106.13.138.3 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Apr 8 16:41:02 host01 sshd[22477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 Apr 8 16:41:04 host01 sshd[22477]: Failed password for invalid user sam from 106.13.138.3 port 53468 ssh2 Apr 8 16:47:04 host01 sshd[23525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 ...	2020-04-09 00:31:26
attackbotsspam	Invalid user mxh from 106.13.138.3 port 58630	2020-04-03 15:24:42
attackspam	Mar 30 18:42:40 plex sshd[12354]: Failed password for invalid user ys from 106.13.138.3 port 35284 ssh2 Mar 30 18:46:35 plex sshd[12447]: Invalid user ys from 106.13.138.3 port 53722 Mar 30 18:46:35 plex sshd[12447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 Mar 30 18:46:35 plex sshd[12447]: Invalid user ys from 106.13.138.3 port 53722 Mar 30 18:46:37 plex sshd[12447]: Failed password for invalid user ys from 106.13.138.3 port 53722 ssh2	2020-03-31 00:48:33
attack	Mar 28 23:02:52 eventyay sshd[22002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 Mar 28 23:02:54 eventyay sshd[22002]: Failed password for invalid user wqd from 106.13.138.3 port 41602 ssh2 Mar 28 23:06:18 eventyay sshd[22143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 ...	2020-03-29 06:22:56
attack	DATE:2020-03-04 01:36:03, IP:106.13.138.3, PORT:ssh SSH brute force auth (docker-dc)	2020-03-04 09:40:32
attackspambots	Feb 21 15:54:21 silence02 sshd[17044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 Feb 21 15:54:23 silence02 sshd[17044]: Failed password for invalid user server from 106.13.138.3 port 34152 ssh2 Feb 21 15:58:50 silence02 sshd[17284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3	2020-02-22 03:57:22
attackspambots	DATE:2020-02-20 14:29:27, IP:106.13.138.3, PORT:ssh SSH brute force auth (docker-dc)	2020-02-20 23:01:11
attack	Invalid user udbhav from 106.13.138.3 port 51304	2020-02-02 08:05:07
attackspam	(sshd) Failed SSH login from 106.13.138.3 (CN/China/-): 5 in the last 3600 secs	2020-01-17 05:47:58
attackbots	Jan 4 00:25:54 ArkNodeAT sshd\[30113\]: Invalid user maverick from 106.13.138.3 Jan 4 00:25:54 ArkNodeAT sshd\[30113\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 Jan 4 00:25:56 ArkNodeAT sshd\[30113\]: Failed password for invalid user maverick from 106.13.138.3 port 41472 ssh2	2020-01-04 07:29:15
attack	2019-12-05T23:50:43.715211abusebot.cloudsearch.cf sshd\[30405\]: Invalid user applmgr from 106.13.138.3 port 52428	2019-12-06 08:00:29
attack	SSH brute-force: detected 7 distinct usernames within a 24-hour window.	2019-12-04 22:21:04

