106.75.5.180 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jun 17 22:58:23 dignus sshd[31572]: Invalid user administrator from 106.75.5.180 port 53608 Jun 17 22:58:23 dignus sshd[31572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.5.180 Jun 17 22:58:24 dignus sshd[31572]: Failed password for invalid user administrator from 106.75.5.180 port 53608 ssh2 Jun 17 23:02:45 dignus sshd[31992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.5.180 user=root Jun 17 23:02:46 dignus sshd[31992]: Failed password for root from 106.75.5.180 port 44202 ssh2 ...	2020-06-18 19:05:34
attack	sshd	2020-06-13 23:26:31
attack	May 22 10:51:25 dev0-dcde-rnet sshd[14663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.5.180 May 22 10:51:27 dev0-dcde-rnet sshd[14663]: Failed password for invalid user etr from 106.75.5.180 port 56644 ssh2 May 22 10:54:07 dev0-dcde-rnet sshd[14773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.5.180	2020-05-22 16:59:17
attackbotsspam	2020-05-04T12:26:29.995229shield sshd\[9213\]: Invalid user woody from 106.75.5.180 port 36270 2020-05-04T12:26:29.998690shield sshd\[9213\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.5.180 2020-05-04T12:26:32.077965shield sshd\[9213\]: Failed password for invalid user woody from 106.75.5.180 port 36270 ssh2 2020-05-04T12:31:55.465455shield sshd\[9891\]: Invalid user hb from 106.75.5.180 port 34446 2020-05-04T12:31:55.468851shield sshd\[9891\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.5.180	2020-05-04 20:41:50
attackspambots	Apr 24 17:18:21 localhost sshd\[19505\]: Invalid user smon from 106.75.5.180 port 40978 Apr 24 17:18:21 localhost sshd\[19505\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.5.180 Apr 24 17:18:23 localhost sshd\[19505\]: Failed password for invalid user smon from 106.75.5.180 port 40978 ssh2 ...	2020-04-25 02:45:34
attackspambots	Apr 20 22:39:51 eventyay sshd[13909]: Failed password for root from 106.75.5.180 port 45726 ssh2 Apr 20 22:43:50 eventyay sshd[13980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.5.180 Apr 20 22:43:51 eventyay sshd[13980]: Failed password for invalid user ij from 106.75.5.180 port 55704 ssh2 ...	2020-04-21 05:11:54
attackbots	Apr 19 07:58:05 ns381471 sshd[27566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.5.180 Apr 19 07:58:07 ns381471 sshd[27566]: Failed password for invalid user admin from 106.75.5.180 port 34174 ssh2	2020-04-19 14:27:58
attackbotsspam	Apr 10 20:33:40 game-panel sshd[19991]: Failed password for root from 106.75.5.180 port 58364 ssh2 Apr 10 20:36:23 game-panel sshd[20129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.5.180 Apr 10 20:36:25 game-panel sshd[20129]: Failed password for invalid user user from 106.75.5.180 port 59304 ssh2	2020-04-11 05:00:26
attack	Mar 16 16:04:32 kmh-wmh-001-nbg01 sshd[16510]: Invalid user quest from 106.75.5.180 port 46790 Mar 16 16:04:32 kmh-wmh-001-nbg01 sshd[16510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.5.180 Mar 16 16:04:35 kmh-wmh-001-nbg01 sshd[16510]: Failed password for invalid user quest from 106.75.5.180 port 46790 ssh2 Mar 16 16:04:37 kmh-wmh-001-nbg01 sshd[16510]: Received disconnect from 106.75.5.180 port 46790:11: Bye Bye [preauth] Mar 16 16:04:37 kmh-wmh-001-nbg01 sshd[16510]: Disconnected from 106.75.5.180 port 46790 [preauth] Mar 16 16:17:19 kmh-wmh-001-nbg01 sshd[17901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.5.180 user=r.r Mar 16 16:17:21 kmh-wmh-001-nbg01 sshd[17901]: Failed password for r.r from 106.75.5.180 port 33610 ssh2 Mar 16 16:17:21 kmh-wmh-001-nbg01 sshd[17901]: Received disconnect from 106.75.5.180 port 33610:11: Bye Bye [preauth] Mar 16 16:17:21 kmh-wmh........ -------------------------------	2020-03-20 13:16:35
attackbots	Mar 16 16:04:32 kmh-wmh-001-nbg01 sshd[16510]: Invalid user quest from 106.75.5.180 port 46790 Mar 16 16:04:32 kmh-wmh-001-nbg01 sshd[16510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.5.180 Mar 16 16:04:35 kmh-wmh-001-nbg01 sshd[16510]: Failed password for invalid user quest from 106.75.5.180 port 46790 ssh2 Mar 16 16:04:37 kmh-wmh-001-nbg01 sshd[16510]: Received disconnect from 106.75.5.180 port 46790:11: Bye Bye [preauth] Mar 16 16:04:37 kmh-wmh-001-nbg01 sshd[16510]: Disconnected from 106.75.5.180 port 46790 [preauth] Mar 16 16:17:19 kmh-wmh-001-nbg01 sshd[17901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.5.180 user=r.r Mar 16 16:17:21 kmh-wmh-001-nbg01 sshd[17901]: Failed password for r.r from 106.75.5.180 port 33610 ssh2 Mar 16 16:17:21 kmh-wmh-001-nbg01 sshd[17901]: Received disconnect from 106.75.5.180 port 33610:11: Bye Bye [preauth] Mar 16 16:17:21 kmh-wmh........ -------------------------------	2020-03-19 03:16:36

