106.13.78.137 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	May 13 08:56:35 pkdns2 sshd\[62046\]: Invalid user admin from 106.13.78.137May 13 08:56:37 pkdns2 sshd\[62046\]: Failed password for invalid user admin from 106.13.78.137 port 26952 ssh2May 13 09:00:55 pkdns2 sshd\[62261\]: Invalid user wps from 106.13.78.137May 13 09:00:57 pkdns2 sshd\[62261\]: Failed password for invalid user wps from 106.13.78.137 port 18401 ssh2May 13 09:05:13 pkdns2 sshd\[62578\]: Invalid user admin from 106.13.78.137May 13 09:05:16 pkdns2 sshd\[62578\]: Failed password for invalid user admin from 106.13.78.137 port 9856 ssh2 ...	2020-05-13 19:24:16
attack	Apr 26 18:59:36 vlre-nyc-1 sshd\[8337\]: Invalid user sergio from 106.13.78.137 Apr 26 18:59:36 vlre-nyc-1 sshd\[8337\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 Apr 26 18:59:37 vlre-nyc-1 sshd\[8337\]: Failed password for invalid user sergio from 106.13.78.137 port 57219 ssh2 Apr 26 19:02:23 vlre-nyc-1 sshd\[8414\]: Invalid user rdp from 106.13.78.137 Apr 26 19:02:23 vlre-nyc-1 sshd\[8414\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 ...	2020-04-27 03:15:55
attack	$f2bV_matches	2020-04-21 15:04:46
attackspambots	Apr 6 12:40:45 marvibiene sshd[50380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 user=root Apr 6 12:40:47 marvibiene sshd[50380]: Failed password for root from 106.13.78.137 port 47343 ssh2 Apr 6 12:45:58 marvibiene sshd[50462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 user=root Apr 6 12:46:00 marvibiene sshd[50462]: Failed password for root from 106.13.78.137 port 36730 ssh2 ...	2020-04-06 20:52:01
attack	SSH Bruteforce attack	2020-04-06 19:17:36
attackbots	Mar 29 23:43:36 meumeu sshd[24934]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 Mar 29 23:43:38 meumeu sshd[24934]: Failed password for invalid user rj from 106.13.78.137 port 24616 ssh2 Mar 29 23:47:20 meumeu sshd[25497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 ...	2020-03-30 06:00:54
attackbots	Mar 19 20:28:36 php1 sshd\[27939\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 user=root Mar 19 20:28:38 php1 sshd\[27939\]: Failed password for root from 106.13.78.137 port 22210 ssh2 Mar 19 20:30:19 php1 sshd\[28163\]: Invalid user lab from 106.13.78.137 Mar 19 20:30:19 php1 sshd\[28163\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 Mar 19 20:30:22 php1 sshd\[28163\]: Failed password for invalid user lab from 106.13.78.137 port 35644 ssh2	2020-03-20 16:08:32
attackbotsspam	Mar 13 13:06:57 *** sshd[3555]: User root from 106.13.78.137 not allowed because not listed in AllowUsers	2020-03-14 03:35:16
attackspambots	Mar 9 05:52:16 v22018086721571380 sshd[20514]: Failed password for invalid user root!2# from 106.13.78.137 port 28553 ssh2	2020-03-09 13:57:43
attackbotsspam	Invalid user mm from 106.13.78.137 port 40176	2020-02-21 08:20:24
attack	Unauthorized connection attempt detected from IP address 106.13.78.137 to port 2220 [J]	2020-01-23 17:14:35
attackbots	Automatic report - SSH Brute-Force Attack	2020-01-10 16:37:29
attackbots	Unauthorized connection attempt detected from IP address 106.13.78.137 to port 2220 [J]	2020-01-07 18:01:00
attack	Dec 14 15:58:50 meumeu sshd[3991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 Dec 14 15:58:51 meumeu sshd[3991]: Failed password for invalid user wojtecki from 106.13.78.137 port 26613 ssh2 Dec 14 16:06:30 meumeu sshd[5614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 ...	2019-12-15 01:20:53
attack	Dec 2 22:16:37 ns382633 sshd\[11283\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 user=root Dec 2 22:16:39 ns382633 sshd\[11283\]: Failed password for root from 106.13.78.137 port 14974 ssh2 Dec 2 22:34:30 ns382633 sshd\[14503\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 user=root Dec 2 22:34:32 ns382633 sshd\[14503\]: Failed password for root from 106.13.78.137 port 58454 ssh2 Dec 2 22:39:22 ns382633 sshd\[15747\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 user=root	2019-12-03 08:14:27
attack	Nov 30 08:03:33 OPSO sshd\[9071\]: Invalid user tatsu from 106.13.78.137 port 26480 Nov 30 08:03:33 OPSO sshd\[9071\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 Nov 30 08:03:35 OPSO sshd\[9071\]: Failed password for invalid user tatsu from 106.13.78.137 port 26480 ssh2 Nov 30 08:08:25 OPSO sshd\[9781\]: Invalid user anavin from 106.13.78.137 port 59794 Nov 30 08:08:25 OPSO sshd\[9781\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137	2019-11-30 15:12:19

