106.75.74.6 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Dec 6 15:51:33 lnxweb62 sshd[28610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6	2019-12-06 22:54:08
attackbots	Dec 4 07:16:20 sachi sshd\[28798\]: Invalid user eleonore from 106.75.74.6 Dec 4 07:16:20 sachi sshd\[28798\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 Dec 4 07:16:23 sachi sshd\[28798\]: Failed password for invalid user eleonore from 106.75.74.6 port 46046 ssh2 Dec 4 07:22:14 sachi sshd\[29396\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 user=root Dec 4 07:22:17 sachi sshd\[29396\]: Failed password for root from 106.75.74.6 port 40128 ssh2	2019-12-05 01:31:29
attackspambots	Dec 3 23:23:30 itv-usvr-01 sshd[5861]: Invalid user k from 106.75.74.6 Dec 3 23:23:30 itv-usvr-01 sshd[5861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 Dec 3 23:23:30 itv-usvr-01 sshd[5861]: Invalid user k from 106.75.74.6 Dec 3 23:23:32 itv-usvr-01 sshd[5861]: Failed password for invalid user k from 106.75.74.6 port 32874 ssh2 Dec 3 23:30:43 itv-usvr-01 sshd[6109]: Invalid user info from 106.75.74.6	2019-12-04 04:35:00
attack	Dec 2 08:37:25 plusreed sshd[24975]: Invalid user lune from 106.75.74.6 ...	2019-12-02 21:48:03
attack	2019-11-26T14:37:09.561661hub.schaetter.us sshd\[26634\]: Invalid user philip from 106.75.74.6 port 58396 2019-11-26T14:37:09.580154hub.schaetter.us sshd\[26634\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 2019-11-26T14:37:11.521571hub.schaetter.us sshd\[26634\]: Failed password for invalid user philip from 106.75.74.6 port 58396 ssh2 2019-11-26T14:46:16.324209hub.schaetter.us sshd\[26709\]: Invalid user ranz from 106.75.74.6 port 35428 2019-11-26T14:46:16.331968hub.schaetter.us sshd\[26709\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 ...	2019-11-26 23:53:44
attackspam	Nov 25 10:18:16 legacy sshd[9946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 Nov 25 10:18:18 legacy sshd[9946]: Failed password for invalid user info from 106.75.74.6 port 46516 ssh2 Nov 25 10:26:25 legacy sshd[10195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 ...	2019-11-25 17:28:57
attackbots	2019-10-16T21:04:08.287028abusebot-5.cloudsearch.cf sshd\[27465\]: Invalid user test from 106.75.74.6 port 34228	2019-10-17 07:05:49
attackbots	2019-10-04T09:58:34.2199361495-001 sshd\[59529\]: Invalid user rt from 106.75.74.6 port 48528 2019-10-04T09:58:34.2230471495-001 sshd\[59529\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 2019-10-04T09:58:35.9482011495-001 sshd\[59529\]: Failed password for invalid user rt from 106.75.74.6 port 48528 ssh2 2019-10-04T10:27:33.8053381495-001 sshd\[62035\]: Invalid user test from 106.75.74.6 port 51906 2019-10-04T10:27:33.8083521495-001 sshd\[62035\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 2019-10-04T10:27:35.9347301495-001 sshd\[62035\]: Failed password for invalid user test from 106.75.74.6 port 51906 ssh2 ...	2019-10-04 22:39:49
attack	Sep 28 23:32:39 ns37 sshd[20814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6	2019-09-29 06:01:42
attack	$f2bV_matches	2019-09-14 21:05:06
attackspam	Aug 30 19:34:35 ArkNodeAT sshd\[18575\]: Invalid user maya from 106.75.74.6 Aug 30 19:34:35 ArkNodeAT sshd\[18575\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.74.6 Aug 30 19:34:37 ArkNodeAT sshd\[18575\]: Failed password for invalid user maya from 106.75.74.6 port 54298 ssh2	2019-08-31 04:19:23
attack	detected by Fail2Ban	2019-08-14 07:54:29

