106.13.138.238

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	2019-12-15T21:20:09.046611vps751288.ovh.net sshd\[14781\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.238 user=root 2019-12-15T21:20:11.351458vps751288.ovh.net sshd\[14781\]: Failed password for root from 106.13.138.238 port 44220 ssh2 2019-12-15T21:26:21.077048vps751288.ovh.net sshd\[14842\]: Invalid user asoke from 106.13.138.238 port 41586 2019-12-15T21:26:21.083431vps751288.ovh.net sshd\[14842\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.238 2019-12-15T21:26:23.458738vps751288.ovh.net sshd\[14842\]: Failed password for invalid user asoke from 106.13.138.238 port 41586 ssh2	2019-12-16 04:44:45
attackbots	Dec 12 09:37:12 mail1 sshd\[21640\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.238 user=root Dec 12 09:37:14 mail1 sshd\[21640\]: Failed password for root from 106.13.138.238 port 50676 ssh2 Dec 12 10:05:52 mail1 sshd\[2224\]: Invalid user wyndham from 106.13.138.238 port 39016 Dec 12 10:05:52 mail1 sshd\[2224\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.238 Dec 12 10:05:54 mail1 sshd\[2224\]: Failed password for invalid user wyndham from 106.13.138.238 port 39016 ssh2 ...	2019-12-12 22:02:34
attackspam	Dec 5 09:39:47 MK-Soft-VM4 sshd[19005]: Failed password for root from 106.13.138.238 port 56122 ssh2 ...	2019-12-05 17:29:05
attackspam	Nov 17 07:15:42 auw2 sshd\[11897\]: Invalid user cegelsk from 106.13.138.238 Nov 17 07:15:42 auw2 sshd\[11897\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.238 Nov 17 07:15:43 auw2 sshd\[11897\]: Failed password for invalid user cegelsk from 106.13.138.238 port 53874 ssh2 Nov 17 07:20:15 auw2 sshd\[12220\]: Invalid user !m3\$tarZ from 106.13.138.238 Nov 17 07:20:15 auw2 sshd\[12220\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.238	2019-11-18 02:11:01
attackbots	SSH Brute Force, server-1 sshd[30245]: Failed password for root from 106.13.138.238 port 45978 ssh2	2019-11-11 22:27:14
attackspambots	Oct 31 05:05:27 legacy sshd[583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.238 Oct 31 05:05:29 legacy sshd[583]: Failed password for invalid user vv from 106.13.138.238 port 52190 ssh2 Oct 31 05:10:37 legacy sshd[727]: Failed password for root from 106.13.138.238 port 33882 ssh2 ...	2019-10-31 16:35:20
attackspambots	Oct 20 05:21:57 mx01 sshd[12518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.238 user=r.r Oct 20 05:21:59 mx01 sshd[12518]: Failed password for r.r from 106.13.138.238 port 41534 ssh2 Oct 20 05:21:59 mx01 sshd[12518]: Received disconnect from 106.13.138.238: 11: Bye Bye [preauth] Oct 20 05:37:43 mx01 sshd[14040]: Invalid user jr from 106.13.138.238 Oct 20 05:37:43 mx01 sshd[14040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.238 Oct 20 05:37:45 mx01 sshd[14040]: Failed password for invalid user jr from 106.13.138.238 port 32998 ssh2 Oct 20 05:37:45 mx01 sshd[14040]: Received disconnect from 106.13.138.238: 11: Bye Bye [preauth] Oct 20 05:42:00 mx01 sshd[14450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.238 user=r.r Oct 20 05:42:02 mx01 sshd[14450]: Failed password for r.r from 106.13.138.238 port 38674........ -------------------------------	2019-10-21 08:15:21

Comments on same subnet:

