必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attackspam
2020-07-08T03:41:34.903735abusebot-7.cloudsearch.cf sshd[23596]: Invalid user maude from 106.75.13.213 port 50769
2020-07-08T03:41:34.907841abusebot-7.cloudsearch.cf sshd[23596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213
2020-07-08T03:41:34.903735abusebot-7.cloudsearch.cf sshd[23596]: Invalid user maude from 106.75.13.213 port 50769
2020-07-08T03:41:36.589350abusebot-7.cloudsearch.cf sshd[23596]: Failed password for invalid user maude from 106.75.13.213 port 50769 ssh2
2020-07-08T03:45:11.994502abusebot-7.cloudsearch.cf sshd[23752]: Invalid user mgarcia from 106.75.13.213 port 45909
2020-07-08T03:45:11.998872abusebot-7.cloudsearch.cf sshd[23752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213
2020-07-08T03:45:11.994502abusebot-7.cloudsearch.cf sshd[23752]: Invalid user mgarcia from 106.75.13.213 port 45909
2020-07-08T03:45:14.472927abusebot-7.cloudsearch.cf sshd[23752]: Fa
...
2020-07-08 14:20:13
attack
Jul  6 06:59:14 h2779839 sshd[25685]: Invalid user admin from 106.75.13.213 port 38152
Jul  6 06:59:14 h2779839 sshd[25685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213
Jul  6 06:59:14 h2779839 sshd[25685]: Invalid user admin from 106.75.13.213 port 38152
Jul  6 06:59:17 h2779839 sshd[25685]: Failed password for invalid user admin from 106.75.13.213 port 38152 ssh2
Jul  6 07:02:51 h2779839 sshd[25766]: Invalid user geoeast from 106.75.13.213 port 60260
Jul  6 07:02:51 h2779839 sshd[25766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213
Jul  6 07:02:51 h2779839 sshd[25766]: Invalid user geoeast from 106.75.13.213 port 60260
Jul  6 07:02:53 h2779839 sshd[25766]: Failed password for invalid user geoeast from 106.75.13.213 port 60260 ssh2
Jul  6 07:06:29 h2779839 sshd[25779]: Invalid user zhaoyang from 106.75.13.213 port 54137
...
2020-07-06 18:07:05
attackspambots
Jul  4 08:52:35 ws24vmsma01 sshd[207988]: Failed password for root from 106.75.13.213 port 39387 ssh2
Jul  4 09:11:01 ws24vmsma01 sshd[143574]: Failed password for root from 106.75.13.213 port 34633 ssh2
...
2020-07-04 23:59:37
attackspam
detected by Fail2Ban
2020-06-25 18:39:41
attackbotsspam
Jun  1 09:18:50 Tower sshd[9801]: Connection from 106.75.13.213 port 40637 on 192.168.10.220 port 22 rdomain ""
Jun  1 09:18:54 Tower sshd[9801]: Failed password for root from 106.75.13.213 port 40637 ssh2
Jun  1 09:18:54 Tower sshd[9801]: Received disconnect from 106.75.13.213 port 40637:11: Bye Bye [preauth]
Jun  1 09:18:54 Tower sshd[9801]: Disconnected from authenticating user root 106.75.13.213 port 40637 [preauth]
2020-06-01 22:46:57
attackbotsspam
May 25 19:21:25 NPSTNNYC01T sshd[25957]: Failed password for root from 106.75.13.213 port 54216 ssh2
May 25 19:23:17 NPSTNNYC01T sshd[26132]: Failed password for root from 106.75.13.213 port 41118 ssh2
...
2020-05-26 10:58:03
attackbots
May 25 04:59:21 NPSTNNYC01T sshd[6454]: Failed password for root from 106.75.13.213 port 47333 ssh2
May 25 05:03:14 NPSTNNYC01T sshd[6883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213
May 25 05:03:16 NPSTNNYC01T sshd[6883]: Failed password for invalid user dowda from 106.75.13.213 port 45492 ssh2
...
