106.75.13.213 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	2020-07-08T03:41:34.903735abusebot-7.cloudsearch.cf sshd[23596]: Invalid user maude from 106.75.13.213 port 50769 2020-07-08T03:41:34.907841abusebot-7.cloudsearch.cf sshd[23596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213 2020-07-08T03:41:34.903735abusebot-7.cloudsearch.cf sshd[23596]: Invalid user maude from 106.75.13.213 port 50769 2020-07-08T03:41:36.589350abusebot-7.cloudsearch.cf sshd[23596]: Failed password for invalid user maude from 106.75.13.213 port 50769 ssh2 2020-07-08T03:45:11.994502abusebot-7.cloudsearch.cf sshd[23752]: Invalid user mgarcia from 106.75.13.213 port 45909 2020-07-08T03:45:11.998872abusebot-7.cloudsearch.cf sshd[23752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213 2020-07-08T03:45:11.994502abusebot-7.cloudsearch.cf sshd[23752]: Invalid user mgarcia from 106.75.13.213 port 45909 2020-07-08T03:45:14.472927abusebot-7.cloudsearch.cf sshd[23752]: Fa ...	2020-07-08 14:20:13
attack	Jul 6 06:59:14 h2779839 sshd[25685]: Invalid user admin from 106.75.13.213 port 38152 Jul 6 06:59:14 h2779839 sshd[25685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213 Jul 6 06:59:14 h2779839 sshd[25685]: Invalid user admin from 106.75.13.213 port 38152 Jul 6 06:59:17 h2779839 sshd[25685]: Failed password for invalid user admin from 106.75.13.213 port 38152 ssh2 Jul 6 07:02:51 h2779839 sshd[25766]: Invalid user geoeast from 106.75.13.213 port 60260 Jul 6 07:02:51 h2779839 sshd[25766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213 Jul 6 07:02:51 h2779839 sshd[25766]: Invalid user geoeast from 106.75.13.213 port 60260 Jul 6 07:02:53 h2779839 sshd[25766]: Failed password for invalid user geoeast from 106.75.13.213 port 60260 ssh2 Jul 6 07:06:29 h2779839 sshd[25779]: Invalid user zhaoyang from 106.75.13.213 port 54137 ...	2020-07-06 18:07:05
attackspambots	Jul 4 08:52:35 ws24vmsma01 sshd[207988]: Failed password for root from 106.75.13.213 port 39387 ssh2 Jul 4 09:11:01 ws24vmsma01 sshd[143574]: Failed password for root from 106.75.13.213 port 34633 ssh2 ...	2020-07-04 23:59:37
attackspam	detected by Fail2Ban	2020-06-25 18:39:41
attackbotsspam	Jun 1 09:18:50 Tower sshd[9801]: Connection from 106.75.13.213 port 40637 on 192.168.10.220 port 22 rdomain "" Jun 1 09:18:54 Tower sshd[9801]: Failed password for root from 106.75.13.213 port 40637 ssh2 Jun 1 09:18:54 Tower sshd[9801]: Received disconnect from 106.75.13.213 port 40637:11: Bye Bye [preauth] Jun 1 09:18:54 Tower sshd[9801]: Disconnected from authenticating user root 106.75.13.213 port 40637 [preauth]	2020-06-01 22:46:57
attackbotsspam	May 25 19:21:25 NPSTNNYC01T sshd[25957]: Failed password for root from 106.75.13.213 port 54216 ssh2 May 25 19:23:17 NPSTNNYC01T sshd[26132]: Failed password for root from 106.75.13.213 port 41118 ssh2 ...	2020-05-26 10:58:03
attackbots	May 25 04:59:21 NPSTNNYC01T sshd[6454]: Failed password for root from 106.75.13.213 port 47333 ssh2 May 25 05:03:14 NPSTNNYC01T sshd[6883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213 May 25 05:03:16 NPSTNNYC01T sshd[6883]: Failed password for invalid user dowda from 106.75.13.213 port 45492 ssh2 ...	2020-05-25 17:10:34
