106.75.141.73 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	$f2bV_matches	2020-06-04 20:28:12
attack	2020-06-04T05:46:24.767055vps751288.ovh.net sshd\[7331\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.141.73 user=root 2020-06-04T05:46:26.612746vps751288.ovh.net sshd\[7331\]: Failed password for root from 106.75.141.73 port 40664 ssh2 2020-06-04T05:51:14.707196vps751288.ovh.net sshd\[7375\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.141.73 user=root 2020-06-04T05:51:16.366812vps751288.ovh.net sshd\[7375\]: Failed password for root from 106.75.141.73 port 34780 ssh2 2020-06-04T05:56:00.447125vps751288.ovh.net sshd\[7427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.141.73 user=root	2020-06-04 14:11:18
attack	SSH invalid-user multiple login try	2020-06-04 01:37:45
attack	2020-06-03T07:40:15.685422ionos.janbro.de sshd[35470]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.141.73 user=root 2020-06-03T07:40:17.861426ionos.janbro.de sshd[35470]: Failed password for root from 106.75.141.73 port 33862 ssh2 2020-06-03T07:45:33.507639ionos.janbro.de sshd[35485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.141.73 user=root 2020-06-03T07:45:35.680551ionos.janbro.de sshd[35485]: Failed password for root from 106.75.141.73 port 59856 ssh2 2020-06-03T07:50:47.353042ionos.janbro.de sshd[35490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.141.73 user=root 2020-06-03T07:50:48.957715ionos.janbro.de sshd[35490]: Failed password for root from 106.75.141.73 port 57616 ssh2 2020-06-03T07:56:10.211385ionos.janbro.de sshd[35504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.1 ...	2020-06-03 16:46:36
attack	Invalid user huangliang from 106.75.141.73 port 54386	2020-05-23 13:13:45
attack	prod3 ...	2020-05-06 18:04:19
attack	$f2bV_matches	2020-04-29 17:18:50
attack	Port Scan: Events[2] countPorts[1]: 22 ..	2020-04-16 22:30:32

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.141.219	attackspam	Invalid user shop from 106.75.141.219 port 48330	2020-10-14 01:34:36
106.75.141.219	attackbots	2020-10-13T00:08:57.751318morrigan.ad5gb.com sshd[907538]: Invalid user cacti from 106.75.141.219 port 46868	2020-10-13 16:45:00
106.75.141.160	attack	Brute-force attempt banned	2020-09-14 21:05:31
106.75.141.160	attackbots	$f2bV_matches	2020-09-14 12:58:35
106.75.141.160	attack	SSH Brute-Force Attack	2020-09-14 04:59:22
106.75.141.223	attackbotsspam	UDP 106.75.141.223:58914 -> port 30311, len 72	2020-09-10 21:56:08
106.75.141.223	attackspambots	UDP 106.75.141.223:58914 -> port 30311, len 72	2020-09-10 13:36:55
106.75.141.223	attack	UDP 106.75.141.223:58914 -> port 30311, len 72	2020-09-10 04:19:39
106.75.141.160	attackbots	SSH login attempts.	2020-09-08 00:34:29
106.75.141.160	attack	Sep 7 09:21:15 ip106 sshd[27329]: Failed password for root from 106.75.141.160 port 44922 ssh2 Sep 7 09:23:58 ip106 sshd[27423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.141.160 ...	2020-09-07 16:03:10
106.75.141.160	attack	Sep 6 18:27:07 ns382633 sshd\[3463\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.141.160 user=root Sep 6 18:27:09 ns382633 sshd\[3463\]: Failed password for root from 106.75.141.160 port 50476 ssh2 Sep 6 18:50:24 ns382633 sshd\[7607\]: Invalid user ggggg from 106.75.141.160 port 40336 Sep 6 18:50:24 ns382633 sshd\[7607\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.141.160 Sep 6 18:50:26 ns382633 sshd\[7607\]: Failed password for invalid user ggggg from 106.75.141.160 port 40336 ssh2	2020-09-07 08:25:20
106.75.141.223	attackbots	" "	2020-09-06 01:06:12
106.75.141.223	attackbots	" "	2020-09-05 16:37:01
106.75.141.202	attackbots	SSH auth scanning - multiple failed logins	2020-08-28 17:58:24
106.75.141.48	attackspambots	2020-08-26 13:40:37 unexpected disconnection while reading SMTP command from online-mails.com [106.75.141.48]:34000 I=[10.100.18.25]:25 2020-08-26 14:11:16 unexpected disconnection while reading SMTP command from online-mails.com [106.75.141.48]:51844 I=[10.100.18.25]:25 2020-08-26 14:52:10 unexpected disconnection while reading SMTP command from online-mails.com [106.75.141.48]:47470 I=[10.100.18.25]:25 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.75.141.48	2020-08-27 16:20:46

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.141.73
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40626
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.141.73.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041501 1800 900 604800 86400

