106.13.34.178 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Nov 30 16:12:00 mout sshd[22183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.178 user=root Nov 30 16:12:02 mout sshd[22183]: Failed password for root from 106.13.34.178 port 54436 ssh2	2019-12-01 00:25:56
attackspam	Nov 9 11:43:32 tux-35-217 sshd\[19850\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.178 user=root Nov 9 11:43:33 tux-35-217 sshd\[19850\]: Failed password for root from 106.13.34.178 port 34962 ssh2 Nov 9 11:48:31 tux-35-217 sshd\[19881\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.178 user=root Nov 9 11:48:33 tux-35-217 sshd\[19881\]: Failed password for root from 106.13.34.178 port 41166 ssh2 ...	2019-11-09 19:11:19
attackbotsspam	Nov 5 06:24:54 localhost sshd\[121303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.178 user=root Nov 5 06:24:56 localhost sshd\[121303\]: Failed password for root from 106.13.34.178 port 59820 ssh2 Nov 5 06:30:22 localhost sshd\[121531\]: Invalid user ts3 from 106.13.34.178 port 40196 Nov 5 06:30:22 localhost sshd\[121531\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.178 Nov 5 06:30:24 localhost sshd\[121531\]: Failed password for invalid user ts3 from 106.13.34.178 port 40196 ssh2 ...	2019-11-05 15:05:27
attackbots	2019-10-26T06:36:47.668158shield sshd\[25538\]: Invalid user pixmet2003 from 106.13.34.178 port 45356 2019-10-26T06:36:47.675658shield sshd\[25538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.178 2019-10-26T06:36:49.854831shield sshd\[25538\]: Failed password for invalid user pixmet2003 from 106.13.34.178 port 45356 ssh2 2019-10-26T06:42:14.086732shield sshd\[26932\]: Invalid user pentaho1 from 106.13.34.178 port 52650 2019-10-26T06:42:14.092835shield sshd\[26932\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.178	2019-10-26 14:59:31

