106.75.13.173 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	firewall-block, port(s): 7777/tcp	2020-07-27 23:25:28
attack	3388/tcp 3541/tcp 3299/tcp... [2020-04-19/06-19]78pkt,15pt.(tcp)	2020-06-20 05:38:37
attackspam	firewall-block, port(s): 37/tcp	2020-06-17 00:37:12
attackspambots	TCP (SYN) 106.75.13.173:58914 -> port 3390, len 44	2020-06-06 19:19:42
attackbots	SmallBizIT.US 1 packets to tcp(3389)	2020-05-21 01:57:22
attackspam	" "	2020-04-09 21:42:55
attackspambots	5432/tcp 5400/tcp 5555/tcp... [2020-01-23/03-23]64pkt,14pt.(tcp)	2020-03-24 08:11:40
attack	Port scan: Attack repeated for 24 hours	2020-03-08 09:50:29
attackbots	5554/tcp 515/tcp 554/tcp... [2019-12-10/2020-02-06]78pkt,25pt.(tcp),4pt.(udp)	2020-02-08 07:59:42
attackspambots	unauthorized connection attempt	2020-02-04 17:44:59
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-10 00:42:47

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.134.86	attack	Malicious IP / Malware	2024-04-16 12:45:08
106.75.132.3	attack	2020-10-10T00:49:10.865600mail.standpoint.com.ua sshd[3703]: Failed password for invalid user admin from 106.75.132.3 port 59184 ssh2 2020-10-10T00:52:28.503689mail.standpoint.com.ua sshd[4265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-10T00:52:30.893562mail.standpoint.com.ua sshd[4265]: Failed password for root from 106.75.132.3 port 56420 ssh2 2020-10-10T00:55:51.343084mail.standpoint.com.ua sshd[4926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-10T00:55:53.602300mail.standpoint.com.ua sshd[4926]: Failed password for root from 106.75.132.3 port 53642 ssh2 ...	2020-10-10 07:25:17
106.75.132.3	attackbots	2020-10-09T16:43:37.829414amanda2.illicoweb.com sshd\[12094\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-09T16:43:39.800961amanda2.illicoweb.com sshd\[12094\]: Failed password for root from 106.75.132.3 port 34668 ssh2 2020-10-09T16:45:50.328788amanda2.illicoweb.com sshd\[12235\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-09T16:45:52.225043amanda2.illicoweb.com sshd\[12235\]: Failed password for root from 106.75.132.3 port 58714 ssh2 2020-10-09T16:48:00.184111amanda2.illicoweb.com sshd\[12276\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root ...	2020-10-09 23:46:05
106.75.132.3	attackspam	SSH login attempts.	2020-10-09 15:32:51
106.75.139.131	attack	Oct 7 11:19:41 dhoomketu sshd[3625984]: Failed password for root from 106.75.139.131 port 40808 ssh2 Oct 7 11:21:25 dhoomketu sshd[3626010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 11:21:26 dhoomketu sshd[3626010]: Failed password for root from 106.75.139.131 port 57422 ssh2 Oct 7 11:23:06 dhoomketu sshd[3626061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 11:23:08 dhoomketu sshd[3626061]: Failed password for root from 106.75.139.131 port 45804 ssh2 ...	2020-10-07 20:38:21
106.75.139.131	attackbotsspam	Oct 7 09:44:01 dhoomketu sshd[3623264]: Failed password for root from 106.75.139.131 port 53698 ssh2 Oct 7 09:45:35 dhoomketu sshd[3623291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 09:45:38 dhoomketu sshd[3623291]: Failed password for root from 106.75.139.131 port 42080 ssh2 Oct 7 09:47:19 dhoomketu sshd[3623324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 09:47:22 dhoomketu sshd[3623324]: Failed password for root from 106.75.139.131 port 58694 ssh2 ...	2020-10-07 12:23:48
106.75.132.3	attack	Sep 28 08:31:36 Tower sshd[1477]: refused connect from 119.28.59.16 (119.28.59.16) Sep 28 17:51:17 Tower sshd[1477]: Connection from 106.75.132.3 port 59792 on 192.168.10.220 port 22 rdomain "" Sep 28 17:51:19 Tower sshd[1477]: Failed password for root from 106.75.132.3 port 59792 ssh2 Sep 28 17:51:19 Tower sshd[1477]: Received disconnect from 106.75.132.3 port 59792:11: Bye Bye [preauth] Sep 28 17:51:19 Tower sshd[1477]: Disconnected from authenticating user root 106.75.132.3 port 59792 [preauth]	2020-09-29 06:06:38
106.75.132.3	attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-28T11:36:41Z and 2020-09-28T11:40:01Z	2020-09-28 22:32:33
106.75.132.3	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-09-28 14:37:17
106.75.135.166	attackspambots	Postfix SMTP rejection	2020-09-27 06:21:50
106.75.135.166	attackspambots	Postfix SMTP rejection	2020-09-26 22:44:48
106.75.135.166	attackspambots	Postfix SMTP rejection	2020-09-26 14:30:20
106.75.133.250	attackspam	Invalid user zabbix from 106.75.133.250 port 58955	2020-08-30 16:23:38
106.75.138.38	attackbotsspam	" "	2020-08-28 05:12:33
106.75.133.250	attack	Aug 26 01:07:07 lukav-desktop sshd\[11434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 user=root Aug 26 01:07:09 lukav-desktop sshd\[11434\]: Failed password for root from 106.75.133.250 port 56879 ssh2 Aug 26 01:11:19 lukav-desktop sshd\[20421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 user=root Aug 26 01:11:21 lukav-desktop sshd\[20421\]: Failed password for root from 106.75.133.250 port 60418 ssh2 Aug 26 01:15:33 lukav-desktop sshd\[2980\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 user=root	2020-08-26 07:44:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.13.173
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46676
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.13.173.			IN	A

