106.13.136.238

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	SSH Brute Force	2020-04-29 13:00:43
attack	Mar 12 00:01:46 plusreed sshd[31761]: Invalid user wp-user from 106.13.136.238 Mar 12 00:01:46 plusreed sshd[31761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 Mar 12 00:01:46 plusreed sshd[31761]: Invalid user wp-user from 106.13.136.238 Mar 12 00:01:48 plusreed sshd[31761]: Failed password for invalid user wp-user from 106.13.136.238 port 45890 ssh2 ...	2020-03-12 19:50:54
attackspam	...	2020-02-04 21:29:49
attackbots	2020-01-03T05:49:14.716203vps751288.ovh.net sshd\[26004\]: Invalid user com from 106.13.136.238 port 56352 2020-01-03T05:49:14.724742vps751288.ovh.net sshd\[26004\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 2020-01-03T05:49:16.533744vps751288.ovh.net sshd\[26004\]: Failed password for invalid user com from 106.13.136.238 port 56352 ssh2 2020-01-03T05:51:19.591138vps751288.ovh.net sshd\[26006\]: Invalid user blm from 106.13.136.238 port 45906 2020-01-03T05:51:19.600318vps751288.ovh.net sshd\[26006\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238	2020-01-03 15:18:23
attack	Dec 27 07:06:36 Invalid user test from 106.13.136.238 port 55428	2019-12-27 15:15:11
attackspambots	Dec 21 00:14:52 ncomp sshd[7519]: Invalid user nesse from 106.13.136.238 Dec 21 00:14:52 ncomp sshd[7519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 Dec 21 00:14:52 ncomp sshd[7519]: Invalid user nesse from 106.13.136.238 Dec 21 00:14:54 ncomp sshd[7519]: Failed password for invalid user nesse from 106.13.136.238 port 42568 ssh2	2019-12-21 06:47:39
attack	Dec 20 02:50:51 hosting sshd[6286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 user=root Dec 20 02:50:53 hosting sshd[6286]: Failed password for root from 106.13.136.238 port 38178 ssh2 Dec 20 02:58:49 hosting sshd[6928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 user=root Dec 20 02:58:50 hosting sshd[6928]: Failed password for root from 106.13.136.238 port 43936 ssh2 Dec 20 03:05:09 hosting sshd[7731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 user=backup Dec 20 03:05:11 hosting sshd[7731]: Failed password for backup from 106.13.136.238 port 37090 ssh2 ...	2019-12-20 08:07:16
attack	Nov 26 10:23:03 v22018076622670303 sshd\[3079\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 user=root Nov 26 10:23:05 v22018076622670303 sshd\[3079\]: Failed password for root from 106.13.136.238 port 54982 ssh2 Nov 26 10:26:00 v22018076622670303 sshd\[3098\]: Invalid user web from 106.13.136.238 port 54084 Nov 26 10:26:00 v22018076622670303 sshd\[3098\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 ...	2019-11-26 20:01:43
attack	Nov 23 23:22:58 wbs sshd\[11712\]: Invalid user jjjj from 106.13.136.238 Nov 23 23:22:58 wbs sshd\[11712\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 Nov 23 23:23:00 wbs sshd\[11712\]: Failed password for invalid user jjjj from 106.13.136.238 port 38090 ssh2 Nov 23 23:26:43 wbs sshd\[12010\]: Invalid user zidat from 106.13.136.238 Nov 23 23:26:43 wbs sshd\[12010\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238	2019-11-24 19:20:38
attack	SSH bruteforce	2019-11-10 18:29:34
attackbots	Nov 10 06:07:06 meumeu sshd[13261]: Failed password for root from 106.13.136.238 port 50084 ssh2 Nov 10 06:11:19 meumeu sshd[13798]: Failed password for root from 106.13.136.238 port 54112 ssh2 ...	2019-11-10 13:16:04
attackspambots	$f2bV_matches	2019-11-05 08:30:00
attackspambots	Nov 4 08:37:04 auw2 sshd\[28034\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 user=root Nov 4 08:37:06 auw2 sshd\[28034\]: Failed password for root from 106.13.136.238 port 60600 ssh2 Nov 4 08:40:48 auw2 sshd\[28500\]: Invalid user supervisor from 106.13.136.238 Nov 4 08:40:48 auw2 sshd\[28500\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 Nov 4 08:40:51 auw2 sshd\[28500\]: Failed password for invalid user supervisor from 106.13.136.238 port 37748 ssh2	2019-11-05 04:15:28