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.55.46	attack	2020-09-22T05:03:16.895884morrigan.ad5gb.com sshd[2150621]: Invalid user it from 106.75.55.46 port 53610	2020-09-22 20:48:18
106.75.55.46	attack	Sep 22 11:37:32 web1 sshd[20106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.46 user=root Sep 22 11:37:34 web1 sshd[20106]: Failed password for root from 106.75.55.46 port 38798 ssh2 Sep 22 11:57:20 web1 sshd[26757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.46 user=root Sep 22 11:57:22 web1 sshd[26757]: Failed password for root from 106.75.55.46 port 33120 ssh2 Sep 22 12:05:47 web1 sshd[29972]: Invalid user eduardo from 106.75.55.46 port 41600 Sep 22 12:05:47 web1 sshd[29972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.46 Sep 22 12:05:47 web1 sshd[29972]: Invalid user eduardo from 106.75.55.46 port 41600 Sep 22 12:05:50 web1 sshd[29972]: Failed password for invalid user eduardo from 106.75.55.46 port 41600 ssh2 Sep 22 12:14:25 web1 sshd[382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh rus ...	2020-09-22 12:47:04
106.75.55.46	attackspam	Automatic report - Banned IP Access	2020-09-22 04:56:30
106.75.52.43	attack	2020-08-29T22:26[Censored Hostname] sshd[32146]: Failed password for invalid user Vision from 106.75.52.43 port 52460 ssh2 2020-08-29T22:28[Censored Hostname] sshd[1661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.52.43 user=root 2020-08-29T22:28[Censored Hostname] sshd[1661]: Failed password for root from 106.75.52.43 port 44696 ssh2[...]	2020-08-30 04:49:04
106.75.55.46	attack	Aug 24 01:27:59 sxvn sshd[12409]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.46	2020-08-24 09:04:36
106.75.52.43	attack	Invalid user hosting from 106.75.52.43 port 40738	2020-08-23 16:59:37
106.75.55.46	attackbotsspam	$f2bV_matches	2020-08-21 22:21:28
106.75.53.49	attack	Aug 11 23:37:16 hosting sshd[22155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.53.49 user=root Aug 11 23:37:17 hosting sshd[22155]: Failed password for root from 106.75.53.49 port 49794 ssh2 ...	2020-08-12 05:10:22
106.75.53.49	attackspambots	firewall-block, port(s): 4923/tcp	2020-08-06 20:24:26
106.75.56.56	attackspam	Aug 3 16:16:08 mellenthin sshd[1997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.56.56 user=root Aug 3 16:16:10 mellenthin sshd[1997]: Failed password for invalid user root from 106.75.56.56 port 46009 ssh2	2020-08-04 01:54:16
106.75.52.43	attackspam	Aug 2 08:31:50 h2646465 sshd[25022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.52.43 user=root Aug 2 08:31:51 h2646465 sshd[25022]: Failed password for root from 106.75.52.43 port 39050 ssh2 Aug 2 08:48:31 h2646465 sshd[27503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.52.43 user=root Aug 2 08:48:33 h2646465 sshd[27503]: Failed password for root from 106.75.52.43 port 57820 ssh2 Aug 2 08:53:20 h2646465 sshd[28270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.52.43 user=root Aug 2 08:53:22 h2646465 sshd[28270]: Failed password for root from 106.75.52.43 port 46036 ssh2 Aug 2 08:58:10 h2646465 sshd[28976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.52.43 user=root Aug 2 08:58:11 h2646465 sshd[28976]: Failed password for root from 106.75.52.43 port 34256 ssh2 Aug 2 09:03:00 h2646465 sshd[30130]	2020-08-02 16:04:24
106.75.55.46	attackbots	SSH Brute-Forcing (server1)	2020-07-31 02:23:57
106.75.55.46	attack	Jul 30 13:00:39 santamaria sshd\[25409\]: Invalid user slider from 106.75.55.46 Jul 30 13:00:39 santamaria sshd\[25409\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.46 Jul 30 13:00:42 santamaria sshd\[25409\]: Failed password for invalid user slider from 106.75.55.46 port 38864 ssh2 ...	2020-07-30 20:03:22
106.75.56.56	attackbots	2020-07-29T18:22:34.9605111495-001 sshd[24526]: Invalid user zhuhan from 106.75.56.56 port 33684 2020-07-29T18:22:37.1268961495-001 sshd[24526]: Failed password for invalid user zhuhan from 106.75.56.56 port 33684 ssh2 2020-07-29T18:26:44.1952021495-001 sshd[24704]: Invalid user kevinm from 106.75.56.56 port 37545 2020-07-29T18:26:44.1983841495-001 sshd[24704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.56.56 2020-07-29T18:26:44.1952021495-001 sshd[24704]: Invalid user kevinm from 106.75.56.56 port 37545 2020-07-29T18:26:46.0153601495-001 sshd[24704]: Failed password for invalid user kevinm from 106.75.56.56 port 37545 ssh2 ...	2020-07-30 07:02:14
106.75.52.43	attackspambots	reported through recidive - multiple failed attempts(SSH)	2020-07-26 22:09:08

