IP address

Search at other sites:

.487106.75.133.83uhupps.cn

Shodan(more info)

Passive DNS

IP blacklists

CI Army

106.75.133.83 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2024-10-05 02:50:00.971000
Was present on blacklist at: 2024-07-11 02:50, 2024-07-12 02:50, 2024-07-13 02:50, 2024-07-23 02:50, 2024-07-24 02:50, 2024-07-25 02:50, 2024-07-26 02:50, 2024-07-27 02:50, 2024-07-28 02:50, 2024-07-29 02:50, 2024-07-31 02:50, 2024-08-03 02:50, 2024-08-05 02:50, 2024-08-06 02:50, 2024-08-07 02:50, 2024-08-08 02:50, 2024-08-09 02:50, 2024-08-10 02:50, 2024-08-11 02:50, 2024-08-12 02:50, 2024-08-13 02:50, 2024-08-14 02:50, 2024-08-15 02:50, 2024-08-16 02:50, 2024-09-11 02:50, 2024-09-12 02:50, 2024-09-13 02:50, 2024-09-14 02:50, 2024-09-15 02:50, 2024-09-16 02:50, 2024-09-17 02:50, 2024-09-18 02:50, 2024-09-19 02:50, 2024-09-30 02:50, 2024-10-01 02:50, 2024-10-02 02:50, 2024-10-03 02:50, 2024-10-04 02:50, 2024-10-05 02:50

Turris greylist

106.75.133.83 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2024-10-02 21:15:00.221000
Was present on blacklist at: 2024-07-13 21:15, 2024-07-24 21:15, 2024-07-26 21:15, 2024-07-27 21:15, 2024-07-29 21:15, 2024-08-04 21:15, 2024-08-06 21:15, 2024-08-08 21:15, 2024-08-10 21:15, 2024-08-14 21:15, 2024-09-13 21:15, 2024-10-02 21:15

AbuseIPDB

106.75.133.83 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2024-08-11 04:00:00.429000
Was present on blacklist at: 2024-07-12 04:00, 2024-07-25 04:00, 2024-07-29 04:00, 2024-08-01 04:00, 2024-08-11 04:00

Spamhaus PBL

106.75.133.83 is listed on the Spamhaus PBL blacklist.

Description: The Spamhaus PBL is a DNSBL database of end-user IP address ranges which should not be delivering unauthenticated SMTP email to any Internet mail server except those provided for specifically by an ISP for that customer's use.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2024-10-01 13:21:50.609000
Was present on blacklist at: 2024-08-19 11:57, 2024-08-20 13:21, 2024-08-27 13:21, 2024-09-03 13:21, 2024-09-10 13:21, 2024-09-17 13:21, 2024-09-24 13:21, 2024-10-01 13:21

Warden events (150)