attackspam	Oct 22 15:05:40 lnxmysql61 sshd[15971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238	2019-10-23 02:11:29
attack	Oct 10 10:39:31 MK-Soft-VM7 sshd[14494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 Oct 10 10:39:33 MK-Soft-VM7 sshd[14494]: Failed password for invalid user P4ssword_123 from 106.13.136.238 port 49722 ssh2 ...	2019-10-10 17:08:56
attack	Oct 8 05:58:10 jane sshd[32059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 Oct 8 05:58:12 jane sshd[32059]: Failed password for invalid user firewall2017 from 106.13.136.238 port 54494 ssh2 ...	2019-10-08 13:11:01
attack	Oct 7 11:37:34 php1 sshd\[5233\]: Invalid user Losenord! from 106.13.136.238 Oct 7 11:37:34 php1 sshd\[5233\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 Oct 7 11:37:36 php1 sshd\[5233\]: Failed password for invalid user Losenord! from 106.13.136.238 port 37590 ssh2 Oct 7 11:40:20 php1 sshd\[5729\]: Invalid user Qwerty1234 from 106.13.136.238 Oct 7 11:40:20 php1 sshd\[5729\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238	2019-10-08 05:53:17
attack	Tried sshing with brute force.	2019-10-07 19:43:39
attack	2019-10-05T16:59:04.966839 sshd[6335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 user=root 2019-10-05T16:59:06.575936 sshd[6335]: Failed password for root from 106.13.136.238 port 42594 ssh2 2019-10-05T17:04:18.755473 sshd[6439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 user=root 2019-10-05T17:04:20.474833 sshd[6439]: Failed password for root from 106.13.136.238 port 47994 ssh2 2019-10-05T17:09:26.371399 sshd[6490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 user=root 2019-10-05T17:09:28.040032 sshd[6490]: Failed password for root from 106.13.136.238 port 53386 ssh2 ...	2019-10-05 23:30:36
attackspam	Oct 3 15:29:14 MK-Soft-VM7 sshd[4195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 Oct 3 15:29:16 MK-Soft-VM7 sshd[4195]: Failed password for invalid user adminuser from 106.13.136.238 port 60800 ssh2 ...	2019-10-03 22:12:33
attackspam	Sep 28 00:15:24 microserver sshd[24153]: Invalid user vagrant from 106.13.136.238 port 54040 Sep 28 00:15:24 microserver sshd[24153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 Sep 28 00:15:27 microserver sshd[24153]: Failed password for invalid user vagrant from 106.13.136.238 port 54040 ssh2 Sep 28 00:19:34 microserver sshd[24436]: Invalid user ddd from 106.13.136.238 port 37108 Sep 28 00:19:34 microserver sshd[24436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 Sep 28 00:31:57 microserver sshd[26382]: Invalid user test from 106.13.136.238 port 42726 Sep 28 00:31:57 microserver sshd[26382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 Sep 28 00:32:00 microserver sshd[26382]: Failed password for invalid user test from 106.13.136.238 port 42726 ssh2 Sep 28 00:36:11 microserver sshd[27000]: Invalid user zapp from 106.13.136.238 port 540	2019-09-28 06:58:30
attack	Sep 26 02:38:56 hanapaa sshd\[17433\]: Invalid user jeremy from 106.13.136.238 Sep 26 02:38:56 hanapaa sshd\[17433\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 Sep 26 02:38:58 hanapaa sshd\[17433\]: Failed password for invalid user jeremy from 106.13.136.238 port 41090 ssh2 Sep 26 02:41:53 hanapaa sshd\[17795\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 user=root Sep 26 02:41:55 hanapaa sshd\[17795\]: Failed password for root from 106.13.136.238 port 35008 ssh2	2019-09-26 20:53:21
attackbots	Sep 22 06:57:18 www4 sshd\[5284\]: Invalid user willshao from 106.13.136.238 Sep 22 06:57:18 www4 sshd\[5284\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 Sep 22 06:57:21 www4 sshd\[5284\]: Failed password for invalid user willshao from 106.13.136.238 port 52902 ssh2 ...	2019-09-22 12:32:48
attackspam	2019-08-28T11:14:35.099163 sshd[9149]: Invalid user ep from 106.13.136.238 port 44366 2019-08-28T11:14:35.113576 sshd[9149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.238 2019-08-28T11:14:35.099163 sshd[9149]: Invalid user ep from 106.13.136.238 port 44366 2019-08-28T11:14:37.052235 sshd[9149]: Failed password for invalid user ep from 106.13.136.238 port 44366 ssh2 2019-08-28T11:17:57.138515 sshd[9229]: Invalid user oracle from 106.13.136.238 port 41618 ...	2019-08-28 17:55:31

