106.75.55.46 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-09-22T05:03:16.895884morrigan.ad5gb.com sshd[2150621]: Invalid user it from 106.75.55.46 port 53610	2020-09-22 20:48:18
attack	Sep 22 11:37:32 web1 sshd[20106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.46 user=root Sep 22 11:37:34 web1 sshd[20106]: Failed password for root from 106.75.55.46 port 38798 ssh2 Sep 22 11:57:20 web1 sshd[26757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.46 user=root Sep 22 11:57:22 web1 sshd[26757]: Failed password for root from 106.75.55.46 port 33120 ssh2 Sep 22 12:05:47 web1 sshd[29972]: Invalid user eduardo from 106.75.55.46 port 41600 Sep 22 12:05:47 web1 sshd[29972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.46 Sep 22 12:05:47 web1 sshd[29972]: Invalid user eduardo from 106.75.55.46 port 41600 Sep 22 12:05:50 web1 sshd[29972]: Failed password for invalid user eduardo from 106.75.55.46 port 41600 ssh2 Sep 22 12:14:25 web1 sshd[382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh rus ...	2020-09-22 12:47:04
attackspam	Automatic report - Banned IP Access	2020-09-22 04:56:30
attack	Aug 24 01:27:59 sxvn sshd[12409]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.46	2020-08-24 09:04:36
attackbotsspam	$f2bV_matches	2020-08-21 22:21:28
attackbots	SSH Brute-Forcing (server1)	2020-07-31 02:23:57
attack	Jul 30 13:00:39 santamaria sshd\[25409\]: Invalid user slider from 106.75.55.46 Jul 30 13:00:39 santamaria sshd\[25409\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.46 Jul 30 13:00:42 santamaria sshd\[25409\]: Failed password for invalid user slider from 106.75.55.46 port 38864 ssh2 ...	2020-07-30 20:03:22
attackspambots	Jul 25 21:28:38 server sshd[21042]: Failed password for invalid user admin from 106.75.55.46 port 50798 ssh2 Jul 25 21:31:36 server sshd[22099]: Failed password for invalid user apc from 106.75.55.46 port 37380 ssh2 Jul 25 21:34:37 server sshd[23293]: Failed password for invalid user yxy from 106.75.55.46 port 52192 ssh2	2020-07-26 04:10:06
attack	Jul 17 14:05:52 abendstille sshd\[3847\]: Invalid user sapdb from 106.75.55.46 Jul 17 14:05:52 abendstille sshd\[3847\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.46 Jul 17 14:05:54 abendstille sshd\[3847\]: Failed password for invalid user sapdb from 106.75.55.46 port 45698 ssh2 Jul 17 14:11:05 abendstille sshd\[9030\]: Invalid user xp from 106.75.55.46 Jul 17 14:11:05 abendstille sshd\[9030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.46 ...	2020-07-18 01:04:33
attack	Jul 16 05:55:39 lnxweb61 sshd[27479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.46	2020-07-16 12:19:35
attackspambots	Jul 10 08:27:24 lukav-desktop sshd\[6354\]: Invalid user linuxmint from 106.75.55.46 Jul 10 08:27:24 lukav-desktop sshd\[6354\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.46 Jul 10 08:27:26 lukav-desktop sshd\[6354\]: Failed password for invalid user linuxmint from 106.75.55.46 port 41898 ssh2 Jul 10 08:29:22 lukav-desktop sshd\[6400\]: Invalid user yongmi from 106.75.55.46 Jul 10 08:29:22 lukav-desktop sshd\[6400\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.46	2020-07-10 14:00:18
attackbotsspam	Cluster member 67.227.229.95 (US/United States/saathoff.geek) said, DENY 106.75.55.46, Reason:[(sshd) Failed SSH login from 106.75.55.46 (CN/China/-): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER	2020-07-06 01:51:37
attackbots	Jun 30 15:35:27 pkdns2 sshd\[9451\]: Invalid user mmk from 106.75.55.46Jun 30 15:35:30 pkdns2 sshd\[9451\]: Failed password for invalid user mmk from 106.75.55.46 port 50952 ssh2Jun 30 15:37:24 pkdns2 sshd\[9531\]: Invalid user bmo from 106.75.55.46Jun 30 15:37:26 pkdns2 sshd\[9531\]: Failed password for invalid user bmo from 106.75.55.46 port 49100 ssh2Jun 30 15:39:25 pkdns2 sshd\[9610\]: Failed password for root from 106.75.55.46 port 47252 ssh2Jun 30 15:41:28 pkdns2 sshd\[9721\]: Invalid user hec from 106.75.55.46 ...	2020-07-01 02:30:24