2024-10-05

ReconScanning (node.cfb4f7): 6

ReconScanning (node.368407): 1

2024-10-03

AnomalyTraffic (node.ffe95c): 2

ReconScanning (node.4dc198): 2

ReconScanning (node.cfb4f7): 1

2024-10-02

ReconScanning (node.cfb4f7): 11

ReconScanning (node.368407): 1

ReconScanning (node.4dc198): 1

2024-10-01

ReconScanning (node.cfb4f7): 48

ReconScanning (node.4dc198): 2

ReconScanning (node.86eb21): 2

2024-09-30

ReconScanning (node.cfb4f7): 6

ReconScanning (node.4dc198): 1

AnomalyTraffic (node.ffe95c): 2

ReconScanning (node.368407): 1

2024-09-29

ReconScanning (node.cfb4f7): 4

2024-09-11

AnomalyTraffic (node.ffe95c): 1

2024-09-10

ReconScanning (node.368407): 1

2024-08-13

ReconScanning (node.368407): 1

2024-08-11

AnomalyTraffic (node.ffe95c): 1

ReconScanning (node.4dc198): 2

2024-08-10

ReconScanning (node.368407): 1

ReconScanning (node.4dc198): 1

2024-08-09

ReconScanning (node.368407): 2

ReconScanning (node.f90c6b): 2

ReconScanning (node.4dc198): 1

ReconScanning (node.86eb21): 1

2024-08-08

ReconScanning (node.4dc198): 1

ReconScanning (node.5f02e7): 1

ReconScanning (node.368407): 1

2024-08-07

ReconScanning (node.368407): 1

2024-08-03

ReconScanning (node.368407): 2

2024-08-02

ReconScanning (node.368407): 3

2024-07-30

AnomalyTraffic (node.ffe95c): 2

ReconScanning (node.4dc198): 2

2024-07-29

AnomalyTraffic (node.ffe95c): 1

ReconScanning (node.4dc198): 1

ReconScanning (node.368407): 1

ReconScanning (node.86eb21): 1

2024-07-28

ReconScanning (node.4dc198): 1

ReconScanning (node.5f02e7): 1

2024-07-25

AnomalyTraffic (node.ffe95c): 1

ReconScanning (node.4dc198): 1

2024-07-24

AnomalyTraffic (node.ffe95c): 3

ReconScanning (node.4dc198): 1

ReconScanning (node.368407): 1

2024-07-23

ReconScanning (node.368407): 5

2024-07-22

ReconScanning (node.368407): 1

2024-07-20

AnomalyTraffic (node.ce2b59): 1

AnomalyTraffic (node.ffe95c): 1

ReconScanning (node.4dc198): 1

ReconScanning (node.ce2b59): 1

2024-07-13

ReconScanning (node.368407): 1

2024-07-12

ReconScanning (node.f90c6b): 1

AnomalyTraffic (node.ffe95c): 1

ReconScanning (node.368407): 1

2024-07-11

AnomalyTraffic (node.ffe95c): 1

ReconScanning (node.4dc198): 2

ReconScanning (node.368407): 1

2024-07-10

ReconScanning (node.368407): 1

DShield reports (IP summary, reports)

2024-07-10

Number of reports: 68

Distinct targets: 51

2024-07-11

Number of reports: 119

Distinct targets: 87

2024-07-12

Number of reports: 251

Distinct targets: 227

2024-07-13

Number of reports: 144

Distinct targets: 84

2024-07-20

Number of reports: 251

Distinct targets: 251

2024-07-22

Number of reports: 196

Distinct targets: 120

2024-07-23

Number of reports: 171

Distinct targets: 103

2024-07-24

Number of reports: 316

Distinct targets: 267

2024-07-25

Number of reports: 282

Distinct targets: 262

2024-07-26

Number of reports: 310

Distinct targets: 256

2024-07-27

Number of reports: 42

Distinct targets: 25

2024-07-28

Number of reports: 142

Distinct targets: 76

2024-07-29

Number of reports: 45

Distinct targets: 26

2024-07-30

Number of reports: 787

Distinct targets: 674

2024-07-31

Number of reports: 175

Distinct targets: 140

2024-08-01

Number of reports: 210

Distinct targets: 170

2024-08-02

Number of reports: 126

Distinct targets: 76

2024-08-03

Number of reports: 273

Distinct targets: 219

2024-08-04

Number of reports: 219

Distinct targets: 177

2024-08-05

Number of reports: 233

Distinct targets: 197

2024-08-06

Number of reports: 303

Distinct targets: 283

2024-08-08

Number of reports: 159

Distinct targets: 127

2024-08-09

Number of reports: 40

Distinct targets: 40

2024-08-10

Number of reports: 547

Distinct targets: 547

2024-08-11

Number of reports: 274

Distinct targets: 271

2024-08-13

Number of reports: 97

Distinct targets: 58

2024-09-10

Number of reports: 252

Distinct targets: 199

2024-09-11

Number of reports: 224

Distinct targets: 113

2024-09-12

Number of reports: 902

Distinct targets: 649

2024-09-13

Number of reports: 187

Distinct targets: 107

2024-09-29

Number of reports: 16

Distinct targets: 16

2024-09-30

Number of reports: 478

Distinct targets: 448

2024-10-01

Number of reports: 78

Distinct targets: 42

2024-10-02

Number of reports: 446

Distinct targets: 329

2024-10-03

Number of reports: 507

Distinct targets: 447

OTX pulses

[606d75c11c08ff94089a9430] 2021-04-07 09:05:05.353000 | Georgs Honeypot

Author name:	georgengelmann
Pulse modified:	2024-08-10 15:58:02.405000
Indicator created:	2024-07-11 17:23:02
Indicator role:	bruteforce
Indicator title:	SSH intrusion attempt from uhupps.cn port 58914
Indicator expiration:	2024-08-10 17:00:00

Origin AS

AS59077 - UCLOUD-NET

AS58466 - CT-Guangzhou-IDC

AS136958 - UNICOM-GuangZhou-IDC

BGP Prefix

106.75.128.0/20

fmp

{'general': 0.479827880859375}

geo

China

🕑 Asia/Shanghai

hostname

uhupps.cn

Address block ('inetnum' or 'NetRange' in whois database)

106.75.0.0 - 106.75.255.255

last_activity

2024-10-05 05:19:45

last_warden_event

2024-10-05 05:19:45

rep

0.48707551502046126

reserved_range

0

ts_added

2023-08-15 13:21:44.600000

ts_last_update

2024-10-05 13:21:50.217000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses