106.75.74.6 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Dec 6 15:51:33 lnxweb62 sshd[28610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6	2019-12-06 22:54:08
attackbots	Dec 4 07:16:20 sachi sshd\[28798\]: Invalid user eleonore from 106.75.74.6 Dec 4 07:16:20 sachi sshd\[28798\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 Dec 4 07:16:23 sachi sshd\[28798\]: Failed password for invalid user eleonore from 106.75.74.6 port 46046 ssh2 Dec 4 07:22:14 sachi sshd\[29396\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 user=root Dec 4 07:22:17 sachi sshd\[29396\]: Failed password for root from 106.75.74.6 port 40128 ssh2	2019-12-05 01:31:29
attackspambots	Dec 3 23:23:30 itv-usvr-01 sshd[5861]: Invalid user k from 106.75.74.6 Dec 3 23:23:30 itv-usvr-01 sshd[5861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 Dec 3 23:23:30 itv-usvr-01 sshd[5861]: Invalid user k from 106.75.74.6 Dec 3 23:23:32 itv-usvr-01 sshd[5861]: Failed password for invalid user k from 106.75.74.6 port 32874 ssh2 Dec 3 23:30:43 itv-usvr-01 sshd[6109]: Invalid user info from 106.75.74.6	2019-12-04 04:35:00
attack	Dec 2 08:37:25 plusreed sshd[24975]: Invalid user lune from 106.75.74.6 ...	2019-12-02 21:48:03
attack	2019-11-26T14:37:09.561661hub.schaetter.us sshd\[26634\]: Invalid user philip from 106.75.74.6 port 58396 2019-11-26T14:37:09.580154hub.schaetter.us sshd\[26634\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 2019-11-26T14:37:11.521571hub.schaetter.us sshd\[26634\]: Failed password for invalid user philip from 106.75.74.6 port 58396 ssh2 2019-11-26T14:46:16.324209hub.schaetter.us sshd\[26709\]: Invalid user ranz from 106.75.74.6 port 35428 2019-11-26T14:46:16.331968hub.schaetter.us sshd\[26709\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 ...	2019-11-26 23:53:44
attackspam	Nov 25 10:18:16 legacy sshd[9946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 Nov 25 10:18:18 legacy sshd[9946]: Failed password for invalid user info from 106.75.74.6 port 46516 ssh2 Nov 25 10:26:25 legacy sshd[10195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 ...	2019-11-25 17:28:57
attackbots	2019-10-16T21:04:08.287028abusebot-5.cloudsearch.cf sshd\[27465\]: Invalid user test from 106.75.74.6 port 34228	2019-10-17 07:05:49
attackbots	2019-10-04T09:58:34.2199361495-001 sshd\[59529\]: Invalid user rt from 106.75.74.6 port 48528 2019-10-04T09:58:34.2230471495-001 sshd\[59529\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 2019-10-04T09:58:35.9482011495-001 sshd\[59529\]: Failed password for invalid user rt from 106.75.74.6 port 48528 ssh2 2019-10-04T10:27:33.8053381495-001 sshd\[62035\]: Invalid user test from 106.75.74.6 port 51906 2019-10-04T10:27:33.8083521495-001 sshd\[62035\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 2019-10-04T10:27:35.9347301495-001 sshd\[62035\]: Failed password for invalid user test from 106.75.74.6 port 51906 ssh2 ...	2019-10-04 22:39:49
attack	Sep 28 23:32:39 ns37 sshd[20814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6	2019-09-29 06:01:42
attack	$f2bV_matches	2019-09-14 21:05:06
attackspam	Aug 30 19:34:35 ArkNodeAT sshd\[18575\]: Invalid user maya from 106.75.74.6 Aug 30 19:34:35 ArkNodeAT sshd\[18575\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 Aug 30 19:34:37 ArkNodeAT sshd\[18575\]: Failed password for invalid user maya from 106.75.74.6 port 54298 ssh2	2019-08-31 04:19:23
attack	detected by Fail2Ban	2019-08-14 07:54:29

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.74.225	attackspam	[Tue Aug 11 13:25:59 2020] - DDoS Attack From IP: 106.75.74.225 Port: 58914	2020-08-11 22:50:18
106.75.74.225	attackbotsspam	TCP (SYN) 106.75.74.225:58914 -> port 110, len 44	2020-08-06 18:49:47
106.75.74.225	attackbots	[Mon May 25 11:57:24 2020] - DDoS Attack From IP: 106.75.74.225 Port: 58914	2020-07-09 03:29:26
106.75.74.225	attack	TCP (SYN) 106.75.74.225:58914 -> port 51106, len 44	2020-06-23 18:37:11
106.75.74.225	attack	Jun 6 12:19:43 debian kernel: [337744.241295] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=106.75.74.225 DST=89.252.131.35 LEN=44 TOS=0x00 PREC=0x00 TTL=237 ID=22123 PROTO=TCP SPT=58914 DPT=55553 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-06 19:11:06
106.75.74.225	attackspam	firewall-block, port(s): 5050/tcp	2020-05-05 12:01:54
106.75.74.225	attackspam	Honeypot attack, port: 5555, PTR: PTR record not found	2020-04-29 00:06:22
106.75.74.225	attackspam	3541/tcp 3460/tcp 3542/tcp... [2020-01-24/03-23]80pkt,15pt.(tcp)	2020-03-23 17:26:38
106.75.74.225	attackspambots	02/07/2020-23:58:41.647752 106.75.74.225 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-08 13:59:47
106.75.74.225	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-10 00:07:29
106.75.74.225	attackbotsspam	106.75.74.225 was recorded 5 times by 4 hosts attempting to connect to the following ports: 2087,2121,20000,20547. Incident counter (4h, 24h, all-time): 5, 10, 31	2019-11-10 21:48:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.74.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21261
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.74.6.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081301 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 14 07:54:24 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 6.74.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 6.74.75.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
117.61.241.147	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-07 05:04:26
141.98.9.164	attack	Sep 6 20:52:18 scw-6657dc sshd[31800]: Invalid user admin from 141.98.9.164 port 45671 Sep 6 20:52:18 scw-6657dc sshd[31800]: Invalid user admin from 141.98.9.164 port 45671 Sep 6 20:52:18 scw-6657dc sshd[31800]: Failed none for invalid user admin from 141.98.9.164 port 45671 ssh2 ...	2020-09-07 05:30:15
103.133.105.65	attackbots	2020-09-06 dovecot_login authenticator failed for $User$ \[103.133.105.65\]: 535 Incorrect authentication data $set_id=web3@REMOVED$ 2020-09-06 dovecot_login authenticator failed for $User$ \[103.133.105.65\]: 535 Incorrect authentication data $set_id=web3@REMOVED$ 2020-09-06 dovecot_login authenticator failed for $User$ \[103.133.105.65\]: 535 Incorrect authentication data $set_id=web3@REMOVED$	2020-09-07 05:23:46
179.182.183.228	attackspam	Automatic report - Port Scan Attack	2020-09-07 05:27:08
222.186.169.192	attack	Sep 6 21:02:50 instance-2 sshd[29110]: Failed password for root from 222.186.169.192 port 2698 ssh2 Sep 6 21:02:54 instance-2 sshd[29110]: Failed password for root from 222.186.169.192 port 2698 ssh2 Sep 6 21:02:59 instance-2 sshd[29110]: Failed password for root from 222.186.169.192 port 2698 ssh2 Sep 6 21:03:03 instance-2 sshd[29110]: Failed password for root from 222.186.169.192 port 2698 ssh2	2020-09-07 05:10:30
190.211.240.227	attackspambots	Honeypot attack, port: 445, PTR: fujikura.com.py.	2020-09-07 05:28:16
