106.75.92.239 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	8112/tcp 8291/tcp 81/tcp... [2020-05-08/07-08]72pkt,20pt.(tcp)	2020-07-08 21:37:04
attackspam	" "	2020-02-16 03:31:11
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-09 23:47:17
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-16 00:30:56
attack	T: f2b postfix aggressive 3x	2019-09-17 00:26:18
attackbotsspam	Lines containing failures of 106.75.92.239 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.75.92.239	2019-09-04 16:45:27

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.92.78	attack	SSH brute-force attempt	2020-06-06 11:56:02
106.75.92.78	attack	$f2bV_matches	2020-05-20 14:32:01
106.75.92.78	attackbots	prod6 ...	2020-04-18 16:56:05

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.92.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23425
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.92.239.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090400 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Sep 04 16:45:21 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 239.92.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 239.92.75.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.175.167	attackspambots	detected by Fail2Ban	2020-06-26 17:17:13
68.183.104.88	attack	$f2bV_matches	2020-06-26 17:35:31
49.234.207.226	attackspambots	Invalid user luis from 49.234.207.226 port 38836	2020-06-26 17:19:43
74.124.24.114	attackbotsspam	sshd: Failed password for invalid user .... from 74.124.24.114 port 44480 ssh2 (7 attempts)	2020-06-26 17:14:23
201.249.169.210	attackbots	21 attempts against mh-ssh on cloud	2020-06-26 17:39:13
104.211.212.220	attackspam	sshd: Failed password for .... from 104.211.212.220 port 28445 ssh2 (3 attempts)	2020-06-26 17:04:35
207.154.236.97	attackbotsspam	207.154.236.97 - - [26/Jun/2020:06:53:27 +0100] "POST /wp-login.php HTTP/1.1" 200 1960 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 207.154.236.97 - - [26/Jun/2020:06:53:28 +0100] "POST /wp-login.php HTTP/1.1" 200 1937 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 207.154.236.97 - - [26/Jun/2020:06:53:28 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-26 17:05:16
112.85.42.89	attack	Jun 26 14:50:55 dhoomketu sshd[1051402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.89 user=root Jun 26 14:50:57 dhoomketu sshd[1051402]: Failed password for root from 112.85.42.89 port 32535 ssh2 Jun 26 14:50:55 dhoomketu sshd[1051402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.89 user=root Jun 26 14:50:57 dhoomketu sshd[1051402]: Failed password for root from 112.85.42.89 port 32535 ssh2 Jun 26 14:51:00 dhoomketu sshd[1051402]: Failed password for root from 112.85.42.89 port 32535 ssh2 ...	2020-06-26 17:35:09
60.191.125.35	attackspam	TCP (SYN) 60.191.125.35:54693 -> port 80, len 44	2020-06-26 17:43:50
103.145.12.176	attackbotsspam	[2020-06-26 04:59:50] NOTICE[1273] chan_sip.c: Registration from '"520" ' failed for '103.145.12.176:5242' - Wrong password [2020-06-26 04:59:50] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-26T04:59:50.855-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="520",SessionID="0x7f31c02f97a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.176/5242",Challenge="6d0a4eba",ReceivedChallenge="6d0a4eba",ReceivedHash="7a5b53c61589cb42d9827304e71b93ac" [2020-06-26 04:59:50] NOTICE[1273] chan_sip.c: Registration from '"520" ' failed for '103.145.12.176:5242' - Wrong password [2020-06-26 04:59:50] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-26T04:59:50.997-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="520",SessionID="0x7f31c01a72a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.1 ...	2020-06-26 17:21:15
189.147.247.175	attack	port 23	2020-06-26 17:30:42
218.92.0.138	attackbots	2020-06-26T11:41:48.203402vps751288.ovh.net sshd\[12263\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.138 user=root 2020-06-26T11:41:49.863735vps751288.ovh.net sshd\[12263\]: Failed password for root from 218.92.0.138 port 18474 ssh2 2020-06-26T11:41:53.693490vps751288.ovh.net sshd\[12263\]: Failed password for root from 218.92.0.138 port 18474 ssh2 2020-06-26T11:41:57.088340vps751288.ovh.net sshd\[12263\]: Failed password for root from 218.92.0.138 port 18474 ssh2 2020-06-26T11:42:00.031820vps751288.ovh.net sshd\[12263\]: Failed password for root from 218.92.0.138 port 18474 ssh2	2020-06-26 17:44:15
218.92.0.253	attack	Jun 26 11:06:42 vpn01 sshd[8644]: Failed password for root from 218.92.0.253 port 53940 ssh2 Jun 26 11:06:54 vpn01 sshd[8644]: error: maximum authentication attempts exceeded for root from 218.92.0.253 port 53940 ssh2 [preauth] ...	2020-06-26 17:07:48
200.205.64.122	attack	Unauthorized connection attempt: SRC=200.205.64.122 ...	2020-06-26 17:23:57
189.164.130.26	attackbots	port 23	2020-06-26 17:24:53

最近上报的IP列表

82.255.185.110	107.178.234.243	177.200.90.218	88.116.215.190
220.176.99.108	184.16.103.246	58.114.241.181	166.158.52.37
85.145.213.85	102.65.158.175	41.232.73.85	222.100.201.221
14.246.48.249	185.230.125.41	159.65.67.134	120.210.124.62
82.51.220.235	75.96.113.44	105.93.29.206	192.227.252.13