106.75.93.253 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 106.75.93.253 to port 2220 [J]	2020-01-22 21:11:09
attack	Jan 1 15:14:10 game-panel sshd[26873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.93.253 Jan 1 15:14:13 game-panel sshd[26873]: Failed password for invalid user jsandoval from 106.75.93.253 port 42684 ssh2 Jan 1 15:17:49 game-panel sshd[27012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.93.253	2020-01-02 02:10:12
attackspam	Dec 20 12:58:09 home sshd[13851]: Invalid user labovites from 106.75.93.253 port 60996 Dec 20 12:58:09 home sshd[13851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.93.253 Dec 20 12:58:09 home sshd[13851]: Invalid user labovites from 106.75.93.253 port 60996 Dec 20 12:58:11 home sshd[13851]: Failed password for invalid user labovites from 106.75.93.253 port 60996 ssh2 Dec 20 13:15:12 home sshd[13931]: Invalid user mysql from 106.75.93.253 port 53456 Dec 20 13:15:12 home sshd[13931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.93.253 Dec 20 13:15:12 home sshd[13931]: Invalid user mysql from 106.75.93.253 port 53456 Dec 20 13:15:14 home sshd[13931]: Failed password for invalid user mysql from 106.75.93.253 port 53456 ssh2 Dec 20 13:20:46 home sshd[13978]: Invalid user server from 106.75.93.253 port 51978 Dec 20 13:20:46 home sshd[13978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh	2019-12-21 05:28:40
attackspam	Dec 8 17:22:54 mail sshd[14964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.93.253 Dec 8 17:22:56 mail sshd[14964]: Failed password for invalid user vps from 106.75.93.253 port 50906 ssh2 Dec 8 17:30:20 mail sshd[17009]: Failed password for root from 106.75.93.253 port 47072 ssh2	2019-12-10 08:56:11
attackbotsspam	Dec 5 23:50:31 hcbbdb sshd\[30858\]: Invalid user luise from 106.75.93.253 Dec 5 23:50:31 hcbbdb sshd\[30858\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.93.253 Dec 5 23:50:33 hcbbdb sshd\[30858\]: Failed password for invalid user luise from 106.75.93.253 port 33558 ssh2 Dec 5 23:55:57 hcbbdb sshd\[31472\]: Invalid user ioana from 106.75.93.253 Dec 5 23:55:57 hcbbdb sshd\[31472\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.93.253	2019-12-06 08:15:15
attackbots	Oct 28 23:00:22 hcbbdb sshd\[11910\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.93.253 user=root Oct 28 23:00:25 hcbbdb sshd\[11910\]: Failed password for root from 106.75.93.253 port 38864 ssh2 Oct 28 23:04:57 hcbbdb sshd\[12368\]: Invalid user david from 106.75.93.253 Oct 28 23:04:57 hcbbdb sshd\[12368\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.93.253 Oct 28 23:04:58 hcbbdb sshd\[12368\]: Failed password for invalid user david from 106.75.93.253 port 49208 ssh2	2019-10-29 07:14:43
attack	Unauthorized SSH login attempts	2019-10-12 11:21:09
attackspam	Oct 11 07:43:56 server sshd\[16151\]: Invalid user Bonjour@123 from 106.75.93.253 port 56904 Oct 11 07:43:56 server sshd\[16151\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.93.253 Oct 11 07:43:58 server sshd\[16151\]: Failed password for invalid user Bonjour@123 from 106.75.93.253 port 56904 ssh2 Oct 11 07:48:40 server sshd\[25113\]: Invalid user Summer@123 from 106.75.93.253 port 33404 Oct 11 07:48:40 server sshd\[25113\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.93.253	2019-10-11 14:34:42
attackbots	Oct 6 17:35:07 web9 sshd\[2030\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.93.253 user=root Oct 6 17:35:09 web9 sshd\[2030\]: Failed password for root from 106.75.93.253 port 36944 ssh2 Oct 6 17:39:30 web9 sshd\[2660\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.93.253 user=root Oct 6 17:39:31 web9 sshd\[2660\]: Failed password for root from 106.75.93.253 port 40066 ssh2 Oct 6 17:43:43 web9 sshd\[3298\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.93.253 user=root	2019-10-07 18:46:42
attackbots	Oct 1 05:31:53 mail sshd[29974]: Invalid user marcelo from 106.75.93.253 Oct 1 05:31:53 mail sshd[29974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.93.253 Oct 1 05:31:53 mail sshd[29974]: Invalid user marcelo from 106.75.93.253 Oct 1 05:31:55 mail sshd[29974]: Failed password for invalid user marcelo from 106.75.93.253 port 39558 ssh2 Oct 1 05:55:38 mail sshd[1830]: Invalid user postgres from 106.75.93.253 ...	2019-10-01 12:04:27
attack	Sep 29 13:09:56 sshgateway sshd\[29945\]: Invalid user acira from 106.75.93.253 Sep 29 13:09:56 sshgateway sshd\[29945\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.93.253 Sep 29 13:09:59 sshgateway sshd\[29945\]: Failed password for invalid user acira from 106.75.93.253 port 40832 ssh2	2019-09-30 00:04:42
attackbotsspam	Sep 5 05:29:18 herz-der-gamer sshd[13277]: Invalid user fctrserver from 106.75.93.253 port 45524 ...	2019-09-05 14:18:35
attack	Aug 12 16:05:38 vps647732 sshd[27165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.93.253 Aug 12 16:05:40 vps647732 sshd[27165]: Failed password for invalid user adm from 106.75.93.253 port 45032 ssh2 ...	2019-08-13 01:49:34
attackspam	Aug 12 13:02:30 vps647732 sshd[23115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.93.253 Aug 12 13:02:32 vps647732 sshd[23115]: Failed password for invalid user chuck from 106.75.93.253 port 36776 ssh2 ...	2019-08-12 19:05:42
attackbotsspam	2019-08-01T15:46:05.052932abusebot-6.cloudsearch.cf sshd\[22417\]: Invalid user support from 106.75.93.253 port 42290	2019-08-02 07:25:41