2020-05-25 17:10:34
attackspambots
May 14 05:50:43 MainVPS sshd[2438]: Invalid user meg from 106.75.13.213 port 47307
May 14 05:50:43 MainVPS sshd[2438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213
May 14 05:50:43 MainVPS sshd[2438]: Invalid user meg from 106.75.13.213 port 47307
May 14 05:50:44 MainVPS sshd[2438]: Failed password for invalid user meg from 106.75.13.213 port 47307 ssh2
May 14 05:54:38 MainVPS sshd[5706]: Invalid user event from 106.75.13.213 port 45486
...
2020-05-14 12:29:58
attackspam
SSH Brute Force
2020-04-21 00:30:01
attack
5x Failed Password
2020-04-20 05:23:03
attackspambots
fail2ban
2020-04-04 01:30:57
attack
Mar 26 04:52:14 vmd17057 sshd[16596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213 
Mar 26 04:52:16 vmd17057 sshd[16596]: Failed password for invalid user xq from 106.75.13.213 port 60147 ssh2
...
2020-03-26 15:04:06
相同子网IP讨论:
IP 类型 评论内容 时间
106.75.134.86 attack
Malicious IP / Malware
2024-04-16 12:45:08
106.75.132.3 attack
2020-10-10T00:49:10.865600mail.standpoint.com.ua sshd[3703]: Failed password for invalid user admin from 106.75.132.3 port 59184 ssh2
2020-10-10T00:52:28.503689mail.standpoint.com.ua sshd[4265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3  user=root
2020-10-10T00:52:30.893562mail.standpoint.com.ua sshd[4265]: Failed password for root from 106.75.132.3 port 56420 ssh2
2020-10-10T00:55:51.343084mail.standpoint.com.ua sshd[4926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3  user=root
2020-10-10T00:55:53.602300mail.standpoint.com.ua sshd[4926]: Failed password for root from 106.75.132.3 port 53642 ssh2
...
2020-10-10 07:25:17
106.75.132.3 attackbots
2020-10-09T16:43:37.829414amanda2.illicoweb.com sshd\[12094\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3  user=root
2020-10-09T16:43:39.800961amanda2.illicoweb.com sshd\[12094\]: Failed password for root from 106.75.132.3 port 34668 ssh2
2020-10-09T16:45:50.328788amanda2.illicoweb.com sshd\[12235\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3  user=root
2020-10-09T16:45:52.225043amanda2.illicoweb.com sshd\[12235\]: Failed password for root from 106.75.132.3 port 58714 ssh2
2020-10-09T16:48:00.184111amanda2.illicoweb.com sshd\[12276\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3  user=root
...
2020-10-09 23:46:05
106.75.132.3 attackspam
SSH login attempts.
2020-10-09 15:32:51
106.75.139.131 attack
Oct  7 11:19:41 dhoomketu sshd[3625984]: Failed password for root from 106.75.139.131 port 40808 ssh2
Oct  7 11:21:25 dhoomketu sshd[3626010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131  user=root
Oct  7 11:21:26 dhoomketu sshd[3626010]: Failed password for root from 106.75.139.131 port 57422 ssh2
Oct  7 11:23:06 dhoomketu sshd[3626061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131  user=root
Oct  7 11:23:08 dhoomketu sshd[3626061]: Failed password for root from 106.75.139.131 port 45804 ssh2
...
2020-10-07 20:38:21
106.75.139.131 attackbotsspam
Oct  7 09:44:01 dhoomketu sshd[3623264]: Failed password for root from 106.75.139.131 port 53698 ssh2
Oct  7 09:45:35 dhoomketu sshd[3623291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131  user=root
Oct  7 09:45:38 dhoomketu sshd[3623291]: Failed password for root from 106.75.139.131 port 42080 ssh2
Oct  7 09:47:19 dhoomketu sshd[3623324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131  user=root
Oct  7 09:47:22 dhoomketu sshd[3623324]: Failed password for root from 106.75.139.131 port 58694 ssh2
...
2020-10-07 12:23:48
106.75.132.3 attack
Sep 28 08:31:36 Tower sshd[1477]: refused connect from 119.28.59.16 (119.28.59.16)
Sep 28 17:51:17 Tower sshd[1477]: Connection from 106.75.132.3 port 59792 on 192.168.10.220 port 22 rdomain ""
Sep 28 17:51:19 Tower sshd[1477]: Failed password for root from 106.75.132.3 port 59792 ssh2
Sep 28 17:51:19 Tower sshd[1477]: Received disconnect from 106.75.132.3 port 59792:11: Bye Bye [preauth]
Sep 28 17:51:19 Tower sshd[1477]: Disconnected from authenticating user root 106.75.132.3 port 59792 [preauth]
2020-09-29 06:06:38
106.75.132.3 attackspambots
Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-28T11:36:41Z and 2020-09-28T11:40:01Z
2020-09-28 22:32:33
106.75.132.3 attackspambots
SSH/22 MH Probe, BF, Hack -
2020-09-28 14:37:17
106.75.135.166 attackspambots
Postfix SMTP rejection
2020-09-27 06:21:50
106.75.135.166 attackspambots
Postfix SMTP rejection
2020-09-26 22:44:48
106.75.135.166 attackspambots
Postfix SMTP rejection
2020-09-26 14:30:20
106.75.133.250 attackspam
Invalid user zabbix from 106.75.133.250 port 58955
2020-08-30 16:23:38
106.75.138.38 attackbotsspam
" "
2020-08-28 05:12:33
106.75.133.250 attack
Aug 26 01:07:07 lukav-desktop sshd\[11434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250  user=root
Aug 26 01:07:09 lukav-desktop sshd\[11434\]: Failed password for root from 106.75.133.250 port 56879 ssh2
Aug 26 01:11:19 lukav-desktop sshd\[20421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250  user=root
Aug 26 01:11:21 lukav-desktop sshd\[20421\]: Failed password for root from 106.75.133.250 port 60418 ssh2
Aug 26 01:15:33 lukav-desktop sshd\[2980\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250  user=root
2020-08-26 07:44:16
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.13.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5708
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.13.213.			IN	A

;; AUTHORITY SECTION:
.			306	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032600 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 26 15:03:57 CST 2020
;; MSG SIZE  rcvd: 117
HOST信息:
Host 213.13.75.106.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 213.13.75.106.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
201.156.144.160 attack
MultiHost/MultiPort Probe, Scan, Hack -
2019-06-22 18:18:12
187.178.173.18 attackspam
MultiHost/MultiPort Probe, Scan, Hack -
2019-06-22 18:23:21
187.162.20.144 attack
MultiHost/MultiPort Probe, Scan, Hack -
2019-06-22 18:26:14
178.74.8.194 attackbotsspam
1561177589 - 06/22/2019 11:26:29 Host: 178.74.8.194/178.74.8.194 Port: 23 TCP Blocked
...
2019-06-22 18:10:27
106.12.21.123 attackspam
2019-06-22T06:46:44.594460test01.cajus.name sshd\[32171\]: Invalid user tomcat from 106.12.21.123 port 41406
2019-06-22T06:46:44.614310test01.cajus.name sshd\[32171\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.21.123
2019-06-22T06:46:46.534469test01.cajus.name sshd\[32171\]: Failed password for invalid user tomcat from 106.12.21.123 port 41406 ssh2
2019-06-22 18:33:28
186.215.11.153 attack
MultiHost/MultiPort Probe, Scan, Hack -
2019-06-22 18:27:45
94.102.51.78 attack
pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.102.51.78  user=root
Failed password for root from 94.102.51.78 port 39414 ssh2
Failed password for root from 94.102.51.78 port 39414 ssh2
Failed password for root from 94.102.51.78 port 39414 ssh2
Failed password for root from 94.102.51.78 port 39414 ssh2
2019-06-22 18:46:13
37.32.125.241 attackbotsspam
Jun 19 04:25:54 mxgate1 postfix/postscreen[15452]: CONNECT from [37.32.125.241]:56213 to [176.31.12.44]:25
Jun 19 04:25:54 mxgate1 postfix/dnsblog[15456]: addr 37.32.125.241 listed by domain zen.spamhaus.org as 127.0.0.11
Jun 19 04:25:54 mxgate1 postfix/dnsblog[15456]: addr 37.32.125.241 listed by domain zen.spamhaus.org as 127.0.0.4
Jun 19 04:25:54 mxgate1 postfix/dnsblog[15456]: addr 37.32.125.241 listed by domain zen.spamhaus.org as 127.0.0.3
Jun 19 04:25:54 mxgate1 postfix/dnsblog[15457]: addr 37.32.125.241 listed by domain cbl.abuseat.org as 127.0.0.2
Jun 19 04:25:54 mxgate1 postfix/dnsblog[15453]: addr 37.32.125.241 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Jun 19 04:25:54 mxgate1 postfix/dnsblog[15454]: addr 37.32.125.241 listed by domain b.barracudacentral.org as 127.0.0.2
Jun 19 04:25:54 mxgate1 postfix/postscreen[15452]: PREGREET 15 after 0.22 from [37.32.125.241]:56213: EHLO lukat.hostname

Jun 19 04:25:55 mxgate1 postfix/dnsblog[15455]: addr 37.32.12........