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.78.210	attackspam	Invalid user pozvizd from 106.13.78.210 port 39564	2020-10-13 13:59:43
106.13.78.210	attackbots	Oct 13 00:27:21 eventyay sshd[1551]: Failed password for root from 106.13.78.210 port 36368 ssh2 Oct 13 00:30:37 eventyay sshd[1680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.210 Oct 13 00:30:39 eventyay sshd[1680]: Failed password for invalid user zy from 106.13.78.210 port 33060 ssh2 ...	2020-10-13 06:44:08
106.13.78.210	attackbots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-12 01:27:38
106.13.78.210	attackbotsspam	Oct 7 22:52:29 buvik sshd[984]: Failed password for root from 106.13.78.210 port 46792 ssh2 Oct 7 22:54:52 buvik sshd[1344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.210 user=root Oct 7 22:54:55 buvik sshd[1344]: Failed password for root from 106.13.78.210 port 56786 ssh2 ...	2020-10-08 06:11:04
106.13.78.210	attackbotsspam	Oct 7 13:41:58 Server sshd[688713]: Failed password for root from 106.13.78.210 port 37416 ssh2 Oct 7 13:44:01 Server sshd[689683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.210 user=root Oct 7 13:44:03 Server sshd[689683]: Failed password for root from 106.13.78.210 port 35462 ssh2 Oct 7 13:46:09 Server sshd[690587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.210 user=root Oct 7 13:46:11 Server sshd[690587]: Failed password for root from 106.13.78.210 port 33514 ssh2 ...	2020-10-07 22:30:41
106.13.78.210	attack	prod8 ...	2020-10-07 14:31:43
106.13.78.210	attack	$f2bV_matches	2020-10-07 04:14:29
106.13.78.210	attackspambots	Invalid user user from 106.13.78.210 port 41994	2020-10-06 20:18:01
106.13.78.210	attack	Invalid user tortoisesvn from 106.13.78.210 port 45430	2020-09-15 19:59:28
106.13.78.210	attack	Sep 15 03:51:44 roki-contabo sshd\[13296\]: Invalid user ts from 106.13.78.210 Sep 15 03:51:44 roki-contabo sshd\[13296\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.210 Sep 15 03:51:46 roki-contabo sshd\[13296\]: Failed password for invalid user ts from 106.13.78.210 port 58110 ssh2 Sep 15 03:56:56 roki-contabo sshd\[13325\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.210 user=root Sep 15 03:56:57 roki-contabo sshd\[13325\]: Failed password for root from 106.13.78.210 port 53784 ssh2 ...	2020-09-15 12:03:57
106.13.78.210	attack	$f2bV_matches	2020-09-15 04:10:20
106.13.78.198	attack	Bruteforce detected by fail2ban	2020-08-23 02:05:22
106.13.78.198	attack	Aug 20 08:33:26 h2646465 sshd[20166]: Invalid user oracle from 106.13.78.198 Aug 20 08:33:26 h2646465 sshd[20166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.198 Aug 20 08:33:26 h2646465 sshd[20166]: Invalid user oracle from 106.13.78.198 Aug 20 08:33:28 h2646465 sshd[20166]: Failed password for invalid user oracle from 106.13.78.198 port 48150 ssh2 Aug 20 08:45:20 h2646465 sshd[21979]: Invalid user admin from 106.13.78.198 Aug 20 08:45:20 h2646465 sshd[21979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.198 Aug 20 08:45:20 h2646465 sshd[21979]: Invalid user admin from 106.13.78.198 Aug 20 08:45:22 h2646465 sshd[21979]: Failed password for invalid user admin from 106.13.78.198 port 56706 ssh2 Aug 20 08:47:40 h2646465 sshd[22054]: Invalid user cwt from 106.13.78.198 ...	2020-08-20 15:14:59
106.13.78.198	attackbots	2020-08-02T22:12:59.071977shield sshd\[1723\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.198 user=root 2020-08-02T22:13:00.490726shield sshd\[1723\]: Failed password for root from 106.13.78.198 port 40342 ssh2 2020-08-02T22:17:01.766000shield sshd\[2367\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.198 user=root 2020-08-02T22:17:03.741725shield sshd\[2367\]: Failed password for root from 106.13.78.198 port 48466 ssh2 2020-08-02T22:21:08.216266shield sshd\[2757\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.198 user=root	2020-08-03 08:30:17
106.13.78.143	attack	Aug 2 02:39:36 php1 sshd\[23713\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.143 user=root Aug 2 02:39:38 php1 sshd\[23713\]: Failed password for root from 106.13.78.143 port 52326 ssh2 Aug 2 02:42:09 php1 sshd\[23882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.143 user=root Aug 2 02:42:11 php1 sshd\[23882\]: Failed password for root from 106.13.78.143 port 55040 ssh2 Aug 2 02:44:50 php1 sshd\[24072\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.143 user=root	2020-08-02 20:57:39

