106.75.4.19 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	" "	2020-10-05 05:21:09
attackspam	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-04 21:15:41
attackspam	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-04 13:01:23
attack	" "	2020-04-14 18:44:41
attackbotsspam	firewall-block, port(s): 465/tcp	2020-03-20 09:24:59
attackspambots	465/tcp 4730/tcp 4786/tcp... [2020-01-05/03-05]46pkt,17pt.(tcp)	2020-03-06 03:38:39
attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-25 04:37:44
attackbots	SIP/5060 Probe, BF, Hack -	2020-02-19 21:29:21
attackspambots	Fail2Ban Ban Triggered	2020-02-11 04:53:29
attackbotsspam	Fail2Ban Ban Triggered	2020-02-04 15:54:50
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-16 00:38:18

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.48.225	attack	Sep 22 14:49:37 ajax sshd[1515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.48.225 Sep 22 14:49:39 ajax sshd[1515]: Failed password for invalid user edi from 106.75.48.225 port 37664 ssh2	2020-09-22 22:07:02
106.75.48.225	attackspam	20 attempts against mh-ssh on road	2020-09-22 14:13:14
106.75.48.225	attack	Sep 21 23:59:41 icinga sshd[27693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.48.225 Sep 21 23:59:43 icinga sshd[27693]: Failed password for invalid user postgres from 106.75.48.225 port 52738 ssh2 Sep 22 00:13:31 icinga sshd[48774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.48.225 ...	2020-09-22 06:15:16
106.75.45.180	attack	Jun 7 06:39:22 PorscheCustomer sshd[28561]: Failed password for root from 106.75.45.180 port 37985 ssh2 Jun 7 06:41:08 PorscheCustomer sshd[28631]: Failed password for root from 106.75.45.180 port 49576 ssh2 ...	2020-06-07 12:50:05
106.75.4.222	attackbots	Jun 5 22:04:55 ns382633 sshd\[24160\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.4.222 user=root Jun 5 22:04:57 ns382633 sshd\[24160\]: Failed password for root from 106.75.4.222 port 39238 ssh2 Jun 5 22:18:36 ns382633 sshd\[26881\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.4.222 user=root Jun 5 22:18:37 ns382633 sshd\[26881\]: Failed password for root from 106.75.4.222 port 52330 ssh2 Jun 5 22:24:39 ns382633 sshd\[27901\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.4.222 user=root	2020-06-06 10:12:58
106.75.4.222	attack	Invalid user ansible from 106.75.4.222 port 56020	2020-05-16 15:45:02
106.75.45.180	attackbots	May 11 05:41:25 ns392434 sshd[24695]: Invalid user cvs from 106.75.45.180 port 53948 May 11 05:41:25 ns392434 sshd[24695]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.45.180 May 11 05:41:25 ns392434 sshd[24695]: Invalid user cvs from 106.75.45.180 port 53948 May 11 05:41:27 ns392434 sshd[24695]: Failed password for invalid user cvs from 106.75.45.180 port 53948 ssh2 May 11 05:46:42 ns392434 sshd[24793]: Invalid user postgres from 106.75.45.180 port 55774 May 11 05:46:42 ns392434 sshd[24793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.45.180 May 11 05:46:42 ns392434 sshd[24793]: Invalid user postgres from 106.75.45.180 port 55774 May 11 05:46:45 ns392434 sshd[24793]: Failed password for invalid user postgres from 106.75.45.180 port 55774 ssh2 May 11 05:51:34 ns392434 sshd[24952]: Invalid user goon from 106.75.45.180 port 55735	2020-05-11 16:33:49
106.75.45.180	attackspam	SSH Brute Force	2020-05-01 19:05:38
106.75.4.215	attack	prod6 ...	2020-04-30 19:48:15
106.75.45.180	attackbots	Apr 17 11:31:30 ovpn sshd\[32264\]: Invalid user guoq from 106.75.45.180 Apr 17 11:31:30 ovpn sshd\[32264\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.45.180 Apr 17 11:31:32 ovpn sshd\[32264\]: Failed password for invalid user guoq from 106.75.45.180 port 54635 ssh2 Apr 17 11:47:15 ovpn sshd\[3880\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.45.180 user=root Apr 17 11:47:17 ovpn sshd\[3880\]: Failed password for root from 106.75.45.180 port 55599 ssh2	2020-04-17 17:59:39
106.75.49.143	attackspambots	IP blocked	2020-04-17 14:44:11
106.75.49.143	attackspambots	Apr 15 07:49:34 meumeu sshd[26915]: Failed password for backup from 106.75.49.143 port 47408 ssh2 Apr 15 07:55:53 meumeu sshd[27654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.49.143 Apr 15 07:55:55 meumeu sshd[27654]: Failed password for invalid user apacher from 106.75.49.143 port 52274 ssh2 ...	2020-04-15 14:20:05
106.75.49.143	attackspambots	prod3 ...	2020-04-14 05:31:08
106.75.45.180	attackbots	Apr 11 05:35:46 mail sshd\[43501\]: Invalid user MGR from 106.75.45.180 Apr 11 05:35:46 mail sshd\[43501\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.45.180 ...	2020-04-11 18:51:22
106.75.49.143	attack	Apr 9 16:46:28 lock-38 sshd[786843]: Invalid user postgres from 106.75.49.143 port 44028 Apr 9 16:46:28 lock-38 sshd[786843]: Failed password for invalid user postgres from 106.75.49.143 port 44028 ssh2 Apr 9 16:52:54 lock-38 sshd[786998]: Invalid user test from 106.75.49.143 port 45526 Apr 9 16:52:54 lock-38 sshd[786998]: Invalid user test from 106.75.49.143 port 45526 Apr 9 16:52:54 lock-38 sshd[786998]: Failed password for invalid user test from 106.75.49.143 port 45526 ssh2 ...	2020-04-10 01:25:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.4.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22049
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.4.19.			IN	A

