106.75.113.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	firewall-block, port(s): 5060/udp	2020-01-11 04:37:32

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.113.0	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-11 04:38:30
106.75.113.53	attackspam	unauthorized connection attempt	2020-01-11 04:35:59
106.75.113.55	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-11 04:35:18
106.75.113.53	attack	firewall-block, port(s): 5060/udp	2020-01-06 23:50:49
106.75.113.55	attack	firewall-block, port(s): 5060/udp	2019-12-28 14:17:07
106.75.113.55	attackspambots	Dec 25 00:27:17 debian-2gb-nbg1-2 kernel: \[882775.053807\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=106.75.113.55 DST=195.201.40.59 LEN=436 TOS=0x00 PREC=0x00 TTL=45 ID=0 DF PROTO=UDP SPT=5113 DPT=5060 LEN=416	2019-12-25 08:18:02
106.75.113.55	attackspambots	SIPVicious Scanner Detection	2019-12-22 06:04:54
106.75.113.53	attackbotsspam	firewall-block, port(s): 5060/udp	2019-12-14 02:22:07

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.113.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19523
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.113.52.			IN	A

;; AUTHORITY SECTION:
.			596	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121200 1800 900 604800 86400

;; Query time: 85 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 14:20:23 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 52.113.75.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 52.113.75.106.in-addr.arpa.: No answer

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
66.249.64.156	attackbots	Automatic report - Web App Attack	2019-07-07 10:07:18
58.59.2.26	attackspambots	Invalid user teng from 58.59.2.26 port 41368 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.59.2.26 Failed password for invalid user teng from 58.59.2.26 port 41368 ssh2 Invalid user teng from 58.59.2.26 port 51800 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.59.2.26	2019-07-07 10:00:48
47.185.200.89	attack	Automatic report generated by Wazuh	2019-07-07 09:47:29
115.159.237.70	attackspam	Jul 6 23:21:49 unicornsoft sshd\[7009\]: Invalid user molisoft from 115.159.237.70 Jul 6 23:21:49 unicornsoft sshd\[7009\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.237.70 Jul 6 23:21:51 unicornsoft sshd\[7009\]: Failed password for invalid user molisoft from 115.159.237.70 port 34134 ssh2	2019-07-07 09:43:28
13.235.109.236	attackbots	13.235.109.236 - - [07/Jul/2019:01:09:27 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 13.235.109.236 - - [07/Jul/2019:01:09:39 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 13.235.109.236 - - [07/Jul/2019:01:09:46 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 13.235.109.236 - - [07/Jul/2019:01:09:58 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 13.235.109.236 - - [07/Jul/2019:01:10:07 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 13.235.109.236 - - [07/Jul/2019:01:10:20 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-07 10:25:35
114.98.239.5	attackbots	ssh failed login	2019-07-07 09:46:39
170.79.14.18	attackbots	Repeated brute force against a port	2019-07-07 09:48:20
174.138.13.170	attackspam	Jul 7 03:12:56 ubuntu-2gb-nbg1-1 sshd[28727]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.13.170 Jul 7 03:12:58 ubuntu-2gb-nbg1-1 sshd[28727]: Failed password for invalid user cyrus from 174.138.13.170 port 33528 ssh2 Jul 7 03:16:00 ubuntu-2gb-nbg1-1 sshd[29464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.13.170 ...	2019-07-07 09:41:45
195.3.197.40	attackspam	scan r	2019-07-07 10:01:13
103.27.238.202	attack	Jul 7 02:42:02 Ubuntu-1404-trusty-64-minimal sshd\[11392\]: Invalid user admin1 from 103.27.238.202 Jul 7 02:42:02 Ubuntu-1404-trusty-64-minimal sshd\[11392\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.27.238.202 Jul 7 02:42:05 Ubuntu-1404-trusty-64-minimal sshd\[11392\]: Failed password for invalid user admin1 from 103.27.238.202 port 53888 ssh2 Jul 7 02:46:54 Ubuntu-1404-trusty-64-minimal sshd\[14255\]: Invalid user ftpuser from 103.27.238.202 Jul 7 02:46:54 Ubuntu-1404-trusty-64-minimal sshd\[14255\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.27.238.202	2019-07-07 09:45:32
106.12.128.114	attackbotsspam	2019-07-07T03:47:10.761599scmdmz1 sshd\[23663\]: Invalid user xj from 106.12.128.114 port 43676 2019-07-07T03:47:10.765187scmdmz1 sshd\[23663\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.128.114 2019-07-07T03:47:12.494897scmdmz1 sshd\[23663\]: Failed password for invalid user xj from 106.12.128.114 port 43676 ssh2 ...	2019-07-07 10:13:36
142.93.237.233	attackspambots	Invalid user silas from 142.93.237.233 port 44572 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.233 Failed password for invalid user silas from 142.93.237.233 port 44572 ssh2 Invalid user crv from 142.93.237.233 port 43922 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.233	2019-07-07 10:03:21
45.82.196.199	attack	NAME : PT-HASHPOWER3-20190524 CIDR : 45.82.196.0/22 DDoS attack United Kingdom - block certain countries :) IP: 45.82.196.199 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-07-07 09:50:19
212.232.70.94	attack	TCP src-port=44076 dst-port=25 dnsbl-sorbs abuseat-org barracuda (Project Honey Pot rated Suspicious) (2)	2019-07-07 09:47:02
157.230.23.46	attackspambots	Jul 7 01:32:37 giegler sshd[18239]: Failed password for invalid user rq from 157.230.23.46 port 59680 ssh2 Jul 7 01:34:35 giegler sshd[18271]: Invalid user security from 157.230.23.46 port 56076 Jul 7 01:34:35 giegler sshd[18271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.23.46 Jul 7 01:34:35 giegler sshd[18271]: Invalid user security from 157.230.23.46 port 56076 Jul 7 01:34:37 giegler sshd[18271]: Failed password for invalid user security from 157.230.23.46 port 56076 ssh2	2019-07-07 10:02:31

最近上报的IP列表

156.232.154.63	137.53.103.95	27.76.141.109	113.53.52.44
141.161.114.41	60.7.80.10	169.254.145.105	173.36.169.153
142.30.61.189	142.148.218.80	1.23.185.14	153.86.167.103
0.19.16.113	237.182.36.37	158.219.181.65	60.22.103.162
87.185.239.98	156.152.2.117	46.243.89.152	192.161.166.134