attackbotsspam	Jun 23 08:05:03 lanister sshd[21205]: Failed password for invalid user web from 106.75.55.46 port 34134 ssh2 Jun 23 08:05:02 lanister sshd[21205]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.46 Jun 23 08:05:02 lanister sshd[21205]: Invalid user web from 106.75.55.46 Jun 23 08:05:03 lanister sshd[21205]: Failed password for invalid user web from 106.75.55.46 port 34134 ssh2	2020-06-24 02:08:16
attackspambots	5x Failed Password	2020-06-08 05:33:18

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.55.123	attackspam	Jul 23 08:04:17 hidden sshd[64875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.123 Jul 23 08:04:20 hidden sshd[64875]: Failed password for invalid user norm from 106.75.55.123 port 45310 ssh2 Jul 23 08:09:21 hidden sshd[593]: Invalid user nadia from 106.75.55.123 port 57512	2020-07-23 14:34:24
106.75.55.123	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-18T19:43:47Z and 2020-07-18T19:52:14Z	2020-07-19 04:01:55
106.75.55.123	attackbots	Jun 18 07:33:26 OPSO sshd\[2489\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.123 user=root Jun 18 07:33:28 OPSO sshd\[2489\]: Failed password for root from 106.75.55.123 port 37484 ssh2 Jun 18 07:37:03 OPSO sshd\[3281\]: Invalid user ryan from 106.75.55.123 port 60520 Jun 18 07:37:03 OPSO sshd\[3281\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.123 Jun 18 07:37:05 OPSO sshd\[3281\]: Failed password for invalid user ryan from 106.75.55.123 port 60520 ssh2	2020-06-18 18:36:00
106.75.55.123	attack	2020-06-14T20:40:56.877022+02:00 sshd[6234]: Failed password for invalid user solr from 106.75.55.123 port 59970 ssh2	2020-06-15 04:28:11
106.75.55.123	attackspam	Jun 7 20:02:26 mail sshd[2086]: Failed password for root from 106.75.55.123 port 45154 ssh2 Jun 7 20:12:12 mail sshd[3298]: Failed password for root from 106.75.55.123 port 39978 ssh2 Jun 7 20:14:02 mail sshd[3508]: Failed password for root from 106.75.55.123 port 37600 ssh2 ...	2020-06-08 02:25:39
106.75.55.123	attack	May 13 06:12:10 eventyay sshd[28971]: Failed password for root from 106.75.55.123 port 49578 ssh2 May 13 06:15:01 eventyay sshd[29040]: Failed password for root from 106.75.55.123 port 58574 ssh2 ...	2020-05-13 12:56:36
106.75.55.123	attackspambots	$f2bV_matches	2020-05-09 00:15:02
106.75.55.123	attack	Apr 18 15:20:27 DAAP sshd[32049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.123 user=root Apr 18 15:20:29 DAAP sshd[32049]: Failed password for root from 106.75.55.123 port 35504 ssh2 Apr 18 15:26:07 DAAP sshd[32152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.123 user=root Apr 18 15:26:09 DAAP sshd[32152]: Failed password for root from 106.75.55.123 port 55346 ssh2 Apr 18 15:29:37 DAAP sshd[32239]: Invalid user huawei from 106.75.55.123 port 36638 ...	2020-04-19 03:42:59
106.75.55.190	attackbots	TCP src-port=46868 dst-port=25 Listed on barracuda zen-spamhaus spam-sorbs (126)	2020-04-10 20:54:20
106.75.55.123	attackspam	Apr 2 07:51:26 [host] sshd[4768]: pam_unix(sshd:a Apr 2 07:51:27 [host] sshd[4768]: Failed password Apr 2 07:53:26 [host] sshd[4786]: Invalid user bi	2020-04-02 17:02:43
106.75.55.123	attack	5x Failed Password	2020-04-02 05:33:27
106.75.55.123	attackbots	Invalid user year from 106.75.55.123 port 57242	2020-03-25 08:11:21
106.75.55.123	attackbots	Mar 8 14:15:10 areeb-Workstation sshd[11935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.123 Mar 8 14:15:12 areeb-Workstation sshd[11935]: Failed password for invalid user sphinx from 106.75.55.123 port 45558 ssh2 ...	2020-03-08 17:03:50
106.75.55.123	attack	Feb 11 17:24:42 Ubuntu-1404-trusty-64-minimal sshd\[17552\]: Invalid user skb from 106.75.55.123 Feb 11 17:24:42 Ubuntu-1404-trusty-64-minimal sshd\[17552\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.123 Feb 11 17:24:44 Ubuntu-1404-trusty-64-minimal sshd\[17552\]: Failed password for invalid user skb from 106.75.55.123 port 40562 ssh2 Feb 11 17:36:14 Ubuntu-1404-trusty-64-minimal sshd\[27450\]: Invalid user lac from 106.75.55.123 Feb 11 17:36:14 Ubuntu-1404-trusty-64-minimal sshd\[27450\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.55.123	2020-02-12 02:15:35
