106.75.13.213 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	2020-07-08T03:41:34.903735abusebot-7.cloudsearch.cf sshd[23596]: Invalid user maude from 106.75.13.213 port 50769 2020-07-08T03:41:34.907841abusebot-7.cloudsearch.cf sshd[23596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213 2020-07-08T03:41:34.903735abusebot-7.cloudsearch.cf sshd[23596]: Invalid user maude from 106.75.13.213 port 50769 2020-07-08T03:41:36.589350abusebot-7.cloudsearch.cf sshd[23596]: Failed password for invalid user maude from 106.75.13.213 port 50769 ssh2 2020-07-08T03:45:11.994502abusebot-7.cloudsearch.cf sshd[23752]: Invalid user mgarcia from 106.75.13.213 port 45909 2020-07-08T03:45:11.998872abusebot-7.cloudsearch.cf sshd[23752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213 2020-07-08T03:45:11.994502abusebot-7.cloudsearch.cf sshd[23752]: Invalid user mgarcia from 106.75.13.213 port 45909 2020-07-08T03:45:14.472927abusebot-7.cloudsearch.cf sshd[23752]: Fa ...	2020-07-08 14:20:13
attack	Jul 6 06:59:14 h2779839 sshd[25685]: Invalid user admin from 106.75.13.213 port 38152 Jul 6 06:59:14 h2779839 sshd[25685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213 Jul 6 06:59:14 h2779839 sshd[25685]: Invalid user admin from 106.75.13.213 port 38152 Jul 6 06:59:17 h2779839 sshd[25685]: Failed password for invalid user admin from 106.75.13.213 port 38152 ssh2 Jul 6 07:02:51 h2779839 sshd[25766]: Invalid user geoeast from 106.75.13.213 port 60260 Jul 6 07:02:51 h2779839 sshd[25766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213 Jul 6 07:02:51 h2779839 sshd[25766]: Invalid user geoeast from 106.75.13.213 port 60260 Jul 6 07:02:53 h2779839 sshd[25766]: Failed password for invalid user geoeast from 106.75.13.213 port 60260 ssh2 Jul 6 07:06:29 h2779839 sshd[25779]: Invalid user zhaoyang from 106.75.13.213 port 54137 ...	2020-07-06 18:07:05
attackspambots	Jul 4 08:52:35 ws24vmsma01 sshd[207988]: Failed password for root from 106.75.13.213 port 39387 ssh2 Jul 4 09:11:01 ws24vmsma01 sshd[143574]: Failed password for root from 106.75.13.213 port 34633 ssh2 ...	2020-07-04 23:59:37
attackspam	detected by Fail2Ban	2020-06-25 18:39:41
attackbotsspam	Jun 1 09:18:50 Tower sshd[9801]: Connection from 106.75.13.213 port 40637 on 192.168.10.220 port 22 rdomain "" Jun 1 09:18:54 Tower sshd[9801]: Failed password for root from 106.75.13.213 port 40637 ssh2 Jun 1 09:18:54 Tower sshd[9801]: Received disconnect from 106.75.13.213 port 40637:11: Bye Bye [preauth] Jun 1 09:18:54 Tower sshd[9801]: Disconnected from authenticating user root 106.75.13.213 port 40637 [preauth]	2020-06-01 22:46:57
attackbotsspam	May 25 19:21:25 NPSTNNYC01T sshd[25957]: Failed password for root from 106.75.13.213 port 54216 ssh2 May 25 19:23:17 NPSTNNYC01T sshd[26132]: Failed password for root from 106.75.13.213 port 41118 ssh2 ...	2020-05-26 10:58:03
attackbots	May 25 04:59:21 NPSTNNYC01T sshd[6454]: Failed password for root from 106.75.13.213 port 47333 ssh2 May 25 05:03:14 NPSTNNYC01T sshd[6883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213 May 25 05:03:16 NPSTNNYC01T sshd[6883]: Failed password for invalid user dowda from 106.75.13.213 port 45492 ssh2 ...	2020-05-25 17:10:34
attackspambots	May 14 05:50:43 MainVPS sshd[2438]: Invalid user meg from 106.75.13.213 port 47307 May 14 05:50:43 MainVPS sshd[2438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213 May 14 05:50:43 MainVPS sshd[2438]: Invalid user meg from 106.75.13.213 port 47307 May 14 05:50:44 MainVPS sshd[2438]: Failed password for invalid user meg from 106.75.13.213 port 47307 ssh2 May 14 05:54:38 MainVPS sshd[5706]: Invalid user event from 106.75.13.213 port 45486 ...	2020-05-14 12:29:58
attackspam	SSH Brute Force	2020-04-21 00:30:01
attack	5x Failed Password	2020-04-20 05:23:03
attackspambots	fail2ban	2020-04-04 01:30:57
attack	Mar 26 04:52:14 vmd17057 sshd[16596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213 Mar 26 04:52:16 vmd17057 sshd[16596]: Failed password for invalid user xq from 106.75.13.213 port 60147 ssh2 ...	2020-03-26 15:04:06

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.134.86	attack	Malicious IP / Malware	2024-04-16 12:45:08
