106.13.78.137 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	May 13 08:56:35 pkdns2 sshd\[62046\]: Invalid user admin from 106.13.78.137May 13 08:56:37 pkdns2 sshd\[62046\]: Failed password for invalid user admin from 106.13.78.137 port 26952 ssh2May 13 09:00:55 pkdns2 sshd\[62261\]: Invalid user wps from 106.13.78.137May 13 09:00:57 pkdns2 sshd\[62261\]: Failed password for invalid user wps from 106.13.78.137 port 18401 ssh2May 13 09:05:13 pkdns2 sshd\[62578\]: Invalid user admin from 106.13.78.137May 13 09:05:16 pkdns2 sshd\[62578\]: Failed password for invalid user admin from 106.13.78.137 port 9856 ssh2 ...	2020-05-13 19:24:16
attack	Apr 26 18:59:36 vlre-nyc-1 sshd\[8337\]: Invalid user sergio from 106.13.78.137 Apr 26 18:59:36 vlre-nyc-1 sshd\[8337\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 Apr 26 18:59:37 vlre-nyc-1 sshd\[8337\]: Failed password for invalid user sergio from 106.13.78.137 port 57219 ssh2 Apr 26 19:02:23 vlre-nyc-1 sshd\[8414\]: Invalid user rdp from 106.13.78.137 Apr 26 19:02:23 vlre-nyc-1 sshd\[8414\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 ...	2020-04-27 03:15:55
attack	$f2bV_matches	2020-04-21 15:04:46
attackspambots	Apr 6 12:40:45 marvibiene sshd[50380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 user=root Apr 6 12:40:47 marvibiene sshd[50380]: Failed password for root from 106.13.78.137 port 47343 ssh2 Apr 6 12:45:58 marvibiene sshd[50462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 user=root Apr 6 12:46:00 marvibiene sshd[50462]: Failed password for root from 106.13.78.137 port 36730 ssh2 ...	2020-04-06 20:52:01
attack	SSH Bruteforce attack	2020-04-06 19:17:36
attackbots	Mar 29 23:43:36 meumeu sshd[24934]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 Mar 29 23:43:38 meumeu sshd[24934]: Failed password for invalid user rj from 106.13.78.137 port 24616 ssh2 Mar 29 23:47:20 meumeu sshd[25497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 ...	2020-03-30 06:00:54
attackbots	Mar 19 20:28:36 php1 sshd\[27939\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 user=root Mar 19 20:28:38 php1 sshd\[27939\]: Failed password for root from 106.13.78.137 port 22210 ssh2 Mar 19 20:30:19 php1 sshd\[28163\]: Invalid user lab from 106.13.78.137 Mar 19 20:30:19 php1 sshd\[28163\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 Mar 19 20:30:22 php1 sshd\[28163\]: Failed password for invalid user lab from 106.13.78.137 port 35644 ssh2	2020-03-20 16:08:32
attackbotsspam	Mar 13 13:06:57 *** sshd[3555]: User root from 106.13.78.137 not allowed because not listed in AllowUsers	2020-03-14 03:35:16
attackspambots	Mar 9 05:52:16 v22018086721571380 sshd[20514]: Failed password for invalid user root!2# from 106.13.78.137 port 28553 ssh2	2020-03-09 13:57:43
attackbotsspam	Invalid user mm from 106.13.78.137 port 40176	2020-02-21 08:20:24
attack	Unauthorized connection attempt detected from IP address 106.13.78.137 to port 2220 [J]	2020-01-23 17:14:35
attackbots	Automatic report - SSH Brute-Force Attack	2020-01-10 16:37:29
attackbots	Unauthorized connection attempt detected from IP address 106.13.78.137 to port 2220 [J]	2020-01-07 18:01:00
attack	Dec 14 15:58:50 meumeu sshd[3991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 Dec 14 15:58:51 meumeu sshd[3991]: Failed password for invalid user wojtecki from 106.13.78.137 port 26613 ssh2 Dec 14 16:06:30 meumeu sshd[5614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 ...	2019-12-15 01:20:53
attack	Dec 2 22:16:37 ns382633 sshd\[11283\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 user=root Dec 2 22:16:39 ns382633 sshd\[11283\]: Failed password for root from 106.13.78.137 port 14974 ssh2 Dec 2 22:34:30 ns382633 sshd\[14503\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 user=root Dec 2 22:34:32 ns382633 sshd\[14503\]: Failed password for root from 106.13.78.137 port 58454 ssh2 Dec 2 22:39:22 ns382633 sshd\[15747\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 user=root	2019-12-03 08:14:27
attack	Nov 30 08:03:33 OPSO sshd\[9071\]: Invalid user tatsu from 106.13.78.137 port 26480 Nov 30 08:03:33 OPSO sshd\[9071\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137 Nov 30 08:03:35 OPSO sshd\[9071\]: Failed password for invalid user tatsu from 106.13.78.137 port 26480 ssh2 Nov 30 08:08:25 OPSO sshd\[9781\]: Invalid user anavin from 106.13.78.137 port 59794 Nov 30 08:08:25 OPSO sshd\[9781\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.137	2019-11-30 15:12:19