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.136.8	attackbots	Fail2Ban Ban Triggered	2020-09-23 23:28:10
106.13.136.8	attackbots	Sep 23 01:27:43 ip-172-31-42-142 sshd\[24601\]: Invalid user gy from 106.13.136.8\ Sep 23 01:27:45 ip-172-31-42-142 sshd\[24601\]: Failed password for invalid user gy from 106.13.136.8 port 35400 ssh2\ Sep 23 01:33:18 ip-172-31-42-142 sshd\[24630\]: Invalid user smart from 106.13.136.8\ Sep 23 01:33:20 ip-172-31-42-142 sshd\[24630\]: Failed password for invalid user smart from 106.13.136.8 port 59216 ssh2\ Sep 23 01:34:47 ip-172-31-42-142 sshd\[24634\]: Invalid user eva from 106.13.136.8\	2020-09-23 15:41:03
106.13.136.8	attackbotsspam	SSH Brute-Force Attack	2020-09-23 07:35:11
106.13.136.8	attack	Failed password for invalid user ubuntu from 106.13.136.8 port 57612 ssh2	2020-09-01 18:32:47
106.13.136.8	attack	Aug 3 14:15:13 roki-contabo sshd\[1008\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.8 user=root Aug 3 14:15:14 roki-contabo sshd\[1008\]: Failed password for root from 106.13.136.8 port 60272 ssh2 Aug 3 14:22:19 roki-contabo sshd\[1253\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.8 user=root Aug 3 14:22:21 roki-contabo sshd\[1253\]: Failed password for root from 106.13.136.8 port 45562 ssh2 Aug 3 14:25:45 roki-contabo sshd\[1405\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.8 user=root ...	2020-08-03 22:59:22
106.13.136.3	attackbots	Apr 5 23:54:52 legacy sshd[22630]: Failed password for root from 106.13.136.3 port 56834 ssh2 Apr 5 23:58:39 legacy sshd[22758]: Failed password for root from 106.13.136.3 port 55570 ssh2 ...	2020-04-06 06:04:15
106.13.136.3	attack	(sshd) Failed SSH login from 106.13.136.3 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 28 05:27:56 s1 sshd[27861]: Invalid user fgu from 106.13.136.3 port 48922 Mar 28 05:27:58 s1 sshd[27861]: Failed password for invalid user fgu from 106.13.136.3 port 48922 ssh2 Mar 28 05:43:07 s1 sshd[28145]: Invalid user xis from 106.13.136.3 port 35746 Mar 28 05:43:09 s1 sshd[28145]: Failed password for invalid user xis from 106.13.136.3 port 35746 ssh2 Mar 28 05:47:09 s1 sshd[28249]: Invalid user mbp from 106.13.136.3 port 33100	2020-03-28 18:09:33
106.13.136.3	attack	Mar 23 11:42:29 ny01 sshd[27807]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.3 Mar 23 11:42:31 ny01 sshd[27807]: Failed password for invalid user nakjimall from 106.13.136.3 port 59906 ssh2 Mar 23 11:46:57 ny01 sshd[29676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.3	2020-03-24 02:20:56
106.13.136.3	attackbots	$f2bV_matches	2020-03-20 13:50:59
106.13.136.139	attackbots	2020-03-19T08:56:31.425676linuxbox-skyline sshd[66703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.139 user=root 2020-03-19T08:56:33.758217linuxbox-skyline sshd[66703]: Failed password for root from 106.13.136.139 port 33330 ssh2 ...	2020-03-20 04:01:51
106.13.136.3	attackspambots	Invalid user takazawa from 106.13.136.3 port 37408	2020-03-19 18:57:39
106.13.136.139	attack	Mar 13 20:13:25 ncomp sshd[25810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.136.139 user=root Mar 13 20:13:27 ncomp sshd[25810]: Failed password for root from 106.13.136.139 port 38510 ssh2 Mar 13 20:16:44 ncomp sshd[25860]: Invalid user superman from 106.13.136.139	2020-03-14 02:54:15
106.13.136.73	attackspam	SSH authentication failure x 6 reported by Fail2Ban ...	2020-03-10 01:51:00
106.13.136.73	attack	web-1 [ssh] SSH Attack	2020-02-26 22:00:24
106.13.136.3	attack	Feb 21 07:00:12 mout sshd[7779]: Connection closed by 106.13.136.3 port 45466 [preauth]	2020-02-21 14:17:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.136.238
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42465