attackspambots	May 14 05:50:43 MainVPS sshd[2438]: Invalid user meg from 106.75.13.213 port 47307 May 14 05:50:43 MainVPS sshd[2438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213 May 14 05:50:43 MainVPS sshd[2438]: Invalid user meg from 106.75.13.213 port 47307 May 14 05:50:44 MainVPS sshd[2438]: Failed password for invalid user meg from 106.75.13.213 port 47307 ssh2 May 14 05:54:38 MainVPS sshd[5706]: Invalid user event from 106.75.13.213 port 45486 ...	2020-05-14 12:29:58
attackspam	SSH Brute Force	2020-04-21 00:30:01
attack	5x Failed Password	2020-04-20 05:23:03
attackspambots	fail2ban	2020-04-04 01:30:57
attack	Mar 26 04:52:14 vmd17057 sshd[16596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.13.213 Mar 26 04:52:16 vmd17057 sshd[16596]: Failed password for invalid user xq from 106.75.13.213 port 60147 ssh2 ...	2020-03-26 15:04:06

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.134.86	attack	Malicious IP / Malware	2024-04-16 12:45:08
106.75.132.3	attack	2020-10-10T00:49:10.865600mail.standpoint.com.ua sshd[3703]: Failed password for invalid user admin from 106.75.132.3 port 59184 ssh2 2020-10-10T00:52:28.503689mail.standpoint.com.ua sshd[4265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-10T00:52:30.893562mail.standpoint.com.ua sshd[4265]: Failed password for root from 106.75.132.3 port 56420 ssh2 2020-10-10T00:55:51.343084mail.standpoint.com.ua sshd[4926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-10T00:55:53.602300mail.standpoint.com.ua sshd[4926]: Failed password for root from 106.75.132.3 port 53642 ssh2 ...	2020-10-10 07:25:17
106.75.132.3	attackbots	2020-10-09T16:43:37.829414amanda2.illicoweb.com sshd\[12094\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-09T16:43:39.800961amanda2.illicoweb.com sshd\[12094\]: Failed password for root from 106.75.132.3 port 34668 ssh2 2020-10-09T16:45:50.328788amanda2.illicoweb.com sshd\[12235\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-09T16:45:52.225043amanda2.illicoweb.com sshd\[12235\]: Failed password for root from 106.75.132.3 port 58714 ssh2 2020-10-09T16:48:00.184111amanda2.illicoweb.com sshd\[12276\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root ...	2020-10-09 23:46:05
106.75.132.3	attackspam	SSH login attempts.	2020-10-09 15:32:51
106.75.139.131	attack	Oct 7 11:19:41 dhoomketu sshd[3625984]: Failed password for root from 106.75.139.131 port 40808 ssh2 Oct 7 11:21:25 dhoomketu sshd[3626010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 11:21:26 dhoomketu sshd[3626010]: Failed password for root from 106.75.139.131 port 57422 ssh2 Oct 7 11:23:06 dhoomketu sshd[3626061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 11:23:08 dhoomketu sshd[3626061]: Failed password for root from 106.75.139.131 port 45804 ssh2 ...	2020-10-07 20:38:21
106.75.139.131	attackbotsspam	Oct 7 09:44:01 dhoomketu sshd[3623264]: Failed password for root from 106.75.139.131 port 53698 ssh2 Oct 7 09:45:35 dhoomketu sshd[3623291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 09:45:38 dhoomketu sshd[3623291]: Failed password for root from 106.75.139.131 port 42080 ssh2 Oct 7 09:47:19 dhoomketu sshd[3623324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 09:47:22 dhoomketu sshd[3623324]: Failed password for root from 106.75.139.131 port 58694 ssh2 ...	2020-10-07 12:23:48
