106.75.4.222 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Jun 5 22:04:55 ns382633 sshd\[24160\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.4.222 user=root Jun 5 22:04:57 ns382633 sshd\[24160\]: Failed password for root from 106.75.4.222 port 39238 ssh2 Jun 5 22:18:36 ns382633 sshd\[26881\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.4.222 user=root Jun 5 22:18:37 ns382633 sshd\[26881\]: Failed password for root from 106.75.4.222 port 52330 ssh2 Jun 5 22:24:39 ns382633 sshd\[27901\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.4.222 user=root	2020-06-06 10:12:58
attack	Invalid user ansible from 106.75.4.222 port 56020	2020-05-16 15:45:02

类型

评论内容

时间

attackbots

Jun  5 22:04:55 ns382633 sshd\[24160\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.4.222  user=root
Jun  5 22:04:57 ns382633 sshd\[24160\]: Failed password for root from 106.75.4.222 port 39238 ssh2
Jun  5 22:18:36 ns382633 sshd\[26881\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.4.222  user=root
Jun  5 22:18:37 ns382633 sshd\[26881\]: Failed password for root from 106.75.4.222 port 52330 ssh2
Jun  5 22:24:39 ns382633 sshd\[27901\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.4.222  user=root

2020-06-06 10:12:58

attack

Invalid user ansible from 106.75.4.222 port 56020

2020-05-16 15:45:02

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.4.19	attack	" "	2020-10-05 05:21:09
106.75.4.19	attackspam	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-04 21:15:41
106.75.4.19	attackspam	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-04 13:01:23
106.75.48.225	attack	Sep 22 14:49:37 ajax sshd[1515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.48.225 Sep 22 14:49:39 ajax sshd[1515]: Failed password for invalid user edi from 106.75.48.225 port 37664 ssh2	2020-09-22 22:07:02
106.75.48.225	attackspam	20 attempts against mh-ssh on road	2020-09-22 14:13:14
106.75.48.225	attack	Sep 21 23:59:41 icinga sshd[27693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.48.225 Sep 21 23:59:43 icinga sshd[27693]: Failed password for invalid user postgres from 106.75.48.225 port 52738 ssh2 Sep 22 00:13:31 icinga sshd[48774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.48.225 ...	2020-09-22 06:15:16
106.75.45.180	attack	Jun 7 06:39:22 PorscheCustomer sshd[28561]: Failed password for root from 106.75.45.180 port 37985 ssh2 Jun 7 06:41:08 PorscheCustomer sshd[28631]: Failed password for root from 106.75.45.180 port 49576 ssh2 ...	2020-06-07 12:50:05
106.75.45.180	attackbots	May 11 05:41:25 ns392434 sshd[24695]: Invalid user cvs from 106.75.45.180 port 53948 May 11 05:41:25 ns392434 sshd[24695]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.45.180 May 11 05:41:25 ns392434 sshd[24695]: Invalid user cvs from 106.75.45.180 port 53948 May 11 05:41:27 ns392434 sshd[24695]: Failed password for invalid user cvs from 106.75.45.180 port 53948 ssh2 May 11 05:46:42 ns392434 sshd[24793]: Invalid user postgres from 106.75.45.180 port 55774 May 11 05:46:42 ns392434 sshd[24793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.45.180 May 11 05:46:42 ns392434 sshd[24793]: Invalid user postgres from 106.75.45.180 port 55774 May 11 05:46:45 ns392434 sshd[24793]: Failed password for invalid user postgres from 106.75.45.180 port 55774 ssh2 May 11 05:51:34 ns392434 sshd[24952]: Invalid user goon from 106.75.45.180 port 55735	2020-05-11 16:33:49
106.75.45.180	attackspam	SSH Brute Force	2020-05-01 19:05:38
106.75.4.215	attack	prod6 ...	2020-04-30 19:48:15
106.75.45.180	attackbots	Apr 17 11:31:30 ovpn sshd\[32264\]: Invalid user guoq from 106.75.45.180 Apr 17 11:31:30 ovpn sshd\[32264\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.45.180 Apr 17 11:31:32 ovpn sshd\[32264\]: Failed password for invalid user guoq from 106.75.45.180 port 54635 ssh2 Apr 17 11:47:15 ovpn sshd\[3880\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.45.180 user=root Apr 17 11:47:17 ovpn sshd\[3880\]: Failed password for root from 106.75.45.180 port 55599 ssh2	2020-04-17 17:59:39
106.75.49.143	attackspambots	IP blocked	2020-04-17 14:44:11
106.75.49.143	attackspambots	Apr 15 07:49:34 meumeu sshd[26915]: Failed password for backup from 106.75.49.143 port 47408 ssh2 Apr 15 07:55:53 meumeu sshd[27654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.49.143 Apr 15 07:55:55 meumeu sshd[27654]: Failed password for invalid user apacher from 106.75.49.143 port 52274 ssh2 ...	2020-04-15 14:20:05
106.75.4.19	attack	" "	2020-04-14 18:44:41
106.75.49.143	attackspambots	prod3 ...	2020-04-14 05:31:08

