user=root 2020-05-27T20:14:14.977548vps773228.ovh.net sshd[26624]: Failed password for root from 106.13.61.165 port 43480 ssh2 2020-05-27T20:17:57.148689vps773228.ovh.net sshd[26657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.61.165 user=root 2020-05-27T20:17:58.856997vps773228.ovh.net sshd[26657]: Failed password for root from 106.13.61.165 port 41404 ssh2 2020-05-27T20:21:40.139584vps773228.ovh.net sshd[26696]: Invalid user avahi from 106.13.61.165 port 39320 ...	2020-05-28 03:17:59
106.13.61.165	attack	May 22 01:55:06 firewall sshd[4886]: Invalid user lgx from 106.13.61.165 May 22 01:55:08 firewall sshd[4886]: Failed password for invalid user lgx from 106.13.61.165 port 56874 ssh2 May 22 01:59:28 firewall sshd[5038]: Invalid user mtq from 106.13.61.165 ...	2020-05-22 15:48:45
106.13.61.165	attack	May 21 01:54:08 buvik sshd[26409]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.61.165 May 21 01:54:10 buvik sshd[26409]: Failed password for invalid user oyr from 106.13.61.165 port 49828 ssh2 May 21 02:04:08 buvik sshd[28148]: Invalid user bhu from 106.13.61.165 ...	2020-05-21 08:08:20
106.13.61.165	attack	May 8 06:58:17 saturn sshd[92613]: Invalid user grid from 106.13.61.165 port 46948 May 8 06:58:18 saturn sshd[92613]: Failed password for invalid user grid from 106.13.61.165 port 46948 ssh2 May 8 07:07:36 saturn sshd[93020]: Invalid user ac from 106.13.61.165 port 37230 ...	2020-05-08 18:11:48
106.13.61.56	attackbots	Apr 11 19:28:34 icinga sshd[1509]: Failed password for root from 106.13.61.56 port 60726 ssh2 Apr 11 19:40:15 icinga sshd[29905]: Failed password for root from 106.13.61.56 port 54195 ssh2 ...	2020-04-12 02:25:36
106.13.61.169	attackbotsspam	2020-03-13T09:39:35.104846scmdmz1 sshd[20827]: Failed password for invalid user jinheon from 106.13.61.169 port 58898 ssh2 2020-03-13T09:48:04.910359scmdmz1 sshd[21902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.61.169 user=root 2020-03-13T09:48:06.373266scmdmz1 sshd[21902]: Failed password for root from 106.13.61.169 port 41688 ssh2 ...	2020-03-13 17:05:37

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.61.93
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63300
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.61.93.			IN	A

;; AUTHORITY SECTION:
.			3494	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041500 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 15 16:08:12 +08 2019
;; MSG SIZE  rcvd: 116

