106.75.29.84 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	SSH login attempts.	2020-06-19 13:20:59
attackbotsspam	Jun 17 10:09:36 NPSTNNYC01T sshd[8055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.29.84 Jun 17 10:09:38 NPSTNNYC01T sshd[8055]: Failed password for invalid user ubuntu from 106.75.29.84 port 57276 ssh2 Jun 17 10:12:29 NPSTNNYC01T sshd[8358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.29.84 ...	2020-06-17 22:22:39

类型

评论内容

时间

attackspambots

SSH login attempts.

2020-06-19 13:20:59

attackbotsspam

Jun 17 10:09:36 NPSTNNYC01T sshd[8055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.29.84
Jun 17 10:09:38 NPSTNNYC01T sshd[8055]: Failed password for invalid user ubuntu from 106.75.29.84 port 57276 ssh2
Jun 17 10:12:29 NPSTNNYC01T sshd[8358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.29.84
...

2020-06-17 22:22:39

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.29.209	spambotsattackproxy	106.75.29.209 powermailmarketingworld.info	2020-10-31 04:03:11
106.75.29.239	attackbots	Oct 9 14:58:09 ws26vmsma01 sshd[237593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.29.239 Oct 9 14:58:11 ws26vmsma01 sshd[237593]: Failed password for invalid user nagios from 106.75.29.239 port 48488 ssh2 ...	2020-10-10 02:55:51
106.75.29.239	attackbots	fail2ban -- 106.75.29.239 ...	2020-10-09 18:42:18

类型

评论内容

时间

106.75.29.209

spambotsattackproxy

106.75.29.209 powermailmarketingworld.info

2020-10-31 04:03:11

106.75.29.239

attackbots

Oct  9 14:58:09 ws26vmsma01 sshd[237593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.29.239
Oct  9 14:58:11 ws26vmsma01 sshd[237593]: Failed password for invalid user nagios from 106.75.29.239 port 48488 ssh2
...

2020-10-10 02:55:51

106.75.29.239

attackbots

fail2ban -- 106.75.29.239
...

2020-10-09 18:42:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.29.84
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62961
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.29.84.			IN	A

;; AUTHORITY SECTION:
.			304	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061700 1800 900 604800 86400

