106.13.138.3 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Apr 8 16:41:02 host01 sshd[22477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 Apr 8 16:41:04 host01 sshd[22477]: Failed password for invalid user sam from 106.13.138.3 port 53468 ssh2 Apr 8 16:47:04 host01 sshd[23525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 ...	2020-04-09 00:31:26
attackbotsspam	Invalid user mxh from 106.13.138.3 port 58630	2020-04-03 15:24:42
attackspam	Mar 30 18:42:40 plex sshd[12354]: Failed password for invalid user ys from 106.13.138.3 port 35284 ssh2 Mar 30 18:46:35 plex sshd[12447]: Invalid user ys from 106.13.138.3 port 53722 Mar 30 18:46:35 plex sshd[12447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 Mar 30 18:46:35 plex sshd[12447]: Invalid user ys from 106.13.138.3 port 53722 Mar 30 18:46:37 plex sshd[12447]: Failed password for invalid user ys from 106.13.138.3 port 53722 ssh2	2020-03-31 00:48:33
attack	Mar 28 23:02:52 eventyay sshd[22002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 Mar 28 23:02:54 eventyay sshd[22002]: Failed password for invalid user wqd from 106.13.138.3 port 41602 ssh2 Mar 28 23:06:18 eventyay sshd[22143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 ...	2020-03-29 06:22:56
attack	DATE:2020-03-04 01:36:03, IP:106.13.138.3, PORT:ssh SSH brute force auth (docker-dc)	2020-03-04 09:40:32
attackspambots	Feb 21 15:54:21 silence02 sshd[17044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 Feb 21 15:54:23 silence02 sshd[17044]: Failed password for invalid user server from 106.13.138.3 port 34152 ssh2 Feb 21 15:58:50 silence02 sshd[17284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3	2020-02-22 03:57:22
attackspambots	DATE:2020-02-20 14:29:27, IP:106.13.138.3, PORT:ssh SSH brute force auth (docker-dc)	2020-02-20 23:01:11
attack	Invalid user udbhav from 106.13.138.3 port 51304	2020-02-02 08:05:07
attackspam	(sshd) Failed SSH login from 106.13.138.3 (CN/China/-): 5 in the last 3600 secs	2020-01-17 05:47:58
attackbots	Jan 4 00:25:54 ArkNodeAT sshd\[30113\]: Invalid user maverick from 106.13.138.3 Jan 4 00:25:54 ArkNodeAT sshd\[30113\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 Jan 4 00:25:56 ArkNodeAT sshd\[30113\]: Failed password for invalid user maverick from 106.13.138.3 port 41472 ssh2	2020-01-04 07:29:15
attack	2019-12-05T23:50:43.715211abusebot.cloudsearch.cf sshd\[30405\]: Invalid user applmgr from 106.13.138.3 port 52428	2019-12-06 08:00:29
attack	SSH brute-force: detected 7 distinct usernames within a 24-hour window.	2019-12-04 22:21:04