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.34.131	attackbots	Oct 12 20:57:55 rotator sshd\[28581\]: Invalid user vandusen from 106.13.34.131Oct 12 20:57:58 rotator sshd\[28581\]: Failed password for invalid user vandusen from 106.13.34.131 port 48250 ssh2Oct 12 21:01:17 rotator sshd\[29358\]: Failed password for root from 106.13.34.131 port 46053 ssh2Oct 12 21:04:26 rotator sshd\[29392\]: Invalid user ruben from 106.13.34.131Oct 12 21:04:28 rotator sshd\[29392\]: Failed password for invalid user ruben from 106.13.34.131 port 43838 ssh2Oct 12 21:07:38 rotator sshd\[30154\]: Invalid user leonel from 106.13.34.131 ...	2020-10-13 04:24:39
106.13.34.131	attack	2020-10-11T17:52:37.6312981495-001 sshd[27285]: Failed password for invalid user asterisk from 106.13.34.131 port 48463 ssh2 2020-10-11T17:56:00.4540001495-001 sshd[27439]: Invalid user rivera from 106.13.34.131 port 48468 2020-10-11T17:56:00.4601891495-001 sshd[27439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.131 2020-10-11T17:56:00.4540001495-001 sshd[27439]: Invalid user rivera from 106.13.34.131 port 48468 2020-10-11T17:56:02.0510661495-001 sshd[27439]: Failed password for invalid user rivera from 106.13.34.131 port 48468 ssh2 2020-10-11T17:59:21.3332791495-001 sshd[27650]: Invalid user baerbel from 106.13.34.131 port 48481 ...	2020-10-12 20:03:30
106.13.34.131	attack	Oct 10 20:15:12 ns382633 sshd\[4581\]: Invalid user web74 from 106.13.34.131 port 17944 Oct 10 20:15:12 ns382633 sshd\[4581\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.131 Oct 10 20:15:14 ns382633 sshd\[4581\]: Failed password for invalid user web74 from 106.13.34.131 port 17944 ssh2 Oct 10 20:30:44 ns382633 sshd\[8618\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.131 user=root Oct 10 20:30:47 ns382633 sshd\[8618\]: Failed password for root from 106.13.34.131 port 55812 ssh2	2020-10-11 03:50:44
106.13.34.131	attackbots	3x Failed Password	2020-10-10 19:44:57
106.13.34.173	attackspambots	SSH login attempts.	2020-10-10 14:34:16
106.13.34.173	attackbots	Oct 9 04:56:40 Tower sshd[15139]: Connection from 106.13.34.173 port 45186 on 192.168.10.220 port 22 rdomain "" Oct 9 04:56:43 Tower sshd[15139]: Invalid user cron from 106.13.34.173 port 45186 Oct 9 04:56:43 Tower sshd[15139]: error: Could not get shadow information for NOUSER Oct 9 04:56:43 Tower sshd[15139]: Failed password for invalid user cron from 106.13.34.173 port 45186 ssh2 Oct 9 04:56:43 Tower sshd[15139]: Received disconnect from 106.13.34.173 port 45186:11: Bye Bye [preauth] Oct 9 04:56:43 Tower sshd[15139]: Disconnected from invalid user cron 106.13.34.173 port 45186 [preauth]	2020-10-10 02:04:48
106.13.34.173	attack	Oct 9 04:56:40 Tower sshd[15139]: Connection from 106.13.34.173 port 45186 on 192.168.10.220 port 22 rdomain "" Oct 9 04:56:43 Tower sshd[15139]: Invalid user cron from 106.13.34.173 port 45186 Oct 9 04:56:43 Tower sshd[15139]: error: Could not get shadow information for NOUSER Oct 9 04:56:43 Tower sshd[15139]: Failed password for invalid user cron from 106.13.34.173 port 45186 ssh2 Oct 9 04:56:43 Tower sshd[15139]: Received disconnect from 106.13.34.173 port 45186:11: Bye Bye [preauth] Oct 9 04:56:43 Tower sshd[15139]: Disconnected from invalid user cron 106.13.34.173 port 45186 [preauth]	2020-10-09 17:49:29
106.13.34.131	attack	2020-10-07T20:23:58.357847abusebot-4.cloudsearch.cf sshd[30782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.131 user=root 2020-10-07T20:24:00.347950abusebot-4.cloudsearch.cf sshd[30782]: Failed password for root from 106.13.34.131 port 62319 ssh2 2020-10-07T20:27:00.332360abusebot-4.cloudsearch.cf sshd[30809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.131 user=root 2020-10-07T20:27:01.971592abusebot-4.cloudsearch.cf sshd[30809]: Failed password for root from 106.13.34.131 port 54788 ssh2 2020-10-07T20:29:48.407884abusebot-4.cloudsearch.cf sshd[30835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.131 user=root 2020-10-07T20:29:50.112170abusebot-4.cloudsearch.cf sshd[30835]: Failed password for root from 106.13.34.131 port 47229 ssh2 2020-10-07T20:32:43.941852abusebot-4.cloudsearch.cf sshd[30900]: pam_unix(sshd:auth): authe ...	2020-10-08 04:59:59
106.13.34.131	attackbots	repeated SSH login attempts	2020-10-07 21:22:50
106.13.34.131	attackbots	Oct 7 02:43:43 santamaria sshd\[24826\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.131 user=root Oct 7 02:43:45 santamaria sshd\[24826\]: Failed password for root from 106.13.34.131 port 36518 ssh2 Oct 7 02:47:37 santamaria sshd\[24874\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.131 user=root ...	2020-10-07 13:09:54
106.13.34.131	attack	(sshd) Failed SSH login from 106.13.34.131 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 1 02:33:49 optimus sshd[17333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.131 user=root Oct 1 02:33:51 optimus sshd[17333]: Failed password for root from 106.13.34.131 port 65357 ssh2 Oct 1 02:40:06 optimus sshd[19422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.131 user=root Oct 1 02:40:08 optimus sshd[19422]: Failed password for root from 106.13.34.131 port 13541 ssh2 Oct 1 02:43:28 optimus sshd[20656]: Invalid user 1 from 106.13.34.131	2020-10-01 18:14:40
106.13.34.131	attackbotsspam	$f2bV_matches	2020-09-26 06:46:54
106.13.34.131	attackspambots	2020-09-25T14:46:11.684573server.espacesoutien.com sshd[9097]: Invalid user liuhao from 106.13.34.131 port 51051 2020-09-25T14:46:11.697808server.espacesoutien.com sshd[9097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.131 2020-09-25T14:46:11.684573server.espacesoutien.com sshd[9097]: Invalid user liuhao from 106.13.34.131 port 51051 2020-09-25T14:46:13.466145server.espacesoutien.com sshd[9097]: Failed password for invalid user liuhao from 106.13.34.131 port 51051 ssh2 ...	2020-09-25 23:51:43
106.13.34.131	attackspam	Sep 25 09:02:15 rancher-0 sshd[282693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.131 user=root Sep 25 09:02:17 rancher-0 sshd[282693]: Failed password for root from 106.13.34.131 port 55863 ssh2 ...	2020-09-25 15:28:09
106.13.34.173	attackspambots	Too many connections or unauthorized access detected from Arctic banned ip	2020-09-07 15:02:26

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.34.178
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33526
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.34.178.			IN	A

;; AUTHORITY SECTION:
.			558	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102600 1800 900 604800 86400