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.74.225	attackspam	[Tue Aug 11 13:25:59 2020] - DDoS Attack From IP: 106.75.74.225 Port: 58914	2020-08-11 22:50:18
106.75.74.225	attackbotsspam	TCP (SYN) 106.75.74.225:58914 -> port 110, len 44	2020-08-06 18:49:47
106.75.74.225	attackbots	[Mon May 25 11:57:24 2020] - DDoS Attack From IP: 106.75.74.225 Port: 58914	2020-07-09 03:29:26
106.75.74.225	attack	TCP (SYN) 106.75.74.225:58914 -> port 51106, len 44	2020-06-23 18:37:11
106.75.74.225	attack	Jun 6 12:19:43 debian kernel: [337744.241295] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=106.75.74.225 DST=89.252.131.35 LEN=44 TOS=0x00 PREC=0x00 TTL=237 ID=22123 PROTO=TCP SPT=58914 DPT=55553 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-06 19:11:06
106.75.74.225	attackspam	firewall-block, port(s): 5050/tcp	2020-05-05 12:01:54
106.75.74.225	attackspam	Honeypot attack, port: 5555, PTR: PTR record not found	2020-04-29 00:06:22
106.75.74.225	attackspam	3541/tcp 3460/tcp 3542/tcp... [2020-01-24/03-23]80pkt,15pt.(tcp)	2020-03-23 17:26:38
106.75.74.225	attackspambots	02/07/2020-23:58:41.647752 106.75.74.225 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-08 13:59:47
106.75.74.225	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-10 00:07:29
106.75.74.225	attackbotsspam	106.75.74.225 was recorded 5 times by 4 hosts attempting to connect to the following ports: 2087,2121,20000,20547. Incident counter (4h, 24h, all-time): 5, 10, 31	2019-11-10 21:48:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.74.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21261
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.74.6.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081301 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 14 07:54:24 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 6.74.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 6.74.75.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
186.103.181.179	attack	20/1/9@23:57:03: FAIL: Alarm-Network address from=186.103.181.179 ...	2020-01-10 14:10:40
180.76.249.74	attack	Jan 9 19:42:09 web9 sshd\[25995\]: Invalid user xjv from 180.76.249.74 Jan 9 19:42:09 web9 sshd\[25995\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.249.74 Jan 9 19:42:11 web9 sshd\[25995\]: Failed password for invalid user xjv from 180.76.249.74 port 47998 ssh2 Jan 9 19:44:51 web9 sshd\[26356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.249.74 user=root Jan 9 19:44:53 web9 sshd\[26356\]: Failed password for root from 180.76.249.74 port 41124 ssh2	2020-01-10 13:55:31
222.186.15.158	attackspam	01/10/2020-01:14:51.229626 222.186.15.158 Protocol: 6 ET SCAN Potential SSH Scan	2020-01-10 14:18:10
183.232.36.13	attack	Jan 10 07:00:46 ArkNodeAT sshd\[15629\]: Invalid user User2 from 183.232.36.13 Jan 10 07:00:46 ArkNodeAT sshd\[15629\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.232.36.13 Jan 10 07:00:48 ArkNodeAT sshd\[15629\]: Failed password for invalid user User2 from 183.232.36.13 port 37178 ssh2	2020-01-10 14:18:23
185.200.118.70	attackspam	" "	2020-01-10 14:12:56
210.212.97.243	attackbots	Unauthorized connection attempt detected from IP address 210.212.97.243 to port 445	2020-01-10 13:54:32
46.38.144.64	attackbots	2020-01-10 08:48:59 dovecot_login authenticator failed for (User) [46.38.144.64]: 535 Incorrect authentication data (set_id=sh@usmancity.ru) ...	2020-01-10 14:17:34
113.163.216.144	attack	20/1/9@23:56:40: FAIL: Alarm-Network address from=113.163.216.144 ...	2020-01-10 14:21:13
2001:41d0:2:c586::	attackspam	WordPress wp-login brute force :: 2001:41d0:2:c586:: 0.092 BYPASS [10/Jan/2020:04:56:59 0000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 2100 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-01-10 14:14:04
130.162.66.249	attack	Jan 10 05:57:15 hell sshd[26073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.162.66.249 Jan 10 05:57:17 hell sshd[26073]: Failed password for invalid user emserver from 130.162.66.249 port 49893 ssh2 ...	2020-01-10 14:06:38
36.67.197.52	attackspambots	Jan 10 05:56:59 ourumov-web sshd\[455\]: Invalid user zr from 36.67.197.52 port 56160 Jan 10 05:56:59 ourumov-web sshd\[455\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.67.197.52 Jan 10 05:57:01 ourumov-web sshd\[455\]: Failed password for invalid user zr from 36.67.197.52 port 56160 ssh2 ...	2020-01-10 14:11:47
49.88.112.116	attack	Jan 10 07:01:11 localhost sshd\[25151\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root Jan 10 07:01:14 localhost sshd\[25151\]: Failed password for root from 49.88.112.116 port 12661 ssh2 Jan 10 07:01:16 localhost sshd\[25151\]: Failed password for root from 49.88.112.116 port 12661 ssh2	2020-01-10 14:27:46
222.186.31.83	attackspam	2020-01-09T21:05:27.395888homeassistant sshd[454]: Failed password for root from 222.186.31.83 port 45615 ssh2 2020-01-10T05:55:35.530007homeassistant sshd[6411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.83 user=root ...	2020-01-10 14:06:52
222.186.180.223	attack	Jan 9 19:42:42 kapalua sshd\[17814\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.223 user=root Jan 9 19:42:44 kapalua sshd\[17814\]: Failed password for root from 222.186.180.223 port 50872 ssh2 Jan 9 19:42:59 kapalua sshd\[17844\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.223 user=root Jan 9 19:43:00 kapalua sshd\[17844\]: Failed password for root from 222.186.180.223 port 61028 ssh2 Jan 9 19:43:21 kapalua sshd\[17875\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.223 user=root	2020-01-10 13:51:13
222.186.175.148	attack	Jan 10 07:03:01 dedicated sshd[9000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root Jan 10 07:03:03 dedicated sshd[9000]: Failed password for root from 222.186.175.148 port 39782 ssh2	2020-01-10 14:04:47

最近上报的IP列表

68.183.227.74	202.254.244.219	210.6.111.246	53.30.30.123
189.120.101.237	24.244.89.83	138.219.108.17	106.111.118.157
117.95.189.40	41.40.94.250	186.64.120.195	82.213.250.117
185.238.48.193	185.92.73.232	219.232.47.114	123.206.87.154
89.64.37.126	66.240.158.118	168.62.176.25	92.32.68.230