106.75.234.80 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-06-30T17:18:03.250423lavrinenko.info sshd[31498]: Invalid user bkd from 106.75.234.80 port 48677 2020-06-30T17:18:03.256985lavrinenko.info sshd[31498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.80 2020-06-30T17:18:03.250423lavrinenko.info sshd[31498]: Invalid user bkd from 106.75.234.80 port 48677 2020-06-30T17:18:05.570311lavrinenko.info sshd[31498]: Failed password for invalid user bkd from 106.75.234.80 port 48677 ssh2 2020-06-30T17:21:16.086071lavrinenko.info sshd[31677]: Invalid user oracle from 106.75.234.80 port 35825 ...	2020-07-01 05:06:48
attackbotsspam	Invalid user ong from 106.75.234.80 port 37105	2020-06-26 23:19:31

类型

评论内容

时间

attack

2020-06-30T17:18:03.250423lavrinenko.info sshd[31498]: Invalid user bkd from 106.75.234.80 port 48677
2020-06-30T17:18:03.256985lavrinenko.info sshd[31498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.80
2020-06-30T17:18:03.250423lavrinenko.info sshd[31498]: Invalid user bkd from 106.75.234.80 port 48677
2020-06-30T17:18:05.570311lavrinenko.info sshd[31498]: Failed password for invalid user bkd from 106.75.234.80 port 48677 ssh2
2020-06-30T17:21:16.086071lavrinenko.info sshd[31677]: Invalid user oracle from 106.75.234.80 port 35825
...

2020-07-01 05:06:48

attackbotsspam

Invalid user ong from 106.75.234.80 port 37105

2020-06-26 23:19:31

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.234.83	attack	$f2bV_matches	2020-09-16 21:45:46
106.75.234.83	attackspambots	$f2bV_matches	2020-09-16 14:15:24
106.75.234.83	attackspambots	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-09-16 06:03:21
106.75.234.83	attackbots	Sep 15 19:00:23 mout sshd[23774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.83 user=root Sep 15 19:00:24 mout sshd[23774]: Failed password for root from 106.75.234.83 port 51730 ssh2 Sep 15 19:00:25 mout sshd[23774]: Disconnected from authenticating user root 106.75.234.83 port 51730 [preauth]	2020-09-16 01:25:15
106.75.234.83	attackbots	20 attempts against mh-ssh on echoip	2020-09-15 17:17:51
106.75.234.54	attackbots	SSH invalid-user multiple login attempts	2020-09-02 16:35:44
106.75.234.54	attack	Invalid user riana from 106.75.234.54 port 40745	2020-09-02 09:38:32
106.75.234.74	attackbotsspam	Invalid user test1 from 106.75.234.74 port 44966	2020-08-30 01:36:57
106.75.234.74	attack	Aug 26 07:53:13 ip40 sshd[7917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.74 Aug 26 07:53:15 ip40 sshd[7917]: Failed password for invalid user uma from 106.75.234.74 port 33629 ssh2 ...	2020-08-26 20:18:46
106.75.234.74	attackbotsspam	Fail2Ban	2020-08-20 20:07:09
106.75.234.74	attackspam	Aug 19 22:49:17 vps639187 sshd\[9870\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.74 user=root Aug 19 22:49:19 vps639187 sshd\[9870\]: Failed password for root from 106.75.234.74 port 53059 ssh2 Aug 19 22:53:17 vps639187 sshd\[9925\]: Invalid user pa from 106.75.234.74 port 51296 Aug 19 22:53:17 vps639187 sshd\[9925\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.74 ...	2020-08-20 05:01:01
106.75.234.54	attackspam	$f2bV_matches	2020-08-10 00:05:24
106.75.234.54	attackspam	2020-08-05T23:20:45.120679linuxbox-skyline sshd[97292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.54 user=root 2020-08-05T23:20:46.679891linuxbox-skyline sshd[97292]: Failed password for root from 106.75.234.54 port 44665 ssh2 ...	2020-08-06 17:36:01
106.75.234.54	attackbots	Aug 5 09:22:28 ip106 sshd[8254]: Failed password for root from 106.75.234.54 port 56204 ssh2 ...	2020-08-05 17:48:59
106.75.234.88	attack	2020-07-29T15:44:31.806053mail.standpoint.com.ua sshd[29123]: Invalid user liuying from 106.75.234.88 port 60194 2020-07-29T15:44:31.808980mail.standpoint.com.ua sshd[29123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.234.88 2020-07-29T15:44:31.806053mail.standpoint.com.ua sshd[29123]: Invalid user liuying from 106.75.234.88 port 60194 2020-07-29T15:44:34.267300mail.standpoint.com.ua sshd[29123]: Failed password for invalid user liuying from 106.75.234.88 port 60194 ssh2 2020-07-29T15:48:04.089162mail.standpoint.com.ua sshd[29639]: Invalid user huangjiefeng from 106.75.234.88 port 44624 ...	2020-07-29 20:53:23