;; AUTHORITY SECTION:
.			222	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111500 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 16 00:38:01 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 19.4.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 19.4.75.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
134.175.114.219	attackspam	10 attempts against mh-pma-try-ban on flow.magehost.pro	2019-06-24 04:58:42
110.184.213.58	attack	23/tcp 23/tcp 23/tcp [2019-06-23]3pkt	2019-06-24 04:41:05
79.180.211.22	attack	Spam Timestamp : 23-Jun-19 20:06 _ BlockList Provider combined abuse _ (1033)	2019-06-24 04:35:19
51.15.253.163	attackbots	445/tcp [2019-06-23]1pkt	2019-06-24 04:26:01
85.117.79.111	attackbots	Unauthorized connection attempt from IP address 85.117.79.111 on Port 445(SMB)	2019-06-24 04:38:55
139.99.218.189	attackbotsspam	\[2019-06-23 16:10:37\] NOTICE\[1849\] chan_sip.c: Registration from '\' failed for '139.99.218.189:54555' - Wrong password \[2019-06-23 16:10:37\] SECURITY\[1857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-06-23T16:10:37.947-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="091",SessionID="0x7fc4242a2868",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/139.99.218.189/54555",Challenge="5e880bfa",ReceivedChallenge="5e880bfa",ReceivedHash="6bc0d3c5dac791ce923dfd1cc64e4829" \[2019-06-23 16:10:39\] NOTICE\[1849\] chan_sip.c: Registration from '\' failed for '139.99.218.189:46369' - Wrong password \[2019-06-23 16:10:39\] SECURITY\[1857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-06-23T16:10:39.473-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="51",SessionID="0x7fc424245928",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/139.99.218.1	2019-06-24 04:59:28
78.72.167.122	attackspambots	8080/tcp [2019-06-23]1pkt	2019-06-24 04:27:04
178.128.10.204	attack	Jun 21 03:59:11 zulu1842 sshd[22733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.10.204 user=r.r Jun 21 03:59:13 zulu1842 sshd[22733]: Failed password for r.r from 178.128.10.204 port 51948 ssh2 Jun 21 03:59:14 zulu1842 sshd[22733]: Received disconnect from 178.128.10.204: 11: Bye Bye [preauth] Jun 21 03:59:20 zulu1842 sshd[22742]: Invalid user admin from 178.128.10.204 Jun 21 03:59:20 zulu1842 sshd[22742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.10.204 Jun 21 03:59:22 zulu1842 sshd[22742]: Failed password for invalid user admin from 178.128.10.204 port 58958 ssh2 Jun 21 03:59:22 zulu1842 sshd[22742]: Received disconnect from 178.128.10.204: 11: Bye Bye [preauth] Jun 21 03:59:28 zulu1842 sshd[22747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.10.204 user=r.r Jun 21 03:59:30 zulu1842 sshd[22747]: Failed passw........ -------------------------------	2019-06-24 04:17:00
62.117.12.62	attackspambots	SSH Brute Force, server-1 sshd[30416]: Failed password for root from 62.117.12.62 port 54270 ssh2	2019-06-24 04:54:38
46.122.0.164	attackbotsspam	Jun 23 22:11:51 vpn01 sshd\[28519\]: Invalid user dbuser from 46.122.0.164 Jun 23 22:11:51 vpn01 sshd\[28519\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.122.0.164 Jun 23 22:11:53 vpn01 sshd\[28519\]: Failed password for invalid user dbuser from 46.122.0.164 port 44480 ssh2	2019-06-24 04:18:26
61.166.28.111	attackbots	5500/tcp [2019-06-23]1pkt	2019-06-24 04:55:04
59.115.201.225	attack	37215/tcp [2019-06-23]1pkt	2019-06-24 04:17:33
203.104.193.31	attack	Brute force attempt	2019-06-24 04:48:56
111.37.210.142	attackspam	23/tcp [2019-06-23]1pkt	2019-06-24 04:39:45
185.222.209.47	attack	Jun 23 21:38:36 NUC-Debian64 postfix/smtpd\[8259\]: warning: unknown\[185.222.209.47\]: SASL PLAIN authentication failed: authentication failure\ Jun 23 21:38:37 NUC-Debian64 postfix/smtpd\[8259\]: warning: unknown\[185.222.209.47\]: SASL PLAIN authentication failed: authentication failure\ Jun 23 22:34:04 NUC-Debian64 postfix/smtpd\[32409\]: warning: unknown\[185.222.209.47\]: SASL PLAIN authentication failed: authentication failure\	2019-06-24 04:41:20

最近上报的IP列表

41.92.30.187	110.77.168.194	179.60.167.231	54.91.111.155
183.82.248.182	90.175.125.133	139.199.19.227	118.25.111.153
62.30.119.49	113.233.52.164	104.46.93.151	92.246.76.189
159.0.235.156	83.93.53.220	178.220.25.188	104.244.76.14
122.181.215.196	178.46.192.224	142.93.232.193	120.251.224.227