106.75.214.72 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shanghai UCloud Information Technology Company Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Bruteforce detected by fail2ban	2020-08-21 22:13:22
attackspambots	Jul 28 09:58:56 marvibiene sshd[23502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 Jul 28 09:58:58 marvibiene sshd[23502]: Failed password for invalid user dyd from 106.75.214.72 port 46320 ssh2 Jul 28 10:02:58 marvibiene sshd[23753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72	2020-07-28 16:26:30
attack	$f2bV_matches	2020-07-23 03:51:11
attackspambots	Jul 21 23:04:33 ns382633 sshd\[19177\]: Invalid user linux from 106.75.214.72 port 40878 Jul 21 23:04:33 ns382633 sshd\[19177\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 Jul 21 23:04:36 ns382633 sshd\[19177\]: Failed password for invalid user linux from 106.75.214.72 port 40878 ssh2 Jul 21 23:10:00 ns382633 sshd\[20340\]: Invalid user postgres from 106.75.214.72 port 40700 Jul 21 23:10:00 ns382633 sshd\[20340\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72	2020-07-22 05:22:51
attackspambots	Jul 17 06:18:43 vps647732 sshd[24673]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 Jul 17 06:18:46 vps647732 sshd[24673]: Failed password for invalid user sonar from 106.75.214.72 port 53714 ssh2 ...	2020-07-17 12:20:24
attackbots	Jul 13 12:23:10 ws26vmsma01 sshd[77276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 Jul 13 12:23:12 ws26vmsma01 sshd[77276]: Failed password for invalid user webuser from 106.75.214.72 port 36464 ssh2 ...	2020-07-13 21:45:36
attackbotsspam	5x Failed Password	2020-07-07 02:24:07
attackspambots	Jun 23 06:22:48 scw-tender-jepsen sshd[28123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 Jun 23 06:22:50 scw-tender-jepsen sshd[28123]: Failed password for invalid user red from 106.75.214.72 port 38878 ssh2	2020-06-23 18:50:40
attack	failed root login	2020-06-16 00:18:53
attackspam	2020-06-06T22:31:40+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-06-07 07:04:53
attackbotsspam	2020-06-05T07:01:19.268897vps773228.ovh.net sshd[3899]: Failed password for root from 106.75.214.72 port 59374 ssh2 2020-06-05T07:06:27.597022vps773228.ovh.net sshd[3949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 user=root 2020-06-05T07:06:29.691103vps773228.ovh.net sshd[3949]: Failed password for root from 106.75.214.72 port 57818 ssh2 2020-06-05T07:11:35.266817vps773228.ovh.net sshd[4008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 user=root 2020-06-05T07:11:37.320143vps773228.ovh.net sshd[4008]: Failed password for root from 106.75.214.72 port 56262 ssh2 ...	2020-06-05 19:37:47
attack	Jun 3 22:08:31 Ubuntu-1404-trusty-64-minimal sshd\[8092\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 user=root Jun 3 22:08:34 Ubuntu-1404-trusty-64-minimal sshd\[8092\]: Failed password for root from 106.75.214.72 port 37400 ssh2 Jun 3 22:13:21 Ubuntu-1404-trusty-64-minimal sshd\[11353\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 user=root Jun 3 22:13:24 Ubuntu-1404-trusty-64-minimal sshd\[11353\]: Failed password for root from 106.75.214.72 port 56346 ssh2 Jun 3 22:15:31 Ubuntu-1404-trusty-64-minimal sshd\[12503\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 user=root	2020-06-04 04:44:33
attack	Jun 2 20:16:12 ws25vmsma01 sshd[177212]: Failed password for root from 106.75.214.72 port 40970 ssh2 ...	2020-06-03 04:54:44
attack	May 30 19:36:27 odroid64 sshd\[2113\]: User root from 106.75.214.72 not allowed because not listed in AllowUsers May 30 19:36:27 odroid64 sshd\[2113\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.72 user=root ...	2020-05-31 02:12:44
attackspambots	Invalid user mzq from 106.75.214.72 port 53404	2020-05-29 02:34:49
attackbots	k+ssh-bruteforce	2020-05-11 22:15:14

Comments on same subnet:

IP	Type	Details	Datetime
106.75.214.102	attack	Lines containing failures of 106.75.214.102 Sep 9 20:46:14 www sshd[7425]: Invalid user nx from 106.75.214.102 port 33308 Sep 9 20:46:14 www sshd[7425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.102 Sep 9 20:46:16 www sshd[7425]: Failed password for invalid user nx from 106.75.214.102 port 33308 ssh2 Sep 9 20:46:16 www sshd[7425]: Received disconnect from 106.75.214.102 port 33308:11: Bye Bye [preauth] Sep 9 20:46:16 www sshd[7425]: Disconnected from invalid user nx 106.75.214.102 port 33308 [preauth] Sep 9 20:48:45 www sshd[7762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.102 user=r.r Sep 9 20:48:47 www sshd[7762]: Failed password for r.r from 106.75.214.102 port 58240 ssh2 Sep 9 20:48:47 www sshd[7762]: Received disconnect from 106.75.214.102 port 58240:11: Bye Bye [preauth] Sep 9 20:48:47 www sshd[7762]: Disconnected from authenticating user r.r ........ ------------------------------	2020-09-12 00:22:02
106.75.214.102	attackbots	Lines containing failures of 106.75.214.102 Sep 9 20:46:14 www sshd[7425]: Invalid user nx from 106.75.214.102 port 33308 Sep 9 20:46:14 www sshd[7425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.102 Sep 9 20:46:16 www sshd[7425]: Failed password for invalid user nx from 106.75.214.102 port 33308 ssh2 Sep 9 20:46:16 www sshd[7425]: Received disconnect from 106.75.214.102 port 33308:11: Bye Bye [preauth] Sep 9 20:46:16 www sshd[7425]: Disconnected from invalid user nx 106.75.214.102 port 33308 [preauth] Sep 9 20:48:45 www sshd[7762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.102 user=r.r Sep 9 20:48:47 www sshd[7762]: Failed password for r.r from 106.75.214.102 port 58240 ssh2 Sep 9 20:48:47 www sshd[7762]: Received disconnect from 106.75.214.102 port 58240:11: Bye Bye [preauth] Sep 9 20:48:47 www sshd[7762]: Disconnected from authenticating user r.r ........ ------------------------------	2020-09-11 16:23:01
106.75.214.102	attack	Scanned 3 times in the last 24 hours on port 22	2020-09-11 08:34:12
106.75.214.239	attackspambots	Brute-force attempt banned	2020-05-16 23:43:42
106.75.214.239	attackbotsspam	May 4 00:36:32 sip sshd[28621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.239 May 4 00:36:35 sip sshd[28621]: Failed password for invalid user server from 106.75.214.239 port 56922 ssh2 May 4 00:49:31 sip sshd[1128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.239	2020-05-04 07:03:38
106.75.214.239	attackbots	Invalid user leslie from 106.75.214.239 port 52010	2020-05-03 17:48:33
106.75.214.239	attack	Invalid user ah from 106.75.214.239 port 34614	2020-04-24 18:25:49
106.75.214.239	attackbotsspam	(sshd) Failed SSH login from 106.75.214.239 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 19 13:44:41 elude sshd[7185]: Invalid user zk from 106.75.214.239 port 34042 Apr 19 13:44:42 elude sshd[7185]: Failed password for invalid user zk from 106.75.214.239 port 34042 ssh2 Apr 19 13:57:07 elude sshd[9075]: Invalid user admin from 106.75.214.239 port 38236 Apr 19 13:57:09 elude sshd[9075]: Failed password for invalid user admin from 106.75.214.239 port 38236 ssh2 Apr 19 14:04:22 elude sshd[10225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.239 user=root	2020-04-19 21:36:04
106.75.214.239	attack	SSH Brute Force	2020-04-17 05:36:31
106.75.214.239	attackspam	bruteforce detected	2020-04-16 03:45:20
106.75.214.239	attackspam	Apr 15 12:17:30 ns381471 sshd[28045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.239 Apr 15 12:17:33 ns381471 sshd[28045]: Failed password for invalid user ben from 106.75.214.239 port 38870 ssh2	2020-04-15 18:45:33
106.75.214.239	attackbotsspam	Invalid user server1 from 106.75.214.239 port 56942	2020-04-11 14:34:38
106.75.214.239	attack	Apr 10 14:04:13 ws12vmsma01 sshd[22021]: Invalid user user2 from 106.75.214.239 Apr 10 14:04:16 ws12vmsma01 sshd[22021]: Failed password for invalid user user2 from 106.75.214.239 port 41644 ssh2 Apr 10 14:13:08 ws12vmsma01 sshd[23434]: Invalid user wangk from 106.75.214.239 ...	2020-04-11 04:27:39
106.75.214.239	attack	Invalid user alexandru from 106.75.214.239 port 43640	2020-04-01 17:24:58
106.75.214.239	attackspambots	Mar 22 06:24:58 itv-usvr-01 sshd[23219]: Invalid user la from 106.75.214.239 Mar 22 06:24:58 itv-usvr-01 sshd[23219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.239 Mar 22 06:24:58 itv-usvr-01 sshd[23219]: Invalid user la from 106.75.214.239 Mar 22 06:25:00 itv-usvr-01 sshd[23219]: Failed password for invalid user la from 106.75.214.239 port 46726 ssh2	2020-03-27 22:27:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.214.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37379
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.214.72.			IN	A