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.138.162	attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-13 07:50:30
106.13.138.162	attackspam	Jul 4 14:13:49 debian-2gb-nbg1-2 kernel: \[16123447.427878\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=106.13.138.162 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=10958 PROTO=TCP SPT=56704 DPT=14441 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-04 20:59:09
106.13.138.162	attackspambots	TCP (SYN) 106.13.138.162:59032 -> port 66, len 44	2020-06-02 04:48:48
106.13.138.236	attackspambots	2020-05-27T22:38:46.616820lavrinenko.info sshd[7894]: Failed password for invalid user pgsql from 106.13.138.236 port 47760 ssh2 2020-05-27T22:40:54.937872lavrinenko.info sshd[7942]: Invalid user open from 106.13.138.236 port 51342 2020-05-27T22:40:54.944658lavrinenko.info sshd[7942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236 2020-05-27T22:40:54.937872lavrinenko.info sshd[7942]: Invalid user open from 106.13.138.236 port 51342 2020-05-27T22:40:56.908189lavrinenko.info sshd[7942]: Failed password for invalid user open from 106.13.138.236 port 51342 ssh2 ...	2020-05-28 04:23:48
106.13.138.236	attackbotsspam	May 24 14:06:38 h1745522 sshd[20114]: Invalid user gb from 106.13.138.236 port 59368 May 24 14:06:38 h1745522 sshd[20114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236 May 24 14:06:38 h1745522 sshd[20114]: Invalid user gb from 106.13.138.236 port 59368 May 24 14:06:40 h1745522 sshd[20114]: Failed password for invalid user gb from 106.13.138.236 port 59368 ssh2 May 24 14:08:57 h1745522 sshd[20157]: Invalid user liuqiuhua from 106.13.138.236 port 34714 May 24 14:08:57 h1745522 sshd[20157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236 May 24 14:08:57 h1745522 sshd[20157]: Invalid user liuqiuhua from 106.13.138.236 port 34714 May 24 14:08:59 h1745522 sshd[20157]: Failed password for invalid user liuqiuhua from 106.13.138.236 port 34714 ssh2 May 24 14:11:27 h1745522 sshd[20413]: Invalid user wws from 106.13.138.236 port 38290 ...	2020-05-25 00:17:22
106.13.138.236	attackspam	Invalid user bwh from 106.13.138.236 port 60724	2020-05-22 16:59:05
106.13.138.236	attackspam	SSH Invalid Login	2020-05-21 05:48:21
106.13.138.162	attackspambots	SSH Brute Force	2020-04-29 13:00:17
106.13.138.236	attack	Apr 28 09:52:30 s158375 sshd[14880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236	2020-04-29 02:02:07
106.13.138.236	attack	2020-04-25T06:00:27.742439vps751288.ovh.net sshd\[18497\]: Invalid user tanis from 106.13.138.236 port 47462 2020-04-25T06:00:27.752913vps751288.ovh.net sshd\[18497\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236 2020-04-25T06:00:29.720683vps751288.ovh.net sshd\[18497\]: Failed password for invalid user tanis from 106.13.138.236 port 47462 ssh2 2020-04-25T06:06:13.801704vps751288.ovh.net sshd\[18565\]: Invalid user mario from 106.13.138.236 port 33972 2020-04-25T06:06:13.807174vps751288.ovh.net sshd\[18565\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236	2020-04-25 12:32:09
106.13.138.236	attack	no	2020-04-18 17:25:00
106.13.138.162	attack	(sshd) Failed SSH login from 106.13.138.162 (CN/China/-): 5 in the last 3600 secs	2020-04-11 14:16:54
106.13.138.162	attackbots	SSH Brute-Force Attack	2020-04-09 16:57:58
106.13.138.162	attackbotsspam	Apr 8 14:49:41 ns392434 sshd[2006]: Invalid user vanessa from 106.13.138.162 port 45412 Apr 8 14:49:41 ns392434 sshd[2006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.162 Apr 8 14:49:41 ns392434 sshd[2006]: Invalid user vanessa from 106.13.138.162 port 45412 Apr 8 14:49:43 ns392434 sshd[2006]: Failed password for invalid user vanessa from 106.13.138.162 port 45412 ssh2 Apr 8 14:54:22 ns392434 sshd[2152]: Invalid user sysadm from 106.13.138.162 port 34688 Apr 8 14:54:22 ns392434 sshd[2152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.162 Apr 8 14:54:22 ns392434 sshd[2152]: Invalid user sysadm from 106.13.138.162 port 34688 Apr 8 14:54:23 ns392434 sshd[2152]: Failed password for invalid user sysadm from 106.13.138.162 port 34688 ssh2 Apr 8 14:57:43 ns392434 sshd[2307]: Invalid user postgres from 106.13.138.162 port 42742	2020-04-08 22:40:29
106.13.138.236	attackspam	$f2bV_matches	2020-04-05 14:17:08

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.138.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10256
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.138.3.			IN	A

;; AUTHORITY SECTION:
.			529	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120401 1800 900 604800 86400