106.75.132.3	attack	Sep 28 08:31:36 Tower sshd[1477]: refused connect from 119.28.59.16 (119.28.59.16) Sep 28 17:51:17 Tower sshd[1477]: Connection from 106.75.132.3 port 59792 on 192.168.10.220 port 22 rdomain "" Sep 28 17:51:19 Tower sshd[1477]: Failed password for root from 106.75.132.3 port 59792 ssh2 Sep 28 17:51:19 Tower sshd[1477]: Received disconnect from 106.75.132.3 port 59792:11: Bye Bye [preauth] Sep 28 17:51:19 Tower sshd[1477]: Disconnected from authenticating user root 106.75.132.3 port 59792 [preauth]	2020-09-29 06:06:38
106.75.132.3	attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-28T11:36:41Z and 2020-09-28T11:40:01Z	2020-09-28 22:32:33
106.75.132.3	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-09-28 14:37:17
106.75.135.166	attackspambots	Postfix SMTP rejection	2020-09-27 06:21:50
106.75.135.166	attackspambots	Postfix SMTP rejection	2020-09-26 22:44:48
106.75.135.166	attackspambots	Postfix SMTP rejection	2020-09-26 14:30:20
106.75.133.250	attackspam	Invalid user zabbix from 106.75.133.250 port 58955	2020-08-30 16:23:38
106.75.138.38	attackbotsspam	" "	2020-08-28 05:12:33
106.75.133.250	attack	Aug 26 01:07:07 lukav-desktop sshd\[11434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 user=root Aug 26 01:07:09 lukav-desktop sshd\[11434\]: Failed password for root from 106.75.133.250 port 56879 ssh2 Aug 26 01:11:19 lukav-desktop sshd\[20421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 user=root Aug 26 01:11:21 lukav-desktop sshd\[20421\]: Failed password for root from 106.75.133.250 port 60418 ssh2 Aug 26 01:15:33 lukav-desktop sshd\[2980\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 user=root	2020-08-26 07:44:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.13.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5708
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.13.213.			IN	A

;; AUTHORITY SECTION:
.			306	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032600 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 26 15:03:57 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 213.13.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 213.13.75.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
201.156.144.160	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-06-22 18:18:12
187.178.173.18	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-06-22 18:23:21
187.162.20.144	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-06-22 18:26:14
178.74.8.194	attackbotsspam	1561177589 - 06/22/2019 11:26:29 Host: 178.74.8.194/178.74.8.194 Port: 23 TCP Blocked ...	2019-06-22 18:10:27
106.12.21.123	attackspam	2019-06-22T06:46:44.594460test01.cajus.name sshd\[32171\]: Invalid user tomcat from 106.12.21.123 port 41406 2019-06-22T06:46:44.614310test01.cajus.name sshd\[32171\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.21.123 2019-06-22T06:46:46.534469test01.cajus.name sshd\[32171\]: Failed password for invalid user tomcat from 106.12.21.123 port 41406 ssh2	2019-06-22 18:33:28
186.215.11.153	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-06-22 18:27:45
94.102.51.78	attack	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.102.51.78 user=root Failed password for root from 94.102.51.78 port 39414 ssh2 Failed password for root from 94.102.51.78 port 39414 ssh2 Failed password for root from 94.102.51.78 port 39414 ssh2 Failed password for root from 94.102.51.78 port 39414 ssh2	2019-06-22 18:46:13