;; AUTHORITY SECTION:
.			423	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051100 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 11 22:15:10 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 72.214.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 72.214.75.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
5.204.31.19	attackbots	Unauthorized connection attempt detected from IP address 5.204.31.19 to port 445	2020-01-08 07:31:05
51.75.206.42	attack	Jan 7 23:52:20 SilenceServices sshd[12894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.206.42 Jan 7 23:52:21 SilenceServices sshd[12894]: Failed password for invalid user test from 51.75.206.42 port 58794 ssh2 Jan 7 23:54:45 SilenceServices sshd[14753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.206.42	2020-01-08 07:33:22
134.73.55.62	attackbotsspam	Jan 7 22:17:33 grey postfix/smtpd\[18300\]: NOQUEUE: reject: RCPT from unknown\[134.73.55.62\]: 554 5.7.1 Service unavailable\; Client host \[134.73.55.62\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[134.73.55.62\]\; from=\<3644-1134-56717-1128-principal=learning-steps.com@mail.debastext.info\> to=\ proto=ESMTP helo=\ ...	2020-01-08 07:55:34
118.25.94.212	attack	Unauthorized connection attempt detected from IP address 118.25.94.212 to port 2220 [J]	2020-01-08 07:45:29
52.15.212.3	attack	01/08/2020-00:31:25.267628 52.15.212.3 Protocol: 6 ET POLICY Cleartext WordPress Login	2020-01-08 07:43:36
202.84.37.154	attackspam	Unauthorized connection attempt detected from IP address 202.84.37.154 to port 1433 [J]	2020-01-08 07:32:03
203.195.243.146	attack	Unauthorized connection attempt detected from IP address 203.195.243.146 to port 2220 [J]	2020-01-08 07:55:12
64.95.98.37	attack	07.01.2020 23:34:06 Connection to port 5060 blocked by firewall	2020-01-08 07:33:43
125.227.255.79	attackbotsspam	Unauthorized connection attempt detected from IP address 125.227.255.79 to port 2220 [J]	2020-01-08 07:39:06
118.27.9.229	attackbotsspam	Unauthorized connection attempt detected from IP address 118.27.9.229 to port 2220 [J]	2020-01-08 07:24:31
189.59.17.215	attackbotsspam	Unauthorized connection attempt detected from IP address 189.59.17.215 to port 2220 [J]	2020-01-08 08:00:35
88.214.26.39	attack	200107 16:04:18 [Warning] Access denied for user 'magento'@'88.214.26.39' (using password: YES) 200107 16:04:21 [Warning] Access denied for user 'magento'@'88.214.26.39' (using password: YES) 200107 16:04:24 [Warning] Access denied for user 'magento'@'88.214.26.39' (using password: YES) ...	2020-01-08 07:46:10
190.3.79.52	attack	Unauthorized connection attempt detected from IP address 190.3.79.52 to port 2222	2020-01-08 07:27:23
189.42.239.34	attack	Jan 7 23:45:09 SilenceServices sshd[7309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.42.239.34 Jan 7 23:45:10 SilenceServices sshd[7309]: Failed password for invalid user yrh from 189.42.239.34 port 55750 ssh2 Jan 7 23:48:38 SilenceServices sshd[9982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.42.239.34	2020-01-08 07:30:37
115.248.198.106	attackbotsspam	Unauthorized connection attempt detected from IP address 115.248.198.106 to port 2220 [J]	2020-01-08 07:50:06

Recently Reported IPs

82.29.211.55	62.69.134.83	47.30.201.144	129.158.114.232
200.52.41.191	173.82.245.198	177.128.234.43	195.154.188.108
116.208.47.164	118.35.113.126	92.44.111.23	78.106.46.8
216.55.99.240	117.198.93.71	154.8.177.205	210.112.95.177
68.183.156.150	202.28.212.26	90.128.72.227	62.149.116.5