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.138.162	attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-13 07:50:30
106.13.138.162	attackspam	Jul 4 14:13:49 debian-2gb-nbg1-2 kernel: \[16123447.427878\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=106.13.138.162 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=10958 PROTO=TCP SPT=56704 DPT=14441 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-04 20:59:09
106.13.138.162	attackspambots	TCP (SYN) 106.13.138.162:59032 -> port 66, len 44	2020-06-02 04:48:48
106.13.138.236	attackspambots	2020-05-27T22:38:46.616820lavrinenko.info sshd[7894]: Failed password for invalid user pgsql from 106.13.138.236 port 47760 ssh2 2020-05-27T22:40:54.937872lavrinenko.info sshd[7942]: Invalid user open from 106.13.138.236 port 51342 2020-05-27T22:40:54.944658lavrinenko.info sshd[7942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236 2020-05-27T22:40:54.937872lavrinenko.info sshd[7942]: Invalid user open from 106.13.138.236 port 51342 2020-05-27T22:40:56.908189lavrinenko.info sshd[7942]: Failed password for invalid user open from 106.13.138.236 port 51342 ssh2 ...	2020-05-28 04:23:48
106.13.138.236	attackbotsspam	May 24 14:06:38 h1745522 sshd[20114]: Invalid user gb from 106.13.138.236 port 59368 May 24 14:06:38 h1745522 sshd[20114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236 May 24 14:06:38 h1745522 sshd[20114]: Invalid user gb from 106.13.138.236 port 59368 May 24 14:06:40 h1745522 sshd[20114]: Failed password for invalid user gb from 106.13.138.236 port 59368 ssh2 May 24 14:08:57 h1745522 sshd[20157]: Invalid user liuqiuhua from 106.13.138.236 port 34714 May 24 14:08:57 h1745522 sshd[20157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236 May 24 14:08:57 h1745522 sshd[20157]: Invalid user liuqiuhua from 106.13.138.236 port 34714 May 24 14:08:59 h1745522 sshd[20157]: Failed password for invalid user liuqiuhua from 106.13.138.236 port 34714 ssh2 May 24 14:11:27 h1745522 sshd[20413]: Invalid user wws from 106.13.138.236 port 38290 ...	2020-05-25 00:17:22
106.13.138.236	attackspam	Invalid user bwh from 106.13.138.236 port 60724	2020-05-22 16:59:05
106.13.138.236	attackspam	SSH Invalid Login	2020-05-21 05:48:21
106.13.138.162	attackspambots	SSH Brute Force	2020-04-29 13:00:17
106.13.138.236	attack	Apr 28 09:52:30 s158375 sshd[14880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236	2020-04-29 02:02:07
106.13.138.236	attack	2020-04-25T06:00:27.742439vps751288.ovh.net sshd\[18497\]: Invalid user tanis from 106.13.138.236 port 47462 2020-04-25T06:00:27.752913vps751288.ovh.net sshd\[18497\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236 2020-04-25T06:00:29.720683vps751288.ovh.net sshd\[18497\]: Failed password for invalid user tanis from 106.13.138.236 port 47462 ssh2 2020-04-25T06:06:13.801704vps751288.ovh.net sshd\[18565\]: Invalid user mario from 106.13.138.236 port 33972 2020-04-25T06:06:13.807174vps751288.ovh.net sshd\[18565\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236	2020-04-25 12:32:09
106.13.138.236	attack	no	2020-04-18 17:25:00
106.13.138.162	attack	(sshd) Failed SSH login from 106.13.138.162 (CN/China/-): 5 in the last 3600 secs	2020-04-11 14:16:54
106.13.138.162	attackbots	SSH Brute-Force Attack	2020-04-09 16:57:58
106.13.138.162	attackbotsspam	Apr 8 14:49:41 ns392434 sshd[2006]: Invalid user vanessa from 106.13.138.162 port 45412 Apr 8 14:49:41 ns392434 sshd[2006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.162 Apr 8 14:49:41 ns392434 sshd[2006]: Invalid user vanessa from 106.13.138.162 port 45412 Apr 8 14:49:43 ns392434 sshd[2006]: Failed password for invalid user vanessa from 106.13.138.162 port 45412 ssh2 Apr 8 14:54:22 ns392434 sshd[2152]: Invalid user sysadm from 106.13.138.162 port 34688 Apr 8 14:54:22 ns392434 sshd[2152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.162 Apr 8 14:54:22 ns392434 sshd[2152]: Invalid user sysadm from 106.13.138.162 port 34688 Apr 8 14:54:23 ns392434 sshd[2152]: Failed password for invalid user sysadm from 106.13.138.162 port 34688 ssh2 Apr 8 14:57:43 ns392434 sshd[2307]: Invalid user postgres from 106.13.138.162 port 42742	2020-04-08 22:40:29
106.13.138.236	attackspam	$f2bV_matches	2020-04-05 14:17:08

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.138.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10256
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.138.3.			IN	A

;; AUTHORITY SECTION:
.			529	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120401 1800 900 604800 86400