;; Query time: 99 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 17 22:22:34 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 84.29.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 84.29.75.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
121.46.27.10	attackspam	Jul 26 21:31:02 v22018076622670303 sshd\[5726\]: Invalid user git from 121.46.27.10 port 43342 Jul 26 21:31:02 v22018076622670303 sshd\[5726\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.46.27.10 Jul 26 21:31:05 v22018076622670303 sshd\[5726\]: Failed password for invalid user git from 121.46.27.10 port 43342 ssh2 ...	2019-07-27 03:49:19
5.238.181.44	attackbotsspam	Jul 26 10:38:53 h2034429 postfix/smtpd[20408]: connect from unknown[5.238.181.44] Jul x@x Jul 26 10:38:54 h2034429 postfix/smtpd[20408]: lost connection after DATA from unknown[5.238.181.44] Jul 26 10:38:54 h2034429 postfix/smtpd[20408]: disconnect from unknown[5.238.181.44] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 Jul 26 10:39:09 h2034429 postfix/smtpd[20408]: connect from unknown[5.238.181.44] Jul x@x Jul 26 10:39:10 h2034429 postfix/smtpd[20408]: lost connection after DATA from unknown[5.238.181.44] Jul 26 10:39:10 h2034429 postfix/smtpd[20408]: disconnect from unknown[5.238.181.44] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 Jul 26 10:39:21 h2034429 postfix/smtpd[20408]: connect from unknown[5.238.181.44] Jul x@x Jul 26 10:39:22 h2034429 postfix/smtpd[20408]: lost connection after DATA from unknown[5.238.181.44] Jul 26 10:39:22 h2034429 postfix/smtpd[20408]: disconnect from unknown[5.238.181.44] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 ........ ----------------------------------------------- ht	2019-07-27 03:03:50
149.28.251.227	attackbots	Jul 26 21:18:45 server sshd\[30746\]: Invalid user geek from 149.28.251.227 port 54446 Jul 26 21:18:45 server sshd\[30746\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.28.251.227 Jul 26 21:18:47 server sshd\[30746\]: Failed password for invalid user geek from 149.28.251.227 port 54446 ssh2 Jul 26 21:23:04 server sshd\[21762\]: Invalid user postgres from 149.28.251.227 port 48526 Jul 26 21:23:04 server sshd\[21762\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.28.251.227	2019-07-27 03:12:13
14.246.153.186	attackbotsspam	Honeypot triggered via portsentry	2019-07-27 03:11:44
113.160.158.129	attackspambots	SSH-bruteforce attempts	2019-07-27 03:19:56
191.184.100.33	attack	2019-07-26T18:13:45.503439abusebot-7.cloudsearch.cf sshd\[4872\]: Invalid user christine from 191.184.100.33 port 44316 2019-07-26T18:13:45.506920abusebot-7.cloudsearch.cf sshd\[4872\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.184.100.33	2019-07-27 03:23:55
27.69.225.41	attackbotsspam	Jul 26 10:38:48 mxgate1 postfix/postscreen[20768]: CONNECT from [27.69.225.41]:28469 to [176.31.12.44]:25 Jul 26 10:38:48 mxgate1 postfix/dnsblog[20886]: addr 27.69.225.41 listed by domain cbl.abuseat.org as 127.0.0.2 Jul 26 10:38:48 mxgate1 postfix/dnsblog[20887]: addr 27.69.225.41 listed by domain zen.spamhaus.org as 127.0.0.11 Jul 26 10:38:48 mxgate1 postfix/dnsblog[20887]: addr 27.69.225.41 listed by domain zen.spamhaus.org as 127.0.0.4 Jul 26 10:38:48 mxgate1 postfix/dnsblog[20888]: addr 27.69.225.41 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Jul 26 10:38:48 mxgate1 postfix/dnsblog[20889]: addr 27.69.225.41 listed by domain b.barracudacentral.org as 127.0.0.2 Jul 26 10:38:49 mxgate1 postfix/dnsblog[20885]: addr 27.69.225.41 listed by domain bl.spamcop.net as 127.0.0.2 Jul 26 10:38:54 mxgate1 postfix/postscreen[20768]: DNSBL rank 6 for [27.69.225.41]:28469 Jul 26 10:38:55 mxgate1 postfix/postscreen[20768]: NOQUEUE: reject: RCPT from [27.69.225.41]:28469: 550 ........ -------------------------------	2019-07-27 03:11:23
106.12.212.141	attack	Jul 26 21:38:25 yabzik sshd[20707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.212.141 Jul 26 21:38:27 yabzik sshd[20707]: Failed password for invalid user slb from 106.12.212.141 port 43576 ssh2 Jul 26 21:43:39 yabzik sshd[22529]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.212.141	2019-07-27 03:39:59
41.216.174.202	attack	2019-07-26T19:23:21.886508abusebot-8.cloudsearch.cf sshd\[19576\]: Invalid user extrim from 41.216.174.202 port 53178	2019-07-27 03:26:29
196.1.99.12	attackbotsspam	2019-07-26T19:04:33.550409abusebot-2.cloudsearch.cf sshd\[17539\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.1.99.12 user=root	2019-07-27 03:25:17
142.93.205.83	attackbotsspam	Triggered by Fail2Ban at Ares web server	2019-07-27 03:55:02
180.126.60.20	attackspam	Jul 26 03:11:30 * sshd[19450]: Bad protocol version identification '' from 180.126.60.20 Jul 26 03:11:34 * sshd[19451]: Invalid user NetLinx from 180.126.60.20 Jul 26 03:11:34 * sshd[19451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.126.60.20 Jul 26 03:11:37 * sshd[19451]: Failed password for invalid user NetLinx from 180.126.60.20 port 49116 ssh2 Jul 26 03:11:37 * sshd[19451]: Connection closed by 180.126.60.20 [preauth] Jul 26 03:11:41 * sshd[19453]: Invalid user nexthink from 180.126.60.20 Jul 26 03:11:42 * sshd[19453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.126.60.20 Jul 26 03:11:44 * sshd[19453]: Failed password for invalid user nexthink from 180.126.60.20 port 51521 ssh2 Jul 26 03:11:45 * sshd[19453]: Connection closed by 180.126.60.20 [preauth] Jul 26 03:11:50 * sshd[19455]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0........ -------------------------------	2019-07-27 03:18:58
93.176.165.78	attackspam	" "	2019-07-27 03:05:47
110.35.210.38	attackbotsspam	Automatic report - Port Scan Attack	2019-07-27 03:20:36
106.12.111.201	attackspambots	Jul 26 13:21:42 aat-srv002 sshd[30209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.111.201 Jul 26 13:21:44 aat-srv002 sshd[30209]: Failed password for invalid user admin from 106.12.111.201 port 58110 ssh2 Jul 26 13:25:10 aat-srv002 sshd[30316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.111.201 Jul 26 13:25:12 aat-srv002 sshd[30316]: Failed password for invalid user zhou from 106.12.111.201 port 33778 ssh2 ...	2019-07-27 03:09:57

最近上报的IP列表

210.190.60.213	128.116.147.172	103.113.90.128	58.214.16.198
94.233.234.16	27.22.31.235	222.247.8.195	61.7.188.63
188.70.9.165	117.92.92.54	87.121.109.174	34.76.47.142
111.250.152.248	110.93.240.71	109.94.171.132	93.184.88.95
177.43.78.58	94.25.175.158	118.70.171.183	219.139.184.241