106.75.234.74 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Invalid user test1 from 106.75.234.74 port 44966	2020-08-30 01:36:57
attack	Aug 26 07:53:13 ip40 sshd[7917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.74 Aug 26 07:53:15 ip40 sshd[7917]: Failed password for invalid user uma from 106.75.234.74 port 33629 ssh2 ...	2020-08-26 20:18:46
attackbotsspam	Fail2Ban	2020-08-20 20:07:09
attackspam	Aug 19 22:49:17 vps639187 sshd\[9870\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.74 user=root Aug 19 22:49:19 vps639187 sshd\[9870\]: Failed password for root from 106.75.234.74 port 53059 ssh2 Aug 19 22:53:17 vps639187 sshd\[9925\]: Invalid user pa from 106.75.234.74 port 51296 Aug 19 22:53:17 vps639187 sshd\[9925\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.74 ...	2020-08-20 05:01:01

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.234.83	attack	$f2bV_matches	2020-09-16 21:45:46
106.75.234.83	attackspambots	$f2bV_matches	2020-09-16 14:15:24
106.75.234.83	attackspambots	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-09-16 06:03:21
106.75.234.83	attackbots	Sep 15 19:00:23 mout sshd[23774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.83 user=root Sep 15 19:00:24 mout sshd[23774]: Failed password for root from 106.75.234.83 port 51730 ssh2 Sep 15 19:00:25 mout sshd[23774]: Disconnected from authenticating user root 106.75.234.83 port 51730 [preauth]	2020-09-16 01:25:15
106.75.234.83	attackbots	20 attempts against mh-ssh on echoip	2020-09-15 17:17:51
106.75.234.54	attackbots	SSH invalid-user multiple login attempts	2020-09-02 16:35:44
106.75.234.54	attack	Invalid user riana from 106.75.234.54 port 40745	2020-09-02 09:38:32
106.75.234.54	attackspam	$f2bV_matches	2020-08-10 00:05:24
106.75.234.54	attackspam	2020-08-05T23:20:45.120679linuxbox-skyline sshd[97292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.54 user=root 2020-08-05T23:20:46.679891linuxbox-skyline sshd[97292]: Failed password for root from 106.75.234.54 port 44665 ssh2 ...	2020-08-06 17:36:01
106.75.234.54	attackbots	Aug 5 09:22:28 ip106 sshd[8254]: Failed password for root from 106.75.234.54 port 56204 ssh2 ...	2020-08-05 17:48:59
106.75.234.88	attack	2020-07-29T15:44:31.806053mail.standpoint.com.ua sshd[29123]: Invalid user liuying from 106.75.234.88 port 60194 2020-07-29T15:44:31.808980mail.standpoint.com.ua sshd[29123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.88 2020-07-29T15:44:31.806053mail.standpoint.com.ua sshd[29123]: Invalid user liuying from 106.75.234.88 port 60194 2020-07-29T15:44:34.267300mail.standpoint.com.ua sshd[29123]: Failed password for invalid user liuying from 106.75.234.88 port 60194 ssh2 2020-07-29T15:48:04.089162mail.standpoint.com.ua sshd[29639]: Invalid user huangjiefeng from 106.75.234.88 port 44624 ...	2020-07-29 20:53:23
106.75.234.88	attackspam	Invalid user rocket from 106.75.234.88 port 57046	2020-07-28 02:26:45
106.75.234.54	attackbots	Invalid user testuser01 from 106.75.234.54 port 32900	2020-07-25 08:41:49
106.75.234.88	attack	Jul 21 14:04:55 [host] sshd[30564]: Invalid user s Jul 21 14:04:55 [host] sshd[30564]: pam_unix(sshd: Jul 21 14:04:57 [host] sshd[30564]: Failed passwor	2020-07-21 20:07:30
106.75.234.54	attackbots	Invalid user jayson from 106.75.234.54 port 54353	2020-07-16 16:13:48

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.234.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27062
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.234.74.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081901 1800 900 604800 86400

