106.75.72.164 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	The IP has triggered Cloudflare WAF. CF-Ray: 543243994af8eb79 \| WAF_Rule_ID: a75424b44a1e4f27881d03344a122815 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: skk.moe \| User-Agent: Python/3.7 aiohttp/3.6.2 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 01:08:32

类型

评论内容

时间

attack

The IP has triggered Cloudflare WAF. CF-Ray: 543243994af8eb79 | WAF_Rule_ID: a75424b44a1e4f27881d03344a122815 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: skk.moe | User-Agent: Python/3.7 aiohttp/3.6.2 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 01:08:32

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.72.100	attack	May 7 06:10:57 124388 sshd[13048]: Invalid user testftp from 106.75.72.100 port 39726 May 7 06:10:57 124388 sshd[13048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.72.100 May 7 06:10:57 124388 sshd[13048]: Invalid user testftp from 106.75.72.100 port 39726 May 7 06:10:58 124388 sshd[13048]: Failed password for invalid user testftp from 106.75.72.100 port 39726 ssh2 May 7 06:15:46 124388 sshd[13072]: Invalid user theis from 106.75.72.100 port 56960	2020-05-07 15:26:47
106.75.72.100	attackspam	k+ssh-bruteforce	2020-04-01 03:46:58
106.75.72.100	attackbotsspam	$f2bV_matches	2020-03-30 06:00:05
106.75.72.100	attackbots	Invalid user alex from 106.75.72.100 port 44058	2020-03-28 16:57:29
106.75.72.100	attack	Invalid user alex from 106.75.72.100 port 44058	2020-03-27 22:25:03
106.75.72.100	attack	Mar 25 22:39:44 xeon sshd[57365]: Failed password for invalid user masmokhtar from 106.75.72.100 port 50814 ssh2	2020-03-26 06:43:35
106.75.72.100	attackbots	Invalid user trung from 106.75.72.100 port 47568	2020-03-22 01:12:31
106.75.72.100	attackbots	Mar 19 22:48:45 vps58358 sshd\[20048\]: Failed password for root from 106.75.72.100 port 33612 ssh2Mar 19 22:50:58 vps58358 sshd\[20061\]: Invalid user gitlab-runner from 106.75.72.100Mar 19 22:51:00 vps58358 sshd\[20061\]: Failed password for invalid user gitlab-runner from 106.75.72.100 port 51106 ssh2Mar 19 22:52:36 vps58358 sshd\[20075\]: Invalid user administrador from 106.75.72.100Mar 19 22:52:38 vps58358 sshd\[20075\]: Failed password for invalid user administrador from 106.75.72.100 port 38310 ssh2Mar 19 22:54:07 vps58358 sshd\[20090\]: Failed password for root from 106.75.72.100 port 53744 ssh2 ...	2020-03-20 06:26:31
106.75.72.100	attackspambots	Unauthorized connection attempt detected from IP address 106.75.72.100 to port 2220 [J]	2020-01-24 22:55:16
106.75.72.100	attackspam	Jan 1 18:08:32 server sshd[26993]: Failed password for invalid user bulent from 106.75.72.100 port 54912 ssh2 Jan 1 18:20:28 server sshd[27440]: Failed password for invalid user seamark from 106.75.72.100 port 35056 ssh2 Jan 1 18:29:48 server sshd[27742]: Failed password for invalid user admin from 106.75.72.100 port 33678 ssh2	2020-01-02 03:15:23
106.75.72.100	attack	Dec 31 08:09:28 localhost sshd\[32326\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.72.100 user=news Dec 31 08:09:30 localhost sshd\[32326\]: Failed password for news from 106.75.72.100 port 53770 ssh2 Dec 31 08:12:53 localhost sshd\[543\]: Invalid user info from 106.75.72.100 port 51804	2019-12-31 16:34:20
106.75.72.100	attackspambots	Dec 27 05:12:42 raspberrypi sshd\[6938\]: Invalid user robrish from 106.75.72.100Dec 27 05:12:44 raspberrypi sshd\[6938\]: Failed password for invalid user robrish from 106.75.72.100 port 56998 ssh2Dec 27 05:23:07 raspberrypi sshd\[7856\]: Failed password for root from 106.75.72.100 port 53738 ssh2 ...	2019-12-27 13:42:35
106.75.72.100	attack	SSH Brute Force	2019-12-11 04:36:26
106.75.72.100	attack	2019-12-03T07:40:46.808189abusebot-2.cloudsearch.cf sshd\[2533\]: Invalid user mmillan from 106.75.72.100 port 32840	2019-12-03 19:46:46
106.75.72.100	attack	2019-12-02T01:52:10.845942-07:00 suse-nuc sshd[7075]: Invalid user alfresco from 106.75.72.100 port 47210 ...	2019-12-02 21:08:38

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.72.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64401
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.72.164.			IN	A

;; AUTHORITY SECTION:
.			247	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121100 1800 900 604800 86400

;; Query time: 133 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 01:08:22 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 164.72.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 164.72.75.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
112.21.188.235	attackspambots	Invalid user uy from 112.21.188.235 port 39756	2020-04-20 21:39:58
106.12.34.97	attackspambots	Invalid user pt from 106.12.34.97 port 40084	2020-04-20 21:47:43
82.189.223.116	attackbots	Invalid user tp from 82.189.223.116 port 42518	2020-04-20 21:52:38
62.72.236.2	attackspambots	Invalid user ftpuser from 62.72.236.2 port 47794	2020-04-20 21:58:01
79.137.34.248	attack	Invalid user test from 79.137.34.248 port 60120	2020-04-20 21:53:48
49.234.122.94	attackspambots	Invalid user admin from 49.234.122.94 port 39908	2020-04-20 22:04:08
61.19.23.170	attackspambots	Brute force SMTP login attempted. ...	2020-04-20 21:58:56
110.39.186.254	attackbotsspam	Invalid user guest from 110.39.186.254 port 64339	2020-04-20 21:41:24
111.229.167.222	attackspambots	Apr 20 07:51:41 r.ca sshd[10099]: Failed password for invalid user ubuntu from 111.229.167.222 port 34870 ssh2	2020-04-20 21:40:29
113.162.153.213	attackbotsspam	Invalid user admin from 113.162.153.213 port 44754	2020-04-20 21:38:19
106.75.246.107	attack	Apr 20 14:06:48 vpn01 sshd[26286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.246.107 Apr 20 14:06:50 vpn01 sshd[26286]: Failed password for invalid user testtest from 106.75.246.107 port 52613 ssh2 ...	2020-04-20 21:42:55
45.55.88.16	attackbots	leo_www	2020-04-20 22:05:51
41.233.223.121	attack	Invalid user admin from 41.233.223.121 port 58648	2020-04-20 22:06:43
51.38.37.89	attackspam	$f2bV_matches	2020-04-20 22:02:33
52.151.27.166	attackbots	(sshd) Failed SSH login from 52.151.27.166 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 20 15:29:16 s1 sshd[8370]: Invalid user ep from 52.151.27.166 port 36034 Apr 20 15:29:18 s1 sshd[8370]: Failed password for invalid user ep from 52.151.27.166 port 36034 ssh2 Apr 20 15:51:20 s1 sshd[9514]: Invalid user dp from 52.151.27.166 port 58844 Apr 20 15:51:22 s1 sshd[9514]: Failed password for invalid user dp from 52.151.27.166 port 58844 ssh2 Apr 20 16:04:26 s1 sshd[10131]: Invalid user px from 52.151.27.166 port 54240	2020-04-20 22:00:23

最近上报的IP列表

221.213.75.102	221.213.75.54	221.13.12.22	221.0.21.174
220.181.108.174	218.72.51.140	210.6.74.20	190.203.192.161
188.187.145.151	182.138.162.28	190.163.200.96	124.235.138.76
124.90.54.78	124.88.113.105	123.191.153.189	123.191.133.61
123.191.130.211	158.221.82.144	123.145.26.124	78.78.191.4