;; AUTHORITY SECTION:
.			567	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120900 1800 900 604800 86400

;; Query time: 99 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 10 00:42:41 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

173.13.75.106.in-addr.arpa domain name pointer gotodelivery.live.

NSLOOKUP信息:

Server:		100.100.2.136
Address:	100.100.2.136#53

Non-authoritative answer:
173.13.75.106.in-addr.arpa	name = gotodelivery.live.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
175.140.23.240	attack	Dec 3 00:56:04 auw2 sshd\[5308\]: Invalid user program from 175.140.23.240 Dec 3 00:56:04 auw2 sshd\[5308\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.140.23.240 Dec 3 00:56:07 auw2 sshd\[5308\]: Failed password for invalid user program from 175.140.23.240 port 20883 ssh2 Dec 3 01:03:29 auw2 sshd\[6002\]: Invalid user navetta from 175.140.23.240 Dec 3 01:03:29 auw2 sshd\[6002\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.140.23.240	2019-12-03 21:44:37
91.134.142.57	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-12-03 21:52:46
186.225.212.131	attackspambots	port scan and connect, tcp 23 (telnet)	2019-12-03 22:03:49
106.51.73.204	attackbotsspam	2019-12-03T13:47:36.482551abusebot.cloudsearch.cf sshd\[9359\]: Invalid user zoie from 106.51.73.204 port 32302	2019-12-03 21:50:50
47.17.177.110	attackbotsspam	Dec 3 13:58:03 legacy sshd[19922]: Failed password for root from 47.17.177.110 port 54480 ssh2 Dec 3 14:07:45 legacy sshd[20329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.17.177.110 Dec 3 14:07:47 legacy sshd[20329]: Failed password for invalid user heleen from 47.17.177.110 port 37896 ssh2 ...	2019-12-03 21:43:08
164.52.24.172	attackspambots	" "	2019-12-03 21:56:01
85.93.20.134	attackbots	RDP Bruteforce	2019-12-03 22:10:50
165.227.225.195	attackspambots	no	2019-12-03 21:42:20
45.235.238.36	attackspambots	Telnet/23 MH Probe, BF, Hack -	2019-12-03 22:11:39
77.222.56.23	attack	Automatic report - XMLRPC Attack	2019-12-03 21:36:37
218.92.0.188	attackspam	Dec 3 11:12:31 firewall sshd[20520]: Failed password for root from 218.92.0.188 port 29358 ssh2 Dec 3 11:12:45 firewall sshd[20520]: error: maximum authentication attempts exceeded for root from 218.92.0.188 port 29358 ssh2 [preauth] Dec 3 11:12:45 firewall sshd[20520]: Disconnecting: Too many authentication failures [preauth] ...	2019-12-03 22:17:52
58.246.138.30	attackbots	2019-12-03T13:18:59.558430abusebot-8.cloudsearch.cf sshd\[18024\]: Invalid user midway from 58.246.138.30 port 52644	2019-12-03 21:55:17
41.86.34.52	attack	2019-12-03T08:05:50.999436shield sshd\[8007\]: Invalid user megawh from 41.86.34.52 port 49481 2019-12-03T08:05:51.003918shield sshd\[8007\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cws_fw.cwseychelles.com 2019-12-03T08:05:52.667343shield sshd\[8007\]: Failed password for invalid user megawh from 41.86.34.52 port 49481 ssh2 2019-12-03T08:14:39.160647shield sshd\[10873\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cws_fw.cwseychelles.com user=root 2019-12-03T08:14:41.308733shield sshd\[10873\]: Failed password for root from 41.86.34.52 port 56584 ssh2	2019-12-03 22:17:35
185.173.35.37	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-03 22:00:09
200.50.67.105	attack	Dec 3 13:41:09 venus sshd\[22474\]: Invalid user ftp from 200.50.67.105 port 43680 Dec 3 13:41:09 venus sshd\[22474\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.50.67.105 Dec 3 13:41:11 venus sshd\[22474\]: Failed password for invalid user ftp from 200.50.67.105 port 43680 ssh2 ...	2019-12-03 22:14:09

最近上报的IP列表

24.53.133.66	106.13.141.202	16.117.30.180	67.110.210.175
199.204.209.187	13.34.118.215	46.14.71.62	99.208.196.54
128.37.135.103	3.23.149.119	205.25.246.173	102.235.222.231
191.30.215.133	207.92.164.215	217.61.1.8	38.215.233.38
219.148.37.152	63.44.250.151	106.47.41.11	171.224.94.254