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.234.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2228
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.234.80.			IN	A

;; AUTHORITY SECTION:
.			519	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061700 1800 900 604800 86400

;; Query time: 125 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 17 21:02:26 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

;; connection timed out; no servers could be reached

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 80.234.75.106.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
112.120.218.137	attack	" "	2019-10-28 05:11:29
222.186.175.202	attackbotsspam	Oct 28 02:15:26 gw1 sshd[7197]: Failed password for root from 222.186.175.202 port 18534 ssh2 Oct 28 02:15:43 gw1 sshd[7197]: error: maximum authentication attempts exceeded for root from 222.186.175.202 port 18534 ssh2 [preauth] ...	2019-10-28 05:16:11
222.186.175.167	attackbots	SSH bruteforce	2019-10-28 05:09:51
18.210.192.32	attack	RDP Bruteforce	2019-10-28 05:17:30
104.42.153.42	attackbotsspam	Oct 27 16:32:18 TORMINT sshd\[27434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.153.42 user=root Oct 27 16:32:20 TORMINT sshd\[27434\]: Failed password for root from 104.42.153.42 port 6400 ssh2 Oct 27 16:36:49 TORMINT sshd\[27694\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.153.42 user=root ...	2019-10-28 04:54:00
103.139.45.67	attackbotsspam	Oct 27 22:07:38 mail postfix/smtpd\[7621\]: warning: unknown\[103.139.45.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 27 22:07:45 mail postfix/smtpd\[7621\]: warning: unknown\[103.139.45.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 27 22:07:56 mail postfix/smtpd\[7621\]: warning: unknown\[103.139.45.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-28 05:27:03
122.116.140.68	attack	Oct 27 20:52:13 venus sshd\[21259\]: Invalid user stanley from 122.116.140.68 port 48078 Oct 27 20:52:13 venus sshd\[21259\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.116.140.68 Oct 27 20:52:16 venus sshd\[21259\]: Failed password for invalid user stanley from 122.116.140.68 port 48078 ssh2 ...	2019-10-28 04:58:41
114.222.184.17	attackbotsspam	Oct 27 16:46:53 TORMINT sshd\[28089\]: Invalid user a from 114.222.184.17 Oct 27 16:46:53 TORMINT sshd\[28089\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.222.184.17 Oct 27 16:46:55 TORMINT sshd\[28089\]: Failed password for invalid user a from 114.222.184.17 port 34852 ssh2 ...	2019-10-28 05:02:45
185.218.213.242	attackspambots	3389BruteforceFW21	2019-10-28 05:02:17
45.226.81.197	attackbots	Oct 25 19:58:09 pi01 sshd[23121]: Connection from 45.226.81.197 port 49124 on 192.168.1.10 port 22 Oct 25 19:58:10 pi01 sshd[23121]: User r.r from 45.226.81.197 not allowed because not listed in AllowUsers Oct 25 19:58:10 pi01 sshd[23121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.226.81.197 user=r.r Oct 25 19:58:13 pi01 sshd[23121]: Failed password for invalid user r.r from 45.226.81.197 port 49124 ssh2 Oct 25 19:58:13 pi01 sshd[23121]: Received disconnect from 45.226.81.197 port 49124:11: Bye Bye [preauth] Oct 25 19:58:13 pi01 sshd[23121]: Disconnected from 45.226.81.197 port 49124 [preauth] Oct 25 20:09:09 pi01 sshd[23720]: Connection from 45.226.81.197 port 53032 on 192.168.1.10 port 22 Oct 25 20:09:10 pi01 sshd[23720]: User r.r from 45.226.81.197 not allowed because not listed in AllowUsers Oct 25 20:09:10 pi01 sshd[23720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.22........ -------------------------------	2019-10-28 05:22:53
