106.75.133.221

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Invalid user es from 106.75.133.221 port 49682	2020-04-22 02:36:36
attack	Invalid user es from 106.75.133.221 port 49682	2020-04-20 21:43:33

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.133.250	attackspam	Invalid user zabbix from 106.75.133.250 port 58955	2020-08-30 16:23:38
106.75.133.250	attack	Aug 26 01:07:07 lukav-desktop sshd\[11434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 user=root Aug 26 01:07:09 lukav-desktop sshd\[11434\]: Failed password for root from 106.75.133.250 port 56879 ssh2 Aug 26 01:11:19 lukav-desktop sshd\[20421\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 user=root Aug 26 01:11:21 lukav-desktop sshd\[20421\]: Failed password for root from 106.75.133.250 port 60418 ssh2 Aug 26 01:15:33 lukav-desktop sshd\[2980\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 user=root	2020-08-26 07:44:16
106.75.133.250	attack	Aug 17 21:03:09 pixelmemory sshd[2640411]: Invalid user sambauser from 106.75.133.250 port 47187 Aug 17 21:03:09 pixelmemory sshd[2640411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 Aug 17 21:03:09 pixelmemory sshd[2640411]: Invalid user sambauser from 106.75.133.250 port 47187 Aug 17 21:03:11 pixelmemory sshd[2640411]: Failed password for invalid user sambauser from 106.75.133.250 port 47187 ssh2 Aug 17 21:08:08 pixelmemory sshd[2641493]: Invalid user ping from 106.75.133.250 port 50787 ...	2020-08-18 12:25:07
106.75.133.250	attackspambots	Ssh brute force	2020-07-22 09:38:57
106.75.133.250	attackbots	Jul 7 21:39:56 rocket sshd[6721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 Jul 7 21:39:58 rocket sshd[6721]: Failed password for invalid user sato from 106.75.133.250 port 49570 ssh2 ...	2020-07-08 05:03:43
106.75.133.250	attackbotsspam	20 attempts against mh-ssh on cloud	2020-07-06 03:50:47
106.75.133.250	attackspambots	SSH Brute Force	2020-07-05 21:02:49
106.75.133.250	attack	Jun 29 08:03:17 vps639187 sshd\[6423\]: Invalid user etluser from 106.75.133.250 port 37475 Jun 29 08:03:17 vps639187 sshd\[6423\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 Jun 29 08:03:19 vps639187 sshd\[6423\]: Failed password for invalid user etluser from 106.75.133.250 port 37475 ssh2 ...	2020-06-29 14:13:22
106.75.133.250	attackbots	Jun 9 18:35:14 roki-contabo sshd\[14460\]: Invalid user gyy from 106.75.133.250 Jun 9 18:35:14 roki-contabo sshd\[14460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 Jun 9 18:35:16 roki-contabo sshd\[14460\]: Failed password for invalid user gyy from 106.75.133.250 port 54457 ssh2 Jun 9 18:45:10 roki-contabo sshd\[14820\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 user=root Jun 9 18:45:12 roki-contabo sshd\[14820\]: Failed password for root from 106.75.133.250 port 42937 ssh2 ...	2020-06-10 01:35:19
106.75.133.250	attackbotsspam	$f2bV_matches	2020-05-31 13:24:04
106.75.133.250	attackspam	Invalid user cobo from 106.75.133.250 port 56937	2020-05-12 02:55:09

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.133.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6515
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.133.221.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041702 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 20 21:43:26 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 221.133.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 221.133.75.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
193.35.51.13	attack	2020-07-27 00:30:38 dovecot_login authenticator failed for $\[193.35.51.13\]$ \[193.35.51.13\]: 535 Incorrect authentication data $set_id=tickets@yt.gl$ 2020-07-27 00:30:45 dovecot_login authenticator failed for $\[193.35.51.13\]$ \[193.35.51.13\]: 535 Incorrect authentication data 2020-07-27 00:30:55 dovecot_login authenticator failed for $\[193.35.51.13\]$ \[193.35.51.13\]: 535 Incorrect authentication data 2020-07-27 00:31:00 dovecot_login authenticator failed for $\[193.35.51.13\]$ \[193.35.51.13\]: 535 Incorrect authentication data 2020-07-27 00:31:13 dovecot_login authenticator failed for $\[193.35.51.13\]$ \[193.35.51.13\]: 535 Incorrect authentication data 2020-07-27 00:31:18 dovecot_login authenticator failed for $\[193.35.51.13\]$ \[193.35.51.13\]: 535 Incorrect authentication data 2020-07-27 00:31:23 dovecot_login authenticator failed for $\[193.35.51.13\]$ \[193.35.51.13\]: 535 Incorrect authentication data 2020-07-27 00:31:29 dovecot_login authenticator fai ...	2020-07-27 06:57:20
24.1.6.119	attackspambots	Jul 26 22:15:12 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=24.1.6.119 DST=79.143.186.54 LEN=68 TOS=0x00 PREC=0x00 TTL=249 ID=24639 PROTO=UDP SPT=3074 DPT=111 LEN=48 Jul 26 22:15:47 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=24.1.6.119 DST=79.143.186.54 LEN=68 TOS=0x00 PREC=0x00 TTL=249 ID=33799 PROTO=UDP SPT=3074 DPT=111 LEN=48 Jul 26 22:31:08 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=24.1.6.119 DST=79.143.186.54 LEN=68 TOS=0x00 PREC=0x00 TTL=249 ID=55557 PROTO=UDP SPT=3074 DPT=111 LEN=48	2020-07-27 07:02:51
51.79.44.52	attackbots	Invalid user moriyama from 51.79.44.52 port 37584	2020-07-27 07:15:13
2601:240:5:956b:a95f:f5fa:8ce7:c91f	attackbots	Wordpress attack	2020-07-27 07:19:43
112.85.42.232	attackspam	Jul 27 00:36:03 home sshd[947145]: Failed password for root from 112.85.42.232 port 43996 ssh2 Jul 27 00:36:59 home sshd[947912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.232 user=root Jul 27 00:37:02 home sshd[947912]: Failed password for root from 112.85.42.232 port 38931 ssh2 Jul 27 00:38:05 home sshd[948228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.232 user=root Jul 27 00:38:07 home sshd[948228]: Failed password for root from 112.85.42.232 port 35216 ssh2 ...	2020-07-27 06:51:44
128.199.112.240	attack	fail2ban -- 128.199.112.240 ...	2020-07-27 06:52:33
120.92.139.2	attackbots	Invalid user ky from 120.92.139.2 port 14726	2020-07-27 06:55:27
174.110.88.87	attack	Jul 27 00:22:10 abendstille sshd\[4044\]: Invalid user mysql from 174.110.88.87 Jul 27 00:22:10 abendstille sshd\[4044\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.110.88.87 Jul 27 00:22:12 abendstille sshd\[4044\]: Failed password for invalid user mysql from 174.110.88.87 port 34630 ssh2 Jul 27 00:26:29 abendstille sshd\[7856\]: Invalid user sa from 174.110.88.87 Jul 27 00:26:29 abendstille sshd\[7856\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.110.88.87 ...	2020-07-27 06:59:50
188.254.0.182	attackspam	Jul 26 13:59:48 dignus sshd[16144]: Failed password for invalid user mc from 188.254.0.182 port 45652 ssh2 Jul 26 14:03:27 dignus sshd[16707]: Invalid user ansible from 188.254.0.182 port 41390 Jul 26 14:03:27 dignus sshd[16707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.182 Jul 26 14:03:29 dignus sshd[16707]: Failed password for invalid user ansible from 188.254.0.182 port 41390 ssh2 Jul 26 14:06:58 dignus sshd[17254]: Invalid user leon from 188.254.0.182 port 37130 ...	2020-07-27 07:24:56
151.80.45.51	attackbotsspam	151.80.45.51 - - \[27/Jul/2020:01:24:08 +0200\] "POST /wp-login.php HTTP/1.0" 200 6827 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 151.80.45.51 - - \[27/Jul/2020:01:24:08 +0200\] "POST /wp-login.php HTTP/1.0" 200 6825 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 151.80.45.51 - - \[27/Jul/2020:01:24:08 +0200\] "POST /wp-login.php HTTP/1.0" 200 6673 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-07-27 07:27:13
88.102.244.211	attackspam	Invalid user huw from 88.102.244.211 port 56006	2020-07-27 06:57:50
207.154.215.3	attackbots	SSH Invalid Login	2020-07-27 07:17:53
134.122.64.201	attackspambots	SSH Invalid Login	2020-07-27 07:01:48
212.70.149.19	attackspam	Jul 27 01:02:19 mail.srvfarm.net postfix/smtpd[1597388]: warning: unknown[212.70.149.19]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 27 01:02:42 mail.srvfarm.net postfix/smtpd[1594570]: warning: unknown[212.70.149.19]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 27 01:03:04 mail.srvfarm.net postfix/smtpd[1609223]: warning: unknown[212.70.149.19]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 27 01:03:27 mail.srvfarm.net postfix/smtpd[1594569]: warning: unknown[212.70.149.19]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 27 01:03:50 mail.srvfarm.net postfix/smtpd[1609225]: warning: unknown[212.70.149.19]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-07-27 07:07:36
184.82.226.9	attackspam	IP 184.82.226.9 attacked honeypot on port: 81 at 7/26/2020 1:12:48 PM	2020-07-27 07:11:09

最近上报的IP列表

61.69.65.4	240.61.240.80	198.202.53.94	129.46.216.53
15.22.173.104	1.48.125.198	175.226.177.216	253.60.241.56
82.189.223.116	82.148.18.176	62.72.236.2	61.19.23.170
51.89.164.153	49.235.172.132	41.233.223.121	35.234.62.37
14.187.127.172	3.215.180.19	223.240.80.31	220.156.170.176