106.75.13.173 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	firewall-block, port(s): 7777/tcp	2020-07-27 23:25:28
attack	3388/tcp 3541/tcp 3299/tcp... [2020-04-19/06-19]78pkt,15pt.(tcp)	2020-06-20 05:38:37
attackspam	firewall-block, port(s): 37/tcp	2020-06-17 00:37:12
attackspambots	TCP (SYN) 106.75.13.173:58914 -> port 3390, len 44	2020-06-06 19:19:42
attackbots	SmallBizIT.US 1 packets to tcp(3389)	2020-05-21 01:57:22
attackspam	" "	2020-04-09 21:42:55
attackspambots	5432/tcp 5400/tcp 5555/tcp... [2020-01-23/03-23]64pkt,14pt.(tcp)	2020-03-24 08:11:40
attack	Port scan: Attack repeated for 24 hours	2020-03-08 09:50:29
attackbots	5554/tcp 515/tcp 554/tcp... [2019-12-10/2020-02-06]78pkt,25pt.(tcp),4pt.(udp)	2020-02-08 07:59:42
attackspambots	unauthorized connection attempt	2020-02-04 17:44:59
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-10 00:42:47

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.134.86	attack	Malicious IP / Malware	2024-04-16 12:45:08
106.75.132.3	attack	2020-10-10T00:49:10.865600mail.standpoint.com.ua sshd[3703]: Failed password for invalid user admin from 106.75.132.3 port 59184 ssh2 2020-10-10T00:52:28.503689mail.standpoint.com.ua sshd[4265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-10T00:52:30.893562mail.standpoint.com.ua sshd[4265]: Failed password for root from 106.75.132.3 port 56420 ssh2 2020-10-10T00:55:51.343084mail.standpoint.com.ua sshd[4926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-10T00:55:53.602300mail.standpoint.com.ua sshd[4926]: Failed password for root from 106.75.132.3 port 53642 ssh2 ...	2020-10-10 07:25:17
106.75.132.3	attackbots	2020-10-09T16:43:37.829414amanda2.illicoweb.com sshd\[12094\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-09T16:43:39.800961amanda2.illicoweb.com sshd\[12094\]: Failed password for root from 106.75.132.3 port 34668 ssh2 2020-10-09T16:45:50.328788amanda2.illicoweb.com sshd\[12235\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-09T16:45:52.225043amanda2.illicoweb.com sshd\[12235\]: Failed password for root from 106.75.132.3 port 58714 ssh2 2020-10-09T16:48:00.184111amanda2.illicoweb.com sshd\[12276\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root ...	2020-10-09 23:46:05
106.75.132.3	attackspam	SSH login attempts.	2020-10-09 15:32:51
106.75.139.131	attack	Oct 7 11:19:41 dhoomketu sshd[3625984]: Failed password for root from 106.75.139.131 port 40808 ssh2 Oct 7 11:21:25 dhoomketu sshd[3626010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 11:21:26 dhoomketu sshd[3626010]: Failed password for root from 106.75.139.131 port 57422 ssh2 Oct 7 11:23:06 dhoomketu sshd[3626061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 11:23:08 dhoomketu sshd[3626061]: Failed password for root from 106.75.139.131 port 45804 ssh2 ...	2020-10-07 20:38:21
106.75.139.131	attackbotsspam	Oct 7 09:44:01 dhoomketu sshd[3623264]: Failed password for root from 106.75.139.131 port 53698 ssh2 Oct 7 09:45:35 dhoomketu sshd[3623291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 09:45:38 dhoomketu sshd[3623291]: Failed password for root from 106.75.139.131 port 42080 ssh2 Oct 7 09:47:19 dhoomketu sshd[3623324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 09:47:22 dhoomketu sshd[3623324]: Failed password for root from 106.75.139.131 port 58694 ssh2 ...	2020-10-07 12:23:48
106.75.132.3	attack	Sep 28 08:31:36 Tower sshd[1477]: refused connect from 119.28.59.16 (119.28.59.16) Sep 28 17:51:17 Tower sshd[1477]: Connection from 106.75.132.3 port 59792 on 192.168.10.220 port 22 rdomain "" Sep 28 17:51:19 Tower sshd[1477]: Failed password for root from 106.75.132.3 port 59792 ssh2 Sep 28 17:51:19 Tower sshd[1477]: Received disconnect from 106.75.132.3 port 59792:11: Bye Bye [preauth] Sep 28 17:51:19 Tower sshd[1477]: Disconnected from authenticating user root 106.75.132.3 port 59792 [preauth]	2020-09-29 06:06:38
106.75.132.3	attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-28T11:36:41Z and 2020-09-28T11:40:01Z	2020-09-28 22:32:33
106.75.132.3	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-09-28 14:37:17
106.75.135.166	attackspambots	Postfix SMTP rejection	2020-09-27 06:21:50
106.75.135.166	attackspambots	Postfix SMTP rejection	2020-09-26 22:44:48
106.75.135.166	attackspambots	Postfix SMTP rejection	2020-09-26 14:30:20
106.75.133.250	attackspam	Invalid user zabbix from 106.75.133.250 port 58955	2020-08-30 16:23:38
106.75.138.38	attackbotsspam	" "	2020-08-28 05:12:33
106.75.133.250	attack	Aug 26 01:07:07 lukav-desktop sshd\[11434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 user=root Aug 26 01:07:09 lukav-desktop sshd\[11434\]: Failed password for root from 106.75.133.250 port 56879 ssh2 Aug 26 01:11:19 lukav-desktop sshd\[20421\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 user=root Aug 26 01:11:21 lukav-desktop sshd\[20421\]: Failed password for root from 106.75.133.250 port 60418 ssh2 Aug 26 01:15:33 lukav-desktop sshd\[2980\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.133.250 user=root	2020-08-26 07:44:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.13.173
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46676
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.13.173.			IN	A