IP	Type	Details	Datetime
106.13.138.162	attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-13 07:50:30
106.13.138.162	attackspam	Jul 4 14:13:49 debian-2gb-nbg1-2 kernel: \[16123447.427878\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=106.13.138.162 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=10958 PROTO=TCP SPT=56704 DPT=14441 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-04 20:59:09
106.13.138.162	attackspambots	TCP (SYN) 106.13.138.162:59032 -> port 66, len 44	2020-06-02 04:48:48
106.13.138.236	attackspambots	2020-05-27T22:38:46.616820lavrinenko.info sshd[7894]: Failed password for invalid user pgsql from 106.13.138.236 port 47760 ssh2 2020-05-27T22:40:54.937872lavrinenko.info sshd[7942]: Invalid user open from 106.13.138.236 port 51342 2020-05-27T22:40:54.944658lavrinenko.info sshd[7942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236 2020-05-27T22:40:54.937872lavrinenko.info sshd[7942]: Invalid user open from 106.13.138.236 port 51342 2020-05-27T22:40:56.908189lavrinenko.info sshd[7942]: Failed password for invalid user open from 106.13.138.236 port 51342 ssh2 ...	2020-05-28 04:23:48
106.13.138.236	attackbotsspam	May 24 14:06:38 h1745522 sshd[20114]: Invalid user gb from 106.13.138.236 port 59368 May 24 14:06:38 h1745522 sshd[20114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236 May 24 14:06:38 h1745522 sshd[20114]: Invalid user gb from 106.13.138.236 port 59368 May 24 14:06:40 h1745522 sshd[20114]: Failed password for invalid user gb from 106.13.138.236 port 59368 ssh2 May 24 14:08:57 h1745522 sshd[20157]: Invalid user liuqiuhua from 106.13.138.236 port 34714 May 24 14:08:57 h1745522 sshd[20157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236 May 24 14:08:57 h1745522 sshd[20157]: Invalid user liuqiuhua from 106.13.138.236 port 34714 May 24 14:08:59 h1745522 sshd[20157]: Failed password for invalid user liuqiuhua from 106.13.138.236 port 34714 ssh2 May 24 14:11:27 h1745522 sshd[20413]: Invalid user wws from 106.13.138.236 port 38290 ...	2020-05-25 00:17:22
106.13.138.236	attackspam	Invalid user bwh from 106.13.138.236 port 60724	2020-05-22 16:59:05
106.13.138.236	attackspam	SSH Invalid Login	2020-05-21 05:48:21
106.13.138.162	attackspambots	SSH Brute Force	2020-04-29 13:00:17
106.13.138.236	attack	Apr 28 09:52:30 s158375 sshd[14880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236	2020-04-29 02:02:07
106.13.138.236	attack	2020-04-25T06:00:27.742439vps751288.ovh.net sshd\[18497\]: Invalid user tanis from 106.13.138.236 port 47462 2020-04-25T06:00:27.752913vps751288.ovh.net sshd\[18497\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236 2020-04-25T06:00:29.720683vps751288.ovh.net sshd\[18497\]: Failed password for invalid user tanis from 106.13.138.236 port 47462 ssh2 2020-04-25T06:06:13.801704vps751288.ovh.net sshd\[18565\]: Invalid user mario from 106.13.138.236 port 33972 2020-04-25T06:06:13.807174vps751288.ovh.net sshd\[18565\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.236	2020-04-25 12:32:09
106.13.138.236	attack	no	2020-04-18 17:25:00
106.13.138.162	attack	(sshd) Failed SSH login from 106.13.138.162 (CN/China/-): 5 in the last 3600 secs	2020-04-11 14:16:54
106.13.138.162	attackbots	SSH Brute-Force Attack	2020-04-09 16:57:58
106.13.138.3	attack	Apr 8 16:41:02 host01 sshd[22477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 Apr 8 16:41:04 host01 sshd[22477]: Failed password for invalid user sam from 106.13.138.3 port 53468 ssh2 Apr 8 16:47:04 host01 sshd[23525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.3 ...	2020-04-09 00:31:26
106.13.138.162	attackbotsspam	Apr 8 14:49:41 ns392434 sshd[2006]: Invalid user vanessa from 106.13.138.162 port 45412 Apr 8 14:49:41 ns392434 sshd[2006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.162 Apr 8 14:49:41 ns392434 sshd[2006]: Invalid user vanessa from 106.13.138.162 port 45412 Apr 8 14:49:43 ns392434 sshd[2006]: Failed password for invalid user vanessa from 106.13.138.162 port 45412 ssh2 Apr 8 14:54:22 ns392434 sshd[2152]: Invalid user sysadm from 106.13.138.162 port 34688 Apr 8 14:54:22 ns392434 sshd[2152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.162 Apr 8 14:54:22 ns392434 sshd[2152]: Invalid user sysadm from 106.13.138.162 port 34688 Apr 8 14:54:23 ns392434 sshd[2152]: Failed password for invalid user sysadm from 106.13.138.162 port 34688 ssh2 Apr 8 14:57:43 ns392434 sshd[2307]: Invalid user postgres from 106.13.138.162 port 42742	2020-04-08 22:40:29