;; Query time: 87 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 04 22:20:59 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 3.138.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 3.138.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
45.227.253.58	attack	22 attempts against mh-misbehave-ban on sea	2020-03-05 01:06:22
189.146.207.242	attackbotsspam	Port Scan detected from 189.146.207.242 (MX/Mexico/dsl-189-146-207-242-dyn.prod-infinitum.com.mx). 4 hits in the last 60 seconds	2020-03-05 00:58:36
217.131.117.245	attackspambots	23/tcp [2020-03-04]1pkt	2020-03-05 00:51:18
167.172.171.234	attackbots	Mar 4 13:43:02 firewall sshd[14681]: Invalid user alex from 167.172.171.234 Mar 4 13:43:04 firewall sshd[14681]: Failed password for invalid user alex from 167.172.171.234 port 34130 ssh2 Mar 4 13:52:24 firewall sshd[14899]: Invalid user postgres from 167.172.171.234 ...	2020-03-05 00:52:40
141.98.10.137	attackbotsspam	2020-03-04 17:25:33 dovecot_login authenticator failed for $User$ \[141.98.10.137\]: 535 Incorrect authentication data $set_id=subway$ 2020-03-04 17:25:49 dovecot_login authenticator failed for $User$ \[141.98.10.137\]: 535 Incorrect authentication data $set_id=solutions@no-server.de$ 2020-03-04 17:29:03 dovecot_login authenticator failed for $User$ \[141.98.10.137\]: 535 Incorrect authentication data $set_id=subway$ 2020-03-04 17:29:18 dovecot_login authenticator failed for $User$ \[141.98.10.137\]: 535 Incorrect authentication data $set_id=solutions@no-server.de$ 2020-03-04 17:29:20 dovecot_login authenticator failed for $User$ \[141.98.10.137\]: 535 Incorrect authentication data $set_id=solutions@no-server.de$ ...	2020-03-05 00:45:50
218.92.0.171	attackspam	Mar 4 16:45:53 combo sshd[18916]: Failed password for root from 218.92.0.171 port 63712 ssh2 Mar 4 16:45:57 combo sshd[18916]: Failed password for root from 218.92.0.171 port 63712 ssh2 Mar 4 16:46:00 combo sshd[18916]: Failed password for root from 218.92.0.171 port 63712 ssh2 ...	2020-03-05 00:49:26
219.150.204.159	attack	1433/tcp [2020-03-04]1pkt	2020-03-05 00:49:00
98.116.57.97	attack	81/tcp [2020-03-04]1pkt	2020-03-05 00:42:09
49.235.87.213	attack	Mar 4 18:11:07 pkdns2 sshd\[52343\]: Invalid user chenxinnuo from 49.235.87.213Mar 4 18:11:09 pkdns2 sshd\[52343\]: Failed password for invalid user chenxinnuo from 49.235.87.213 port 54384 ssh2Mar 4 18:14:19 pkdns2 sshd\[52441\]: Failed password for mail from 49.235.87.213 port 34438 ssh2Mar 4 18:17:28 pkdns2 sshd\[52583\]: Invalid user vserver from 49.235.87.213Mar 4 18:17:30 pkdns2 sshd\[52583\]: Failed password for invalid user vserver from 49.235.87.213 port 42734 ssh2Mar 4 18:20:40 pkdns2 sshd\[52723\]: Invalid user patrycja from 49.235.87.213 ...	2020-03-05 00:33:43
103.249.237.117	attack	445/tcp [2020-03-04]1pkt	2020-03-05 00:39:09
94.232.136.126	attack	Mar 4 06:55:02 hpm sshd\[21680\]: Invalid user sai from 94.232.136.126 Mar 4 06:55:02 hpm sshd\[21680\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.232.136.126 Mar 4 06:55:03 hpm sshd\[21680\]: Failed password for invalid user sai from 94.232.136.126 port 45102 ssh2 Mar 4 06:59:57 hpm sshd\[22061\]: Invalid user admin from 94.232.136.126 Mar 4 06:59:57 hpm sshd\[22061\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.232.136.126	2020-03-05 01:00:04
92.118.38.58	attackbots	(smtpauth) Failed SMTP AUTH login from 92.118.38.58 (RO/Romania/ip-38-58.ZervDNS): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2020-03-04 17:50:51 login authenticator failed for (User) [92.118.38.58]: 535 Incorrect authentication data (set_id=seymour@forhosting.nl) 2020-03-04 17:50:59 login authenticator failed for (User) [92.118.38.58]: 535 Incorrect authentication data (set_id=seymour@forhosting.nl) 2020-03-04 17:51:22 login authenticator failed for (User) [92.118.38.58]: 535 Incorrect authentication data (set_id=sfarris@forhosting.nl) 2020-03-04 17:51:29 login authenticator failed for (User) [92.118.38.58]: 535 Incorrect authentication data (set_id=sfarris@forhosting.nl) 2020-03-04 17:51:52 login authenticator failed for (User) [92.118.38.58]: 535 Incorrect authentication data (set_id=sfilip@forhosting.nl)	2020-03-05 01:04:29
220.76.107.50	attack	$f2bV_matches	2020-03-05 00:57:16
185.186.69.114	attack	suspicious action Wed, 04 Mar 2020 10:35:39 -0300	2020-03-05 00:49:41
185.176.27.42	attackbots	firewall-block, port(s): 5231/tcp, 9486/tcp, 12492/tcp, 25270/tcp, 36385/tcp, 46735/tcp, 50253/tcp, 50691/tcp	2020-03-05 00:41:25

最近上报的IP列表

219.146.35.222	216.136.157.117	74.37.102.94	123.49.184.93
102.63.130.213	194.184.137.220	171.5.190.235	65.203.240.71
154.79.52.32	215.219.211.247	178.142.34.204	182.200.31.38
139.191.147.98	94.224.88.208	181.128.8.160	157.245.185.106
157.147.118.35	27.67.197.210	156.238.163.76	138.99.189.202