106.75.3.59 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Automatic report BANNED IP	2020-08-23 23:40:14
attackbots	2020-08-19T05:46:39.810124+02:00 sshd[1406]: Failed password for root from 106.75.3.59 port 64246 ssh2	2020-08-19 19:03:30
attackbots	Ssh brute force	2020-08-15 08:06:01
attack	Aug 7 15:26:06 cosmoit sshd[29653]: Failed password for root from 106.75.3.59 port 52787 ssh2	2020-08-07 22:12:11
attackbots	2020-08-03T15:44:07.337701abusebot.cloudsearch.cf sshd[29910]: Invalid user bmdmserver from 106.75.3.59 port 11731 2020-08-03T15:44:07.342871abusebot.cloudsearch.cf sshd[29910]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 2020-08-03T15:44:07.337701abusebot.cloudsearch.cf sshd[29910]: Invalid user bmdmserver from 106.75.3.59 port 11731 2020-08-03T15:44:09.566495abusebot.cloudsearch.cf sshd[29910]: Failed password for invalid user bmdmserver from 106.75.3.59 port 11731 ssh2 2020-08-03T15:49:25.940558abusebot.cloudsearch.cf sshd[29947]: Invalid user !@34QWerty from 106.75.3.59 port 12890 2020-08-03T15:49:25.945391abusebot.cloudsearch.cf sshd[29947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 2020-08-03T15:49:25.940558abusebot.cloudsearch.cf sshd[29947]: Invalid user !@34QWerty from 106.75.3.59 port 12890 2020-08-03T15:49:28.490680abusebot.cloudsearch.cf sshd[29947]: Failed pass ...	2020-08-04 02:41:44
attackspam	Jul 30 14:09:56 lunarastro sshd[30129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 Jul 30 14:09:58 lunarastro sshd[30129]: Failed password for invalid user lwy from 106.75.3.59 port 54549 ssh2	2020-07-30 18:03:41
attackspam	Jul 29 14:02:47 piServer sshd[15845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 Jul 29 14:02:49 piServer sshd[15845]: Failed password for invalid user vlado from 106.75.3.59 port 56435 ssh2 Jul 29 14:07:19 piServer sshd[16173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 ...	2020-07-30 02:52:43
attackspambots	Jul 26 15:19:54 vps sshd[884274]: Failed password for invalid user testing from 106.75.3.59 port 10330 ssh2 Jul 26 15:21:50 vps sshd[895576]: Invalid user it from 106.75.3.59 port 30508 Jul 26 15:21:50 vps sshd[895576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 Jul 26 15:21:52 vps sshd[895576]: Failed password for invalid user it from 106.75.3.59 port 30508 ssh2 Jul 26 15:23:43 vps sshd[902655]: Invalid user alex from 106.75.3.59 port 50678 ...	2020-07-27 00:38:37
attackbots	Jul 24 16:48:47 piServer sshd[2767]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 Jul 24 16:48:49 piServer sshd[2767]: Failed password for invalid user transfer from 106.75.3.59 port 16778 ssh2 Jul 24 16:55:11 piServer sshd[3308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 ...	2020-07-24 23:26:17
attackspam	Jul 9 22:08:59 ajax sshd[8604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 Jul 9 22:09:01 ajax sshd[8604]: Failed password for invalid user test from 106.75.3.59 port 18264 ssh2	2020-07-10 06:46:16
attackspambots	2020-06-22T15:57:36.121569mail.standpoint.com.ua sshd[6469]: Failed password for root from 106.75.3.59 port 59848 ssh2 2020-06-22T16:01:08.720233mail.standpoint.com.ua sshd[7037]: Invalid user mailtest from 106.75.3.59 port 54009 2020-06-22T16:01:08.722860mail.standpoint.com.ua sshd[7037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 2020-06-22T16:01:08.720233mail.standpoint.com.ua sshd[7037]: Invalid user mailtest from 106.75.3.59 port 54009 2020-06-22T16:01:11.422484mail.standpoint.com.ua sshd[7037]: Failed password for invalid user mailtest from 106.75.3.59 port 54009 ssh2 ...	2020-06-22 23:20:50
attackspam	Jun 14 10:19:06 vps46666688 sshd[17535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 Jun 14 10:19:08 vps46666688 sshd[17535]: Failed password for invalid user admin from 106.75.3.59 port 13608 ssh2 ...	2020-06-14 22:52:33
attackspam	SSH / Telnet Brute Force Attempts on Honeypot	2020-06-01 08:03:00
attack	Apr 29 13:55:44 DAAP sshd[25482]: Invalid user lyj from 106.75.3.59 port 46929 Apr 29 13:55:44 DAAP sshd[25482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 Apr 29 13:55:44 DAAP sshd[25482]: Invalid user lyj from 106.75.3.59 port 46929 Apr 29 13:55:46 DAAP sshd[25482]: Failed password for invalid user lyj from 106.75.3.59 port 46929 ssh2 Apr 29 14:02:03 DAAP sshd[25604]: Invalid user thy from 106.75.3.59 port 9643 ...	2020-04-29 22:48:55
