120.133.136.75

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): 21Vianet (China) Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 3 02:18:10 ns308116 sshd[25787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 user=root Oct 3 02:18:12 ns308116 sshd[25787]: Failed password for root from 120.133.136.75 port 45220 ssh2 Oct 3 02:25:09 ns308116 sshd[9462]: Invalid user ubuntu from 120.133.136.75 port 45695 Oct 3 02:25:09 ns308116 sshd[9462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 Oct 3 02:25:11 ns308116 sshd[9462]: Failed password for invalid user ubuntu from 120.133.136.75 port 45695 ssh2 ...	2020-10-04 04:18:08
attack	Oct 3 02:18:10 ns308116 sshd[25787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 user=root Oct 3 02:18:12 ns308116 sshd[25787]: Failed password for root from 120.133.136.75 port 45220 ssh2 Oct 3 02:25:09 ns308116 sshd[9462]: Invalid user ubuntu from 120.133.136.75 port 45695 Oct 3 02:25:09 ns308116 sshd[9462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 Oct 3 02:25:11 ns308116 sshd[9462]: Failed password for invalid user ubuntu from 120.133.136.75 port 45695 ssh2 ...	2020-10-03 20:22:55
attack	Sep 12 08:25:24 root sshd[2319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 Sep 12 08:44:07 root sshd[19051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 ...	2020-09-12 20:11:40
attack	Sep 12 05:35:16 hidden sshd[18703]: Failed password for hidden from 120.133.136.75 port 52369 ssh2 Sep 12 05:39:22 hidden sshd[19309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 user=root Sep 12 05:39:24 hidden sshd[19309]: Failed password for hidden from 120.133.136.75 port 45675 ssh2	2020-09-12 12:14:51
attack	Bruteforce detected by fail2ban	2020-09-12 04:03:18
attack	Sep 6 02:31:48 melroy-server sshd[1237]: Failed password for root from 120.133.136.75 port 60310 ssh2 ...	2020-09-06 23:44:23
attack	Sep 6 02:31:48 melroy-server sshd[1237]: Failed password for root from 120.133.136.75 port 60310 ssh2 ...	2020-09-06 15:08:37
attack	Sep 6 00:43:09 minden010 sshd[330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 Sep 6 00:43:12 minden010 sshd[330]: Failed password for invalid user test from 120.133.136.75 port 43229 ssh2 Sep 6 00:46:52 minden010 sshd[1645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 ...	2020-09-06 07:12:04
attackspambots	$f2bV_matches	2020-08-29 15:03:05
attack	SSH Brute-Forcing (server1)	2020-08-23 02:59:05
attackspam	Aug 22 08:33:40 vm1 sshd[29333]: Failed password for root from 120.133.136.75 port 42965 ssh2 Aug 22 08:41:44 vm1 sshd[29521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 ...	2020-08-22 19:23:45
attackbots	SSH brutforce	2020-07-13 16:57:40

相同子网IP讨论:

