Go
106.13.70.63
is a
Hacker
100 %
China
Report Abuse
172attacks reported
124Brute-ForceSSH
13SSH
13Brute-Force
7uncategorized
3Port ScanBrute-ForceSSH
3HackingBrute-ForceSSH
3FTP Brute-ForceHacking
2DDoS AttackPort ScanBrute-ForceWeb App AttackSSH
1Port ScanHackingBrute-ForceSSH
1Web App Attack
...
from 89 distinct reporters
and 8 distinct sources : BadIPs.com, Blocklist.de, FireHOL, GreenSnow.co, Charles Haley, VoIPBL.org, darklist.de, AbuseIPDB
106.13.70.63 was first signaled at 2019-04-05 02:09 and last record was at 2020-08-03 12:51.
IP

106.13.70.63

Localisation
China
Beijing, Beijing
NetRange : First & Last IP
106.12.0.0 - 106.13.255.255
Network CIDR
106.12.0.0/15

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2020-08-01 13:02 attacks Brute-ForceSSH AbuseIPDB Invalid user chihlun
2020-08-01 09:44 attacks Brute-ForceSSH AbuseIPDB 2020-08-01T18:40:45.906777shield sshd\[2860\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63
2020-08-01 09:29 attacks Brute-ForceSSH AbuseIPDB 2020-08-01T18:25:58.213333shield sshd\[32202\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.6
2020-08-01 09:15 attacks Brute-ForceSSH AbuseIPDB 2020-08-01T18:12:30.994529shield sshd\[28913\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.6
2020-08-01 09:02 attacks Brute-ForceSSH AbuseIPDB 2020-08-01T17:58:31.213790shield sshd\[24627\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.6
2020-08-01 08:47 attacks Brute-ForceSSH AbuseIPDB 2020-08-01T17:44:08.343569shield sshd\[20298\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.6
2020-08-01 08:33 attacks Brute-ForceSSH AbuseIPDB 2020-08-01T17:29:12.504789shield sshd\[16769\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.6
2020-08-01 08:17 attacks Brute-ForceSSH AbuseIPDB 2020-08-01T17:13:40.728939shield sshd\[13349\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.6
2020-08-01 08:02 attacks Brute-ForceSSH AbuseIPDB 2020-08-01T16:58:07.792613shield sshd\[7890\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63
2020-08-01 07:48 attacks Brute-ForceSSH AbuseIPDB 2020-08-01T16:43:54.074753shield sshd\[4249\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63
2020-08-01 07:33 attacks Brute-ForceSSH AbuseIPDB 2020-08-01T16:29:23.612338shield sshd\[833\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63
2020-08-01 07:19 attacks Brute-ForceSSH AbuseIPDB fail2ban -- 106.13.70.63
2020-08-01 07:19 attacks SSH AbuseIPDB sshd
2020-08-01 07:18 attacks Brute-ForceSSH AbuseIPDB 2020-08-01T16:14:38.269958shield sshd\[28649\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.6
2020-08-01 04:34 attacks Brute-ForceSSH AbuseIPDB Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-01T13:25:25Z and 2020-08-01T13:34:33Z
2020-08-01 04:18 attacks Brute-ForceSSH AbuseIPDB Aug 1 15:09:13 serwer sshd\[26741\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 user=root
2020-07-31 19:17 attacks Brute-ForceSSH AbuseIPDB 2020-08-01T04:17:11.356727vps-d63064a2 sshd[191844]: User root from 106.13.70.63 not allowed because not listed in AllowUsers 2020-08-01T04:17:11.3762
2020-07-31 17:27 attacks Brute-ForceSSH AbuseIPDB  
2020-07-31 16:44 attacks Brute-ForceSSH AbuseIPDB Aug 1 03:44:57 lnxweb61 sshd[5849]: Failed password for root from 106.13.70.63 port 53910 ssh2 Aug 1 03:44:57 lnxweb61 sshd[5849]: Failed password for
2020-07-31 16:07 attacks Brute-ForceSSH AbuseIPDB Aug 1 02:59:47 lnxweb61 sshd[30707]: Failed password for root from 106.13.70.63 port 48720 ssh2 Aug 1 03:03:38 lnxweb61 sshd[2336]: Failed password fo
2020-07-31 15:56 attacks Brute-ForceSSH AbuseIPDB SSH bruteforce
2020-07-31 10:19 attacks Brute-ForceSSH AbuseIPDB 2020-07-31T22:18:03.676708snf-827550 sshd[25195]: Failed password for root from 106.13.70.63 port 55410 ssh2 2020-07-31T22:19:02.440926snf-827550 sshd
2020-07-30 17:18 attacks Brute-Force AbuseIPDB Fail2Ban Ban Triggered (2)
2020-07-30 17:15 attacks Brute-ForceSSH AbuseIPDB Fail2Ban
2020-07-30 11:00 attacks Brute-ForceSSH AbuseIPDB Jul 30 21:44:09 h2646465 sshd[21529]: Invalid user zhangyansen from 106.13.70.63 Jul 30 21:44:09 h2646465 sshd[21529]: pam_unix(sshd:auth): authentica
2020-07-30 03:35 attacks Brute-ForceSSH AbuseIPDB  
2020-07-29 20:03 attacks SSH AbuseIPDB  
2020-07-29 14:11 attacks Brute-ForceSSH AbuseIPDB Jul 30 01:11:14 vm0 sshd[31194]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 Jul 30 01:11:16
2020-07-29 11:11 attacks Brute-Force AbuseIPDB Jul 29 21:56:32 root sshd[22592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 Jul 29 21:56:3
2020-07-29 10:59 attacks Brute-ForceSSH AbuseIPDB Jul 30 05:59:32 NG-HHDC-SVS-001 sshd[3384]: Invalid user lhy from 106.13.70.63
2020-07-29 05:06 attacks Brute-ForceSSH AbuseIPDB Jul 29 21:00:58 itv-usvr-01 sshd[16179]: Invalid user lxi from 106.13.70.63 Jul 29 21:00:58 itv-usvr-01 sshd[16179]: pam_unix(sshd:auth): authenticati
2020-07-29 01:55 attacks Brute-ForceSSH AbuseIPDB Jul 29 03:49:48 pixelmemory sshd[3363666]: Invalid user nnw from 106.13.70.63 port 58948 Jul 29 03:49:48 pixelmemory sshd[3363666]: pam_unix(sshd:auth