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.138.238
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42898
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.138.238.			IN	A

;; AUTHORITY SECTION:
.			296	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102001 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 21 08:15:18 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 238.138.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 238.138.13.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
157.230.253.85	attack	Jul 10 05:34:37 onepixel sshd[1849733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.253.85 Jul 10 05:34:37 onepixel sshd[1849733]: Invalid user viktor from 157.230.253.85 port 42232 Jul 10 05:34:39 onepixel sshd[1849733]: Failed password for invalid user viktor from 157.230.253.85 port 42232 ssh2 Jul 10 05:38:06 onepixel sshd[1851708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.253.85 user=nginx Jul 10 05:38:07 onepixel sshd[1851708]: Failed password for nginx from 157.230.253.85 port 37254 ssh2	2020-07-10 16:15:11
139.215.217.181	attackspam	$f2bV_matches	2020-07-10 16:12:43
115.159.119.35	attackspam	(sshd) Failed SSH login from 115.159.119.35 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 10 08:53:55 amsweb01 sshd[20899]: Invalid user charlott from 115.159.119.35 port 55770 Jul 10 08:53:57 amsweb01 sshd[20899]: Failed password for invalid user charlott from 115.159.119.35 port 55770 ssh2 Jul 10 09:01:33 amsweb01 sshd[22225]: Invalid user customer from 115.159.119.35 port 40888 Jul 10 09:01:35 amsweb01 sshd[22225]: Failed password for invalid user customer from 115.159.119.35 port 40888 ssh2 Jul 10 09:05:41 amsweb01 sshd[22847]: Invalid user test from 115.159.119.35 port 54184	2020-07-10 15:50:12
35.185.51.208	attack	35.185.51.208 - - [10/Jul/2020:06:00:40 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.185.51.208 - - [10/Jul/2020:06:26:55 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-10 16:25:30
74.102.43.30	attack	Icarus honeypot on github	2020-07-10 16:10:30
116.232.64.187	attackspambots	Jul 10 09:55:21 ns381471 sshd[3147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.232.64.187 Jul 10 09:55:24 ns381471 sshd[3147]: Failed password for invalid user netadmin from 116.232.64.187 port 46132 ssh2	2020-07-10 16:08:21
190.153.27.98	attackbots	Jul 10 06:38:19 srv-ubuntu-dev3 sshd[126833]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.153.27.98 user=mail Jul 10 06:38:21 srv-ubuntu-dev3 sshd[126833]: Failed password for mail from 190.153.27.98 port 35226 ssh2 Jul 10 06:41:45 srv-ubuntu-dev3 sshd[127404]: Invalid user liyongfeng from 190.153.27.98 Jul 10 06:41:45 srv-ubuntu-dev3 sshd[127404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.153.27.98 Jul 10 06:41:45 srv-ubuntu-dev3 sshd[127404]: Invalid user liyongfeng from 190.153.27.98 Jul 10 06:41:47 srv-ubuntu-dev3 sshd[127404]: Failed password for invalid user liyongfeng from 190.153.27.98 port 56970 ssh2 Jul 10 06:45:20 srv-ubuntu-dev3 sshd[128014]: Invalid user sampson from 190.153.27.98 Jul 10 06:45:20 srv-ubuntu-dev3 sshd[128014]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.153.27.98 Jul 10 06:45:20 srv-ubuntu-dev3 sshd[128014]: Inva ...	2020-07-10 16:00:43