IP	类型	评论内容	时间
120.133.136.191	attackspam	2020-09-21T04:21:39.307341vps773228.ovh.net sshd[18389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.191 2020-09-21T04:21:39.290959vps773228.ovh.net sshd[18389]: Invalid user svnuser from 120.133.136.191 port 38926 2020-09-21T04:21:40.526534vps773228.ovh.net sshd[18389]: Failed password for invalid user svnuser from 120.133.136.191 port 38926 ssh2 2020-09-21T04:24:06.074143vps773228.ovh.net sshd[18411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.191 user=root 2020-09-21T04:24:07.805466vps773228.ovh.net sshd[18411]: Failed password for root from 120.133.136.191 port 53351 ssh2 ...	2020-09-21 22:35:39
120.133.136.191	attack	2020-09-21T04:21:39.307341vps773228.ovh.net sshd[18389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.191 2020-09-21T04:21:39.290959vps773228.ovh.net sshd[18389]: Invalid user svnuser from 120.133.136.191 port 38926 2020-09-21T04:21:40.526534vps773228.ovh.net sshd[18389]: Failed password for invalid user svnuser from 120.133.136.191 port 38926 ssh2 2020-09-21T04:24:06.074143vps773228.ovh.net sshd[18411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.191 user=root 2020-09-21T04:24:07.805466vps773228.ovh.net sshd[18411]: Failed password for root from 120.133.136.191 port 53351 ssh2 ...	2020-09-21 14:21:38
120.133.136.191	attackspam	Sep 20 23:53:01 marvibiene sshd[28052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.191 Sep 20 23:53:02 marvibiene sshd[28052]: Failed password for invalid user ubuntu from 120.133.136.191 port 41442 ssh2 Sep 21 00:01:26 marvibiene sshd[28948]: Failed password for root from 120.133.136.191 port 32999 ssh2	2020-09-21 06:11:44
120.133.136.191	attackbotsspam	Sep 20 20:11:16 server sshd[52423]: Failed password for invalid user ftptest from 120.133.136.191 port 57429 ssh2 Sep 20 20:12:27 server sshd[52739]: Failed password for root from 120.133.136.191 port 49178 ssh2 Sep 20 20:13:40 server sshd[52908]: Failed password for root from 120.133.136.191 port 39359 ssh2	2020-09-21 02:39:16
120.133.136.191	attack	120.133.136.191 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 20 06:36:48 idl1-dfw sshd[379556]: Failed password for root from 191.255.232.53 port 51310 ssh2 Sep 20 06:39:40 idl1-dfw sshd[386353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.130.152 user=root Sep 20 06:37:20 idl1-dfw sshd[382429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.32.77.212 user=root Sep 20 06:37:40 idl1-dfw sshd[382601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.191 user=root Sep 20 06:37:42 idl1-dfw sshd[382601]: Failed password for root from 120.133.136.191 port 57114 ssh2 IP Addresses Blocked: 191.255.232.53 (BR/Brazil/-) 206.189.130.152 (IN/India/-) 101.32.77.212 (SG/Singapore/-)	2020-09-20 18:41:07
120.133.136.191	attackbotsspam	Lines containing failures of 120.133.136.191 Sep 17 08:04:45 hgb10502 sshd[27465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.191 user=r.r Sep 17 08:04:46 hgb10502 sshd[27465]: Failed password for r.r from 120.133.136.191 port 48393 ssh2 Sep 17 08:04:47 hgb10502 sshd[27465]: Received disconnect from 120.133.136.191 port 48393:11: Bye Bye [preauth] Sep 17 08:04:47 hgb10502 sshd[27465]: Disconnected from authenticating user r.r 120.133.136.191 port 48393 [preauth] Sep 17 08:26:01 hgb10502 sshd[30512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.191 user=r.r Sep 17 08:26:03 hgb10502 sshd[30512]: Failed password for r.r from 120.133.136.191 port 44689 ssh2 Sep 17 08:26:06 hgb10502 sshd[30512]: Received disconnect from 120.133.136.191 port 44689:11: Bye Bye [preauth] Sep 17 08:26:06 hgb10502 sshd[30512]: Disconnected from authenticating user r.r 120.133.136.191 p........ ------------------------------	2020-09-18 22:31:32
120.133.136.191	attackbotsspam	21 attempts against mh-ssh on pcx	2020-09-18 14:46:54
120.133.136.191	attackspambots	Sep 17 13:32:03 ny01 sshd[24557]: Failed password for root from 120.133.136.191 port 40948 ssh2 Sep 17 13:35:38 ny01 sshd[24952]: Failed password for root from 120.133.136.191 port 51818 ssh2	2020-09-18 05:03:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.133.136.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61487
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.133.136.75.			IN	A

;; AUTHORITY SECTION:
.			381	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071300 1800 900 604800 86400

;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jul 13 16:57:31 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

