120.133.136.75

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): 21Vianet (China) Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 3 02:18:10 ns308116 sshd[25787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 user=root Oct 3 02:18:12 ns308116 sshd[25787]: Failed password for root from 120.133.136.75 port 45220 ssh2 Oct 3 02:25:09 ns308116 sshd[9462]: Invalid user ubuntu from 120.133.136.75 port 45695 Oct 3 02:25:09 ns308116 sshd[9462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 Oct 3 02:25:11 ns308116 sshd[9462]: Failed password for invalid user ubuntu from 120.133.136.75 port 45695 ssh2 ...	2020-10-04 04:18:08
attack	Oct 3 02:18:10 ns308116 sshd[25787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 user=root Oct 3 02:18:12 ns308116 sshd[25787]: Failed password for root from 120.133.136.75 port 45220 ssh2 Oct 3 02:25:09 ns308116 sshd[9462]: Invalid user ubuntu from 120.133.136.75 port 45695 Oct 3 02:25:09 ns308116 sshd[9462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 Oct 3 02:25:11 ns308116 sshd[9462]: Failed password for invalid user ubuntu from 120.133.136.75 port 45695 ssh2 ...	2020-10-03 20:22:55
attack	Sep 12 08:25:24 root sshd[2319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 Sep 12 08:44:07 root sshd[19051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 ...	2020-09-12 20:11:40
attack	Sep 12 05:35:16 hidden sshd[18703]: Failed password for hidden from 120.133.136.75 port 52369 ssh2 Sep 12 05:39:22 hidden sshd[19309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 user=root Sep 12 05:39:24 hidden sshd[19309]: Failed password for hidden from 120.133.136.75 port 45675 ssh2	2020-09-12 12:14:51
attack	Bruteforce detected by fail2ban	2020-09-12 04:03:18
attack	Sep 6 02:31:48 melroy-server sshd[1237]: Failed password for root from 120.133.136.75 port 60310 ssh2 ...	2020-09-06 23:44:23
attack	Sep 6 02:31:48 melroy-server sshd[1237]: Failed password for root from 120.133.136.75 port 60310 ssh2 ...	2020-09-06 15:08:37
attack	Sep 6 00:43:09 minden010 sshd[330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 Sep 6 00:43:12 minden010 sshd[330]: Failed password for invalid user test from 120.133.136.75 port 43229 ssh2 Sep 6 00:46:52 minden010 sshd[1645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 ...	2020-09-06 07:12:04
attackspambots	$f2bV_matches	2020-08-29 15:03:05
attack	SSH Brute-Forcing (server1)	2020-08-23 02:59:05
attackspam	Aug 22 08:33:40 vm1 sshd[29333]: Failed password for root from 120.133.136.75 port 42965 ssh2 Aug 22 08:41:44 vm1 sshd[29521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.75 ...	2020-08-22 19:23:45
attackbots	SSH brutforce	2020-07-13 16:57:40

相同子网IP讨论:

IP	类型	评论内容	时间
120.133.136.191	attackspam	2020-09-21T04:21:39.307341vps773228.ovh.net sshd[18389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.191 2020-09-21T04:21:39.290959vps773228.ovh.net sshd[18389]: Invalid user svnuser from 120.133.136.191 port 38926 2020-09-21T04:21:40.526534vps773228.ovh.net sshd[18389]: Failed password for invalid user svnuser from 120.133.136.191 port 38926 ssh2 2020-09-21T04:24:06.074143vps773228.ovh.net sshd[18411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.191 user=root 2020-09-21T04:24:07.805466vps773228.ovh.net sshd[18411]: Failed password for root from 120.133.136.191 port 53351 ssh2 ...	2020-09-21 22:35:39
120.133.136.191	attack	2020-09-21T04:21:39.307341vps773228.ovh.net sshd[18389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.191 2020-09-21T04:21:39.290959vps773228.ovh.net sshd[18389]: Invalid user svnuser from 120.133.136.191 port 38926 2020-09-21T04:21:40.526534vps773228.ovh.net sshd[18389]: Failed password for invalid user svnuser from 120.133.136.191 port 38926 ssh2 2020-09-21T04:24:06.074143vps773228.ovh.net sshd[18411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.191 user=root 2020-09-21T04:24:07.805466vps773228.ovh.net sshd[18411]: Failed password for root from 120.133.136.191 port 53351 ssh2 ...	2020-09-21 14:21:38
120.133.136.191	attackspam	Sep 20 23:53:01 marvibiene sshd[28052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.191 Sep 20 23:53:02 marvibiene sshd[28052]: Failed password for invalid user ubuntu from 120.133.136.191 port 41442 ssh2 Sep 21 00:01:26 marvibiene sshd[28948]: Failed password for root from 120.133.136.191 port 32999 ssh2	2020-09-21 06:11:44
120.133.136.191	attackbotsspam	Sep 20 20:11:16 server sshd[52423]: Failed password for invalid user ftptest from 120.133.136.191 port 57429 ssh2 Sep 20 20:12:27 server sshd[52739]: Failed password for root from 120.133.136.191 port 49178 ssh2 Sep 20 20:13:40 server sshd[52908]: Failed password for root from 120.133.136.191 port 39359 ssh2	2020-09-21 02:39:16
120.133.136.191	attack	120.133.136.191 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 20 06:36:48 idl1-dfw sshd[379556]: Failed password for root from 191.255.232.53 port 51310 ssh2 Sep 20 06:39:40 idl1-dfw sshd[386353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.130.152 user=root Sep 20 06:37:20 idl1-dfw sshd[382429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.32.77.212 user=root Sep 20 06:37:40 idl1-dfw sshd[382601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.191 user=root Sep 20 06:37:42 idl1-dfw sshd[382601]: Failed password for root from 120.133.136.191 port 57114 ssh2 IP Addresses Blocked: 191.255.232.53 (BR/Brazil/-) 206.189.130.152 (IN/India/-) 101.32.77.212 (SG/Singapore/-)	2020-09-20 18:41:07
120.133.136.191	attackbotsspam	Lines containing failures of 120.133.136.191 Sep 17 08:04:45 hgb10502 sshd[27465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.191 user=r.r Sep 17 08:04:46 hgb10502 sshd[27465]: Failed password for r.r from 120.133.136.191 port 48393 ssh2 Sep 17 08:04:47 hgb10502 sshd[27465]: Received disconnect from 120.133.136.191 port 48393:11: Bye Bye [preauth] Sep 17 08:04:47 hgb10502 sshd[27465]: Disconnected from authenticating user r.r 120.133.136.191 port 48393 [preauth] Sep 17 08:26:01 hgb10502 sshd[30512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.136.191 user=r.r Sep 17 08:26:03 hgb10502 sshd[30512]: Failed password for r.r from 120.133.136.191 port 44689 ssh2 Sep 17 08:26:06 hgb10502 sshd[30512]: Received disconnect from 120.133.136.191 port 44689:11: Bye Bye [preauth] Sep 17 08:26:06 hgb10502 sshd[30512]: Disconnected from authenticating user r.r 120.133.136.191 p........ ------------------------------	2020-09-18 22:31:32
120.133.136.191	attackbotsspam	21 attempts against mh-ssh on pcx	2020-09-18 14:46:54
120.133.136.191	attackspambots	Sep 17 13:32:03 ny01 sshd[24557]: Failed password for root from 120.133.136.191 port 40948 ssh2 Sep 17 13:35:38 ny01 sshd[24952]: Failed password for root from 120.133.136.191 port 51818 ssh2	2020-09-18 05:03:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.133.136.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61487
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.133.136.75.			IN	A

;; AUTHORITY SECTION:
.			381	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071300 1800 900 604800 86400

;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jul 13 16:57:31 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