104.244.74.223	attack	2020-09-06T21:30:25.188197abusebot-3.cloudsearch.cf sshd[25052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.74.223 user=root 2020-09-06T21:30:27.520870abusebot-3.cloudsearch.cf sshd[25052]: Failed password for root from 104.244.74.223 port 60580 ssh2 2020-09-06T21:30:29.672537abusebot-3.cloudsearch.cf sshd[25054]: Invalid user admin from 104.244.74.223 port 36212 2020-09-06T21:30:29.679135abusebot-3.cloudsearch.cf sshd[25054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.74.223 2020-09-06T21:30:29.672537abusebot-3.cloudsearch.cf sshd[25054]: Invalid user admin from 104.244.74.223 port 36212 2020-09-06T21:30:31.560201abusebot-3.cloudsearch.cf sshd[25054]: Failed password for invalid user admin from 104.244.74.223 port 36212 ssh2 2020-09-06T21:30:33.679424abusebot-3.cloudsearch.cf sshd[25056]: Invalid user admin from 104.244.74.223 port 39632 ...	2020-09-07 05:30:43
165.22.60.7	attack	SSH login attempts.	2020-09-07 05:29:58
222.186.31.166	attack	Sep 6 23:03:14 h2646465 sshd[15051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root Sep 6 23:03:16 h2646465 sshd[15051]: Failed password for root from 222.186.31.166 port 51554 ssh2 Sep 6 23:03:22 h2646465 sshd[15053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root Sep 6 23:03:25 h2646465 sshd[15053]: Failed password for root from 222.186.31.166 port 12328 ssh2 Sep 6 23:03:22 h2646465 sshd[15053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root Sep 6 23:03:25 h2646465 sshd[15053]: Failed password for root from 222.186.31.166 port 12328 ssh2 Sep 6 23:03:27 h2646465 sshd[15053]: Failed password for root from 222.186.31.166 port 12328 ssh2 Sep 6 23:03:22 h2646465 sshd[15053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root Sep 6 23:03:25 h264	2020-09-07 05:05:02
222.174.148.178	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-07 05:18:35
49.233.143.87	attack	Sep 6 18:54:46 h2829583 sshd[5993]: Failed password for root from 49.233.143.87 port 50174 ssh2	2020-09-07 05:13:52
212.70.149.20	attack	Sep 6 23:12:53 srv1 postfix/smtpd[18131]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: authentication failure Sep 6 23:13:18 srv1 postfix/smtpd[18131]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: authentication failure Sep 6 23:13:44 srv1 postfix/smtpd[18131]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: authentication failure Sep 6 23:14:10 srv1 postfix/smtpd[18131]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: authentication failure Sep 6 23:14:36 srv1 postfix/smtpd[18131]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: authentication failure ...	2020-09-07 05:15:29
41.77.6.27	attack	[ER hit] Tried to deliver spam. Already well known.	2020-09-07 05:05:34
217.172.77.106	attackbotsspam	Attempts to probe for or exploit a Drupal 7.69 site on url: /wp-login.php. Reported by the module https://www.drupal.org/project/abuseipdb.	2020-09-07 05:25:50
171.221.210.158	attack	2020-09-06T20:21:18.341177vps1033 sshd[21316]: Failed password for root from 171.221.210.158 port 54173 ssh2 2020-09-06T20:24:16.257974vps1033 sshd[27672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.221.210.158 user=root 2020-09-06T20:24:18.050288vps1033 sshd[27672]: Failed password for root from 171.221.210.158 port 13234 ssh2 2020-09-06T20:27:13.308071vps1033 sshd[1492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.221.210.158 user=root 2020-09-06T20:27:15.065137vps1033 sshd[1492]: Failed password for root from 171.221.210.158 port 36775 ssh2 ...	2020-09-07 05:17:09

最近上报的IP列表

68.183.227.74	202.254.244.219	210.6.111.246	53.30.30.123
189.120.101.237	24.244.89.83	138.219.108.17	106.111.118.157
117.95.189.40	41.40.94.250	186.64.120.195	82.213.250.117
185.238.48.193	185.92.73.232	219.232.47.114	123.206.87.154
89.64.37.126	66.240.158.118	168.62.176.25	92.32.68.230