;; Query time: 83 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 20 05:00:58 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 74.234.75.106.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 74.234.75.106.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
93.55.209.46	attack	Aug 19 23:07:34 pornomens sshd\[1259\]: Invalid user chrissie from 93.55.209.46 port 39362 Aug 19 23:07:34 pornomens sshd\[1259\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.55.209.46 Aug 19 23:07:36 pornomens sshd\[1259\]: Failed password for invalid user chrissie from 93.55.209.46 port 39362 ssh2 ...	2019-08-20 06:49:25
134.175.109.23	attackspam	2019-08-19T22:07:27.680884abusebot-5.cloudsearch.cf sshd\[27036\]: Invalid user git from 134.175.109.23 port 43010	2019-08-20 06:26:35
203.114.102.69	attack	Aug 19 12:17:29 kapalua sshd\[31870\]: Invalid user ema from 203.114.102.69 Aug 19 12:17:29 kapalua sshd\[31870\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.114.102.69 Aug 19 12:17:31 kapalua sshd\[31870\]: Failed password for invalid user ema from 203.114.102.69 port 48077 ssh2 Aug 19 12:22:19 kapalua sshd\[32328\]: Invalid user software from 203.114.102.69 Aug 19 12:22:19 kapalua sshd\[32328\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.114.102.69	2019-08-20 06:55:03
139.199.122.210	attackspam	Aug 19 12:35:16 web9 sshd\[20102\]: Invalid user computerdienst from 139.199.122.210 Aug 19 12:35:16 web9 sshd\[20102\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.210 Aug 19 12:35:18 web9 sshd\[20102\]: Failed password for invalid user computerdienst from 139.199.122.210 port 48396 ssh2 Aug 19 12:41:53 web9 sshd\[21688\]: Invalid user demo from 139.199.122.210 Aug 19 12:41:53 web9 sshd\[21688\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.210	2019-08-20 06:44:59
118.89.27.248	attackspambots	2019-08-19T20:28:51.738304abusebot-6.cloudsearch.cf sshd\[2763\]: Invalid user scanner from 118.89.27.248 port 51460	2019-08-20 06:18:46
78.128.113.74	attackspambots	Aug 20 00:17:45 mail postfix/smtpd\[1206\]: warning: unknown\[78.128.113.74\]: SASL PLAIN authentication failed: Aug 20 00:17:52 mail postfix/smtpd\[1206\]: warning: unknown\[78.128.113.74\]: SASL PLAIN authentication failed: Aug 20 00:20:29 mail postfix/smtpd\[2878\]: warning: unknown\[78.128.113.74\]: SASL PLAIN authentication failed:	2019-08-20 06:31:53
163.172.157.162	attack	Aug 20 00:15:56 [host] sshd[20269]: Invalid user polycom from 163.172.157.162 Aug 20 00:15:56 [host] sshd[20269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.162 Aug 20 00:15:58 [host] sshd[20269]: Failed password for invalid user polycom from 163.172.157.162 port 49952 ssh2	2019-08-20 06:31:22
61.19.247.121	attackbotsspam	Aug 19 12:35:42 eddieflores sshd\[29646\]: Invalid user hs from 61.19.247.121 Aug 19 12:35:42 eddieflores sshd\[29646\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.247.121 Aug 19 12:35:45 eddieflores sshd\[29646\]: Failed password for invalid user hs from 61.19.247.121 port 40498 ssh2 Aug 19 12:40:30 eddieflores sshd\[30173\]: Invalid user mongodb from 61.19.247.121 Aug 19 12:40:30 eddieflores sshd\[30173\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.247.121	2019-08-20 06:52:00
217.182.252.63	attack	Aug 19 09:48:30 web1 sshd\[22185\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.252.63 user=root Aug 19 09:48:33 web1 sshd\[22185\]: Failed password for root from 217.182.252.63 port 53284 ssh2 Aug 19 09:53:30 web1 sshd\[22640\]: Invalid user mitha from 217.182.252.63 Aug 19 09:53:30 web1 sshd\[22640\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.252.63 Aug 19 09:53:32 web1 sshd\[22640\]: Failed password for invalid user mitha from 217.182.252.63 port 57840 ssh2	2019-08-20 06:41:03
178.128.106.198	attackbotsspam	Aug 20 01:31:43 server sshd\[30276\]: Invalid user wagle from 178.128.106.198 port 47032 Aug 20 01:31:43 server sshd\[30276\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.106.198 Aug 20 01:31:45 server sshd\[30276\]: Failed password for invalid user wagle from 178.128.106.198 port 47032 ssh2 Aug 20 01:36:24 server sshd\[13255\]: Invalid user mis from 178.128.106.198 port 37556 Aug 20 01:36:24 server sshd\[13255\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.106.198	2019-08-20 06:37:40
134.209.170.90	attackbotsspam	Automated report - ssh fail2ban: Aug 20 00:45:32 wrong password, user=nexus, port=58020, ssh2 Aug 20 00:49:40 authentication failure	2019-08-20 06:57:01
94.8.8.21	attackspambots	Automatic report - Port Scan Attack	2019-08-20 06:35:40
49.88.112.80	attackbots	Aug 19 12:25:52 web9 sshd\[18005\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.80 user=root Aug 19 12:25:54 web9 sshd\[18005\]: Failed password for root from 49.88.112.80 port 41360 ssh2 Aug 19 12:25:58 web9 sshd\[18029\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.80 user=root Aug 19 12:26:00 web9 sshd\[18029\]: Failed password for root from 49.88.112.80 port 34863 ssh2 Aug 19 12:26:02 web9 sshd\[18029\]: Failed password for root from 49.88.112.80 port 34863 ssh2	2019-08-20 06:27:14
122.195.200.148	attack	2019-08-20T05:49:05.647845enmeeting.mahidol.ac.th sshd\[4037\]: User root from 122.195.200.148 not allowed because not listed in AllowUsers 2019-08-20T05:49:05.855334enmeeting.mahidol.ac.th sshd\[4037\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.200.148 user=root 2019-08-20T05:49:07.858319enmeeting.mahidol.ac.th sshd\[4037\]: Failed password for invalid user root from 122.195.200.148 port 31527 ssh2 ...	2019-08-20 06:54:11
180.148.7.123	attackbots	Aug 19 14:55:10 localhost kernel: [17485104.075705] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=180.148.7.123 DST=[mungedIP2] LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=16140 DF PROTO=TCP SPT=4124 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0 Aug 19 14:55:10 localhost kernel: [17485104.075714] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=180.148.7.123 DST=[mungedIP2] LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=16140 DF PROTO=TCP SPT=4124 DPT=445 SEQ=1546916324 ACK=0 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B401010402) Aug 19 14:55:13 localhost kernel: [17485107.010464] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=180.148.7.123 DST=[mungedIP2] LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=16966 DF PROTO=TCP SPT=4124 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0 Aug 19 14:55:13 localhost kernel: [17485107.010492] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=180.148.7.123 DST	2019-08-20 06:19:27

最近上报的IP列表

220.133.0.84	181.72.40.174	74.207.249.42	2.7.59.79
104.41.59.175	74.208.211.54	111.72.194.22	103.45.104.181
128.199.255.122	157.92.36.18	74.208.82.213	166.137.104.41
117.69.159.243	75.141.185.50	186.23.28.133	179.189.204.208
45.124.86.155	74.209.13.44	74.210.159.55	74.213.49.139