106.75.103.4 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Unauthorized connection attempt detected from IP address 106.75.103.4 to port 8361	2020-07-07 03:38:18
attack	Wordpress malicious attack:[sshd]	2020-05-30 12:13:20
attackbotsspam	Invalid user deploy from 106.75.103.4 port 35486	2020-05-15 15:30:38
attackbots	May 13 18:00:50 ns392434 sshd[29621]: Invalid user prince from 106.75.103.4 port 60318 May 13 18:00:50 ns392434 sshd[29621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.103.4 May 13 18:00:50 ns392434 sshd[29621]: Invalid user prince from 106.75.103.4 port 60318 May 13 18:00:52 ns392434 sshd[29621]: Failed password for invalid user prince from 106.75.103.4 port 60318 ssh2 May 13 18:14:46 ns392434 sshd[29991]: Invalid user ubuntu from 106.75.103.4 port 50756 May 13 18:14:46 ns392434 sshd[29991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.103.4 May 13 18:14:46 ns392434 sshd[29991]: Invalid user ubuntu from 106.75.103.4 port 50756 May 13 18:14:48 ns392434 sshd[29991]: Failed password for invalid user ubuntu from 106.75.103.4 port 50756 ssh2 May 13 18:21:09 ns392434 sshd[30153]: Invalid user deploy from 106.75.103.4 port 54942	2020-05-14 02:17:06
attack	SSH Brute-Forcing (server2)	2020-04-21 23:49:16
attack	Apr 18 16:58:14: Invalid user user1 from 106.75.103.4 port 56676	2020-04-19 06:48:58
attackspambots	Apr 17 09:01:56 icinga sshd[53512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.103.4 Apr 17 09:01:59 icinga sshd[53512]: Failed password for invalid user wr from 106.75.103.4 port 40988 ssh2 Apr 17 09:23:19 icinga sshd[22273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.103.4 ...	2020-04-17 16:10:30
attack	SSH bruteforce	2020-04-14 07:46:18
attackspambots	k+ssh-bruteforce	2020-04-04 00:46:08
attack	(sshd) Failed SSH login from 106.75.103.4 (CN/China/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 27 13:45:33 andromeda sshd[3691]: Invalid user ohb from 106.75.103.4 port 52524 Mar 27 13:45:36 andromeda sshd[3691]: Failed password for invalid user ohb from 106.75.103.4 port 52524 ssh2 Mar 27 13:54:34 andromeda sshd[3940]: Invalid user qhn from 106.75.103.4 port 36496	2020-03-27 22:33:54
attack	$f2bV_matches	2020-03-23 16:51:54

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.103.36	attackbotsspam	Invalid user ubuntu from 106.75.103.36 port 38618	2020-05-15 06:47:01
106.75.103.36	attackbots	May 11 05:50:48 srv-ubuntu-dev3 sshd[112590]: Invalid user demouser from 106.75.103.36 May 11 05:50:48 srv-ubuntu-dev3 sshd[112590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.103.36 May 11 05:50:48 srv-ubuntu-dev3 sshd[112590]: Invalid user demouser from 106.75.103.36 May 11 05:50:50 srv-ubuntu-dev3 sshd[112590]: Failed password for invalid user demouser from 106.75.103.36 port 41804 ssh2 May 11 05:55:28 srv-ubuntu-dev3 sshd[113344]: Invalid user cgh from 106.75.103.36 May 11 05:55:28 srv-ubuntu-dev3 sshd[113344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.103.36 May 11 05:55:28 srv-ubuntu-dev3 sshd[113344]: Invalid user cgh from 106.75.103.36 May 11 05:55:30 srv-ubuntu-dev3 sshd[113344]: Failed password for invalid user cgh from 106.75.103.36 port 36066 ssh2 ...	2020-05-11 13:05:32
106.75.103.36	attackbotsspam	May 6 04:18:56 XXX sshd[32992]: Invalid user test from 106.75.103.36 port 42250	2020-05-07 08:28:20
106.75.103.36	attackspambots	SSH brute force attempt	2020-04-29 16:21:54
106.75.103.36	attack	$f2bV_matches	2020-04-23 18:25:14
106.75.103.36	attackbots	Apr 16 18:03:22 prod4 sshd\[20501\]: Invalid user postgres from 106.75.103.36 Apr 16 18:03:24 prod4 sshd\[20501\]: Failed password for invalid user postgres from 106.75.103.36 port 48284 ssh2 Apr 16 18:10:17 prod4 sshd\[23479\]: Failed password for root from 106.75.103.36 port 52886 ssh2 ...	2020-04-17 00:53:54
106.75.103.36	attackbots	Apr 12 23:34:22 v22018086721571380 sshd[15486]: Failed password for invalid user ranger from 106.75.103.36 port 43580 ssh2	2020-04-13 06:01:34
106.75.103.36	attackspam	Mar 31 01:27:04 plex sshd[21003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.103.36 user=root Mar 31 01:27:06 plex sshd[21003]: Failed password for root from 106.75.103.36 port 42362 ssh2	2020-03-31 09:42:07
106.75.103.36	attack	Mar 26 18:17:37 firewall sshd[25069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.103.36 Mar 26 18:17:37 firewall sshd[25069]: Invalid user ewz from 106.75.103.36 Mar 26 18:17:40 firewall sshd[25069]: Failed password for invalid user ewz from 106.75.103.36 port 37480 ssh2 ...	2020-03-27 08:02:04
106.75.103.35	attackspam	Dec 20 19:18:48 pkdns2 sshd\[52742\]: Invalid user user001 from 106.75.103.35Dec 20 19:18:50 pkdns2 sshd\[52742\]: Failed password for invalid user user001 from 106.75.103.35 port 55024 ssh2Dec 20 19:22:52 pkdns2 sshd\[52983\]: Invalid user play from 106.75.103.35Dec 20 19:22:54 pkdns2 sshd\[52983\]: Failed password for invalid user play from 106.75.103.35 port 57994 ssh2Dec 20 19:26:43 pkdns2 sshd\[53218\]: Invalid user radiusd from 106.75.103.35Dec 20 19:26:45 pkdns2 sshd\[53218\]: Failed password for invalid user radiusd from 106.75.103.35 port 60950 ssh2 ...	2019-12-21 04:39:48
106.75.103.35	attack	Dec 6 10:13:37 localhost sshd\[12634\]: Invalid user zori from 106.75.103.35 port 35254 Dec 6 10:13:37 localhost sshd\[12634\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.103.35 Dec 6 10:13:39 localhost sshd\[12634\]: Failed password for invalid user zori from 106.75.103.35 port 35254 ssh2 Dec 6 10:21:09 localhost sshd\[12696\]: Invalid user ms from 106.75.103.35 port 38572	2019-12-20 04:17:15
106.75.103.35	attackspambots	2019-12-08T14:56:25.285593abusebot-5.cloudsearch.cf sshd\[21946\]: Invalid user hp from 106.75.103.35 port 40512	2019-12-08 23:06:57
106.75.103.35	attackbots	Nov 20 06:22:47 php1 sshd\[15821\]: Invalid user boon from 106.75.103.35 Nov 20 06:22:47 php1 sshd\[15821\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.103.35 Nov 20 06:22:49 php1 sshd\[15821\]: Failed password for invalid user boon from 106.75.103.35 port 38076 ssh2 Nov 20 06:27:10 php1 sshd\[16427\]: Invalid user bitrix from 106.75.103.35 Nov 20 06:27:10 php1 sshd\[16427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.103.35	2019-11-21 03:45:04
106.75.103.35	attackbotsspam	2019-11-14T17:49:27.074795abusebot-5.cloudsearch.cf sshd\[6258\]: Invalid user sabnzbd from 106.75.103.35 port 47974	2019-11-15 05:26:10
106.75.103.35	attackbotsspam	2019-11-02T13:01:46.275730abusebot-5.cloudsearch.cf sshd\[24420\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.103.35 user=bin	2019-11-02 22:44:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.103.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9181
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.103.4.			IN	A