37.32.125.241	attackbotsspam	Jun 19 04:25:54 mxgate1 postfix/postscreen[15452]: CONNECT from [37.32.125.241]:56213 to [176.31.12.44]:25 Jun 19 04:25:54 mxgate1 postfix/dnsblog[15456]: addr 37.32.125.241 listed by domain zen.spamhaus.org as 127.0.0.11 Jun 19 04:25:54 mxgate1 postfix/dnsblog[15456]: addr 37.32.125.241 listed by domain zen.spamhaus.org as 127.0.0.4 Jun 19 04:25:54 mxgate1 postfix/dnsblog[15456]: addr 37.32.125.241 listed by domain zen.spamhaus.org as 127.0.0.3 Jun 19 04:25:54 mxgate1 postfix/dnsblog[15457]: addr 37.32.125.241 listed by domain cbl.abuseat.org as 127.0.0.2 Jun 19 04:25:54 mxgate1 postfix/dnsblog[15453]: addr 37.32.125.241 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Jun 19 04:25:54 mxgate1 postfix/dnsblog[15454]: addr 37.32.125.241 listed by domain b.barracudacentral.org as 127.0.0.2 Jun 19 04:25:54 mxgate1 postfix/postscreen[15452]: PREGREET 15 after 0.22 from [37.32.125.241]:56213: EHLO lukat.hostname Jun 19 04:25:55 mxgate1 postfix/dnsblog[15455]: addr 37.32.12........ -------------------------------	2019-06-22 18:33:12
218.69.91.84	attack	Jun 22 05:26:23 MK-Soft-VM7 sshd\[28203\]: Invalid user postgres from 218.69.91.84 port 46231 Jun 22 05:26:23 MK-Soft-VM7 sshd\[28203\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.69.91.84 Jun 22 05:26:25 MK-Soft-VM7 sshd\[28203\]: Failed password for invalid user postgres from 218.69.91.84 port 46231 ssh2 ...	2019-06-22 18:07:15
185.36.81.168	attackspambots	Jun 22 09:05:30 postfix/smtpd: warning: unknown[185.36.81.168]: SASL LOGIN authentication failed	2019-06-22 18:13:14
114.108.254.254	attackbots	TCP port 445 (SMB) attempt blocked by firewall. [2019-06-22 06:24:54]	2019-06-22 18:34:22
111.246.96.40	attackspambots	2019-06-22T06:24:59.419739mail01 postfix/smtpd[8482]: warning: 111-246-96-40.dynamic-ip.hinet.net[111.246.96.40]: SASL PLAIN authentication failed: 2019-06-22T06:25:09.127508mail01 postfix/smtpd[8482]: warning: 111-246-96-40.dynamic-ip.hinet.net[111.246.96.40]: SASL PLAIN authentication failed: 2019-06-22T06:25:17.365761mail01 postfix/smtpd[8482]: warning: 111-246-96-40.dynamic-ip.hinet.net[111.246.96.40]: SASL PLAIN authentication failed:	2019-06-22 18:37:23
91.121.156.133	attackspam	/var/log/messages:Jun 18 17:54:37 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1560880477.232:144230): pid=4003 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha2-256 pfs=ecdh-sha2-nistp256 spid=4004 suid=74 rport=56144 laddr=104.167.106.93 lport=23 exe="/usr/sbin/sshd" hostname=? addr=91.121.156.133 terminal=? res=success' /var/log/messages:Jun 18 17:54:37 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1560880477.239:144231): pid=4003 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha2-256 pfs=ecdh-sha2-nistp256 spid=4004 suid=74 rport=56144 laddr=104.167.106.93 lport=23 exe="/usr/sbin/sshd" hostname=? addr=91.121.156.133 terminal=? res=success' /var/log/messages:Jun 18 17:54:53 sanyalnet-cloud-vps fail2ban.filter[19699]: WARNING ........ -------------------------------	2019-06-22 18:26:34
203.109.106.156	attackbots	LGS,WP GET /wp-login.php	2019-06-22 18:29:19
78.46.61.245	attack	20 attempts against mh-misbehave-ban on pluto.magehost.pro	2019-06-22 18:28:19

最近上报的IP列表

113.176.132.134	190.144.79.157	138.131.41.82	117.6.62.202
221.228.78.56	1.55.50.22	150.109.111.165	137.189.40.31
36.73.134.20	136.239.214.188	122.51.150.134	47.247.248.233
29.84.217.236	9.16.46.205	9.189.35.156	77.238.26.253
139.2.219.52	125.28.11.110	115.44.92.13	229.162.108.171