106.75.234.74 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Invalid user test1 from 106.75.234.74 port 44966	2020-08-30 01:36:57
attack	Aug 26 07:53:13 ip40 sshd[7917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.74 Aug 26 07:53:15 ip40 sshd[7917]: Failed password for invalid user uma from 106.75.234.74 port 33629 ssh2 ...	2020-08-26 20:18:46
attackbotsspam	Fail2Ban	2020-08-20 20:07:09
attackspam	Aug 19 22:49:17 vps639187 sshd\[9870\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.74 user=root Aug 19 22:49:19 vps639187 sshd\[9870\]: Failed password for root from 106.75.234.74 port 53059 ssh2 Aug 19 22:53:17 vps639187 sshd\[9925\]: Invalid user pa from 106.75.234.74 port 51296 Aug 19 22:53:17 vps639187 sshd\[9925\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.74 ...	2020-08-20 05:01:01

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.234.83	attack	$f2bV_matches	2020-09-16 21:45:46
106.75.234.83	attackspambots	$f2bV_matches	2020-09-16 14:15:24
106.75.234.83	attackspambots	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-09-16 06:03:21
106.75.234.83	attackbots	Sep 15 19:00:23 mout sshd[23774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.83 user=root Sep 15 19:00:24 mout sshd[23774]: Failed password for root from 106.75.234.83 port 51730 ssh2 Sep 15 19:00:25 mout sshd[23774]: Disconnected from authenticating user root 106.75.234.83 port 51730 [preauth]	2020-09-16 01:25:15
106.75.234.83	attackbots	20 attempts against mh-ssh on echoip	2020-09-15 17:17:51
106.75.234.54	attackbots	SSH invalid-user multiple login attempts	2020-09-02 16:35:44
106.75.234.54	attack	Invalid user riana from 106.75.234.54 port 40745	2020-09-02 09:38:32
106.75.234.54	attackspam	$f2bV_matches	2020-08-10 00:05:24
106.75.234.54	attackspam	2020-08-05T23:20:45.120679linuxbox-skyline sshd[97292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.54 user=root 2020-08-05T23:20:46.679891linuxbox-skyline sshd[97292]: Failed password for root from 106.75.234.54 port 44665 ssh2 ...	2020-08-06 17:36:01
106.75.234.54	attackbots	Aug 5 09:22:28 ip106 sshd[8254]: Failed password for root from 106.75.234.54 port 56204 ssh2 ...	2020-08-05 17:48:59
106.75.234.88	attack	2020-07-29T15:44:31.806053mail.standpoint.com.ua sshd[29123]: Invalid user liuying from 106.75.234.88 port 60194 2020-07-29T15:44:31.808980mail.standpoint.com.ua sshd[29123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.88 2020-07-29T15:44:31.806053mail.standpoint.com.ua sshd[29123]: Invalid user liuying from 106.75.234.88 port 60194 2020-07-29T15:44:34.267300mail.standpoint.com.ua sshd[29123]: Failed password for invalid user liuying from 106.75.234.88 port 60194 ssh2 2020-07-29T15:48:04.089162mail.standpoint.com.ua sshd[29639]: Invalid user huangjiefeng from 106.75.234.88 port 44624 ...	2020-07-29 20:53:23
106.75.234.88	attackspam	Invalid user rocket from 106.75.234.88 port 57046	2020-07-28 02:26:45
106.75.234.54	attackbots	Invalid user testuser01 from 106.75.234.54 port 32900	2020-07-25 08:41:49
106.75.234.88	attack	Jul 21 14:04:55 [host] sshd[30564]: Invalid user s Jul 21 14:04:55 [host] sshd[30564]: pam_unix(sshd: Jul 21 14:04:57 [host] sshd[30564]: Failed passwor	2020-07-21 20:07:30
106.75.234.54	attackbots	Invalid user jayson from 106.75.234.54 port 54353	2020-07-16 16:13:48

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.234.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27062
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.234.74.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081901 1800 900 604800 86400

;; Query time: 83 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 20 05:00:58 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 74.234.75.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 74.234.75.106.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
212.51.148.162	attackspambots	Invalid user benites from 212.51.148.162 port 44606	2019-12-27 21:25:52
76.125.54.10	attackbots	Unauthorized connection attempt detected from IP address 76.125.54.10 to port 22	2019-12-27 21:30:04
37.187.17.58	attack	Invalid user Lauha from 37.187.17.58 port 44238	2019-12-27 21:43:54
222.186.15.33	attack	Dec 27 05:15:52 linuxvps sshd\[58650\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.33 user=root Dec 27 05:15:54 linuxvps sshd\[58650\]: Failed password for root from 222.186.15.33 port 44616 ssh2 Dec 27 05:18:08 linuxvps sshd\[59917\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.33 user=root Dec 27 05:18:09 linuxvps sshd\[59917\]: Failed password for root from 222.186.15.33 port 58803 ssh2 Dec 27 05:19:41 linuxvps sshd\[60779\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.33 user=root	2019-12-27 21:34:38
185.164.63.234	attackbots	Invalid user guest from 185.164.63.234 port 41676	2019-12-27 21:41:33
183.253.147.139	attackbots	Dec 27 13:51:12 debian-2gb-nbg1-2 kernel: \[1103795.697696\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=183.253.147.139 DST=195.201.40.59 LEN=44 TOS=0x04 PREC=0x00 TTL=235 ID=34784 PROTO=TCP SPT=7977 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-27 21:26:18
183.80.86.3	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 27-12-2019 06:20:09.	2019-12-27 21:56:58
106.13.102.73	attackbotsspam	Dec 27 13:57:47 host sshd[23991]: Invalid user www-data from 106.13.102.73 port 45226 ...	2019-12-27 21:22:52
223.150.19.48	attackbots	Scanning	2019-12-27 21:33:59
84.54.215.181	attack	Automatic report - Port Scan Attack	2019-12-27 21:32:32
131.255.187.107	attackbots	1577427619 - 12/27/2019 07:20:19 Host: 131.255.187.107/131.255.187.107 Port: 445 TCP Blocked	2019-12-27 21:52:42
184.105.247.212	attackspam	Dec 27 10:43:48 debian-2gb-nbg1-2 kernel: \[1092552.492137\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=184.105.247.212 DST=195.201.40.59 LEN=80 TOS=0x00 PREC=0x00 TTL=52 ID=50509 DF PROTO=UDP SPT=2016 DPT=389 LEN=60	2019-12-27 21:43:01
148.215.18.103	attack	Dec 27 12:45:09 XXXXXX sshd[4250]: Invalid user confluence1 from 148.215.18.103 port 40977	2019-12-27 21:20:24
1.194.239.202	attackspambots	Dec 27 06:44:44 master sshd[29307]: Failed password for invalid user libevent from 1.194.239.202 port 55273 ssh2	2019-12-27 21:29:10
111.40.189.9	attackspambots	[portscan] tcp/21 [FTP] [scan/connect: 6 time(s)] *(RWIN=65535)(12271226)	2019-12-27 21:39:02

最近上报的IP列表

220.133.0.84	181.72.40.174	74.207.249.42	2.7.59.79
104.41.59.175	74.208.211.54	111.72.194.22	103.45.104.181
128.199.255.122	157.92.36.18	74.208.82.213	166.137.104.41
117.69.159.243	75.141.185.50	186.23.28.133	179.189.204.208
45.124.86.155	74.209.13.44	74.210.159.55	74.213.49.139