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.78.210	attackspam	Invalid user pozvizd from 106.13.78.210 port 39564	2020-10-13 13:59:43
106.13.78.210	attackbots	Oct 13 00:27:21 eventyay sshd[1551]: Failed password for root from 106.13.78.210 port 36368 ssh2 Oct 13 00:30:37 eventyay sshd[1680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.210 Oct 13 00:30:39 eventyay sshd[1680]: Failed password for invalid user zy from 106.13.78.210 port 33060 ssh2 ...	2020-10-13 06:44:08
106.13.78.210	attackbots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-12 01:27:38
106.13.78.210	attackbotsspam	Oct 7 22:52:29 buvik sshd[984]: Failed password for root from 106.13.78.210 port 46792 ssh2 Oct 7 22:54:52 buvik sshd[1344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.210 user=root Oct 7 22:54:55 buvik sshd[1344]: Failed password for root from 106.13.78.210 port 56786 ssh2 ...	2020-10-08 06:11:04
106.13.78.210	attackbotsspam	Oct 7 13:41:58 Server sshd[688713]: Failed password for root from 106.13.78.210 port 37416 ssh2 Oct 7 13:44:01 Server sshd[689683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.210 user=root Oct 7 13:44:03 Server sshd[689683]: Failed password for root from 106.13.78.210 port 35462 ssh2 Oct 7 13:46:09 Server sshd[690587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.210 user=root Oct 7 13:46:11 Server sshd[690587]: Failed password for root from 106.13.78.210 port 33514 ssh2 ...	2020-10-07 22:30:41
106.13.78.210	attack	prod8 ...	2020-10-07 14:31:43
106.13.78.210	attack	$f2bV_matches	2020-10-07 04:14:29
106.13.78.210	attackspambots	Invalid user user from 106.13.78.210 port 41994	2020-10-06 20:18:01
106.13.78.210	attack	Invalid user tortoisesvn from 106.13.78.210 port 45430	2020-09-15 19:59:28
106.13.78.210	attack	Sep 15 03:51:44 roki-contabo sshd\[13296\]: Invalid user ts from 106.13.78.210 Sep 15 03:51:44 roki-contabo sshd\[13296\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.210 Sep 15 03:51:46 roki-contabo sshd\[13296\]: Failed password for invalid user ts from 106.13.78.210 port 58110 ssh2 Sep 15 03:56:56 roki-contabo sshd\[13325\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.210 user=root Sep 15 03:56:57 roki-contabo sshd\[13325\]: Failed password for root from 106.13.78.210 port 53784 ssh2 ...	2020-09-15 12:03:57
106.13.78.210	attack	$f2bV_matches	2020-09-15 04:10:20
106.13.78.198	attack	Bruteforce detected by fail2ban	2020-08-23 02:05:22
106.13.78.198	attack	Aug 20 08:33:26 h2646465 sshd[20166]: Invalid user oracle from 106.13.78.198 Aug 20 08:33:26 h2646465 sshd[20166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.198 Aug 20 08:33:26 h2646465 sshd[20166]: Invalid user oracle from 106.13.78.198 Aug 20 08:33:28 h2646465 sshd[20166]: Failed password for invalid user oracle from 106.13.78.198 port 48150 ssh2 Aug 20 08:45:20 h2646465 sshd[21979]: Invalid user admin from 106.13.78.198 Aug 20 08:45:20 h2646465 sshd[21979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.198 Aug 20 08:45:20 h2646465 sshd[21979]: Invalid user admin from 106.13.78.198 Aug 20 08:45:22 h2646465 sshd[21979]: Failed password for invalid user admin from 106.13.78.198 port 56706 ssh2 Aug 20 08:47:40 h2646465 sshd[22054]: Invalid user cwt from 106.13.78.198 ...	2020-08-20 15:14:59
106.13.78.198	attackbots	2020-08-02T22:12:59.071977shield sshd\[1723\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.198 user=root 2020-08-02T22:13:00.490726shield sshd\[1723\]: Failed password for root from 106.13.78.198 port 40342 ssh2 2020-08-02T22:17:01.766000shield sshd\[2367\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.198 user=root 2020-08-02T22:17:03.741725shield sshd\[2367\]: Failed password for root from 106.13.78.198 port 48466 ssh2 2020-08-02T22:21:08.216266shield sshd\[2757\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.198 user=root	2020-08-03 08:30:17
106.13.78.143	attack	Aug 2 02:39:36 php1 sshd\[23713\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.143 user=root Aug 2 02:39:38 php1 sshd\[23713\]: Failed password for root from 106.13.78.143 port 52326 ssh2 Aug 2 02:42:09 php1 sshd\[23882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.143 user=root Aug 2 02:42:11 php1 sshd\[23882\]: Failed password for root from 106.13.78.143 port 55040 ssh2 Aug 2 02:44:50 php1 sshd\[24072\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.78.143 user=root	2020-08-02 20:57:39