;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 16 22:30:24 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 73.141.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 73.141.75.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
156.236.119.181	attack	web-1 [ssh] SSH Attack	2020-02-21 00:06:53
150.223.17.130	attackspam	Feb 20 14:51:01 sd-53420 sshd\[27783\]: Invalid user yuchen from 150.223.17.130 Feb 20 14:51:01 sd-53420 sshd\[27783\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.223.17.130 Feb 20 14:51:03 sd-53420 sshd\[27783\]: Failed password for invalid user yuchen from 150.223.17.130 port 55520 ssh2 Feb 20 14:52:31 sd-53420 sshd\[27969\]: Invalid user bruno from 150.223.17.130 Feb 20 14:52:31 sd-53420 sshd\[27969\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.223.17.130 ...	2020-02-21 00:33:22
94.159.37.22	attack	DATE:2020-02-20 14:25:55, IP:94.159.37.22, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-02-21 00:13:52
206.189.204.63	attackspam	Feb 20 15:27:48 sip sshd[24438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.204.63 Feb 20 15:27:50 sip sshd[24438]: Failed password for invalid user tongxin from 206.189.204.63 port 51462 ssh2 Feb 20 15:39:22 sip sshd[27445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.204.63	2020-02-21 00:28:44
138.197.164.222	attackspambots	Feb 20 12:30:55 vps46666688 sshd[16404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 Feb 20 12:30:57 vps46666688 sshd[16404]: Failed password for invalid user ubuntu from 138.197.164.222 port 58924 ssh2 ...	2020-02-21 00:24:47
222.186.180.130	attackspambots	Feb 20 17:24:48 MK-Soft-Root2 sshd[11992]: Failed password for root from 222.186.180.130 port 40592 ssh2 Feb 20 17:24:53 MK-Soft-Root2 sshd[11992]: Failed password for root from 222.186.180.130 port 40592 ssh2 ...	2020-02-21 00:35:24
52.100.173.218	attack	TCP Port: 25 invalid blocked spam-sorbs also backscatter and s5h-net (230)	2020-02-21 00:28:17
118.163.186.176	attackspambots	firewall-block, port(s): 445/tcp	2020-02-21 00:02:57
31.208.196.217	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-21 00:33:06
92.63.194.32	attack	02/20/2020-11:30:27.743062 92.63.194.32 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-21 00:34:20
154.125.248.40	attackspam	Feb 20 06:47:43 scivo sshd[32440]: Invalid user confluence from 154.125.248.40 Feb 20 06:47:43 scivo sshd[32440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.125.248.40 Feb 20 06:47:46 scivo sshd[32440]: Failed password for invalid user confluence from 154.125.248.40 port 42980 ssh2 Feb 20 06:47:46 scivo sshd[32440]: Received disconnect from 154.125.248.40: 11: Bye Bye [preauth] Feb 20 07:01:59 scivo sshd[675]: Invalid user chenyang from 154.125.248.40 Feb 20 07:01:59 scivo sshd[675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.125.248.40 Feb 20 07:02:01 scivo sshd[675]: Failed password for invalid user chenyang from 154.125.248.40 port 53885 ssh2 Feb 20 07:02:01 scivo sshd[675]: Received disconnect from 154.125.248.40: 11: Bye Bye [preauth] Feb 20 07:04:27 scivo sshd[873]: Invalid user fdy from 154.125.248.40 Feb 20 07:04:27 scivo sshd[873]: pam_unix(sshd:auth): authentica........ -------------------------------	2020-02-21 00:19:02
39.64.198.10	attackbots	Total attacks: 2	2020-02-21 00:25:53
120.70.100.2	attackspam	Feb 20 03:25:44 web9 sshd\[30635\]: Invalid user sunlei from 120.70.100.2 Feb 20 03:25:44 web9 sshd\[30635\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.100.2 Feb 20 03:25:47 web9 sshd\[30635\]: Failed password for invalid user sunlei from 120.70.100.2 port 40584 ssh2 Feb 20 03:27:49 web9 sshd\[30911\]: Invalid user jenkins from 120.70.100.2 Feb 20 03:27:49 web9 sshd\[30911\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.100.2	2020-02-21 00:11:41
51.254.116.137	attack	2020-02-19 08:32:12 server sshd[2392]: Failed password for invalid user man from 51.254.116.137 port 44172 ssh2	2020-02-21 00:09:44
95.37.205.250	attackbots	Feb 19 22:13:10 h2034429 sshd[22708]: Invalid user mapred from 95.37.205.250 Feb 19 22:13:10 h2034429 sshd[22708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.37.205.250 Feb 19 22:13:12 h2034429 sshd[22708]: Failed password for invalid user mapred from 95.37.205.250 port 60204 ssh2 Feb 19 22:13:12 h2034429 sshd[22708]: Received disconnect from 95.37.205.250 port 60204:11: Bye Bye [preauth] Feb 19 22:13:12 h2034429 sshd[22708]: Disconnected from 95.37.205.250 port 60204 [preauth] Feb 19 22:17:50 h2034429 sshd[22779]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.37.205.250 user=r.r Feb 19 22:17:52 h2034429 sshd[22779]: Failed password for r.r from 95.37.205.250 port 53236 ssh2 Feb 19 22:17:52 h2034429 sshd[22779]: Received disconnect from 95.37.205.250 port 53236:11: Bye Bye [preauth] Feb 19 22:17:52 h2034429 sshd[22779]: Disconnected from 95.37.205.250 port 53236 [preauth] ........ ----------------------------------	2020-02-21 00:17:28

最近上报的IP列表

39.53.207.16	149.56.172.224	148.70.140.71	144.91.81.116
112.133.236.124	185.177.152.213	207.180.228.118	112.196.88.154
197.248.124.67	36.90.30.77	125.71.21.68	113.142.139.118
70.2.13.30	220.180.112.208	253.221.116.59	4.140.48.9
77.242.16.138	59.123.97.187	249.5.177.193	61.244.18.127