;; connection timed out; no servers could be reached

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 75.136.133.120.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
27.105.103.3	attack	Aug 30 17:25:00 sachi sshd\[22489\]: Invalid user tms from 27.105.103.3 Aug 30 17:25:00 sachi sshd\[22489\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.105.103.3 Aug 30 17:25:02 sachi sshd\[22489\]: Failed password for invalid user tms from 27.105.103.3 port 49928 ssh2 Aug 30 17:29:43 sachi sshd\[22915\]: Invalid user harley from 27.105.103.3 Aug 30 17:29:43 sachi sshd\[22915\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.105.103.3	2019-08-31 13:28:56
187.101.38.44	attack	Aug 31 02:46:26 vtv3 sshd\[31213\]: Invalid user nikolas from 187.101.38.44 port 57132 Aug 31 02:46:26 vtv3 sshd\[31213\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.101.38.44 Aug 31 02:46:28 vtv3 sshd\[31213\]: Failed password for invalid user nikolas from 187.101.38.44 port 57132 ssh2 Aug 31 02:52:13 vtv3 sshd\[1673\]: Invalid user newuser from 187.101.38.44 port 39008 Aug 31 02:52:13 vtv3 sshd\[1673\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.101.38.44 Aug 31 03:09:14 vtv3 sshd\[10118\]: Invalid user odol from 187.101.38.44 port 41080 Aug 31 03:09:14 vtv3 sshd\[10118\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.101.38.44 Aug 31 03:09:17 vtv3 sshd\[10118\]: Failed password for invalid user odol from 187.101.38.44 port 41080 ssh2 Aug 31 03:15:01 vtv3 sshd\[12822\]: Invalid user minecraft from 187.101.38.44 port 51186 Aug 31 03:15:01 vtv3 sshd\[12822\]:	2019-08-31 13:06:00
141.98.9.130	attackbotsspam	Aug 31 07:00:06 relay postfix/smtpd\[29914\]: warning: unknown\[141.98.9.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 31 07:00:41 relay postfix/smtpd\[21588\]: warning: unknown\[141.98.9.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 31 07:00:53 relay postfix/smtpd\[3442\]: warning: unknown\[141.98.9.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 31 07:01:29 relay postfix/smtpd\[21588\]: warning: unknown\[141.98.9.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 31 07:01:43 relay postfix/smtpd\[3443\]: warning: unknown\[141.98.9.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-08-31 13:07:06
62.210.37.82	attackbots	2019-08-31T05:03:10.019417abusebot.cloudsearch.cf sshd\[8264\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62-210-37-82.rev.poneytelecom.eu user=root	2019-08-31 13:14:12
81.218.148.131	attackbots	2019-08-31T06:38:22.822801 sshd[27124]: Invalid user stu from 81.218.148.131 port 55267 2019-08-31T06:38:22.836445 sshd[27124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.218.148.131 2019-08-31T06:38:22.822801 sshd[27124]: Invalid user stu from 81.218.148.131 port 55267 2019-08-31T06:38:25.235883 sshd[27124]: Failed password for invalid user stu from 81.218.148.131 port 55267 ssh2 2019-08-31T06:48:44.510963 sshd[27266]: Invalid user victor from 81.218.148.131 port 53341 ...	2019-08-31 13:14:32
200.58.219.218	attack	Invalid user ic1 from 200.58.219.218 port 34982	2019-08-31 13:23:24
18.136.153.150	attackspambots	C1,WP GET /suche/wp-login.php	2019-08-31 12:41:34
122.195.200.148	attackspambots	Aug 30 18:39:07 php1 sshd\[12526\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.200.148 user=root Aug 30 18:39:09 php1 sshd\[12526\]: Failed password for root from 122.195.200.148 port 45066 ssh2 Aug 30 18:39:20 php1 sshd\[12544\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.200.148 user=root Aug 30 18:39:22 php1 sshd\[12544\]: Failed password for root from 122.195.200.148 port 35822 ssh2 Aug 30 18:43:55 php1 sshd\[12949\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.200.148 user=root	2019-08-31 12:45:06
23.247.98.189	attackspambots	MagicSpam Rule: block_rbl_lists (b.barracudacentral.org); Spammer IP: 23.247.98.189	2019-08-31 13:10:31
202.83.17.89	attackspam	Aug 30 18:54:58 hanapaa sshd\[20245\]: Invalid user plex from 202.83.17.89 Aug 30 18:54:58 hanapaa sshd\[20245\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.83.17.89 Aug 30 18:55:00 hanapaa sshd\[20245\]: Failed password for invalid user plex from 202.83.17.89 port 51950 ssh2 Aug 30 18:59:42 hanapaa sshd\[20613\]: Invalid user andra from 202.83.17.89 Aug 30 18:59:42 hanapaa sshd\[20613\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.83.17.89	2019-08-31 13:05:26
51.75.248.241	attack	Invalid user gregory from 51.75.248.241 port 56158	2019-08-31 13:18:13
68.183.230.112	attack	$f2bV_matches	2019-08-31 13:27:43
50.99.193.144	attackbotsspam	2019-08-31T02:35:44.991659abusebot.cloudsearch.cf sshd\[5218\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=d50-99-193-144.abhsia.telus.net user=root	2019-08-31 12:39:55
51.255.42.250	attack	Aug 31 06:37:52 SilenceServices sshd[7276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.42.250 Aug 31 06:37:54 SilenceServices sshd[7276]: Failed password for invalid user deploy from 51.255.42.250 port 54371 ssh2 Aug 31 06:46:04 SilenceServices sshd[10491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.42.250	2019-08-31 13:03:00
5.152.159.31	attackbotsspam	Aug 31 04:11:49 www_kotimaassa_fi sshd[8788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.152.159.31 Aug 31 04:11:50 www_kotimaassa_fi sshd[8788]: Failed password for invalid user scj from 5.152.159.31 port 53917 ssh2 ...	2019-08-31 13:03:25

最近上报的IP列表

197.62.89.111	54.70.141.244	49.49.233.61	181.46.9.75
81.94.243.61	184.22.245.87	161.239.79.196	177.92.145.55
176.114.246.152	63.100.0.188	79.96.5.106	94.111.247.69
42.2.124.235	23.234.205.12	177.141.163.209	181.46.69.159
205.185.114.226	14.184.54.64	20.186.177.241	143.255.6.215