106.75.132.3	attack	2020-10-10T00:49:10.865600mail.standpoint.com.ua sshd[3703]: Failed password for invalid user admin from 106.75.132.3 port 59184 ssh2 2020-10-10T00:52:28.503689mail.standpoint.com.ua sshd[4265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-10T00:52:30.893562mail.standpoint.com.ua sshd[4265]: Failed password for root from 106.75.132.3 port 56420 ssh2 2020-10-10T00:55:51.343084mail.standpoint.com.ua sshd[4926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-10T00:55:53.602300mail.standpoint.com.ua sshd[4926]: Failed password for root from 106.75.132.3 port 53642 ssh2 ...	2020-10-10 07:25:17
106.75.132.3	attackbots	2020-10-09T16:43:37.829414amanda2.illicoweb.com sshd\[12094\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-09T16:43:39.800961amanda2.illicoweb.com sshd\[12094\]: Failed password for root from 106.75.132.3 port 34668 ssh2 2020-10-09T16:45:50.328788amanda2.illicoweb.com sshd\[12235\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-09T16:45:52.225043amanda2.illicoweb.com sshd\[12235\]: Failed password for root from 106.75.132.3 port 58714 ssh2 2020-10-09T16:48:00.184111amanda2.illicoweb.com sshd\[12276\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root ...	2020-10-09 23:46:05
106.75.132.3	attackspam	SSH login attempts.	2020-10-09 15:32:51
106.75.139.131	attack	Oct 7 11:19:41 dhoomketu sshd[3625984]: Failed password for root from 106.75.139.131 port 40808 ssh2 Oct 7 11:21:25 dhoomketu sshd[3626010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 11:21:26 dhoomketu sshd[3626010]: Failed password for root from 106.75.139.131 port 57422 ssh2 Oct 7 11:23:06 dhoomketu sshd[3626061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 11:23:08 dhoomketu sshd[3626061]: Failed password for root from 106.75.139.131 port 45804 ssh2 ...	2020-10-07 20:38:21
106.75.139.131	attackbotsspam	Oct 7 09:44:01 dhoomketu sshd[3623264]: Failed password for root from 106.75.139.131 port 53698 ssh2 Oct 7 09:45:35 dhoomketu sshd[3623291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 09:45:38 dhoomketu sshd[3623291]: Failed password for root from 106.75.139.131 port 42080 ssh2 Oct 7 09:47:19 dhoomketu sshd[3623324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 09:47:22 dhoomketu sshd[3623324]: Failed password for root from 106.75.139.131 port 58694 ssh2 ...	2020-10-07 12:23:48
106.75.132.3	attack	Sep 28 08:31:36 Tower sshd[1477]: refused connect from 119.28.59.16 (119.28.59.16) Sep 28 17:51:17 Tower sshd[1477]: Connection from 106.75.132.3 port 59792 on 192.168.10.220 port 22 rdomain "" Sep 28 17:51:19 Tower sshd[1477]: Failed password for root from 106.75.132.3 port 59792 ssh2 Sep 28 17:51:19 Tower sshd[1477]: Received disconnect from 106.75.132.3 port 59792:11: Bye Bye [preauth] Sep 28 17:51:19 Tower sshd[1477]: Disconnected from authenticating user root 106.75.132.3 port 59792 [preauth]	2020-09-29 06:06:38
106.75.132.3	attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-28T11:36:41Z and 2020-09-28T11:40:01Z	2020-09-28 22:32:33
106.75.132.3	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-09-28 14:37:17
106.75.135.166	attackspambots	Postfix SMTP rejection	2020-09-27 06:21:50
106.75.135.166	attackspambots	Postfix SMTP rejection	2020-09-26 22:44:48
106.75.135.166	attackspambots	Postfix SMTP rejection	2020-09-26 14:30:20
106.75.133.250	attackspam	Invalid user zabbix from 106.75.133.250 port 58955	2020-08-30 16:23:38
106.75.138.38	attackbotsspam	" "	2020-08-28 05:12:33
106.75.133.250	attack	Aug 26 01:07:07 lukav-desktop sshd\[11434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 user=root Aug 26 01:07:09 lukav-desktop sshd\[11434\]: Failed password for root from 106.75.133.250 port 56879 ssh2 Aug 26 01:11:19 lukav-desktop sshd\[20421\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 user=root Aug 26 01:11:21 lukav-desktop sshd\[20421\]: Failed password for root from 106.75.133.250 port 60418 ssh2 Aug 26 01:15:33 lukav-desktop sshd\[2980\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 user=root	2020-08-26 07:44:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.13.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5708
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.13.213.			IN	A

;; AUTHORITY SECTION:
.			306	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032600 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 26 15:03:57 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 213.13.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 213.13.75.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
