106.75.214.239

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shanghai UCloud Information Technology Company Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Brute-force attempt banned	2020-05-16 23:43:42
attackbotsspam	May 4 00:36:32 sip sshd[28621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.239 May 4 00:36:35 sip sshd[28621]: Failed password for invalid user server from 106.75.214.239 port 56922 ssh2 May 4 00:49:31 sip sshd[1128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.239	2020-05-04 07:03:38
attackbots	Invalid user leslie from 106.75.214.239 port 52010	2020-05-03 17:48:33
attack	Invalid user ah from 106.75.214.239 port 34614	2020-04-24 18:25:49
attackbotsspam	(sshd) Failed SSH login from 106.75.214.239 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 19 13:44:41 elude sshd[7185]: Invalid user zk from 106.75.214.239 port 34042 Apr 19 13:44:42 elude sshd[7185]: Failed password for invalid user zk from 106.75.214.239 port 34042 ssh2 Apr 19 13:57:07 elude sshd[9075]: Invalid user admin from 106.75.214.239 port 38236 Apr 19 13:57:09 elude sshd[9075]: Failed password for invalid user admin from 106.75.214.239 port 38236 ssh2 Apr 19 14:04:22 elude sshd[10225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.239 user=root	2020-04-19 21:36:04
attack	SSH Brute Force	2020-04-17 05:36:31
attackspam	bruteforce detected	2020-04-16 03:45:20
attackspam	Apr 15 12:17:30 ns381471 sshd[28045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.239 Apr 15 12:17:33 ns381471 sshd[28045]: Failed password for invalid user ben from 106.75.214.239 port 38870 ssh2	2020-04-15 18:45:33
attackbotsspam	Invalid user server1 from 106.75.214.239 port 56942	2020-04-11 14:34:38
attack	Apr 10 14:04:13 ws12vmsma01 sshd[22021]: Invalid user user2 from 106.75.214.239 Apr 10 14:04:16 ws12vmsma01 sshd[22021]: Failed password for invalid user user2 from 106.75.214.239 port 41644 ssh2 Apr 10 14:13:08 ws12vmsma01 sshd[23434]: Invalid user wangk from 106.75.214.239 ...	2020-04-11 04:27:39
attack	Invalid user alexandru from 106.75.214.239 port 43640	2020-04-01 17:24:58
attackspambots	Mar 22 06:24:58 itv-usvr-01 sshd[23219]: Invalid user la from 106.75.214.239 Mar 22 06:24:58 itv-usvr-01 sshd[23219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.239 Mar 22 06:24:58 itv-usvr-01 sshd[23219]: Invalid user la from 106.75.214.239 Mar 22 06:25:00 itv-usvr-01 sshd[23219]: Failed password for invalid user la from 106.75.214.239 port 46726 ssh2	2020-03-27 22:27:17
attack	5x Failed Password	2020-03-25 02:04:36
attack	Mar 23 02:59:00 plusreed sshd[6218]: Invalid user tarantino from 106.75.214.239 ...	2020-03-23 15:12:45
attackspam	2020-03-21 UTC: (25x) - angela,bcampion,cmunn,cybird,dalia,deneen,derik,gordon,gwen,hive,ig,m3chen,mapred,nginx,openbravo,passwd,po,pp,ra,stajima,sunshine,te,test,zhuht,zhushaopei	2020-03-22 20:57:28

Comments on same subnet:

IP	Type	Details	Datetime
106.75.214.102	attack	Lines containing failures of 106.75.214.102 Sep 9 20:46:14 www sshd[7425]: Invalid user nx from 106.75.214.102 port 33308 Sep 9 20:46:14 www sshd[7425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.102 Sep 9 20:46:16 www sshd[7425]: Failed password for invalid user nx from 106.75.214.102 port 33308 ssh2 Sep 9 20:46:16 www sshd[7425]: Received disconnect from 106.75.214.102 port 33308:11: Bye Bye [preauth] Sep 9 20:46:16 www sshd[7425]: Disconnected from invalid user nx 106.75.214.102 port 33308 [preauth] Sep 9 20:48:45 www sshd[7762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.102 user=r.r Sep 9 20:48:47 www sshd[7762]: Failed password for r.r from 106.75.214.102 port 58240 ssh2 Sep 9 20:48:47 www sshd[7762]: Received disconnect from 106.75.214.102 port 58240:11: Bye Bye [preauth] Sep 9 20:48:47 www sshd[7762]: Disconnected from authenticating user r.r ........ ------------------------------	2020-09-12 00:22:02
106.75.214.102	attackbots	Lines containing failures of 106.75.214.102 Sep 9 20:46:14 www sshd[7425]: Invalid user nx from 106.75.214.102 port 33308 Sep 9 20:46:14 www sshd[7425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.102 Sep 9 20:46:16 www sshd[7425]: Failed password for invalid user nx from 106.75.214.102 port 33308 ssh2 Sep 9 20:46:16 www sshd[7425]: Received disconnect from 106.75.214.102 port 33308:11: Bye Bye [preauth] Sep 9 20:46:16 www sshd[7425]: Disconnected from invalid user nx 106.75.214.102 port 33308 [preauth] Sep 9 20:48:45 www sshd[7762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.102 user=r.r Sep 9 20:48:47 www sshd[7762]: Failed password for r.r from 106.75.214.102 port 58240 ssh2 Sep 9 20:48:47 www sshd[7762]: Received disconnect from 106.75.214.102 port 58240:11: Bye Bye [preauth] Sep 9 20:48:47 www sshd[7762]: Disconnected from authenticating user r.r ........ ------------------------------	2020-09-11 16:23:01
106.75.214.102	attack	Scanned 3 times in the last 24 hours on port 22	2020-09-11 08:34:12
106.75.214.72	attackbotsspam	Bruteforce detected by fail2ban	2020-08-21 22:13:22
106.75.214.72	attackspambots	Jul 28 09:58:56 marvibiene sshd[23502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 Jul 28 09:58:58 marvibiene sshd[23502]: Failed password for invalid user dyd from 106.75.214.72 port 46320 ssh2 Jul 28 10:02:58 marvibiene sshd[23753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72	2020-07-28 16:26:30
106.75.214.72	attack	$f2bV_matches	2020-07-23 03:51:11
106.75.214.72	attackspambots	Jul 21 23:04:33 ns382633 sshd\[19177\]: Invalid user linux from 106.75.214.72 port 40878 Jul 21 23:04:33 ns382633 sshd\[19177\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 Jul 21 23:04:36 ns382633 sshd\[19177\]: Failed password for invalid user linux from 106.75.214.72 port 40878 ssh2 Jul 21 23:10:00 ns382633 sshd\[20340\]: Invalid user postgres from 106.75.214.72 port 40700 Jul 21 23:10:00 ns382633 sshd\[20340\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72	2020-07-22 05:22:51
106.75.214.72	attackspambots	Jul 17 06:18:43 vps647732 sshd[24673]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 Jul 17 06:18:46 vps647732 sshd[24673]: Failed password for invalid user sonar from 106.75.214.72 port 53714 ssh2 ...	2020-07-17 12:20:24
106.75.214.72	attackbots	Jul 13 12:23:10 ws26vmsma01 sshd[77276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 Jul 13 12:23:12 ws26vmsma01 sshd[77276]: Failed password for invalid user webuser from 106.75.214.72 port 36464 ssh2 ...	2020-07-13 21:45:36
106.75.214.72	attackbotsspam	5x Failed Password	2020-07-07 02:24:07
106.75.214.72	attackspambots	Jun 23 06:22:48 scw-tender-jepsen sshd[28123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 Jun 23 06:22:50 scw-tender-jepsen sshd[28123]: Failed password for invalid user red from 106.75.214.72 port 38878 ssh2	2020-06-23 18:50:40
106.75.214.72	attack	failed root login	2020-06-16 00:18:53
106.75.214.72	attackspam	2020-06-06T22:31:40+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-06-07 07:04:53
106.75.214.72	attackbotsspam	2020-06-05T07:01:19.268897vps773228.ovh.net sshd[3899]: Failed password for root from 106.75.214.72 port 59374 ssh2 2020-06-05T07:06:27.597022vps773228.ovh.net sshd[3949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 user=root 2020-06-05T07:06:29.691103vps773228.ovh.net sshd[3949]: Failed password for root from 106.75.214.72 port 57818 ssh2 2020-06-05T07:11:35.266817vps773228.ovh.net sshd[4008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 user=root 2020-06-05T07:11:37.320143vps773228.ovh.net sshd[4008]: Failed password for root from 106.75.214.72 port 56262 ssh2 ...	2020-06-05 19:37:47
106.75.214.72	attack	Jun 3 22:08:31 Ubuntu-1404-trusty-64-minimal sshd\[8092\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 user=root Jun 3 22:08:34 Ubuntu-1404-trusty-64-minimal sshd\[8092\]: Failed password for root from 106.75.214.72 port 37400 ssh2 Jun 3 22:13:21 Ubuntu-1404-trusty-64-minimal sshd\[11353\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 user=root Jun 3 22:13:24 Ubuntu-1404-trusty-64-minimal sshd\[11353\]: Failed password for root from 106.75.214.72 port 56346 ssh2 Jun 3 22:15:31 Ubuntu-1404-trusty-64-minimal sshd\[12503\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 user=root	2020-06-04 04:44:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.214.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28717
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.214.239.			IN	A

;; AUTHORITY SECTION:
.			527	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032200 1800 900 604800 86400