;; AUTHORITY SECTION:
.			417	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032300 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 23 16:51:49 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 4.103.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 4.103.75.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
190.140.132.250	attackspambots	Unauthorized connection attempt detected from IP address 190.140.132.250 to port 8081 [J]	2020-01-29 03:29:01
37.6.128.128	attackspam	Unauthorized connection attempt detected from IP address 37.6.128.128 to port 8080 [J]	2020-01-29 03:48:48
106.75.157.9	attackspam	SSH login attempts with user root at 2020-01-25.	2020-01-29 03:42:22
90.188.48.81	attack	Unauthorized connection attempt detected from IP address 90.188.48.81 to port 4567 [J]	2020-01-29 03:43:57
85.234.30.66	attack	Unauthorized connection attempt detected from IP address 85.234.30.66 to port 23 [J]	2020-01-29 03:17:21
210.18.189.65	attackbots	Automatic report - Banned IP Access	2020-01-29 03:52:20
78.92.254.146	attack	Unauthorized connection attempt detected from IP address 78.92.254.146 to port 8080 [J]	2020-01-29 03:44:54
111.42.66.36	attackspambots	Unauthorized connection attempt detected from IP address 111.42.66.36 to port 23 [J]	2020-01-29 03:41:57
202.152.15.12	attackbots	Unauthorized connection attempt detected from IP address 202.152.15.12 to port 2220 [J]	2020-01-29 03:27:36
218.21.170.96	attack	Unauthorized connection attempt detected from IP address 218.21.170.96 to port 8080 [J]	2020-01-29 03:25:39
119.29.162.17	attackbots	Jan 28 19:01:18 sshd[5020]: Failed password for invalid user phalin from 119.29.162.17 port 40085 ssh2	2020-01-29 03:39:09
185.103.151.39	attackspam	Unauthorized connection attempt detected from IP address 185.103.151.39 to port 80 [J]	2020-01-29 03:55:31
75.148.118.179	attackbots	Unauthorized connection attempt detected from IP address 75.148.118.179 to port 23 [J]	2020-01-29 03:18:29
217.5.227.203	attack	Unauthorized connection attempt detected from IP address 217.5.227.203 to port 2220 [J]	2020-01-29 03:26:03
187.145.221.19	attackbots	Unauthorized connection attempt detected from IP address 187.145.221.19 to port 81 [J]	2020-01-29 03:30:23

最近上报的IP列表

102.51.252.247	194.61.79.148	9.183.62.8	29.170.113.157
87.166.145.221	179.253.148.243	103.206.113.100	147.123.79.110
45.84.196.224	25.159.62.160	67.170.8.163	204.223.17.97
64.151.64.196	104.144.83.45	19.170.105.157	163.78.238.123
174.235.143.7	178.81.82.93	103.41.208.201	197.188.86.219