;; connection timed out; no servers could be reached

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 75.136.133.120.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
49.234.96.173	attackbotsspam	Oct 7 05:52:12 fhem-rasp sshd[29741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.96.173 user=root Oct 7 05:52:14 fhem-rasp sshd[29741]: Failed password for root from 49.234.96.173 port 42314 ssh2 ...	2020-10-07 13:52:16
119.29.144.4	attackbotsspam	SSH login attempts.	2020-10-07 14:16:18
103.45.175.247	attackspam	$f2bV_matches	2020-10-07 14:21:43
222.90.93.109	attack	Lines containing failures of 222.90.93.109 Oct 6 09:34:57 kmh-vmh-003-fsn07 sshd[30943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.90.93.109 user=r.r Oct 6 09:35:00 kmh-vmh-003-fsn07 sshd[30943]: Failed password for r.r from 222.90.93.109 port 37480 ssh2 Oct 6 09:35:01 kmh-vmh-003-fsn07 sshd[30943]: Received disconnect from 222.90.93.109 port 37480:11: Bye Bye [preauth] Oct 6 09:35:01 kmh-vmh-003-fsn07 sshd[30943]: Disconnected from authenticating user r.r 222.90.93.109 port 37480 [preauth] Oct 6 09:40:00 kmh-vmh-003-fsn07 sshd[31680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.90.93.109 user=r.r Oct 6 09:40:02 kmh-vmh-003-fsn07 sshd[31680]: Failed password for r.r from 222.90.93.109 port 34944 ssh2 Oct 6 09:40:03 kmh-vmh-003-fsn07 sshd[31680]: Received disconnect from 222.90.93.109 port 34944:11: Bye Bye [preauth] Oct 6 09:40:03 kmh-vmh-003-fsn07 sshd[31680]: Dis........ ------------------------------	2020-10-07 14:18:21
113.23.225.9	attackbotsspam	Time: Tue Oct 6 18:08:20 2020 -0300 IP: 113.23.225.9 (MY/Malaysia/mail.ipmart.biz) Failures: 5 (mod_security) Interval: 3600 seconds Blocked: Permanent Block	2020-10-07 14:22:57
142.93.191.61	attackbots	Oct 7 07:54:57 hidden sshd[8037]: Failed password for hidden from 142.93.191.61 port 41234 ssh2 Oct 7 07:54:58 hidden sshd[8041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.61 user=root Oct 7 07:55:00 hidden sshd[8041]: Failed password for hidden from 142.93.191.61 port 44400 ssh2	2020-10-07 14:04:30
106.12.148.170	attackbotsspam	2020-10-06T22:39:57.103856shield sshd\[6255\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.148.170 user=root 2020-10-06T22:39:58.968096shield sshd\[6255\]: Failed password for root from 106.12.148.170 port 51866 ssh2 2020-10-06T22:44:05.757563shield sshd\[6611\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.148.170 user=root 2020-10-06T22:44:07.667391shield sshd\[6611\]: Failed password for root from 106.12.148.170 port 54962 ssh2 2020-10-06T22:48:13.684314shield sshd\[7030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.148.170 user=root	2020-10-07 14:04:02
140.143.12.19	attack	Oct 6 22:31:46 logopedia-1vcpu-1gb-nyc1-01 sshd[188613]: Failed password for root from 140.143.12.19 port 38288 ssh2 ...	2020-10-07 14:13:23
208.77.22.211	attack	Port scanning [4 denied]	2020-10-07 14:08:07
14.143.190.178	attack	20/10/6@16:43:54: FAIL: Alarm-Network address from=14.143.190.178 20/10/6@16:43:54: FAIL: Alarm-Network address from=14.143.190.178 ...	2020-10-07 13:58:34
121.46.244.194	attack	Oct 7 05:36:08 *** sshd[1009]: User root from 121.46.244.194 not allowed because not listed in AllowUsers	2020-10-07 13:52:45
82.196.113.78	attackbotsspam	Oct 6 19:46:22 web9 sshd\[1872\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.196.113.78 user=root Oct 6 19:46:24 web9 sshd\[1872\]: Failed password for root from 82.196.113.78 port 28463 ssh2 Oct 6 19:48:40 web9 sshd\[2265\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.196.113.78 user=root Oct 6 19:48:43 web9 sshd\[2265\]: Failed password for root from 82.196.113.78 port 54959 ssh2 Oct 6 19:51:02 web9 sshd\[2657\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.196.113.78 user=root	2020-10-07 14:02:17
185.234.216.64	attack	Oct 7 04:24:33 mail postfix/smtpd\[14252\]: warning: unknown\[185.234.216.64\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 7 05:01:43 mail postfix/smtpd\[15254\]: warning: unknown\[185.234.216.64\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 7 05:40:09 mail postfix/smtpd\[16915\]: warning: unknown\[185.234.216.64\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 7 06:17:57 mail postfix/smtpd\[18151\]: warning: unknown\[185.234.216.64\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-10-07 14:18:50
125.137.236.50	attackspam	SSH login attempts.	2020-10-07 13:50:56
193.24.202.155	attack	Autoban 193.24.202.155 AUTH/CONNECT	2020-10-07 14:29:00

最近上报的IP列表

197.62.89.111	54.70.141.244	49.49.233.61	181.46.9.75
81.94.243.61	184.22.245.87	161.239.79.196	177.92.145.55
176.114.246.152	63.100.0.188	79.96.5.106	94.111.247.69
42.2.124.235	23.234.205.12	177.141.163.209	181.46.69.159
205.185.114.226	14.184.54.64	20.186.177.241	143.255.6.215