Host info

Host 93.61.13.106.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.3, trying next server
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 93.61.13.106.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.70.72.103	attack	/var/log/messages:Nov 11 07:32:33 sanyalnet-cloud-vps2 fail2ban.actions[1247]: NOTICE [sshd] Unban 118.70.72.103 /var/log/messages:Nov 11 20:08:29 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1573502909.341:175243): pid=21508 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=21509 suid=74 rport=36308 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=118.70.72.103 terminal=? res=success' /var/log/messages:Nov 11 20:08:29 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1573502909.345:175244): pid=21508 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=21509 suid=74 rport=36308 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=118.70.72.103 ter........ -------------------------------	2019-11-12 16:39:44
46.229.214.228	attackspambots	Triggered: repeated knocking on closed ports.	2019-11-12 16:33:36
151.66.71.64	attackspambots	C1,WP GET /wp-login.php	2019-11-12 16:23:28
84.0.233.156	attackbots	Fail2Ban Ban Triggered	2019-11-12 16:17:01
118.24.38.12	attackspambots	Nov 12 08:34:05 * sshd[3102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.38.12 Nov 12 08:34:07 * sshd[3102]: Failed password for invalid user girbal from 118.24.38.12 port 47643 ssh2	2019-11-12 16:16:02
103.192.76.205	attackspam	SSH invalid-user multiple login try	2019-11-12 16:29:21
109.88.66.186	attackspam	Nov 11 13:42:16 vpxxxxxxx22308 sshd[10766]: Invalid user pi from 109.88.66.186 Nov 11 13:42:16 vpxxxxxxx22308 sshd[10765]: Invalid user pi from 109.88.66.186 Nov 11 13:42:16 vpxxxxxxx22308 sshd[10766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.88.66.186 Nov 11 13:42:16 vpxxxxxxx22308 sshd[10765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.88.66.186 Nov 11 13:42:18 vpxxxxxxx22308 sshd[10766]: Failed password for invalid user pi from 109.88.66.186 port 52948 ssh2 Nov 11 13:42:18 vpxxxxxxx22308 sshd[10765]: Failed password for invalid user pi from 109.88.66.186 port 52942 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=109.88.66.186	2019-11-12 16:41:46
61.163.190.49	attackspambots	Nov 12 07:26:19 vserver sshd\[31897\]: Invalid user chela from 61.163.190.49Nov 12 07:26:21 vserver sshd\[31897\]: Failed password for invalid user chela from 61.163.190.49 port 51768 ssh2Nov 12 07:30:17 vserver sshd\[31908\]: Invalid user rucci from 61.163.190.49Nov 12 07:30:18 vserver sshd\[31908\]: Failed password for invalid user rucci from 61.163.190.49 port 56897 ssh2 ...	2019-11-12 16:31:37
216.151.180.102	attack	216.151.180.102 - - \[12/Nov/2019:06:30:24 +0000\] "POST /wp-login.php HTTP/1.1" 200 4285 "https://www.karma.net/wp-login.php" "Mozilla/5.0 \(Windows\; U\; Windows NT 6.1\; en-US\) AppleWebKit/534.10 \(KHTML, like Gecko\) Chrome/8.0.552.224 Safari/534.10" 216.151.180.102 - - \[12/Nov/2019:06:30:25 +0000\] "POST /wp-login.php HTTP/1.1" 200 4320 "https://www.karma.net/wp-login.php" "Mozilla/5.0 \(Windows\; U\; Windows NT 6.1\; en-US\) AppleWebKit/534.10 \(KHTML, like Gecko\) Chrome/8.0.552.224 Safari/534.10" ...	2019-11-12 16:19:45
45.227.253.141	attackbots	Nov 12 09:36:36 relay postfix/smtpd\[32417\]: warning: unknown\[45.227.253.141\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 12 09:40:08 relay postfix/smtpd\[2524\]: warning: unknown\[45.227.253.141\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 12 09:40:15 relay postfix/smtpd\[32417\]: warning: unknown\[45.227.253.141\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 12 09:44:12 relay postfix/smtpd\[14650\]: warning: unknown\[45.227.253.141\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 12 09:44:19 relay postfix/smtpd\[14058\]: warning: unknown\[45.227.253.141\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-11-12 16:49:59
77.40.40.140	attackbotsspam	Nov 12 06:25:04 mailserver postfix/smtpd[93212]: warning: unknown[77.40.40.140]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 12 06:25:04 mailserver postfix/smtpd[93212]: disconnect from unknown[77.40.40.140] Nov 12 09:28:37 mailserver postfix/smtps/smtpd[94749]: warning: hostname 140.40.pppoe.mari-el.ru does not resolve to address 77.40.40.140: hostname nor servname provided, or not known Nov 12 09:28:37 mailserver postfix/smtps/smtpd[94749]: connect from unknown[77.40.40.140] Nov 12 09:28:38 mailserver dovecot: auth-worker(94689): sql([hidden],77.40.40.140): unknown user Nov 12 09:28:40 mailserver postfix/smtps/smtpd[94749]: warning: unknown[77.40.40.140]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 12 09:28:40 mailserver postfix/smtps/smtpd[94749]: disconnect from unknown[77.40.40.140] Nov 12 09:28:42 mailserver postfix/smtpd[94706]: warning: hostname 140.40.pppoe.mari-el.ru does not resolve to address 77.40.40.140: hostname nor servname provided, or not known Nov 12 09:28:42 mailserver postfi	2019-11-12 16:31:09
83.172.105.208	attack	11/12/2019-07:29:32.993908 83.172.105.208 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 87	2019-11-12 16:53:15
85.128.142.78	attack	schuetzenmusikanten.de 85.128.142.78 \[12/Nov/2019:07:30:12 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4285 "-" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/60.0.3112.113 Safari/537.36" SCHUETZENMUSIKANTEN.DE 85.128.142.78 \[12/Nov/2019:07:30:12 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4285 "-" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/60.0.3112.113 Safari/537.36"	2019-11-12 16:30:29
87.250.109.174	attackbots	Chat Spam	2019-11-12 16:47:05
207.246.240.97	attack	schuetzenmusikanten.de 207.246.240.97 \[12/Nov/2019:07:29:32 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4280 "-" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/60.0.3112.113 Safari/537.36" SCHUETZENMUSIKANTEN.DE 207.246.240.97 \[12/Nov/2019:07:29:32 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4280 "-" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/60.0.3112.113 Safari/537.36"	2019-11-12 16:52:21

Recently Reported IPs

58.20.51.220	68.183.144.111	106.12.124.187	60.182.189.229
160.119.112.19	104.238.72.37	185.156.177.153	104.232.74.10
222.209.189.109	49.76.11.9	104.196.210.81	123.207.137.176
192.99.36.151	103.97.3.212	103.97.3.169	103.86.49.17
178.128.52.12	103.66.217.204	51.75.126.36	103.240.180.198