2020-07-28 22:13 attacks Brute-ForceSSH AbuseIPDB Jul 29 09:13:16 mout sshd[19991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 Jul 29 09:13:1
2020-07-28 21:54 attacks Brute-ForceSSH AbuseIPDB Jul 29 08:54:36 mout sshd[18069]: Invalid user prometheus from 106.13.70.63 port 46998 Jul 29 08:54:37 mout sshd[18069]: Failed password for invalid u
2020-07-28 16:53 attacks Brute-ForceSSH AbuseIPDB Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-07-29T01:10:47Z and 2020-07-29T01:53:14Z
2020-07-28 16:16 attacks Brute-ForceSSH AbuseIPDB 20 attempts against mh-ssh on echoip
2020-07-28 13:41 attacks Brute-ForceSSH AbuseIPDB Repeated brute force against a port
2020-07-28 10:46 attacks Brute-ForceSSH AbuseIPDB SSH BruteForce Attack
2020-07-28 09:54 attacks Brute-ForceSSH AbuseIPDB SSH invalid-user multiple login attempts
2020-07-28 09:40 attacks Brute-ForceSSH AbuseIPDB bruteforce detected
2020-07-28 03:48 attacks Brute-ForceSSH AbuseIPDB 2020-07-28T14:46:11.794017vps751288.ovh.net sshd\[9102\]: Invalid user was_adm from 106.13.70.63 port 34192 2020-07-28T14:46:11.800515vps751288.ovh.ne
2020-07-28 02:44 attacks Brute-ForceSSH AbuseIPDB 2020-07-28T13:38:22.619494vps751288.ovh.net sshd\[8615\]: Invalid user baiyaxuan from 106.13.70.63 port 34882 2020-07-28T13:38:22.624503vps751288.ovh.
2020-07-28 02:08 attacks Brute-ForceSSH AbuseIPDB Jul 28 13:05:44 piServer sshd[30417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 Jul 28 13:
2020-07-28 01:40 attacks Brute-ForceSSH AbuseIPDB Jul 28 12:38:38 piServer sshd[27265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 Jul 28 12:
2020-07-28 01:13 attacks Brute-ForceSSH AbuseIPDB Jul 28 12:11:26 piServer sshd[24215]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 Jul 28 12:
2020-07-28 00:46 attacks Brute-ForceSSH AbuseIPDB Jul 28 11:44:16 piServer sshd[21059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 Jul 28 11:
2020-07-28 00:20 attacks Brute-Force AbuseIPDB (sshd) Failed SSH login from 106.13.70.63 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 28 11:14:06 a
2020-07-28 00:18 attacks Brute-ForceSSH AbuseIPDB Jul 28 11:14:40 piServer sshd[17504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 Jul 28 11:
2020-07-28 00:17 attacks Brute-ForceSSH AbuseIPDB Jul 28 11:10:33 roki-contabo sshd\[12482\]: Invalid user zhoujianglong from 106.13.70.63 Jul 28 11:10:33 roki-contabo sshd\[12482\]: pam_unix\(sshd:au
2020-07-28 00:13 attacks Brute-ForceSSH AbuseIPDB Jul 28 11:13:08 vm1 sshd[13316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 Jul 28 11:13:10
2019-04-05 02:09 attacks Brute-ForceSSH AbuseIPDB Apr 5 11:08:44 ip-172-31-1-72 sshd\[30889\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 u
2019-04-05 02:32 attacks FTP Brute-ForceHacking AbuseIPDB Apr 5 11:08:44 ip-172-31-1-72 sshd[30889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 user=r
2019-04-05 22:09 attacks Brute-ForceSSH AbuseIPDB Apr 6 07:09:11 mail sshd\[31704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 user=root A
2019-04-06 10:02 attacks HackingBrute-ForceSSH AbuseIPDB SSH/22 MH Probe, BF, Hack -
2019-04-07 01:54 attacks FTP Brute-ForceHacking AbuseIPDB Apr 5 11:08:44 ip-172-31-1-72 sshd[30889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 user=r
2019-04-08 00:13 attacks HackingBrute-ForceSSH AbuseIPDB SSH/22 MH Probe, BF, Hack -
2019-04-08 21:08 attacks Brute-ForceSSH AbuseIPDB Apr 9 06:08:03 localhost sshd\[57863\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 user=r
2019-04-09 14:26 attacks Brute-Force AbuseIPDB Apr 9 19:26:31 bilbo sshd\[22864\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 user=root\
2019-04-10 00:05 attacks Brute-ForceSSH AbuseIPDB Apr 10 11:05:24 vpn01 sshd\[2553\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 user=root
2019-04-11 20:33 attacks FTP Brute-ForceHacking AbuseIPDB Apr 9 21:03:48 xb3 sshd[19840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.63 user=r.r Apr 9 21
2020-07-31 15:56 attacks bi_any_0_1d BadIPs.com  
2020-07-31 15:56 attacks SSH bi_sshd_0_1d BadIPs.com  
2020-07-31 15:57 attacks SSH bi_ssh_0_1d BadIPs.com  
2020-07-31 15:57 attacks blocklist_de Blocklist.de  
2020-07-31 15:57 attacks SSH blocklist_de_ssh Blocklist.de  
2020-07-31 16:01 attacks firehol_level2 FireHOL  
2020-07-31 16:02 attacks firehol_level4 FireHOL  
2020-07-31 16:10 attacks greensnow GreenSnow.co  
2020-07-31 16:10 attacks SSH haley_ssh Charles Haley  
2020-07-31 16:24 attacks Fraud VoIP voipbl VoIPBL.org  
2020-08-03 12:51 attacks SSH bi_ssh-ddos_0_1d BadIPs.com  
2019-09-03 03:47 attacks darklist_de darklist.de  
2019-08-20 17:20 attacks darklist_de darklist.de  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse
IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
anonymizer
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
attacks
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
malware
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