202.152.21.213	attackbots	Sep 4 18:02:46 rocket sshd[5865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.152.21.213 Sep 4 18:02:48 rocket sshd[5865]: Failed password for invalid user testuser1 from 202.152.21.213 port 35414 ssh2 Sep 4 18:06:51 rocket sshd[6410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.152.21.213 ...	2020-09-05 07:11:58
104.168.99.225	attackspambots	Brute-force attempt banned	2020-09-05 07:02:18
119.254.7.114	attackbots	2020-09-05T00:28:09.531898afi-git.jinr.ru sshd[27880]: Invalid user ftpuser from 119.254.7.114 port 8891 2020-09-05T00:28:09.535189afi-git.jinr.ru sshd[27880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.254.7.114 2020-09-05T00:28:09.531898afi-git.jinr.ru sshd[27880]: Invalid user ftpuser from 119.254.7.114 port 8891 2020-09-05T00:28:11.432485afi-git.jinr.ru sshd[27880]: Failed password for invalid user ftpuser from 119.254.7.114 port 8891 ssh2 2020-09-05T00:31:50.718793afi-git.jinr.ru sshd[28562]: Invalid user fah from 119.254.7.114 port 39013 ...	2020-09-05 06:45:09
85.26.233.32	attack	Sep 4 18:50:51 mellenthin postfix/smtpd[32078]: NOQUEUE: reject: RCPT from unknown[85.26.233.32]: 554 5.7.1 Service unavailable; Client host [85.26.233.32] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/85.26.233.32; from= to= proto=ESMTP helo=<[85.26.233.32]>	2020-09-05 07:04:06
89.248.160.178	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 74 - port: 3416 proto: tcp cat: Misc Attackbytes: 60	2020-09-05 06:49:02
212.129.16.53	attackbotsspam	Sep 5 00:50:20 eventyay sshd[24352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.16.53 Sep 5 00:50:21 eventyay sshd[24352]: Failed password for invalid user nfe from 212.129.16.53 port 33196 ssh2 Sep 5 00:53:37 eventyay sshd[24482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.16.53 ...	2020-09-05 07:08:09
172.107.95.30	attackspam	Honeypot hit.	2020-09-05 07:11:08
45.162.4.67	attackbotsspam	2020-09-04T03:58:08.551564correo.[domain] sshd[13027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.162.4.67 user=root 2020-09-04T03:58:10.410276correo.[domain] sshd[13027]: Failed password for root from 45.162.4.67 port 50404 ssh2 2020-09-04T04:01:11.245662correo.[domain] sshd[13342]: Invalid user gangadhar from 45.162.4.67 port 33342 ...	2020-09-05 06:41:10
220.76.205.178	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-05 07:14:21
163.172.143.1	attackspambots	Failed password for invalid user from 163.172.143.1 port 37104 ssh2	2020-09-05 06:40:47
218.92.0.223	attackspambots	Sep 5 00:38:55 vps639187 sshd\[3301\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.223 user=root Sep 5 00:38:57 vps639187 sshd\[3301\]: Failed password for root from 218.92.0.223 port 22180 ssh2 Sep 5 00:39:01 vps639187 sshd\[3301\]: Failed password for root from 218.92.0.223 port 22180 ssh2 ...	2020-09-05 06:47:26
112.85.42.67	attack	Sep 4 18:31:25 plusreed sshd[325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.67 user=root Sep 4 18:31:27 plusreed sshd[325]: Failed password for root from 112.85.42.67 port 22520 ssh2 ...	2020-09-05 06:43:36
185.220.102.6	attack	Sep 5 00:29:46 ns41 sshd[31045]: Failed password for root from 185.220.102.6 port 41013 ssh2 Sep 5 00:29:46 ns41 sshd[31045]: Failed password for root from 185.220.102.6 port 41013 ssh2 Sep 5 00:29:48 ns41 sshd[31045]: Failed password for root from 185.220.102.6 port 41013 ssh2 Sep 5 00:29:48 ns41 sshd[31045]: Failed password for root from 185.220.102.6 port 41013 ssh2	2020-09-05 06:57:16
189.57.73.18	attackbots	Sep 4 19:46:30 eventyay sshd[12169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.57.73.18 Sep 4 19:46:31 eventyay sshd[12169]: Failed password for invalid user shawnding from 189.57.73.18 port 4033 ssh2 Sep 4 19:49:28 eventyay sshd[12270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.57.73.18 ...	2020-09-05 06:46:26
114.119.147.129	attack	[Sat Sep 05 03:55:20.453338 2020] [:error] [pid 23286:tid 140308377491200] [client 114.119.147.129:21512] [client 114.119.147.129] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/agroklimatologi/kalender-tanam/1741-kalender-tanam-katam-terpadu-pulau-jawa/kalender-tanam-katam-terpadu-provinsi-jawa-timur/kalender-tanam-katam-terpadu-kota-surabaya/kalender-tanam-katam-terpadu-kecamatan-sawahan-kota-surab ...	2020-09-05 07:10:15

最近上报的IP列表

113.176.132.134	190.144.79.157	138.131.41.82	117.6.62.202
221.228.78.56	1.55.50.22	150.109.111.165	137.189.40.31
36.73.134.20	136.239.214.188	122.51.150.134	47.247.248.233
29.84.217.236	9.16.46.205	9.189.35.156	77.238.26.253
139.2.219.52	125.28.11.110	115.44.92.13	229.162.108.171