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.4.222
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57560
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.4.222.			IN	A

;; AUTHORITY SECTION:
.			565	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051600 1800 900 604800 86400

;; Query time: 87 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 16 15:44:55 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 222.4.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 222.4.75.106.in-addr.arpa.: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
142.93.240.192	attackspambots	Oct 1 18:12:46 serwer sshd\[22357\]: Invalid user dal from 142.93.240.192 port 54980 Oct 1 18:12:46 serwer sshd\[22357\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.240.192 Oct 1 18:12:48 serwer sshd\[22357\]: Failed password for invalid user dal from 142.93.240.192 port 54980 ssh2 ...	2020-10-02 02:48:55
137.74.41.119	attackspambots	(sshd) Failed SSH login from 137.74.41.119 (FR/France/119.ip-137-74-41.eu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 1 12:23:10 optimus sshd[23384]: Invalid user el from 137.74.41.119 Oct 1 12:23:12 optimus sshd[23384]: Failed password for invalid user el from 137.74.41.119 port 38710 ssh2 Oct 1 12:35:01 optimus sshd[27231]: Invalid user Test from 137.74.41.119 Oct 1 12:35:03 optimus sshd[27231]: Failed password for invalid user Test from 137.74.41.119 port 43122 ssh2 Oct 1 12:39:12 optimus sshd[28564]: Invalid user terry from 137.74.41.119	2020-10-02 03:00:31
51.178.81.106	attackbots	51.178.81.106 - - [01/Oct/2020:19:43:45 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.178.81.106 - - [01/Oct/2020:19:43:46 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.178.81.106 - - [01/Oct/2020:19:43:46 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-02 02:44:22
180.76.150.238	attackbotsspam	Automatic report BANNED IP	2020-10-02 02:58:40
52.188.15.170	attackbotsspam	Oct 1 17:41:19 serwer sshd\[17113\]: Invalid user ps from 52.188.15.170 port 44672 Oct 1 17:41:19 serwer sshd\[17113\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.188.15.170 Oct 1 17:41:21 serwer sshd\[17113\]: Failed password for invalid user ps from 52.188.15.170 port 44672 ssh2 ...	2020-10-02 02:51:21
58.71.15.10	attackspam	(sshd) Failed SSH login from 58.71.15.10 (PH/Philippines/-): 5 in the last 3600 secs	2020-10-02 02:47:20
49.88.112.70	attackbotsspam	Oct 2 00:19:26 mx sshd[1097344]: Failed password for root from 49.88.112.70 port 44133 ssh2 Oct 2 00:19:21 mx sshd[1097344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.70 user=root Oct 2 00:19:24 mx sshd[1097344]: Failed password for root from 49.88.112.70 port 44133 ssh2 Oct 2 00:19:26 mx sshd[1097344]: Failed password for root from 49.88.112.70 port 44133 ssh2 Oct 2 00:19:29 mx sshd[1097344]: Failed password for root from 49.88.112.70 port 44133 ssh2 ...	2020-10-02 03:02:06
188.166.78.16	attack	(sshd) Failed SSH login from 188.166.78.16 (NL/Netherlands/suppilo.fi): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 1 09:33:59 optimus sshd[6053]: Invalid user benoit from 188.166.78.16 Oct 1 09:33:59 optimus sshd[6053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.78.16 Oct 1 09:34:01 optimus sshd[6053]: Failed password for invalid user benoit from 188.166.78.16 port 55086 ssh2 Oct 1 09:37:38 optimus sshd[9633]: Invalid user appadmin from 188.166.78.16 Oct 1 09:37:38 optimus sshd[9633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.78.16	2020-10-02 02:50:16
