106.75.108.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): Shanghai

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-10 00:49:01
attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2019-12-09 03:59:10

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.108.218	attackbots	Mar 12 23:19:25 santamaria sshd\[25992\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.108.218 user=root Mar 12 23:19:27 santamaria sshd\[25992\]: Failed password for root from 106.75.108.218 port 47411 ssh2 Mar 12 23:24:04 santamaria sshd\[26063\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.108.218 user=root ...	2020-03-13 07:04:43
106.75.108.218	attack	Mar 7 06:43:46 wbs sshd\[1071\]: Invalid user nagios from 106.75.108.218 Mar 7 06:43:46 wbs sshd\[1071\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.108.218 Mar 7 06:43:48 wbs sshd\[1071\]: Failed password for invalid user nagios from 106.75.108.218 port 41214 ssh2 Mar 7 06:47:45 wbs sshd\[1478\]: Invalid user RCadmin from 106.75.108.218 Mar 7 06:47:45 wbs sshd\[1478\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.108.218	2020-03-08 01:13:08
106.75.108.218	attackspambots	(sshd) Failed SSH login from 106.75.108.218 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 3 23:04:44 amsweb01 sshd[315]: Invalid user wp-user from 106.75.108.218 port 46473 Mar 3 23:04:46 amsweb01 sshd[315]: Failed password for invalid user wp-user from 106.75.108.218 port 46473 ssh2 Mar 3 23:06:57 amsweb01 sshd[769]: Invalid user sftpuser from 106.75.108.218 port 36644 Mar 3 23:06:59 amsweb01 sshd[769]: Failed password for invalid user sftpuser from 106.75.108.218 port 36644 ssh2 Mar 3 23:09:08 amsweb01 sshd[1369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.108.218 user=root	2020-03-04 07:39:26
106.75.108.218	attackbots	(sshd) Failed SSH login from 106.75.108.218 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 26 14:14:21 amsweb01 sshd[9506]: Invalid user irc from 106.75.108.218 port 35241 Feb 26 14:14:23 amsweb01 sshd[9506]: Failed password for invalid user irc from 106.75.108.218 port 35241 ssh2 Feb 26 14:22:07 amsweb01 sshd[10146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.108.218 user=root Feb 26 14:22:09 amsweb01 sshd[10146]: Failed password for root from 106.75.108.218 port 46252 ssh2 Feb 26 14:37:38 amsweb01 sshd[11540]: Invalid user alesiashavel from 106.75.108.218 port 40039	2020-02-26 22:54:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.108.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18752
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.108.52.			IN	A

;; AUTHORITY SECTION:
.			290	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120801 1800 900 604800 86400