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.78.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63467
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.78.137.			IN	A

;; AUTHORITY SECTION:
.			470	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019113000 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 30 15:12:15 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 137.78.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 137.78.13.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
190.180.31.248	attack	Telnet Server BruteForce Attack	2020-08-07 06:26:41
184.168.46.58	attackbotsspam	Trolling for resource vulnerabilities	2020-08-07 07:00:21
186.207.37.169	attack	Automatic report - Port Scan Attack	2020-08-07 06:38:18
62.210.215.34	attack	Aug 6 23:50:57 vpn01 sshd[16249]: Failed password for root from 62.210.215.34 port 47660 ssh2 ...	2020-08-07 06:52:04
106.111.72.40	attack	20 attempts against mh-ssh on sun	2020-08-07 06:59:14
117.93.38.167	attackbotsspam	Unauthorised access (Aug 7) SRC=117.93.38.167 LEN=40 TTL=50 ID=22334 TCP DPT=23 WINDOW=24269 SYN	2020-08-07 06:54:29
112.85.42.172	attackbotsspam	$f2bV_matches	2020-08-07 06:58:55
212.70.149.3	attackspam	Aug 7 00:39:00 srv01 postfix/smtpd\[30216\]: warning: unknown\[212.70.149.3\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 7 00:39:21 srv01 postfix/smtpd\[29792\]: warning: unknown\[212.70.149.3\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 7 00:39:40 srv01 postfix/smtpd\[30216\]: warning: unknown\[212.70.149.3\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 7 00:39:59 srv01 postfix/smtpd\[30216\]: warning: unknown\[212.70.149.3\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 7 00:40:18 srv01 postfix/smtpd\[30214\]: warning: unknown\[212.70.149.3\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-08-07 06:46:31
118.71.64.85	attack	Automatic report - Port Scan Attack	2020-08-07 06:51:46
212.129.59.36	attackbots	212.129.59.36 - - [07/Aug/2020:00:35:33 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.129.59.36 - - [07/Aug/2020:00:35:34 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.129.59.36 - - [07/Aug/2020:00:35:34 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-07 06:41:31
113.87.21.117	attackbotsspam		2020-08-07 06:29:59
111.230.204.113	attackbots	2020-08-06T23:55:05.795265ks3355764 sshd[10630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.204.113 user=root 2020-08-06T23:55:07.633490ks3355764 sshd[10630]: Failed password for root from 111.230.204.113 port 55706 ssh2 ...	2020-08-07 06:26:23
222.186.30.218	attackbotsspam	Aug 6 22:42:28 rush sshd[27847]: Failed password for root from 222.186.30.218 port 41360 ssh2 Aug 6 22:42:30 rush sshd[27847]: Failed password for root from 222.186.30.218 port 41360 ssh2 Aug 6 22:42:33 rush sshd[27847]: Failed password for root from 222.186.30.218 port 41360 ssh2 ...	2020-08-07 06:46:14
139.215.217.180	attack	2020-08-06T17:51:51.343761devel sshd[12788]: Failed password for root from 139.215.217.180 port 42779 ssh2 2020-08-06T17:54:44.343577devel sshd[13030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.215.217.180 user=root 2020-08-06T17:54:46.297262devel sshd[13030]: Failed password for root from 139.215.217.180 port 36560 ssh2	2020-08-07 06:40:29
106.13.233.4	attack	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-07 06:33:58

最近上报的IP列表

100.193.182.166	179.114.165.187	49.49.45.220	105.151.158.141
43.227.253.152	97.91.226.214	201.200.25.255	180.161.83.58
2.116.207.17	74.70.33.188	154.111.100.194	150.191.213.118
75.121.22.132	175.28.85.104	211.159.182.44	77.247.109.61
61.180.39.72	106.12.6.136	117.4.120.126	81.77.9.212