attackspam	2020-04-26 09:01:58,457 fail2ban.actions: WARNING [ssh] Ban 106.75.3.59	2020-04-26 16:01:41
attackbotsspam	Apr 17 15:43:12 srv-ubuntu-dev3 sshd[78964]: Invalid user ot from 106.75.3.59 Apr 17 15:43:12 srv-ubuntu-dev3 sshd[78964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 Apr 17 15:43:12 srv-ubuntu-dev3 sshd[78964]: Invalid user ot from 106.75.3.59 Apr 17 15:43:14 srv-ubuntu-dev3 sshd[78964]: Failed password for invalid user ot from 106.75.3.59 port 41285 ssh2 Apr 17 15:47:48 srv-ubuntu-dev3 sshd[79956]: Invalid user lo from 106.75.3.59 Apr 17 15:47:48 srv-ubuntu-dev3 sshd[79956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 Apr 17 15:47:48 srv-ubuntu-dev3 sshd[79956]: Invalid user lo from 106.75.3.59 Apr 17 15:47:50 srv-ubuntu-dev3 sshd[79956]: Failed password for invalid user lo from 106.75.3.59 port 37328 ssh2 Apr 17 15:52:33 srv-ubuntu-dev3 sshd[80738]: Invalid user admin from 106.75.3.59 ...	2020-04-18 01:46:08
attack	Apr 6 14:45:45 host sshd[38089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 user=root Apr 6 14:45:47 host sshd[38089]: Failed password for root from 106.75.3.59 port 25166 ssh2 ...	2020-04-06 21:11:41
attackspam	Invalid user ojc from 106.75.3.59 port 49784	2020-04-04 16:44:43
attackspam	Mar 29 04:08:18 hosting sshd[8148]: Invalid user qsb from 106.75.3.59 port 44781 Mar 29 04:08:18 hosting sshd[8148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 Mar 29 04:08:18 hosting sshd[8148]: Invalid user qsb from 106.75.3.59 port 44781 Mar 29 04:08:20 hosting sshd[8148]: Failed password for invalid user qsb from 106.75.3.59 port 44781 ssh2 Mar 29 04:23:05 hosting sshd[9515]: Invalid user dwn from 106.75.3.59 port 32624 ...	2020-03-29 09:55:35
attackspam	Mar 22 04:57:13 tuxlinux sshd[48198]: Invalid user ny from 106.75.3.59 port 21614 Mar 22 04:57:13 tuxlinux sshd[48198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 Mar 22 04:57:13 tuxlinux sshd[48198]: Invalid user ny from 106.75.3.59 port 21614 Mar 22 04:57:13 tuxlinux sshd[48198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 Mar 22 04:57:13 tuxlinux sshd[48198]: Invalid user ny from 106.75.3.59 port 21614 Mar 22 04:57:13 tuxlinux sshd[48198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.3.59 Mar 22 04:57:15 tuxlinux sshd[48198]: Failed password for invalid user ny from 106.75.3.59 port 21614 ssh2 ...	2020-03-22 12:34:38
attackspambots	Brute-force attempt banned	2020-03-10 06:09:03
attack	DATE:2020-03-04 10:23:31, IP:106.75.3.59, PORT:ssh SSH brute force auth (docker-dc)	2020-03-04 17:55:47

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.31.125	botsattackproxy	SSH bot	2024-06-18 21:44:49
106.75.32.229	attackbotsspam	Aug 31 17:59:15 hanapaa sshd\[16883\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.32.229 user=root Aug 31 17:59:17 hanapaa sshd\[16883\]: Failed password for root from 106.75.32.229 port 56804 ssh2 Aug 31 18:02:05 hanapaa sshd\[17086\]: Invalid user test101 from 106.75.32.229 Aug 31 18:02:05 hanapaa sshd\[17086\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.32.229 Aug 31 18:02:08 hanapaa sshd\[17086\]: Failed password for invalid user test101 from 106.75.32.229 port 60112 ssh2	2020-09-01 14:59:10
106.75.32.229	attackbots	$f2bV_matches	2020-08-31 04:28:37
106.75.35.150	attack	SSH Invalid Login	2020-08-29 07:08:54
106.75.3.52	attackbots	Honeypot hit.	2020-08-25 07:55:49
106.75.32.229	attackbots	Aug 23 00:16:21 fhem-rasp sshd[32067]: Invalid user zth from 106.75.32.229 port 43794 ...	2020-08-23 06:50:28
106.75.32.229	attackspam	Aug 22 08:07:00 MainVPS sshd[25102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.32.229 user=root Aug 22 08:07:01 MainVPS sshd[25102]: Failed password for root from 106.75.32.229 port 51562 ssh2 Aug 22 08:13:23 MainVPS sshd[4563]: Invalid user amber from 106.75.32.229 port 59782 Aug 22 08:13:23 MainVPS sshd[4563]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.32.229 Aug 22 08:13:23 MainVPS sshd[4563]: Invalid user amber from 106.75.32.229 port 59782 Aug 22 08:13:25 MainVPS sshd[4563]: Failed password for invalid user amber from 106.75.32.229 port 59782 ssh2 ...	2020-08-22 17:31:12