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.5.180
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60459
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.5.180.			IN	A

;; AUTHORITY SECTION:
.			155	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031801 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 19 03:16:32 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 180.5.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 180.5.75.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
186.251.0.28	attackbots	Invalid user test from 186.251.0.28 port 49920	2020-06-30 00:39:17
159.89.164.199	attackspambots	Failed password for invalid user demo from 159.89.164.199 port 44394 ssh2	2020-06-30 00:28:49
134.209.7.179	attackbotsspam	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-30 00:57:28
85.53.160.67	attackspam	Jun 29 11:04:55 jumpserver sshd[271837]: Invalid user admin from 85.53.160.67 port 39636 Jun 29 11:04:57 jumpserver sshd[271837]: Failed password for invalid user admin from 85.53.160.67 port 39636 ssh2 Jun 29 11:09:34 jumpserver sshd[271909]: Invalid user vertica from 85.53.160.67 port 39518 ...	2020-06-30 00:42:24
106.75.63.218	attack	TCP (SYN) 106.75.63.218:58914 -> port 9333, len 44	2020-06-30 01:05:14
49.234.204.181	attack	$f2bV_matches	2020-06-30 00:27:39
171.228.199.248	attackspam	06/29/2020-07:09:25.636486 171.228.199.248 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-06-30 00:53:13
222.252.194.211	attackbots	Unauthorized connection attempt: SRC=222.252.194.211 ...	2020-06-30 00:32:06
40.73.6.1	attack	Jun 29 18:19:49 nextcloud sshd\[14155\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.6.1 user=root Jun 29 18:19:50 nextcloud sshd\[14155\]: Failed password for root from 40.73.6.1 port 29678 ssh2 Jun 29 18:45:16 nextcloud sshd\[15413\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.6.1 user=root	2020-06-30 01:01:47
113.161.62.158	attack	'IP reached maximum auth failures for a one day block'	2020-06-30 00:54:08
103.92.24.240	attackspam	Jun 29 18:21:38 icinga sshd[32109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.24.240 Jun 29 18:21:40 icinga sshd[32109]: Failed password for invalid user rachid from 103.92.24.240 port 38322 ssh2 Jun 29 18:28:51 icinga sshd[43383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.24.240 ...	2020-06-30 00:30:18
80.66.146.84	attackbotsspam	Jun 29 12:28:15 mx sshd[10358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.66.146.84 Jun 29 12:28:17 mx sshd[10358]: Failed password for invalid user tomy from 80.66.146.84 port 49134 ssh2	2020-06-30 00:57:59
123.31.27.102	attackspambots	Jun 29 14:09:23 marvibiene sshd[24837]: Invalid user yiyuan from 123.31.27.102 port 38300 Jun 29 14:09:23 marvibiene sshd[24837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.27.102 Jun 29 14:09:23 marvibiene sshd[24837]: Invalid user yiyuan from 123.31.27.102 port 38300 Jun 29 14:09:25 marvibiene sshd[24837]: Failed password for invalid user yiyuan from 123.31.27.102 port 38300 ssh2 ...	2020-06-30 00:41:39
109.235.70.138	attackbots	-	2020-06-30 01:00:33
139.59.230.44	attackspambots	Invalid user kenneth from 139.59.230.44 port 51166	2020-06-30 00:34:55

最近上报的IP列表

200.85.110.240	155.252.44.76	86.86.44.43	190.62.203.51
242.75.39.81	68.120.219.26	19.85.71.168	48.236.16.154
30.210.157.60	125.142.213.22	5.81.38.162	153.246.16.157
179.182.69.127	99.96.72.103	192.64.119.103	59.102.62.192
178.171.42.253	84.54.179.173	45.143.220.250	13.82.132.231