-------------------------------
2019-06-22 18:33:12
218.69.91.84 attack
Jun 22 05:26:23 MK-Soft-VM7 sshd\[28203\]: Invalid user postgres from 218.69.91.84 port 46231
Jun 22 05:26:23 MK-Soft-VM7 sshd\[28203\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.69.91.84
Jun 22 05:26:25 MK-Soft-VM7 sshd\[28203\]: Failed password for invalid user postgres from 218.69.91.84 port 46231 ssh2
...
2019-06-22 18:07:15
185.36.81.168 attackspambots
Jun 22 09:05:30  postfix/smtpd: warning: unknown[185.36.81.168]: SASL LOGIN authentication failed
2019-06-22 18:13:14
114.108.254.254 attackbots
TCP port 445 (SMB) attempt blocked by firewall. [2019-06-22 06:24:54]
2019-06-22 18:34:22
111.246.96.40 attackspambots
2019-06-22T06:24:59.419739mail01 postfix/smtpd[8482]: warning: 111-246-96-40.dynamic-ip.hinet.net[111.246.96.40]: SASL PLAIN authentication failed:
2019-06-22T06:25:09.127508mail01 postfix/smtpd[8482]: warning: 111-246-96-40.dynamic-ip.hinet.net[111.246.96.40]: SASL PLAIN authentication failed:
2019-06-22T06:25:17.365761mail01 postfix/smtpd[8482]: warning: 111-246-96-40.dynamic-ip.hinet.net[111.246.96.40]: SASL PLAIN authentication failed:
2019-06-22 18:37:23
91.121.156.133 attackspam
/var/log/messages:Jun 18 17:54:37 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1560880477.232:144230): pid=4003 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha2-256 pfs=ecdh-sha2-nistp256 spid=4004 suid=74 rport=56144 laddr=104.167.106.93 lport=23  exe="/usr/sbin/sshd" hostname=? addr=91.121.156.133 terminal=? res=success'
/var/log/messages:Jun 18 17:54:37 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1560880477.239:144231): pid=4003 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha2-256 pfs=ecdh-sha2-nistp256 spid=4004 suid=74 rport=56144 laddr=104.167.106.93 lport=23  exe="/usr/sbin/sshd" hostname=? addr=91.121.156.133 terminal=? res=success'
/var/log/messages:Jun 18 17:54:53 sanyalnet-cloud-vps fail2ban.filter[19699]: WARNING ........
-------------------------------
2019-06-22 18:26:34
203.109.106.156 attackbots
LGS,WP GET /wp-login.php
2019-06-22 18:29:19
78.46.61.245 attack
20 attempts against mh-misbehave-ban on pluto.magehost.pro
2019-06-22 18:28:19

最近上报的IP列表

113.176.132.134 190.144.79.157 138.131.41.82 117.6.62.202
221.228.78.56 1.55.50.22 150.109.111.165 137.189.40.31
36.73.134.20 136.239.214.188 122.51.150.134 47.247.248.233
29.84.217.236 9.16.46.205 9.189.35.156 77.238.26.253
139.2.219.52 125.28.11.110 115.44.92.13 229.162.108.171