210.211.116.204	attackspam	$f2bV_matches	2020-10-02 03:04:52
36.6.57.122	attack	Oct 1 00:51:05 srv01 postfix/smtpd\[20078\]: warning: unknown\[36.6.57.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 00:51:17 srv01 postfix/smtpd\[20078\]: warning: unknown\[36.6.57.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 00:51:33 srv01 postfix/smtpd\[20078\]: warning: unknown\[36.6.57.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 00:51:51 srv01 postfix/smtpd\[20078\]: warning: unknown\[36.6.57.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 00:52:03 srv01 postfix/smtpd\[20078\]: warning: unknown\[36.6.57.122\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-02 02:49:48
91.121.76.43	attackbots	91.121.76.43 - - [01/Oct/2020:20:21:43 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.121.76.43 - - [01/Oct/2020:20:21:43 +0200] "POST /wp-login.php HTTP/1.1" 200 2698 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.121.76.43 - - [01/Oct/2020:20:21:43 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.121.76.43 - - [01/Oct/2020:20:21:44 +0200] "POST /wp-login.php HTTP/1.1" 200 2672 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.121.76.43 - - [01/Oct/2020:20:21:44 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.121.76.43 - - [01/Oct/2020:20:21:44 +0200] "POST /wp-login.php HTTP/1.1" 200 2673 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/6 ...	2020-10-02 03:04:17
106.12.105.130	attackbots	(sshd) Failed SSH login from 106.12.105.130 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 1 12:20:40 jbs1 sshd[32029]: Invalid user dayz from 106.12.105.130 Oct 1 12:20:40 jbs1 sshd[32029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.105.130 Oct 1 12:20:41 jbs1 sshd[32029]: Failed password for invalid user dayz from 106.12.105.130 port 60440 ssh2 Oct 1 12:27:16 jbs1 sshd[2313]: Invalid user rajesh from 106.12.105.130 Oct 1 12:27:16 jbs1 sshd[2313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.105.130	2020-10-02 02:49:22
106.13.92.126	attack	Oct 1 16:48:58 Server sshd[1169702]: Failed password for root from 106.13.92.126 port 46582 ssh2 Oct 1 16:53:20 Server sshd[1171792]: Invalid user sftpuser from 106.13.92.126 port 37522 Oct 1 16:53:20 Server sshd[1171792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.92.126 Oct 1 16:53:20 Server sshd[1171792]: Invalid user sftpuser from 106.13.92.126 port 37522 Oct 1 16:53:22 Server sshd[1171792]: Failed password for invalid user sftpuser from 106.13.92.126 port 37522 ssh2 ...	2020-10-02 02:39:04
61.83.210.246	attackbotsspam	$f2bV_matches	2020-10-02 02:36:29
202.72.243.198	attackbots	(imapd) Failed IMAP login from 202.72.243.198 (MN/Mongolia/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Oct 1 20:54:00 ir1 dovecot[1917636]: imap-login: Disconnected (auth failed, 1 attempts in 8 secs): user=, method=PLAIN, rip=202.72.243.198, lip=5.63.12.44, TLS, session=	2020-10-02 03:06:09

最近上报的IP列表

192.69.92.32	183.88.104.251	122.117.10.66	109.131.210.14
61.147.124.16	2.57.79.195	123.242.187.137	177.239.0.247
61.111.18.48	223.25.38.135	35.204.1.88	59.173.131.147
119.252.164.226	123.21.123.149	93.69.87.192	212.43.127.93
2a02:a03f:3e3b:d900:a49a:58:4351:bbc9	2002:867a:36c8::867a:36c8	124.192.225.188	115.84.70.89