106.75.32.229	attack	Aug 16 16:57:43 PorscheCustomer sshd[21052]: Failed password for root from 106.75.32.229 port 49912 ssh2 Aug 16 17:03:42 PorscheCustomer sshd[21398]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.32.229 Aug 16 17:03:44 PorscheCustomer sshd[21398]: Failed password for invalid user liferay from 106.75.32.229 port 54220 ssh2 ...	2020-08-17 01:06:05
106.75.35.150	attackbotsspam	Aug 16 08:21:17 pornomens sshd\[1304\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.35.150 user=root Aug 16 08:21:19 pornomens sshd\[1304\]: Failed password for root from 106.75.35.150 port 46286 ssh2 Aug 16 08:24:21 pornomens sshd\[1333\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.35.150 user=root ...	2020-08-16 15:41:19
106.75.32.229	attackbotsspam	Aug 16 00:37:43 marvibiene sshd[32657]: Failed password for root from 106.75.32.229 port 46328 ssh2 Aug 16 00:52:06 marvibiene sshd[1222]: Failed password for root from 106.75.32.229 port 34946 ssh2	2020-08-16 07:02:28
106.75.32.229	attackbots	"fail2ban match"	2020-08-15 01:36:24
106.75.35.150	attackbots	Aug 7 12:54:14 Tower sshd[30869]: Connection from 106.75.35.150 port 56630 on 192.168.10.220 port 22 rdomain "" Aug 7 12:54:18 Tower sshd[30869]: Failed password for root from 106.75.35.150 port 56630 ssh2 Aug 7 12:54:18 Tower sshd[30869]: Received disconnect from 106.75.35.150 port 56630:11: Bye Bye [preauth] Aug 7 12:54:18 Tower sshd[30869]: Disconnected from authenticating user root 106.75.35.150 port 56630 [preauth]	2020-08-08 03:33:15
106.75.35.150	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-08-03 04:46:47
106.75.32.229	attackbots	$f2bV_matches	2020-07-28 19:06:27
106.75.3.52	attackbots	Fail2Ban Ban Triggered	2020-07-26 05:21:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.3.59
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38057
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.3.59.			IN	A

;; AUTHORITY SECTION:
.			516	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030401 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 04 17:55:44 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 59.3.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 59.3.75.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
104.248.116.140	attack	Invalid user aos from 104.248.116.140 port 43880	2019-07-28 08:15:16
90.59.161.63	attackspam	Invalid user redis from 90.59.161.63 port 43462	2019-07-28 08:27:20
122.5.18.194	attackbots	ssh bruteforce or scan ...	2019-07-28 08:40:50
5.196.72.58	attackbots	Jul 28 00:11:19 MK-Soft-VM4 sshd\[25051\]: Invalid user openvpn from 5.196.72.58 port 37140 Jul 28 00:11:19 MK-Soft-VM4 sshd\[25051\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.72.58 Jul 28 00:11:21 MK-Soft-VM4 sshd\[25051\]: Failed password for invalid user openvpn from 5.196.72.58 port 37140 ssh2 ...	2019-07-28 08:30:08
104.236.122.193	attackbots	Invalid user 1111 from 104.236.122.193 port 40672	2019-07-28 08:32:56
166.157.232.1	attack	Invalid user redis from 166.157.232.1 port 40410	2019-07-28 08:38:57
36.89.209.22	attack	Jul 28 01:37:45 srv03 sshd\[20118\]: Invalid user oracle from 36.89.209.22 port 35328 Jul 28 01:37:45 srv03 sshd\[20118\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.89.209.22 Jul 28 01:37:47 srv03 sshd\[20118\]: Failed password for invalid user oracle from 36.89.209.22 port 35328 ssh2	2019-07-28 08:18:52
79.106.191.5	attack	Invalid user vps from 79.106.191.5 port 56504	2019-07-28 08:16:59
206.189.136.160	attack	SSH Bruteforce Attack	2019-07-28 08:36:25
159.65.175.37	attackspam	SSH Bruteforce	2019-07-28 08:39:28
14.118.206.199	attack	:	2019-07-28 08:34:34
66.240.236.119	attackspam	Portscan or hack attempt detected by psad/fwsnort	2019-07-28 08:52:38
37.49.224.137	attackbotsspam	Invalid user ubnt from 37.49.224.137 port 39868	2019-07-28 08:29:16
104.248.218.225	attackbots	Invalid user postgres from 104.248.218.225 port 50750	2019-07-28 08:50:43
68.183.83.164	attackspam	2019-07-27T22:39:26.073010abusebot-4.cloudsearch.cf sshd\[17846\]: Invalid user fake from 68.183.83.164 port 47446	2019-07-28 08:56:34

最近上报的IP列表

11.37.155.180	188.169.190.107	142.143.26.47	43.103.194.227
104.16.18.139	2.148.178.108	10.32.60.176	216.97.52.236
154.173.254.105	131.163.86.93	112.178.97.239	184.23.110.37
135.171.121.27	61.118.65.173	53.249.192.222	81.214.187.144
128.109.246.30	203.194.133.159	237.243.122.168	185.24.233.25