;; Query time: 87 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 04 22:20:59 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 3.138.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 3.138.13.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
156.211.136.189	attack	Oct 2 08:03:32 f201 sshd[32759]: reveeclipse mapping checking getaddrinfo for host-156.211.189.136-static.tedata.net [156.211.136.189] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 2 08:03:33 f201 sshd[32759]: Connection closed by 156.211.136.189 [preauth] Oct 2 13:48:51 f201 sshd[24333]: reveeclipse mapping checking getaddrinfo for host-156.211.189.136-static.tedata.net [156.211.136.189] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 2 13:48:52 f201 sshd[24333]: Connection closed by 156.211.136.189 [preauth] Oct 2 14:14:19 f201 sshd[30904]: reveeclipse mapping checking getaddrinfo for host-156.211.189.136-static.tedata.net [156.211.136.189] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 2 14:14:20 f201 sshd[30904]: Connection closed by 156.211.136.189 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=156.211.136.189	2019-10-03 01:48:34
213.32.71.196	attack	2019-10-02T20:32:15.388595enmeeting.mahidol.ac.th sshd\[26307\]: Invalid user matt from 213.32.71.196 port 42988 2019-10-02T20:32:15.407312enmeeting.mahidol.ac.th sshd\[26307\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.ip-213-32-71.eu 2019-10-02T20:32:16.858538enmeeting.mahidol.ac.th sshd\[26307\]: Failed password for invalid user matt from 213.32.71.196 port 42988 ssh2 ...	2019-10-03 01:41:03
221.6.22.203	attack	Oct 2 18:42:17 bouncer sshd\[7477\]: Invalid user ho from 221.6.22.203 port 49018 Oct 2 18:42:17 bouncer sshd\[7477\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.6.22.203 Oct 2 18:42:19 bouncer sshd\[7477\]: Failed password for invalid user ho from 221.6.22.203 port 49018 ssh2 ...	2019-10-03 01:22:22
23.129.64.100	attack	" "	2019-10-03 01:33:47
61.157.91.159	attackbots	Oct 2 11:56:39 xb0 sshd[16455]: Failed password for invalid user irvin from 61.157.91.159 port 50268 ssh2 Oct 2 11:56:39 xb0 sshd[16455]: Received disconnect from 61.157.91.159: 11: Bye Bye [preauth] Oct 2 12:21:55 xb0 sshd[21800]: Failed password for invalid user agsadmin from 61.157.91.159 port 50892 ssh2 Oct 2 12:21:56 xb0 sshd[21800]: Received disconnect from 61.157.91.159: 11: Bye Bye [preauth] Oct 2 12:28:15 xb0 sshd[27538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.157.91.159 user=mysql Oct 2 12:28:17 xb0 sshd[27538]: Failed password for mysql from 61.157.91.159 port 39458 ssh2 Oct 2 12:28:18 xb0 sshd[27538]: Received disconnect from 61.157.91.159: 11: Bye Bye [preauth] Oct 2 12:37:28 xb0 sshd[27143]: Failed password for invalid user user from 61.157.91.159 port 44823 ssh2 Oct 2 12:37:28 xb0 sshd[27143]: Received disconnect from 61.157.91.159: 11: Bye Bye [preauth] Oct 2 12:42:03 xb0 sshd[25856]: Failed ........ -------------------------------	2019-10-03 01:09:26
106.52.24.184	attackspam	Oct 2 17:10:51 ns41 sshd[28799]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.24.184	2019-10-03 01:58:48
31.204.10.67	attackspam	Unauthorized connection attempt from IP address 31.204.10.67 on Port 445(SMB)	2019-10-03 01:33:17
185.120.188.97	attackspam	Unauthorized connection attempt from IP address 185.120.188.97 on Port 445(SMB)	2019-10-03 01:53:38
77.247.110.203	attackbots	\[2019-10-02 13:01:50\] NOTICE\[1948\] chan_sip.c: Registration from '\' failed for '77.247.110.203:58260' - Wrong password \[2019-10-02 13:01:50\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-02T13:01:50.367-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="19000090",SessionID="0x7f1e1c02d9c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.203/58260",Challenge="6f70e61f",ReceivedChallenge="6f70e61f",ReceivedHash="e7f3af31eec60850b696047007a1e28b" \[2019-10-02 13:02:28\] NOTICE\[1948\] chan_sip.c: Registration from '\' failed for '77.247.110.203:50821' - Wrong password \[2019-10-02 13:02:28\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-02T13:02:28.763-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="19000092",SessionID="0x7f1e1c86a428",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77	2019-10-03 01:51:03
112.175.120.216	attackbotsspam	Oct 2 07:15:20 localhost kernel: [3752739.237399] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=112.175.120.216 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=82 ID=5949 DF PROTO=TCP SPT=56422 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 2 07:15:20 localhost kernel: [3752739.237423] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=112.175.120.216 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=82 ID=5949 DF PROTO=TCP SPT=56422 DPT=22 SEQ=912109526 ACK=0 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 2 08:31:35 localhost kernel: [3757314.737323] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=112.175.120.216 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=82 ID=23703 DF PROTO=TCP SPT=65322 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 2 08:31:35 localhost kernel: [3757314.737356] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=112.175.120.216 DST=[mungedIP2] LEN=40 TOS=0	2019-10-03 01:38:02
50.62.208.200	attack	REQUESTED PAGE: /xmlrpc.php	2019-10-03 01:45:51
88.214.56.58	attack	Oct 2 19:23:44 mail sshd\[13774\]: Invalid user logon from 88.214.56.58 Oct 2 19:23:44 mail sshd\[13774\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.214.56.58 Oct 2 19:23:46 mail sshd\[13774\]: Failed password for invalid user logon from 88.214.56.58 port 38624 ssh2	2019-10-03 01:25:21
5.27.226.165	attackbots	Unauthorized connection attempt from IP address 5.27.226.165 on Port 445(SMB)	2019-10-03 01:57:14
124.113.218.153	attackspambots	[Aegis] @ 2019-10-02 13:31:25 0100 -> Sendmail rejected message.	2019-10-03 01:27:09
128.199.252.156	attackspam	Automatic report - Banned IP Access	2019-10-03 01:19:46

最近上报的IP列表

219.146.35.222	216.136.157.117	74.37.102.94	123.49.184.93
102.63.130.213	194.184.137.220	171.5.190.235	65.203.240.71
154.79.52.32	215.219.211.247	178.142.34.204	182.200.31.38
139.191.147.98	94.224.88.208	181.128.8.160	157.245.185.106
157.147.118.35	27.67.197.210	156.238.163.76	138.99.189.202