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.136.238.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 17 18:01:42 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 238.136.13.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 238.136.13.106.in-addr.arpa: SERVFAIL

IP	类型	评论内容	时间
221.224.114.229	attackspam	Brute force attack stopped by firewall	2019-06-27 10:03:55
120.209.233.191	attackspam	Brute force attack stopped by firewall	2019-06-27 10:01:07
132.232.74.106	attackbotsspam	Jun 27 00:48:09 server sshd[29760]: Failed password for invalid user jzapata from 132.232.74.106 port 33836 ssh2 Jun 27 00:50:22 server sshd[30324]: Failed password for invalid user app from 132.232.74.106 port 54464 ssh2 Jun 27 00:52:08 server sshd[30784]: Failed password for invalid user steph from 132.232.74.106 port 43268 ssh2	2019-06-27 09:50:05
58.187.171.111	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-26 02:14:34,764 INFO [shellcode_manager] (58.187.171.111) no match, writing hexdump (352506c5e47032f570116a22c7fd3507 :1886973) - MS17010 (EternalBlue)	2019-06-27 10:13:12
36.66.149.211	attackbots	Jun 27 02:27:32 62-210-73-4 sshd\[28703\]: Invalid user postgres from 36.66.149.211 port 40332 Jun 27 02:27:32 62-210-73-4 sshd\[28703\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.66.149.211 ...	2019-06-27 09:48:29
141.98.81.38	attackspam	ports scanning	2019-06-27 09:53:31
60.172.231.12	attackbots	Brute force attack to crack SMTP password (port 25 / 587)	2019-06-27 09:50:53
222.217.221.178	attackbots	Brute force attack stopped by firewall	2019-06-27 09:49:09
81.1.242.165	attackspambots	failed_logins	2019-06-27 09:47:40
115.165.0.224	attackspambots	Jun 27 01:27:33 vps647732 sshd[10444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.165.0.224 Jun 27 01:27:34 vps647732 sshd[10444]: Failed password for invalid user 1q from 115.165.0.224 port 48162 ssh2 ...	2019-06-27 10:24:16
218.57.142.194	attack	Brute force attack stopped by firewall	2019-06-27 10:12:46
103.48.193.7	attackbots	Jun 25 00:05:47 xm3 sshd[12188]: Failed password for invalid user chef from 103.48.193.7 port 52760 ssh2 Jun 25 00:05:47 xm3 sshd[12188]: Received disconnect from 103.48.193.7: 11: Bye Bye [preauth] Jun 25 00:08:18 xm3 sshd[17394]: Failed password for invalid user ubuntu from 103.48.193.7 port 46554 ssh2 Jun 25 00:08:18 xm3 sshd[17394]: Received disconnect from 103.48.193.7: 11: Bye Bye [preauth] Jun 25 00:10:18 xm3 sshd[23872]: Failed password for invalid user stage from 103.48.193.7 port 35456 ssh2 Jun 25 00:10:18 xm3 sshd[23872]: Received disconnect from 103.48.193.7: 11: Bye Bye [preauth] Jun 25 00:12:12 xm3 sshd[26835]: Failed password for invalid user pul from 103.48.193.7 port 52604 ssh2 Jun 25 00:12:12 xm3 sshd[26835]: Received disconnect from 103.48.193.7: 11: Bye Bye [preauth] Jun 25 00:14:04 xm3 sshd[27985]: Failed password for invalid user store from 103.48.193.7 port 41504 ssh2 Jun 25 00:14:04 xm3 sshd[27985]: Received disconnect from 103.48.193.7: 11: Bye ........ -------------------------------	2019-06-27 10:22:19
60.173.79.120	attackspam	Brute force attack stopped by firewall	2019-06-27 09:55:04
196.205.110.229	attack	2019-06-27T01:41:18.308488test01.cajus.name sshd\[22148\]: Invalid user hplip from 196.205.110.229 port 62008 2019-06-27T01:41:18.324246test01.cajus.name sshd\[22148\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.205.110.229 2019-06-27T01:41:20.147029test01.cajus.name sshd\[22148\]: Failed password for invalid user hplip from 196.205.110.229 port 62008 ssh2	2019-06-27 09:56:16
222.91.248.106	attack	Brute force attack stopped by firewall	2019-06-27 09:55:53

最近上报的IP列表

111.32.33.111	131.235.199.189	187.215.223.42	107.89.135.97
167.122.251.5	177.154.239.52	243.146.191.155	168.169.25.18
239.201.83.37	163.45.234.114	226.66.84.189	181.171.227.166
180.180.110.248	185.251.15.109	180.160.48.163	222.133.139.110
84.54.191.52	180.142.250.230	2604:3d09:b981:c00:422:f186:4eeb:91f2	2.40.135.176