inetnum: 106.12.0.0 - 106.13.255.255
netname: Baidu
descr: Beijing Baidu Netcom Science and Technology Co., Ltd.
descr: Baidu Plaza, No.10, Shangdi 10th street,
descr: Haidian District Beijing,100080
admin-c: SD753-AP
tech-c: SD753-AP
country: CN
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
mnt-routes: MAINT-CNNIC-AP
status: ALLOCATED PORTABLE
last-modified: 2015-01-28T09:58:01Z
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
last-modified: 2017-11-01T08:57:39Z
source: APNIC

person: Supeng Deng
nic-hdl: SD753-AP
address: No.6 2nd North Street Haidian District Beijing
country: CN
phone: +86-10-58003402
fax-no: +86-10-58003402
e-mail: zhangyukun@baidu.com
mnt-by: MAINT-CNNIC-AP
last-modified: 2016-11-01T08:04:01Z
source: APNIC

route: 106.13.0.0/18
descr: Baidu
country: CN
origin: AS38365
notify: zhangyukun@baidu.com
mnt-by: MAINT-CNNIC-AP
last-modified: 2018-11-14T23:46:02Z
source: APNIC

route: 106.13.0.0/18
descr: Baidu
country: CN
origin: AS55967
notify: zhangyukun@baidu.com
mnt-by: MAINT-CNNIC-AP
last-modified: 2018-11-14T23:46:02Z
source: APNIC
most specific ip range is highlighted
Updated : 2020-08-02