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.93.253
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52652
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.93.253.			IN	A

;; AUTHORITY SECTION:
.			2754	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080101 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 02 07:25:36 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 253.93.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 253.93.75.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.31.166	attackspambots	detected by Fail2Ban	2020-09-13 06:58:35
202.147.198.154	attack	2020-09-12T15:25:17.925289correo.[domain] sshd[26084]: Failed password for root from 202.147.198.154 port 41936 ssh2 2020-09-12T15:36:23.137160correo.[domain] sshd[27112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.147.198.154 user=root 2020-09-12T15:36:25.837472correo.[domain] sshd[27112]: Failed password for root from 202.147.198.154 port 53240 ssh2 ...	2020-09-13 07:30:11
192.42.116.26	attack	2020-09-13T00:58:54+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-09-13 07:21:30
193.7.200.114	attack	2020-09-12 13:46:48 server sshd[81049]: Failed password for invalid user root from 193.7.200.114 port 48232 ssh2	2020-09-13 07:32:26
197.45.63.224	attackspam	Brute forcing RDP port 3389	2020-09-13 06:55:15
52.149.160.100	attackspam	Port Scan: TCP/443	2020-09-13 07:00:45
40.73.0.147	attackbotsspam	Invalid user admin from 40.73.0.147 port 38718	2020-09-13 07:17:33
72.223.168.76	attackspam	Automatic report - Banned IP Access	2020-09-13 07:04:46
5.188.86.216	attackspambots	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-09-12T20:30:32Z	2020-09-13 07:16:44
204.42.253.132	attack	UDP 204.42.253.132:51774 -> port 1900, len 121	2020-09-13 07:25:16
116.74.18.25	attackspam	port scan and connect, tcp 23 (telnet)	2020-09-13 07:13:32
54.37.86.192	attackbotsspam	Sep 13 01:04:55 localhost sshd\[3782\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.86.192 user=root Sep 13 01:04:57 localhost sshd\[3782\]: Failed password for root from 54.37.86.192 port 38880 ssh2 Sep 13 01:08:35 localhost sshd\[4068\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.86.192 user=root Sep 13 01:08:37 localhost sshd\[4068\]: Failed password for root from 54.37.86.192 port 51980 ssh2 Sep 13 01:12:23 localhost sshd\[4317\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.86.192 user=root ...	2020-09-13 07:28:03
178.76.246.201	attackspambots	[SatSep1218:55:27.3459412020][:error][pid28434:tid47701840639744][client178.76.246.201:54812][client178.76.246.201]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"connector\\\\\\\\.minimal\\\\\\\\.php"atREQUEST_URI.[file"/usr/local/apache.ea3/conf/modsec_rules/99_asl_jitp.conf"][line"321"][id"393781"][rev"1"][msg"Atomicorp.comWAFRules-VirtualJustInTimePatch:WordPressFileManagerPluginattackblocked"][hostname"cser.ch"][uri"/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"][unique_id"X1z9f9F-s5AkeysgAdCUgQAAAMQ"]\,referer:http://cser.ch/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php[SatSep1218:55:29.6396152020][:error][pid11873:tid47701932660480][client178.76.246.201:55070][client178.76.246.201]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"connector\\\\\\\\.minimal\\\\\\\\.php"atREQUEST_URI.[file"/usr/local/apache.ea3/conf/modsec_rules/99_asl_jitp.conf"][line"321"][id"393781"][rev"1"][msg"Atomicorp.comWAFRules-VirtualJustInTi	2020-09-13 07:19:54
177.207.251.18	attackspam	2020-09-13T01:28:42.981024ks3355764 sshd[6676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.207.251.18 user=root 2020-09-13T01:28:44.898389ks3355764 sshd[6676]: Failed password for root from 177.207.251.18 port 34859 ssh2 ...	2020-09-13 07:29:27
89.248.171.181	attack	Brute forcing email accounts	2020-09-13 06:59:02

最近上报的IP列表

103.120.226.115	102.165.53.142	148.70.246.130	218.17.157.34
61.179.186.72	184.22.6.3	72.183.253.245	27.25.11.178
134.209.24.143	187.138.156.250	123.233.246.52	120.29.155.122
39.93.0.236	167.62.253.27	139.59.4.63	77.42.106.68
27.76.172.73	36.26.155.88	134.209.96.136	2800:810:498:18f:e55e:1598:4b4d:8e1c