51.91.175.221	attackspambots	Oct 27 22:09:27 lnxmail61 postfix/smtpd[26339]: warning: [munged]:[51.91.175.221]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 27 22:09:27 lnxmail61 postfix/smtpd[26339]: lost connection after AUTH from [munged]:[51.91.175.221] Oct 27 22:09:33 lnxmail61 postfix/smtpd[28254]: warning: [munged]:[51.91.175.221]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 27 22:09:33 lnxmail61 postfix/smtpd[28254]: lost connection after AUTH from [munged]:[51.91.175.221] Oct 27 22:09:43 lnxmail61 postfix/smtpd[32444]: warning: [munged]:[51.91.175.221]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 27 22:09:43 lnxmail61 postfix/smtpd[32444]: lost connection after AUTH from [munged]:[51.91.175.221]	2019-10-28 05:28:24
51.79.50.64	attack	Oct 25 06:37:35 penfold sshd[3739]: Invalid user correoweb from 51.79.50.64 port 55794 Oct 25 06:37:35 penfold sshd[3739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.50.64 Oct 25 06:37:37 penfold sshd[3739]: Failed password for invalid user correoweb from 51.79.50.64 port 55794 ssh2 Oct 25 06:37:37 penfold sshd[3739]: Received disconnect from 51.79.50.64 port 55794:11: Bye Bye [preauth] Oct 25 06:37:37 penfold sshd[3739]: Disconnected from 51.79.50.64 port 55794 [preauth] Oct 25 06:59:48 penfold sshd[18087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.50.64 user=r.r Oct 25 06:59:50 penfold sshd[18087]: Failed password for r.r from 51.79.50.64 port 37824 ssh2 Oct 25 06:59:50 penfold sshd[18087]: Received disconnect from 51.79.50.64 port 37824:11: Bye Bye [preauth] Oct 25 06:59:50 penfold sshd[18087]: Disconnected from 51.79.50.64 port 37824 [preauth] Oct 25 07:04:58 pen........ -------------------------------	2019-10-28 05:13:53
189.79.120.74	attackspambots	Oct 27 21:58:06 meumeu sshd[11238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.79.120.74 Oct 27 21:58:09 meumeu sshd[11238]: Failed password for invalid user administrator from 189.79.120.74 port 33024 ssh2 Oct 27 22:02:23 meumeu sshd[12039]: Failed password for root from 189.79.120.74 port 42494 ssh2 ...	2019-10-28 05:07:38
222.186.180.17	attackbotsspam	Oct 27 23:49:47 server sshd\[18605\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.17 user=root Oct 27 23:49:49 server sshd\[18605\]: Failed password for root from 222.186.180.17 port 31256 ssh2 Oct 27 23:49:53 server sshd\[18605\]: Failed password for root from 222.186.180.17 port 31256 ssh2 Oct 27 23:49:58 server sshd\[18605\]: Failed password for root from 222.186.180.17 port 31256 ssh2 Oct 27 23:50:02 server sshd\[18605\]: Failed password for root from 222.186.180.17 port 31256 ssh2 ...	2019-10-28 04:51:07
222.186.180.223	attackbots	Oct 27 21:40:43 h2177944 sshd\[3508\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.223 user=root Oct 27 21:40:45 h2177944 sshd\[3508\]: Failed password for root from 222.186.180.223 port 37582 ssh2 Oct 27 21:40:50 h2177944 sshd\[3508\]: Failed password for root from 222.186.180.223 port 37582 ssh2 Oct 27 21:40:54 h2177944 sshd\[3508\]: Failed password for root from 222.186.180.223 port 37582 ssh2 ...	2019-10-28 04:53:06

最近上报的IP列表

79.137.55.125	156.205.79.67	119.122.91.33	192.227.65.242
165.227.200.236	103.214.191.144	182.122.5.58	86.40.236.28
223.220.175.166	187.5.159.162	220.189.191.238	179.182.3.100
118.27.12.150	201.179.197.139	151.70.220.249	200.78.216.127
111.170.229.129	91.246.122.126	197.50.166.252	157.50.111.155