113.161.69.158	attackspam	Jul 10 06:22:22 meumeu sshd[267668]: Invalid user melchor from 113.161.69.158 port 54814 Jul 10 06:22:22 meumeu sshd[267668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.69.158 Jul 10 06:22:22 meumeu sshd[267668]: Invalid user melchor from 113.161.69.158 port 54814 Jul 10 06:22:24 meumeu sshd[267668]: Failed password for invalid user melchor from 113.161.69.158 port 54814 ssh2 Jul 10 06:26:13 meumeu sshd[267787]: Invalid user jayasri from 113.161.69.158 port 51518 Jul 10 06:26:13 meumeu sshd[267787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.69.158 Jul 10 06:26:13 meumeu sshd[267787]: Invalid user jayasri from 113.161.69.158 port 51518 Jul 10 06:26:15 meumeu sshd[267787]: Failed password for invalid user jayasri from 113.161.69.158 port 51518 ssh2 Jul 10 06:29:51 meumeu sshd[267918]: Invalid user foster from 113.161.69.158 port 48215 ...	2020-07-10 16:25:17
221.195.1.201	attack	Jul 10 05:52:28 sso sshd[16816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.195.1.201 Jul 10 05:52:30 sso sshd[16816]: Failed password for invalid user wang from 221.195.1.201 port 40490 ssh2 ...	2020-07-10 16:27:38
46.38.148.18	attackbots	Jul 10 09:45:42 relay postfix/smtpd\[19345\]: warning: unknown\[46.38.148.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 10 09:46:08 relay postfix/smtpd\[23715\]: warning: unknown\[46.38.148.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 10 09:46:35 relay postfix/smtpd\[19345\]: warning: unknown\[46.38.148.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 10 09:47:02 relay postfix/smtpd\[19346\]: warning: unknown\[46.38.148.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 10 09:47:29 relay postfix/smtpd\[18729\]: warning: unknown\[46.38.148.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-10 15:47:43
186.93.52.249	attackbotsspam	Automatic report - XMLRPC Attack	2020-07-10 16:06:36
192.241.237.172	attackbots	07/10/2020-01:17:50.349321 192.241.237.172 Protocol: 6 ET SCAN Suspicious inbound to Oracle SQL port 1521	2020-07-10 16:11:59
222.186.175.215	attack	Jul 10 08:43:25 ajax sshd[24586]: Failed password for root from 222.186.175.215 port 53480 ssh2 Jul 10 08:43:30 ajax sshd[24586]: Failed password for root from 222.186.175.215 port 53480 ssh2	2020-07-10 15:47:10
203.6.237.234	attackbots	fail2ban	2020-07-10 16:28:23
36.72.214.56	attackspam	Jul 10 08:17:00 vps687878 sshd\[27765\]: Invalid user jiabo from 36.72.214.56 port 38809 Jul 10 08:17:00 vps687878 sshd\[27765\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.72.214.56 Jul 10 08:17:02 vps687878 sshd\[27765\]: Failed password for invalid user jiabo from 36.72.214.56 port 38809 ssh2 Jul 10 08:22:11 vps687878 sshd\[28355\]: Invalid user scott from 36.72.214.56 port 58007 Jul 10 08:22:11 vps687878 sshd\[28355\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.72.214.56 ...	2020-07-10 16:24:15

Recently Reported IPs

169.246.192.162	150.185.198.215	10.122.215.128	14.251.202.10
160.155.159.222	69.185.107.176	83.204.138.215	65.52.209.86
159.143.225.150	222.6.77.215	83.217.61.166	67.136.129.223
218.156.235.244	110.35.204.236	109.60.61.51	106.13.196.80
159.89.122.208	138.121.114.12	77.55.210.147	171.97.116.124