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.78.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63467
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.78.137.			IN	A

;; AUTHORITY SECTION:
.			470	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019113000 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 30 15:12:15 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 137.78.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 137.78.13.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
92.63.197.66	attack	Sep 30 08:19:51 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=92.63.197.66 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=64597 PROTO=TCP SPT=51549 DPT=13696 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 30 08:20:03 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=92.63.197.66 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=6309 PROTO=TCP SPT=51549 DPT=13122 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 30 08:22:30 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=92.63.197.66 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=11039 PROTO=TCP SPT=51549 DPT=14821 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 30 08:23:06 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=92.63.197.66 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=60524 PROTO=TCP SPT=51549 DPT=12648 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 30 08:26:38 hidden kern ...	2020-09-30 15:19:44
218.92.0.195	attackbotsspam	Sep 30 09:23:10 dcd-gentoo sshd[4330]: User root from 218.92.0.195 not allowed because none of user's groups are listed in AllowGroups Sep 30 09:23:14 dcd-gentoo sshd[4330]: error: PAM: Authentication failure for illegal user root from 218.92.0.195 Sep 30 09:23:14 dcd-gentoo sshd[4330]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.195 port 15518 ssh2 ...	2020-09-30 15:24:17
36.103.222.105	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 16 - port: 2375 proto: tcp cat: Misc Attackbytes: 60	2020-09-30 16:18:02
84.38.180.61	attackspam	Sep 30 06:33:10 marvibiene sshd[10911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.38.180.61 Sep 30 06:33:13 marvibiene sshd[10911]: Failed password for invalid user group1 from 84.38.180.61 port 35436 ssh2	2020-09-30 15:18:00
89.248.172.140	attack	firewall-block, port(s): 1983/tcp, 3450/tcp, 5656/tcp	2020-09-30 15:44:03
45.129.33.47	attackbots	26 packets to ports 1008 4031 4036 5152 6589 6914 7072 7078 8012 8093 8192 8203 8214 9443 10555 11505 33052 36336 37102 37502 39393 39984 50500 54665 56969 56987	2020-09-30 16:15:07
80.82.77.245	attackbotsspam	80.82.77.245 was recorded 8 times by 4 hosts attempting to connect to the following ports: 1064,1059. Incident counter (4h, 24h, all-time): 8, 42, 27725	2020-09-30 15:15:45
37.59.141.40	attack	37.59.141.40 - - [30/Sep/2020:02:27:32 +0200] "GET /wp-login.php HTTP/1.1" 200 8712 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 37.59.141.40 - - [30/Sep/2020:02:27:33 +0200] "POST /wp-login.php HTTP/1.1" 200 8942 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 37.59.141.40 - - [30/Sep/2020:02:27:34 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-30 15:28:23
102.165.30.17	attack	Automatic report - Banned IP Access	2020-09-30 15:40:32
167.248.133.29	attack	Hit honeypot r.	2020-09-30 15:34:29
111.40.7.84	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: tcp cat: Potentially Bad Trafficbytes: 60	2020-09-30 16:01:30
45.129.33.120	attackspam	TCP (SYN) 45.129.33.120:42650 -> port 30858, len 44	2020-09-30 16:13:13
92.63.197.55	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 80 - port: 3851 proto: tcp cat: Misc Attackbytes: 60	2020-09-30 15:43:21
175.125.121.145	attack	failed Imap connection attempt	2020-09-30 15:21:09
185.153.199.132	attackspambots	Icarus honeypot on github	2020-09-30 15:58:41

最近上报的IP列表

100.193.182.166	179.114.165.187	49.49.45.220	105.151.158.141
43.227.253.152	97.91.226.214	201.200.25.255	180.161.83.58
2.116.207.17	74.70.33.188	154.111.100.194	150.191.213.118
75.121.22.132	175.28.85.104	211.159.182.44	77.247.109.61
61.180.39.72	106.12.6.136	117.4.120.126	81.77.9.212