106.75.108.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): Shanghai

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-10 00:49:01
attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2019-12-09 03:59:10

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.108.218	attackbots	Mar 12 23:19:25 santamaria sshd\[25992\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.108.218 user=root Mar 12 23:19:27 santamaria sshd\[25992\]: Failed password for root from 106.75.108.218 port 47411 ssh2 Mar 12 23:24:04 santamaria sshd\[26063\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.108.218 user=root ...	2020-03-13 07:04:43
106.75.108.218	attack	Mar 7 06:43:46 wbs sshd\[1071\]: Invalid user nagios from 106.75.108.218 Mar 7 06:43:46 wbs sshd\[1071\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.108.218 Mar 7 06:43:48 wbs sshd\[1071\]: Failed password for invalid user nagios from 106.75.108.218 port 41214 ssh2 Mar 7 06:47:45 wbs sshd\[1478\]: Invalid user RCadmin from 106.75.108.218 Mar 7 06:47:45 wbs sshd\[1478\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.108.218	2020-03-08 01:13:08
106.75.108.218	attackspambots	(sshd) Failed SSH login from 106.75.108.218 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 3 23:04:44 amsweb01 sshd[315]: Invalid user wp-user from 106.75.108.218 port 46473 Mar 3 23:04:46 amsweb01 sshd[315]: Failed password for invalid user wp-user from 106.75.108.218 port 46473 ssh2 Mar 3 23:06:57 amsweb01 sshd[769]: Invalid user sftpuser from 106.75.108.218 port 36644 Mar 3 23:06:59 amsweb01 sshd[769]: Failed password for invalid user sftpuser from 106.75.108.218 port 36644 ssh2 Mar 3 23:09:08 amsweb01 sshd[1369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.108.218 user=root	2020-03-04 07:39:26
106.75.108.218	attackbots	(sshd) Failed SSH login from 106.75.108.218 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 26 14:14:21 amsweb01 sshd[9506]: Invalid user irc from 106.75.108.218 port 35241 Feb 26 14:14:23 amsweb01 sshd[9506]: Failed password for invalid user irc from 106.75.108.218 port 35241 ssh2 Feb 26 14:22:07 amsweb01 sshd[10146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.108.218 user=root Feb 26 14:22:09 amsweb01 sshd[10146]: Failed password for root from 106.75.108.218 port 46252 ssh2 Feb 26 14:37:38 amsweb01 sshd[11540]: Invalid user alesiashavel from 106.75.108.218 port 40039	2020-02-26 22:54:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.108.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18752
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.108.52.			IN	A

;; AUTHORITY SECTION:
.			290	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120801 1800 900 604800 86400

;; Query time: 85 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 09 03:59:08 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 52.108.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.108.75.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
213.61.215.54	attackspambots	Automatic report - Banned IP Access	2020-04-20 19:30:52
222.186.42.155	attack	Unauthorized connection attempt detected from IP address 222.186.42.155 to port 22 [T]	2020-04-20 19:04:33
36.103.245.30	attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2020-04-20 19:34:33
197.211.237.154	attackbots	trying to access non-authorized port	2020-04-20 18:57:19
162.243.128.25	attackspambots	Unauthorized connection attempt detected from IP address 162.243.128.25 to port 3389 [T]	2020-04-20 19:20:49
109.70.100.36	attack	AT_NEXTLAYER-MNT_<177>1587354695 [1:2522009:4036] ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group 10 [Classification: Misc Attack] [Priority: 2]: {TCP} 109.70.100.36:34258	2020-04-20 19:13:27
49.233.183.158	attack	$f2bV_matches	2020-04-20 18:57:51
187.162.27.129	attackspambots	Automatic report - Port Scan Attack	2020-04-20 19:04:53
74.208.230.102	attackbots	(mod_security) mod_security (id:225170) triggered by 74.208.230.102 (US/United States/u22416908.onlinehome-server.com): 5 in the last 300 secs	2020-04-20 19:09:33
106.124.131.214	attackspam	Apr 20 05:34:09 roki-contabo sshd\[24643\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.124.131.214 user=root Apr 20 05:34:12 roki-contabo sshd\[24643\]: Failed password for root from 106.124.131.214 port 52857 ssh2 Apr 20 05:53:52 roki-contabo sshd\[24966\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.124.131.214 user=root Apr 20 05:53:54 roki-contabo sshd\[24966\]: Failed password for root from 106.124.131.214 port 43640 ssh2 Apr 20 06:00:02 roki-contabo sshd\[25126\]: Invalid user lz from 106.124.131.214 Apr 20 06:00:02 roki-contabo sshd\[25126\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.124.131.214 ...	2020-04-20 18:59:31
59.127.195.93	attack	Apr 20 06:42:57 ip-172-31-61-156 sshd[32740]: Failed password for root from 59.127.195.93 port 59516 ssh2 Apr 20 06:45:30 ip-172-31-61-156 sshd[341]: Invalid user test from 59.127.195.93 Apr 20 06:45:30 ip-172-31-61-156 sshd[341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.127.195.93 Apr 20 06:45:30 ip-172-31-61-156 sshd[341]: Invalid user test from 59.127.195.93 Apr 20 06:45:32 ip-172-31-61-156 sshd[341]: Failed password for invalid user test from 59.127.195.93 port 33640 ssh2 ...	2020-04-20 18:54:26
206.189.84.63	attack	206.189.84.63 - - [20/Apr/2020:13:30:30 +0200] "GET /wp-login.php HTTP/1.1" 200 5805 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 206.189.84.63 - - [20/Apr/2020:13:30:32 +0200] "POST /wp-login.php HTTP/1.1" 200 5997 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 206.189.84.63 - - [20/Apr/2020:13:30:34 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-20 19:33:15
35.195.65.87	attackbots	Fail2Ban Ban Triggered	2020-04-20 19:06:40
195.158.26.238	attack	$f2bV_matches	2020-04-20 18:53:02
123.207.218.163	attackspam	Apr 20 12:20:19 v22019038103785759 sshd\[22379\]: Invalid user postgres from 123.207.218.163 port 35894 Apr 20 12:20:19 v22019038103785759 sshd\[22379\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.218.163 Apr 20 12:20:20 v22019038103785759 sshd\[22379\]: Failed password for invalid user postgres from 123.207.218.163 port 35894 ssh2 Apr 20 12:26:21 v22019038103785759 sshd\[22761\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.218.163 user=root Apr 20 12:26:23 v22019038103785759 sshd\[22761\]: Failed password for root from 123.207.218.163 port 40950 ssh2 ...	2020-04-20 19:33:46

最近上报的IP列表

59.63.154.158	73.110.117.163	2.193.232.203	89.174.196.188
160.129.102.215	124.109.33.146	93.236.115.143	80.220.133.226
176.20.173.22	76.71.109.246	223.6.8.54	106.210.6.3
37.49.230.48	190.78.92.77	143.129.196.193	101.132.135.71
54.255.103.102	74.11.17.19	70.238.206.210	189.121.119.164