106.13.138.3 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Apr 8 16:41:02 host01 sshd[22477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 Apr 8 16:41:04 host01 sshd[22477]: Failed password for invalid user sam from 106.13.138.3 port 53468 ssh2 Apr 8 16:47:04 host01 sshd[23525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 ...	2020-04-09 00:31:26
attackbotsspam	Invalid user mxh from 106.13.138.3 port 58630	2020-04-03 15:24:42
attackspam	Mar 30 18:42:40 plex sshd[12354]: Failed password for invalid user ys from 106.13.138.3 port 35284 ssh2 Mar 30 18:46:35 plex sshd[12447]: Invalid user ys from 106.13.138.3 port 53722 Mar 30 18:46:35 plex sshd[12447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 Mar 30 18:46:35 plex sshd[12447]: Invalid user ys from 106.13.138.3 port 53722 Mar 30 18:46:37 plex sshd[12447]: Failed password for invalid user ys from 106.13.138.3 port 53722 ssh2	2020-03-31 00:48:33
attack	Mar 28 23:02:52 eventyay sshd[22002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 Mar 28 23:02:54 eventyay sshd[22002]: Failed password for invalid user wqd from 106.13.138.3 port 41602 ssh2 Mar 28 23:06:18 eventyay sshd[22143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 ...	2020-03-29 06:22:56
attack	DATE:2020-03-04 01:36:03, IP:106.13.138.3, PORT:ssh SSH brute force auth (docker-dc)	2020-03-04 09:40:32
attackspambots	Feb 21 15:54:21 silence02 sshd[17044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 Feb 21 15:54:23 silence02 sshd[17044]: Failed password for invalid user server from 106.13.138.3 port 34152 ssh2 Feb 21 15:58:50 silence02 sshd[17284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3	2020-02-22 03:57:22
attackspambots	DATE:2020-02-20 14:29:27, IP:106.13.138.3, PORT:ssh SSH brute force auth (docker-dc)	2020-02-20 23:01:11
attack	Invalid user udbhav from 106.13.138.3 port 51304	2020-02-02 08:05:07
attackspam	(sshd) Failed SSH login from 106.13.138.3 (CN/China/-): 5 in the last 3600 secs	2020-01-17 05:47:58
attackbots	Jan 4 00:25:54 ArkNodeAT sshd\[30113\]: Invalid user maverick from 106.13.138.3 Jan 4 00:25:54 ArkNodeAT sshd\[30113\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 Jan 4 00:25:56 ArkNodeAT sshd\[30113\]: Failed password for invalid user maverick from 106.13.138.3 port 41472 ssh2	2020-01-04 07:29:15
attack	2019-12-05T23:50:43.715211abusebot.cloudsearch.cf sshd\[30405\]: Invalid user applmgr from 106.13.138.3 port 52428	2019-12-06 08:00:29
attack	SSH brute-force: detected 7 distinct usernames within a 24-hour window.	2019-12-04 22:21:04

相同子网IP讨论:

IP	类型	评论内容	时间
106.13.138.162	attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-13 07:50:30
106.13.138.162	attackspam	Jul 4 14:13:49 debian-2gb-nbg1-2 kernel: \[16123447.427878\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=106.13.138.162 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=10958 PROTO=TCP SPT=56704 DPT=14441 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-04 20:59:09
106.13.138.162	attackspambots	TCP (SYN) 106.13.138.162:59032 -> port 66, len 44	2020-06-02 04:48:48
106.13.138.236	attackspambots	2020-05-27T22:38:46.616820lavrinenko.info sshd[7894]: Failed password for invalid user pgsql from 106.13.138.236 port 47760 ssh2 2020-05-27T22:40:54.937872lavrinenko.info sshd[7942]: Invalid user open from 106.13.138.236 port 51342 2020-05-27T22:40:54.944658lavrinenko.info sshd[7942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236 2020-05-27T22:40:54.937872lavrinenko.info sshd[7942]: Invalid user open from 106.13.138.236 port 51342 2020-05-27T22:40:56.908189lavrinenko.info sshd[7942]: Failed password for invalid user open from 106.13.138.236 port 51342 ssh2 ...	2020-05-28 04:23:48
106.13.138.236	attackbotsspam	May 24 14:06:38 h1745522 sshd[20114]: Invalid user gb from 106.13.138.236 port 59368 May 24 14:06:38 h1745522 sshd[20114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236 May 24 14:06:38 h1745522 sshd[20114]: Invalid user gb from 106.13.138.236 port 59368 May 24 14:06:40 h1745522 sshd[20114]: Failed password for invalid user gb from 106.13.138.236 port 59368 ssh2 May 24 14:08:57 h1745522 sshd[20157]: Invalid user liuqiuhua from 106.13.138.236 port 34714 May 24 14:08:57 h1745522 sshd[20157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236 May 24 14:08:57 h1745522 sshd[20157]: Invalid user liuqiuhua from 106.13.138.236 port 34714 May 24 14:08:59 h1745522 sshd[20157]: Failed password for invalid user liuqiuhua from 106.13.138.236 port 34714 ssh2 May 24 14:11:27 h1745522 sshd[20413]: Invalid user wws from 106.13.138.236 port 38290 ...	2020-05-25 00:17:22
106.13.138.236	attackspam	Invalid user bwh from 106.13.138.236 port 60724	2020-05-22 16:59:05
106.13.138.236	attackspam	SSH Invalid Login	2020-05-21 05:48:21
106.13.138.162	attackspambots	SSH Brute Force	2020-04-29 13:00:17
106.13.138.236	attack	Apr 28 09:52:30 s158375 sshd[14880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236	2020-04-29 02:02:07
106.13.138.236	attack	2020-04-25T06:00:27.742439vps751288.ovh.net sshd\[18497\]: Invalid user tanis from 106.13.138.236 port 47462 2020-04-25T06:00:27.752913vps751288.ovh.net sshd\[18497\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236 2020-04-25T06:00:29.720683vps751288.ovh.net sshd\[18497\]: Failed password for invalid user tanis from 106.13.138.236 port 47462 ssh2 2020-04-25T06:06:13.801704vps751288.ovh.net sshd\[18565\]: Invalid user mario from 106.13.138.236 port 33972 2020-04-25T06:06:13.807174vps751288.ovh.net sshd\[18565\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236	2020-04-25 12:32:09
106.13.138.236	attack	no	2020-04-18 17:25:00
106.13.138.162	attack	(sshd) Failed SSH login from 106.13.138.162 (CN/China/-): 5 in the last 3600 secs	2020-04-11 14:16:54
106.13.138.162	attackbots	SSH Brute-Force Attack	2020-04-09 16:57:58
106.13.138.162	attackbotsspam	Apr 8 14:49:41 ns392434 sshd[2006]: Invalid user vanessa from 106.13.138.162 port 45412 Apr 8 14:49:41 ns392434 sshd[2006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.162 Apr 8 14:49:41 ns392434 sshd[2006]: Invalid user vanessa from 106.13.138.162 port 45412 Apr 8 14:49:43 ns392434 sshd[2006]: Failed password for invalid user vanessa from 106.13.138.162 port 45412 ssh2 Apr 8 14:54:22 ns392434 sshd[2152]: Invalid user sysadm from 106.13.138.162 port 34688 Apr 8 14:54:22 ns392434 sshd[2152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.162 Apr 8 14:54:22 ns392434 sshd[2152]: Invalid user sysadm from 106.13.138.162 port 34688 Apr 8 14:54:23 ns392434 sshd[2152]: Failed password for invalid user sysadm from 106.13.138.162 port 34688 ssh2 Apr 8 14:57:43 ns392434 sshd[2307]: Invalid user postgres from 106.13.138.162 port 42742	2020-04-08 22:40:29
106.13.138.236	attackspam	$f2bV_matches	2020-04-05 14:17:08