;; AUTHORITY SECTION:
.			567	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120900 1800 900 604800 86400

;; Query time: 99 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 10 00:42:41 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

173.13.75.106.in-addr.arpa domain name pointer gotodelivery.live.

NSLOOKUP信息:

Server:		100.100.2.136
Address:	100.100.2.136#53

Non-authoritative answer:
173.13.75.106.in-addr.arpa	name = gotodelivery.live.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
67.205.183.187	attackspambots	Invalid user admin from 67.205.183.187 port 54858	2019-10-16 07:04:28
41.213.216.242	attackbots	Oct 16 00:42:55 vmanager6029 sshd\[21045\]: Invalid user be from 41.213.216.242 port 42238 Oct 16 00:42:55 vmanager6029 sshd\[21045\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.213.216.242 Oct 16 00:42:58 vmanager6029 sshd\[21045\]: Failed password for invalid user be from 41.213.216.242 port 42238 ssh2	2019-10-16 07:19:19
81.23.9.218	attackbots	Invalid user adam1 from 81.23.9.218 port 53764	2019-10-16 07:21:49
106.54.242.134	attackbots	[TueOct1521:54:22.2624162019][:error][pid8325:tid139811765552896][client106.54.242.134:50019][client106.54.242.134]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\^Mozilla/4\\\\\\\\.0\\\\\\\\$compatible\;MSIE9.0\;WindowsNT6.1\\\\\\\\$\$"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"430"][id"336656"][rev"2"][msg"Atomicorp.comWAFRules:FakeMSIE9./0browserMozilla/4.0$compatible\;MSIE9.0\;WindowsNT6.1$."][severity"CRITICAL"][hostname"148.251.104.78"][uri"/"][unique_id"XaYj7ouQTbrIkYZfLN4jxwAAARQ"]\,referer:http://148.251.104.78:80[TueOct1521:54:22.6585022019][:error][pid8325:tid139811765552896][client106.54.242.134:50019][client106.54.242.134]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\^Mozilla/4\\\\\\\\.0\\\\\\\\$compatible\;MSIE9.0\;WindowsNT6.1\\\\\\\\$\$"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"430"][id"336656"][rev"2"][msg"A	2019-10-16 06:57:48
106.13.201.84	attack	REQUESTED PAGE: /xmlrpc.php	2019-10-16 07:07:27
51.255.173.222	attackspambots	SSH-BruteForce	2019-10-16 07:02:49
164.132.107.245	attack	2019-10-15T19:55:09.717631abusebot-8.cloudsearch.cf sshd\[27838\]: Invalid user user from 164.132.107.245 port 59982	2019-10-16 07:13:22
185.143.218.110	attack	5555/tcp 5555/tcp 8080/tcp [2019-08-31/10-15]3pkt	2019-10-16 07:14:50
92.118.38.37	attackspam	Oct 16 01:22:38 vmanager6029 postfix/smtpd\[21780\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 16 01:23:14 vmanager6029 postfix/smtpd\[21714\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-10-16 07:25:33
