106.75.249.55 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jun 24 23:48:13 Tower sshd[39189]: Connection from 106.75.249.55 port 46188 on 192.168.10.220 port 22 rdomain "" Jun 24 23:48:14 Tower sshd[39189]: Invalid user cpd from 106.75.249.55 port 46188 Jun 24 23:48:14 Tower sshd[39189]: error: Could not get shadow information for NOUSER Jun 24 23:48:14 Tower sshd[39189]: Failed password for invalid user cpd from 106.75.249.55 port 46188 ssh2 Jun 24 23:48:14 Tower sshd[39189]: Received disconnect from 106.75.249.55 port 46188:11: Bye Bye [preauth] Jun 24 23:48:14 Tower sshd[39189]: Disconnected from invalid user cpd 106.75.249.55 port 46188 [preauth]	2020-06-25 18:56:28

类型

评论内容

时间

attackbotsspam

Jun 24 23:48:13 Tower sshd[39189]: Connection from 106.75.249.55 port 46188 on 192.168.10.220 port 22 rdomain ""
Jun 24 23:48:14 Tower sshd[39189]: Invalid user cpd from 106.75.249.55 port 46188
Jun 24 23:48:14 Tower sshd[39189]: error: Could not get shadow information for NOUSER
Jun 24 23:48:14 Tower sshd[39189]: Failed password for invalid user cpd from 106.75.249.55 port 46188 ssh2
Jun 24 23:48:14 Tower sshd[39189]: Received disconnect from 106.75.249.55 port 46188:11: Bye Bye [preauth]
Jun 24 23:48:14 Tower sshd[39189]: Disconnected from invalid user cpd 106.75.249.55 port 46188 [preauth]

2020-06-25 18:56:28

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.249.8	attackbotsspam	frenzy	2020-08-23 02:28:27
106.75.249.8	attackspam	Aug 17 06:00:37 dignus sshd[30982]: Failed password for invalid user lxj from 106.75.249.8 port 59076 ssh2 Aug 17 06:05:50 dignus sshd[31722]: Invalid user gm from 106.75.249.8 port 37326 Aug 17 06:05:50 dignus sshd[31722]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.249.8 Aug 17 06:05:52 dignus sshd[31722]: Failed password for invalid user gm from 106.75.249.8 port 37326 ssh2 Aug 17 06:11:01 dignus sshd[32363]: Invalid user admin from 106.75.249.8 port 43808 ...	2020-08-17 21:19:21

类型

评论内容

时间

106.75.249.8

attackbotsspam

frenzy

2020-08-23 02:28:27

106.75.249.8

attackspam

Aug 17 06:00:37 dignus sshd[30982]: Failed password for invalid user lxj from 106.75.249.8 port 59076 ssh2
Aug 17 06:05:50 dignus sshd[31722]: Invalid user gm from 106.75.249.8 port 37326
Aug 17 06:05:50 dignus sshd[31722]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.249.8
Aug 17 06:05:52 dignus sshd[31722]: Failed password for invalid user gm from 106.75.249.8 port 37326 ssh2
Aug 17 06:11:01 dignus sshd[32363]: Invalid user admin from 106.75.249.8 port 43808
...

2020-08-17 21:19:21

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.249.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63865
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.249.55.			IN	A

;; AUTHORITY SECTION:
.			294	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062500 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 25 19:08:57 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 55.249.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 55.249.75.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
119.96.159.71	attack	Attempted connection to port 30870.	2020-04-24 20:09:48
91.241.19.42	attackspambots	odoo8 ...	2020-04-24 20:17:49
157.245.202.159	attackspambots	Apr 24 14:05:50 OPSO sshd\[14593\]: Invalid user scrappy from 157.245.202.159 port 37888 Apr 24 14:05:50 OPSO sshd\[14593\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.202.159 Apr 24 14:05:52 OPSO sshd\[14593\]: Failed password for invalid user scrappy from 157.245.202.159 port 37888 ssh2 Apr 24 14:10:31 OPSO sshd\[16204\]: Invalid user udin from 157.245.202.159 port 50808 Apr 24 14:10:31 OPSO sshd\[16204\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.202.159	2020-04-24 20:22:58
222.186.42.7	attackbots	Apr 24 14:10:34 piServer sshd[27590]: Failed password for root from 222.186.42.7 port 32167 ssh2 Apr 24 14:10:38 piServer sshd[27590]: Failed password for root from 222.186.42.7 port 32167 ssh2 Apr 24 14:10:40 piServer sshd[27590]: Failed password for root from 222.186.42.7 port 32167 ssh2 ...	2020-04-24 20:14:08
1.20.85.195	attackbotsspam	Unauthorized connection attempt from IP address 1.20.85.195 on Port 445(SMB)	2020-04-24 19:52:22
104.236.224.69	attackbots	Invalid user q from 104.236.224.69 port 44226	2020-04-24 20:10:52
180.180.137.230	attackspambots	Attempted connection to port 445.	2020-04-24 20:01:20
193.56.116.17	attack	Attempted connection to ports 8545, 8546, 30303, 50001.	2020-04-24 19:58:26
14.253.206.252	attackbots	Unauthorized connection attempt from IP address 14.253.206.252 on Port 445(SMB)	2020-04-24 20:08:42
62.234.222.115	attackspam	Automatic report BANNED IP	2020-04-24 19:41:15
103.6.104.66	attackspambots	Unauthorized connection attempt detected from IP address 103.6.104.66 to port 445 [T]	2020-04-24 19:53:13
14.139.62.139	attackspam	Icarus honeypot on github	2020-04-24 19:48:17
147.135.20.228	attackbotsspam	Attempted connection to port 80.	2020-04-24 20:06:18
176.31.252.148	attack	Apr 24 14:06:41 electroncash sshd[9237]: Invalid user tz from 176.31.252.148 port 59399 Apr 24 14:06:41 electroncash sshd[9237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.252.148 Apr 24 14:06:41 electroncash sshd[9237]: Invalid user tz from 176.31.252.148 port 59399 Apr 24 14:06:43 electroncash sshd[9237]: Failed password for invalid user tz from 176.31.252.148 port 59399 ssh2 Apr 24 14:10:45 electroncash sshd[10256]: Invalid user admin from 176.31.252.148 port 39269 ...	2020-04-24 20:14:59
220.134.23.42	attackbotsspam	Unauthorized connection attempt from IP address 220.134.23.42 on Port 445(SMB)	2020-04-24 19:46:16

最近上报的IP列表

86.246.247.59	174.219.142.87	103.100.159.85	26.27.39.1
187.66.163.1	185.32.203.10	104.41.34.233	85.105.72.95
60.167.178.50	168.63.150.222	151.106.59.91	85.97.131.53
123.19.59.124	14.102.74.99	137.117.13.132	75.66.235.141
60.167.181.84	106.55.51.241	252.115.9.3	153.227.252.184