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.138.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10256
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.138.3.			IN	A

;; AUTHORITY SECTION:
.			529	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120401 1800 900 604800 86400

;; Query time: 87 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 04 22:20:59 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 3.138.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 3.138.13.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
136.244.119.236	attackbots	Brute forcing RDP port 3389	2020-01-25 13:07:32
176.36.192.193	attackspam	SSH Login Bruteforce	2020-01-25 08:46:04
123.133.78.120	attackbotsspam	Unauthorized connection attempt detected from IP address 123.133.78.120 to port 1433 [J]	2020-01-25 08:50:44
45.141.84.25	attack	Hacking	2020-01-25 13:03:04
123.206.81.109	attack	Unauthorized connection attempt detected from IP address 123.206.81.109 to port 2220 [J]	2020-01-25 13:18:07
45.55.136.206	attackbotsspam	Unauthorized connection attempt detected from IP address 45.55.136.206 to port 2220 [J]	2020-01-25 08:35:27
128.127.104.80	attack	25.01.2020 05:57:55 - Login Fail on hMailserver Detected by ELinOX-hMail-A2F	2020-01-25 13:04:11
222.186.190.2	attackbots	Unauthorized connection attempt detected from IP address 222.186.190.2 to port 22 [J]	2020-01-25 13:16:55
1.52.241.173	attackbotsspam	Unauthorized connection attempt detected from IP address 1.52.241.173 to port 23 [J]	2020-01-25 08:38:50
117.169.14.6	attackspam	Fail2Ban Ban Triggered	2020-01-25 13:07:14
106.13.81.162	attack	Unauthorized connection attempt detected from IP address 106.13.81.162 to port 2220 [J]	2020-01-25 08:55:52
73.46.72.104	attack	Jan 25 05:57:40 localhost sshd\[3001\]: Invalid user dolla from 73.46.72.104 port 57170 Jan 25 05:57:40 localhost sshd\[3001\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.46.72.104 Jan 25 05:57:42 localhost sshd\[3001\]: Failed password for invalid user dolla from 73.46.72.104 port 57170 ssh2	2020-01-25 13:11:57
222.186.30.167	attack	Jan 25 00:31:49 vps sshd[10355]: Failed password for root from 222.186.30.167 port 36000 ssh2 Jan 25 00:31:52 vps sshd[10355]: Failed password for root from 222.186.30.167 port 36000 ssh2 Jan 25 00:31:54 vps sshd[10355]: Failed password for root from 222.186.30.167 port 36000 ssh2 ...	2020-01-25 08:39:22
47.93.13.135	attackbots	Unauthorized connection attempt detected from IP address 47.93.13.135 to port 1433 [J]	2020-01-25 08:34:34
222.186.173.238	attackbots	Jan 25 06:11:43 srv206 sshd[23182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root Jan 25 06:11:44 srv206 sshd[23182]: Failed password for root from 222.186.173.238 port 4092 ssh2 ...	2020-01-25 13:14:34

最近上报的IP列表

219.146.35.222	216.136.157.117	74.37.102.94	123.49.184.93
102.63.130.213	194.184.137.220	171.5.190.235	65.203.240.71
154.79.52.32	215.219.211.247	178.142.34.204	182.200.31.38
139.191.147.98	94.224.88.208	181.128.8.160	157.245.185.106
157.147.118.35	27.67.197.210	156.238.163.76	138.99.189.202