;; Query time: 48 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 22 20:57:19 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 239.214.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 239.214.75.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
181.188.176.153	attackspam	Automatic report - Port Scan Attack	2020-06-04 21:14:49
87.246.7.74	attack	2020-06-04 16:11:48 auth_plain authenticator failed for (User) [87.246.7.74]: 535 Incorrect authentication data (set_id=iam@com.ua) 2020-06-04 16:14:57 auth_plain authenticator failed for (User) [87.246.7.74]: 535 Incorrect authentication data (set_id=ews@com.ua) ...	2020-06-04 21:26:27
54.37.136.213	attackbots	2020-06-04T15:05:23.778764+02:00 sshd[18459]: Failed password for root from 54.37.136.213 port 53046 ssh2	2020-06-04 21:11:33
218.92.0.171	attackbots	2020-06-04T15:01:35.842768vps751288.ovh.net sshd\[13129\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root 2020-06-04T15:01:38.040882vps751288.ovh.net sshd\[13129\]: Failed password for root from 218.92.0.171 port 6380 ssh2 2020-06-04T15:01:42.235100vps751288.ovh.net sshd\[13129\]: Failed password for root from 218.92.0.171 port 6380 ssh2 2020-06-04T15:01:45.447715vps751288.ovh.net sshd\[13129\]: Failed password for root from 218.92.0.171 port 6380 ssh2 2020-06-04T15:01:49.375675vps751288.ovh.net sshd\[13129\]: Failed password for root from 218.92.0.171 port 6380 ssh2	2020-06-04 21:13:37
189.191.56.218	attackbotsspam	Jun 2 00:06:28 host sshd[29432]: reveeclipse mapping checking getaddrinfo for dsl-189-191-56-218-dyn.prod-infinhostnameum.com.mx [189.191.56.218] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 2 00:06:28 host sshd[29432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.191.56.218 user=r.r Jun 2 00:06:30 host sshd[29432]: Failed password for r.r from 189.191.56.218 port 35789 ssh2 Jun 2 00:06:30 host sshd[29432]: Received disconnect from 189.191.56.218: 11: Bye Bye [preauth] Jun 2 00:14:11 host sshd[19911]: reveeclipse mapping checking getaddrinfo for dsl-189-191-56-218-dyn.prod-infinhostnameum.com.mx [189.191.56.218] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 2 00:14:12 host sshd[19911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.191.56.218 user=r.r Jun 2 00:14:13 host sshd[19911]: Failed password for r.r from 189.191.56.218 port 40945 ssh2 Jun 2 00:14:14 host sshd[19911]: Recei........ -------------------------------	2020-06-04 21:39:43
80.82.65.74	attack	Jun 4 15:27:07 debian-2gb-nbg1-2 kernel: \[13535985.319318\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.65.74 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=28021 PROTO=TCP SPT=58314 DPT=84 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-04 21:46:33
220.133.19.206	attackspam	" "	2020-06-04 21:21:19
13.210.177.21	attackspam	Fail2Ban Ban Triggered	2020-06-04 21:32:43
182.61.161.121	attackspambots	5x Failed Password	2020-06-04 21:20:28
45.143.220.129	attackspam	DDOS	2020-06-04 21:09:34
185.12.45.118	attackbots	(mod_security) mod_security (id:210492) triggered by 185.12.45.118 (CH/Switzerland/emailer112-16.misadventured.com): 5 in the last 3600 secs	2020-06-04 21:16:33
222.186.175.217	attackspam	Jun 4 14:52:34 pve1 sshd[21166]: Failed password for root from 222.186.175.217 port 36142 ssh2 Jun 4 14:52:37 pve1 sshd[21166]: Failed password for root from 222.186.175.217 port 36142 ssh2 ...	2020-06-04 21:25:05
93.113.111.197	attackbotsspam	93.113.111.197 has been banned for [WebApp Attack] ...	2020-06-04 21:39:57
206.189.87.108	attackspam	"fail2ban match"	2020-06-04 21:41:09
222.128.6.194	attackbotsspam	Jun 4 15:20:28 inter-technics sshd[13205]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.128.6.194 user=root Jun 4 15:20:30 inter-technics sshd[13205]: Failed password for root from 222.128.6.194 port 20475 ssh2 Jun 4 15:25:09 inter-technics sshd[13533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.128.6.194 user=root Jun 4 15:25:11 inter-technics sshd[13533]: Failed password for root from 222.128.6.194 port 22655 ssh2 Jun 4 15:30:01 inter-technics sshd[13772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.128.6.194 user=root Jun 4 15:30:03 inter-technics sshd[13772]: Failed password for root from 222.128.6.194 port 5483 ssh2 ...	2020-06-04 21:40:12

Recently Reported IPs

45.172.172.1	49.36.51.213	123.122.172.80	64.227.2.96
36.67.129.77	83.7.180.207	103.212.211.218	14.170.31.59
220.191.220.245	188.165.128.88	172.72.209.187	213.142.12.200
144.202.16.218	185.123.164.52	114.234.251.192	202.82.31.75
111.6.76.117	220.200.207.46	81.177.48.13	179.40.32.102