;; Query time: 92 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 26 14:59:25 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 178.34.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 178.34.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
196.108.28.109	attackspam	Email rejected due to spam filtering	2020-02-25 04:36:51
14.175.143.66	attackspambots	Feb 24 14:14:01 mxgate1 postfix/postscreen[25508]: CONNECT from [14.175.143.66]:10736 to [176.31.12.44]:25 Feb 24 14:14:01 mxgate1 postfix/dnsblog[25509]: addr 14.175.143.66 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Feb 24 14:14:01 mxgate1 postfix/dnsblog[25512]: addr 14.175.143.66 listed by domain zen.spamhaus.org as 127.0.0.11 Feb 24 14:14:01 mxgate1 postfix/dnsblog[25512]: addr 14.175.143.66 listed by domain zen.spamhaus.org as 127.0.0.4 Feb 24 14:14:01 mxgate1 postfix/dnsblog[25513]: addr 14.175.143.66 listed by domain cbl.abuseat.org as 127.0.0.2 Feb 24 14:14:01 mxgate1 postfix/dnsblog[25511]: addr 14.175.143.66 listed by domain bl.spamcop.net as 127.0.0.2 Feb 24 14:14:01 mxgate1 postfix/dnsblog[25510]: addr 14.175.143.66 listed by domain b.barracudacentral.org as 127.0.0.2 Feb 24 14:14:07 mxgate1 postfix/postscreen[25508]: DNSBL rank 6 for [14.175.143.66]:10736 Feb x@x Feb 24 14:14:08 mxgate1 postfix/postscreen[25508]: HANGUP after 1 from [14.175.143.66]:1........ -------------------------------	2020-02-25 04:17:43
179.104.230.250	attackbots	[ssh] SSH attack	2020-02-25 04:27:18
158.51.124.152	attackspambots	Feb 24 14:21:43 pmg postfix/postscreen\[3014\]: NOQUEUE: reject: RCPT from \[158.51.124.152\]:44095: 550 5.7.1 Service unavailable\; client \[158.51.124.152\] blocked using noptr.spamrats.com\; from=\, to=\, proto=ESMTP, helo=\	2020-02-25 04:33:12
120.244.236.95	attackspam	Invalid user user from 120.244.236.95 port 4847	2020-02-25 04:28:40
42.189.21.115	attackbots	DATE:2020-02-24 14:20:15, IP:42.189.21.115, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-02-25 04:13:01
195.175.57.182	attackspam	Feb 24 14:22:21 debian-2gb-nbg1-2 kernel: \[4809741.858457\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.175.57.182 DST=195.201.40.59 LEN=52 TOS=0x00 PREC=0x00 TTL=110 ID=3572 DF PROTO=TCP SPT=52445 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0	2020-02-25 04:13:19
222.186.190.2	attackbotsspam	Feb 24 20:23:18 localhost sshd\[27847\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root Feb 24 20:23:20 localhost sshd\[27847\]: Failed password for root from 222.186.190.2 port 55986 ssh2 Feb 24 20:23:23 localhost sshd\[27847\]: Failed password for root from 222.186.190.2 port 55986 ssh2 ...	2020-02-25 04:27:46
58.222.107.253	attackbots	Feb 24 14:22:17 [snip] sshd[333]: Invalid user deploy from 58.222.107.253 port 26910 Feb 24 14:22:17 [snip] sshd[333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.222.107.253 Feb 24 14:22:19 [snip] sshd[333]: Failed password for invalid user deploy from 58.222.107.253 port 26910 ssh2[...]	2020-02-25 04:15:29
107.189.10.44	attackbots	Invalid user fake from 107.189.10.44 port 34684	2020-02-25 04:47:13
60.243.128.164	attackbots	Email rejected due to spam filtering	2020-02-25 04:18:56
106.75.4.19	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-25 04:37:44
187.32.242.217	attack	Feb 24 19:51:13 localhost sshd\[4709\]: Invalid user oracle from 187.32.242.217 Feb 24 19:55:09 localhost sshd\[5180\]: Invalid user ftpuser from 187.32.242.217 Feb 24 19:58:58 localhost sshd\[5594\]: Invalid user feedback from 187.32.242.217 ...	2020-02-25 04:14:17
115.79.141.40	attackspambots	firewall-block, port(s): 23/tcp	2020-02-25 04:49:55
103.108.187.4	attackspam	Invalid user postgres from 103.108.187.4 port 55662	2020-02-25 04:15:05

最近上报的IP列表

251.114.57.89	229.120.65.231	153.191.148.253	170.106.76.40
97.3.32.207	145.239.107.250	190.152.217.173	117.1.124.134
14.245.70.108	186.59.23.155	103.141.138.133	220.247.224.53
114.104.183.190	60.42.36.191	2.13.220.63	112.175.124.134
6.45.39.177	183.96.13.8	113.227.175.122	109.242.197.76