106.75.55.123	attackspam	Unauthorized connection attempt detected from IP address 106.75.55.123 to port 2220 [J]	2020-01-29 23:09:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.55.46
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6337
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.55.46.			IN	A

;; AUTHORITY SECTION:
.			435	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060701 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 08 05:33:14 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 46.55.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 46.55.75.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
79.54.18.135	attackspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-07T03:43:39Z and 2020-08-07T03:51:39Z	2020-08-07 17:28:29
27.158.125.10	attackbotsspam	Email rejected due to spam filtering	2020-08-07 17:44:41
122.227.159.84	attack	Aug 7 01:43:47 pixelmemory sshd[2925160]: Failed password for root from 122.227.159.84 port 59311 ssh2 Aug 7 01:48:26 pixelmemory sshd[2939343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.227.159.84 user=root Aug 7 01:48:28 pixelmemory sshd[2939343]: Failed password for root from 122.227.159.84 port 57769 ssh2 Aug 7 01:53:57 pixelmemory sshd[2964379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.227.159.84 user=root Aug 7 01:53:59 pixelmemory sshd[2964379]: Failed password for root from 122.227.159.84 port 56253 ssh2 ...	2020-08-07 17:34:35
185.176.27.2	attackspambots	TCP (SYN) 185.176.27.2:8080 -> port 6435, len 44	2020-08-07 17:52:28
185.156.73.60	attack	Attempted to establish connection to non opened port 3399	2020-08-07 17:53:54
123.207.178.45	attack	$f2bV_matches	2020-08-07 17:32:39
68.183.57.66	attackspambots	WordPress (CMS) attack attempts. Date: 2020 Aug 07. 08:09:58 Source IP: 68.183.57.66 Portion of the log(s): 68.183.57.66 - [07/Aug/2020:08:09:55 +0200] "GET /wp-login.php HTTP/1.1" 200 1962 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 68.183.57.66 - [07/Aug/2020:08:09:55 +0200] "POST /wp-login.php HTTP/1.1" 200 2417 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 68.183.57.66 - [07/Aug/2020:08:09:56 +0200] "POST /xmlrpc.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-07 17:47:29
66.249.75.21	attack	Automatic report - Banned IP Access	2020-08-07 17:24:26
188.226.131.171	attackbots	Aug 7 11:03:52 ovpn sshd\[24078\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.226.131.171 user=root Aug 7 11:03:54 ovpn sshd\[24078\]: Failed password for root from 188.226.131.171 port 41656 ssh2 Aug 7 11:18:38 ovpn sshd\[30018\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.226.131.171 user=root Aug 7 11:18:41 ovpn sshd\[30018\]: Failed password for root from 188.226.131.171 port 43672 ssh2 Aug 7 11:20:30 ovpn sshd\[30758\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.226.131.171 user=root	2020-08-07 17:36:02
128.199.33.116	attackbots	$f2bV_matches	2020-08-07 17:40:30
159.89.199.195	attack	Aug 7 10:47:24 vpn01 sshd[27216]: Failed password for root from 159.89.199.195 port 58610 ssh2 ...	2020-08-07 17:38:11
127.0.0.1	attackspam	Test Connectivity	2020-08-07 17:32:10
208.65.181.179	attackspambots	Logfile match	2020-08-07 17:26:50
187.109.10.100	attack	$f2bV_matches	2020-08-07 17:19:14
147.135.133.88	attackspambots	(sshd) Failed SSH login from 147.135.133.88 (FR/France/ip-147-135-133.eu): 5 in the last 3600 secs	2020-08-07 17:28:46

最近上报的IP列表

81.95.108.170	178.238.8.106	42.200.252.62	125.85.204.76
37.158.63.10	150.136.160.141	218.143.170.133	21.201.118.137
104.150.146.252	137.112.178.59	155.54.122.100	177.12.50.1
72.102.13.161	235.98.20.119	10.19.143.6	97.179.199.66
14.138.165.231	46.52.222.232	163.243.236.138	102.134.211.11