;; Query time: 85 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 09 03:59:08 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 52.108.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.108.75.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
71.94.65.190	attackspam	ssh 22	2020-10-04 03:30:27
212.129.16.53	attackbotsspam	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "contabilidad" at 2020-10-03T19:40:15Z	2020-10-04 03:51:04
193.57.40.74	attackbotsspam	(Oct 3) LEN=40 PREC=0x20 TTL=248 ID=62068 TCP DPT=445 WINDOW=1024 SYN (Oct 3) LEN=40 PREC=0x20 TTL=248 ID=30649 TCP DPT=445 WINDOW=1024 SYN (Oct 3) LEN=40 PREC=0x20 TTL=248 ID=9204 TCP DPT=445 WINDOW=1024 SYN (Oct 3) LEN=40 PREC=0x20 TTL=248 ID=47412 TCP DPT=445 WINDOW=1024 SYN (Oct 3) LEN=40 PREC=0x20 TTL=248 ID=8032 TCP DPT=445 WINDOW=1024 SYN (Oct 2) LEN=40 PREC=0x20 TTL=248 ID=31315 TCP DPT=445 WINDOW=1024 SYN (Oct 2) LEN=40 PREC=0x20 TTL=248 ID=60072 TCP DPT=445 WINDOW=1024 SYN (Oct 2) LEN=40 PREC=0x20 TTL=248 ID=32461 TCP DPT=445 WINDOW=1024 SYN (Oct 2) LEN=40 PREC=0x20 TTL=248 ID=4761 TCP DPT=445 WINDOW=1024 SYN (Oct 2) LEN=40 PREC=0x20 TTL=248 ID=14361 TCP DPT=445 WINDOW=1024 SYN (Oct 2) LEN=40 PREC=0x20 TTL=248 ID=11751 TCP DPT=445 WINDOW=1024 SYN (Oct 1) LEN=40 PREC=0x20 TTL=248 ID=45968 TCP DPT=445 WINDOW=1024 SYN (Oct 1) LEN=40 PREC=0x20 TTL=248 ID=45644 TCP DPT=445 WINDOW=1024 SYN (Oct 1) LEN=40 PREC=0x20 TTL=248 ID=28...	2020-10-04 03:22:59
190.85.163.46	attack	2020-10-03T10:07:13.993947shield sshd\[19806\]: Invalid user ansible from 190.85.163.46 port 49765 2020-10-03T10:07:14.005630shield sshd\[19806\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.163.46 2020-10-03T10:07:16.468801shield sshd\[19806\]: Failed password for invalid user ansible from 190.85.163.46 port 49765 ssh2 2020-10-03T10:11:28.705758shield sshd\[20209\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.163.46 user=root 2020-10-03T10:11:30.366648shield sshd\[20209\]: Failed password for root from 190.85.163.46 port 53818 ssh2	2020-10-04 03:40:35
191.239.249.47	attackspam	Invalid user abcd from 191.239.249.47 port 54356	2020-10-04 03:23:16
49.88.112.71	attackspam	Oct 3 21:19:34 eventyay sshd[7578]: Failed password for root from 49.88.112.71 port 64655 ssh2 Oct 3 21:20:32 eventyay sshd[7616]: Failed password for root from 49.88.112.71 port 64795 ssh2 ...	2020-10-04 03:29:24
104.248.57.44	attack	$f2bV_matches	2020-10-04 03:25:15
118.244.128.29	attackspam	$f2bV_matches	2020-10-04 03:28:54
52.230.83.103	attackbots	Attempt to hack Wordpress Login, XMLRPC or other login	2020-10-04 03:43:45
128.199.84.201	attack	Oct 3 21:12:27 sip sshd[1806042]: Invalid user ashish from 128.199.84.201 port 37928 Oct 3 21:12:29 sip sshd[1806042]: Failed password for invalid user ashish from 128.199.84.201 port 37928 ssh2 Oct 3 21:17:23 sip sshd[1806092]: Invalid user mahesh from 128.199.84.201 port 45378 ...	2020-10-04 03:42:55
178.128.98.193	attackspam	(sshd) Failed SSH login from 178.128.98.193 (SG/Singapore/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 3 12:19:33 server5 sshd[17890]: Invalid user cisco from 178.128.98.193 Oct 3 12:19:33 server5 sshd[17890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.98.193 Oct 3 12:19:35 server5 sshd[17890]: Failed password for invalid user cisco from 178.128.98.193 port 41114 ssh2 Oct 3 12:27:48 server5 sshd[21325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.98.193 user=root Oct 3 12:27:50 server5 sshd[21325]: Failed password for root from 178.128.98.193 port 57132 ssh2	2020-10-04 03:26:53
180.168.47.238	attackspambots	$f2bV_matches	2020-10-04 03:47:12
111.229.78.199	attack	Invalid user celery from 111.229.78.199 port 39380	2020-10-04 03:50:28
167.172.25.74	attackbotsspam	Unauthorized SSH login attempts	2020-10-04 03:45:59
45.118.144.77	attackbots	Attempt to hack Wordpress Login, XMLRPC or other login	2020-10-04 03:17:58

最近上报的IP列表

59.63.154.158	73.110.117.163	2.193.232.203	89.174.196.188
160.129.102.215	124.109.33.146	93.236.115.143	80.220.133.226
176.20.173.22	76.71.109.246	223.6.8.54	106.210.6.3
37.49.230.48	190.78.92.77	143.129.196.193	101.132.135.71
54.255.103.102	74.11.17.19	70.238.206.210	189.121.119.164