191.96.25.105	attackbots	Oct 15 12:54:41 h1637304 sshd[2592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.96.25.105 user=r.r Oct 15 12:54:43 h1637304 sshd[2592]: Failed password for r.r from 191.96.25.105 port 37240 ssh2 Oct 15 12:54:43 h1637304 sshd[2592]: Received disconnect from 191.96.25.105: 11: Bye Bye [preauth] Oct 15 13:04:21 h1637304 sshd[11873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.96.25.105 Oct 15 13:04:24 h1637304 sshd[11873]: Failed password for invalid user techsupport from 191.96.25.105 port 47384 ssh2 Oct 15 13:04:24 h1637304 sshd[11873]: Received disconnect from 191.96.25.105: 11: Bye Bye [preauth] Oct 15 13:08:41 h1637304 sshd[16475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.96.25.105 Oct 15 13:08:43 h1637304 sshd[16475]: Failed password for invalid user paul from 191.96.25.105 port 58690 ssh2 Oct 15 13:08:43 h1637304 sshd........ -------------------------------	2019-10-16 07:29:52
101.36.150.231	attackspam	Lines containing failures of 101.36.150.231 Oct 15 18:56:21 nextcloud sshd[6956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.36.150.231 user=r.r Oct 15 18:56:23 nextcloud sshd[6956]: Failed password for r.r from 101.36.150.231 port 45980 ssh2 Oct 15 18:56:24 nextcloud sshd[6956]: Received disconnect from 101.36.150.231 port 45980:11: Bye Bye [preauth] Oct 15 18:56:24 nextcloud sshd[6956]: Disconnected from authenticating user r.r 101.36.150.231 port 45980 [preauth] Oct 15 19:14:34 nextcloud sshd[9838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.36.150.231 user=games Oct 15 19:14:36 nextcloud sshd[9838]: Failed password for games from 101.36.150.231 port 32958 ssh2 Oct 15 19:14:36 nextcloud sshd[9838]: Received disconnect from 101.36.150.231 port 32958:11: Bye Bye [preauth] Oct 15 19:14:36 nextcloud sshd[9838]: Disconnected from authenticating user games 101.36.150.231 port........ ------------------------------	2019-10-16 07:08:07
35.188.77.30	attack	Automatic report - Banned IP Access	2019-10-16 06:57:14
185.53.91.70	attackspam	10/16/2019-00:59:43.208549 185.53.91.70 Protocol: 17 ET SCAN Sipvicious Scan	2019-10-16 07:11:24
62.210.214.160	attackspam	53389/tcp 43389/tcp 20000/tcp... [2019-10-15]18pkt,15pt.(tcp)	2019-10-16 07:01:57
222.186.180.17	attackbotsspam	Oct 16 00:58:24 MK-Soft-Root1 sshd[15271]: Failed password for root from 222.186.180.17 port 6352 ssh2 Oct 16 00:58:29 MK-Soft-Root1 sshd[15271]: Failed password for root from 222.186.180.17 port 6352 ssh2 ...	2019-10-16 06:58:45

最近上报的IP列表

24.53.133.66	106.13.141.202	16.117.30.180	67.110.210.175
199.204.209.187	13.34.118.215	46.14.71.62	99.208.196.54
128.37.135.103	3.23.149.119	205.25.246.173	102.235.222.231
191.30.215.133	207.92.164.215	217.61.1.8	38.215.233.38
219.148.37.152	63.44.250.151	106.47.41.11	171.224.94.254