106.75.3.52 - IPInfo

Basic Info

City: unknown

Region: Shanghai

Country: China

Internet Service Provider: Shanghai UCloud Information Technology Company Limited

Hostname: unknown

Organization: China Unicom Beijing Province Network

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Honeypot hit.	2020-08-25 07:55:49
attackbots	Fail2Ban Ban Triggered	2020-07-26 05:21:31
attack	Unauthorized connection attempt detected from IP address 106.75.3.52 to port 3333	2020-06-20 18:34:17
attack	Unauthorized connection attempt detected from IP address 106.75.3.52 to port 85	2020-06-01 00:10:38
attackspambots	Unauthorized connection attempt detected from IP address 106.75.3.52 to port 5801 [T]	2020-05-20 10:54:55
attackspambots	Unauthorized connection attempt detected from IP address 106.75.3.52 to port 3333 [J]	2020-01-29 21:26:11
attackbots	Unauthorized connection attempt detected from IP address 106.75.3.52 to port 49 [T]	2020-01-22 05:33:28
attack	Unauthorized connection attempt detected from IP address 106.75.3.52 to port 1099 [J]	2020-01-21 01:23:57
attackspambots	Unauthorized connection attempt detected from IP address 106.75.3.52 to port 993 [T]	2020-01-17 08:34:34
attackbots	Unauthorized connection attempt detected from IP address 106.75.3.52 to port 8099 [J]	2020-01-07 04:36:51
attackspambots	Unauthorized connection attempt detected from IP address 106.75.3.52 to port 512	2020-01-04 08:35:34
attack	Unauthorized connection attempt detected from IP address 106.75.3.52 to port 8443	2020-01-02 19:56:15
attack	Unauthorized connection attempt detected from IP address 106.75.3.52 to port 7077	2020-01-01 21:04:46
attack	Unauthorized connection attempt detected from IP address 106.75.3.52 to port 5007	2020-01-01 04:12:38
attack	Unauthorized connection attempt detected from IP address 106.75.3.52 to port 9981	2019-12-31 08:59:17
attack	Automatic report - Banned IP Access	2019-12-16 04:03:28
attack	Connection by 106.75.3.52 on port: 2501 got caught by honeypot at 10/31/2019 12:05:18 PM	2019-10-31 22:40:55
attack	port scan and connect, tcp 443 (https)	2019-09-21 07:45:18
attack	scan r	2019-08-31 06:07:41
attackspambots	[Aegis] @ 2019-07-19 18:04:06 0100 -> SSH insecure connection attempt (scan).	2019-07-20 06:50:58
attack	Honeypot hit.	2019-07-17 17:27:09
attackbotsspam	port scan and connect, tcp 1521 (oracle-old)	2019-07-10 14:30:08
attackbotsspam	Automatic report - Web App Attack	2019-06-21 18:23:08

Comments on same subnet:

IP	Type	Details	Datetime
106.75.31.125	botsattackproxy	SSH bot	2024-06-18 21:44:49
106.75.32.229	attackbotsspam	Aug 31 17:59:15 hanapaa sshd\[16883\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.32.229 user=root Aug 31 17:59:17 hanapaa sshd\[16883\]: Failed password for root from 106.75.32.229 port 56804 ssh2 Aug 31 18:02:05 hanapaa sshd\[17086\]: Invalid user test101 from 106.75.32.229 Aug 31 18:02:05 hanapaa sshd\[17086\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.32.229 Aug 31 18:02:08 hanapaa sshd\[17086\]: Failed password for invalid user test101 from 106.75.32.229 port 60112 ssh2	2020-09-01 14:59:10
106.75.32.229	attackbots	$f2bV_matches	2020-08-31 04:28:37
106.75.35.150	attack	SSH Invalid Login	2020-08-29 07:08:54
106.75.3.59	attack	Automatic report BANNED IP	2020-08-23 23:40:14
106.75.32.229	attackbots	Aug 23 00:16:21 fhem-rasp sshd[32067]: Invalid user zth from 106.75.32.229 port 43794 ...	2020-08-23 06:50:28
106.75.32.229	attackspam	Aug 22 08:07:00 MainVPS sshd[25102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.32.229 user=root Aug 22 08:07:01 MainVPS sshd[25102]: Failed password for root from 106.75.32.229 port 51562 ssh2 Aug 22 08:13:23 MainVPS sshd[4563]: Invalid user amber from 106.75.32.229 port 59782 Aug 22 08:13:23 MainVPS sshd[4563]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.32.229 Aug 22 08:13:23 MainVPS sshd[4563]: Invalid user amber from 106.75.32.229 port 59782 Aug 22 08:13:25 MainVPS sshd[4563]: Failed password for invalid user amber from 106.75.32.229 port 59782 ssh2 ...	2020-08-22 17:31:12
106.75.3.59	attackbots	2020-08-19T05:46:39.810124+02:00 sshd[1406]: Failed password for root from 106.75.3.59 port 64246 ssh2	2020-08-19 19:03:30
106.75.32.229	attack	Aug 16 16:57:43 PorscheCustomer sshd[21052]: Failed password for root from 106.75.32.229 port 49912 ssh2 Aug 16 17:03:42 PorscheCustomer sshd[21398]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.32.229 Aug 16 17:03:44 PorscheCustomer sshd[21398]: Failed password for invalid user liferay from 106.75.32.229 port 54220 ssh2 ...	2020-08-17 01:06:05
106.75.35.150	attackbotsspam	Aug 16 08:21:17 pornomens sshd\[1304\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.35.150 user=root Aug 16 08:21:19 pornomens sshd\[1304\]: Failed password for root from 106.75.35.150 port 46286 ssh2 Aug 16 08:24:21 pornomens sshd\[1333\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.35.150 user=root ...	2020-08-16 15:41:19
106.75.32.229	attackbotsspam	Aug 16 00:37:43 marvibiene sshd[32657]: Failed password for root from 106.75.32.229 port 46328 ssh2 Aug 16 00:52:06 marvibiene sshd[1222]: Failed password for root from 106.75.32.229 port 34946 ssh2	2020-08-16 07:02:28
106.75.3.59	attackbots	Ssh brute force	2020-08-15 08:06:01
106.75.32.229	attackbots	"fail2ban match"	2020-08-15 01:36:24
106.75.35.150	attackbots	Aug 7 12:54:14 Tower sshd[30869]: Connection from 106.75.35.150 port 56630 on 192.168.10.220 port 22 rdomain "" Aug 7 12:54:18 Tower sshd[30869]: Failed password for root from 106.75.35.150 port 56630 ssh2 Aug 7 12:54:18 Tower sshd[30869]: Received disconnect from 106.75.35.150 port 56630:11: Bye Bye [preauth] Aug 7 12:54:18 Tower sshd[30869]: Disconnected from authenticating user root 106.75.35.150 port 56630 [preauth]	2020-08-08 03:33:15
106.75.3.59	attack	Aug 7 15:26:06 cosmoit sshd[29653]: Failed password for root from 106.75.3.59 port 52787 ssh2	2020-08-07 22:12:11

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.3.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60174
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.3.52.			IN	A

;; AUTHORITY SECTION:
.			1044	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050100 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed May 01 19:17:21 +08 2019
;; MSG SIZE  rcvd: 115

Host info

Host 52.3.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 52.3.75.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
171.254.10.202	attack	Unauthorized connection attempt from IP address 171.254.10.202 on Port 445(SMB)	2019-08-21 14:51:44
92.32.68.230	attack	Splunk® : Brute-Force login attempt on SSH: Aug 20 21:30:18 testbed sshd[14634]: Connection closed by 92.32.68.230 port 59006 [preauth]	2019-08-21 14:41:05
115.94.204.156	attackspam	Aug 21 02:24:56 aat-srv002 sshd[3785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.204.156 Aug 21 02:24:58 aat-srv002 sshd[3785]: Failed password for invalid user franziska from 115.94.204.156 port 37608 ssh2 Aug 21 02:29:31 aat-srv002 sshd[3899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.94.204.156 Aug 21 02:29:33 aat-srv002 sshd[3899]: Failed password for invalid user user9 from 115.94.204.156 port 42184 ssh2 ...	2019-08-21 15:31:50
106.12.199.98	attack	Aug 21 03:12:14 hcbbdb sshd\[5715\]: Invalid user admin1 from 106.12.199.98 Aug 21 03:12:14 hcbbdb sshd\[5715\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 Aug 21 03:12:16 hcbbdb sshd\[5715\]: Failed password for invalid user admin1 from 106.12.199.98 port 57588 ssh2 Aug 21 03:14:27 hcbbdb sshd\[5954\]: Invalid user debian from 106.12.199.98 Aug 21 03:14:27 hcbbdb sshd\[5954\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98	2019-08-21 15:30:42
37.17.59.60	attackbotsspam	Aug 21 07:57:21 tux-35-217 sshd\[17382\]: Invalid user david from 37.17.59.60 port 47966 Aug 21 07:57:21 tux-35-217 sshd\[17382\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.17.59.60 Aug 21 07:57:23 tux-35-217 sshd\[17382\]: Failed password for invalid user david from 37.17.59.60 port 47966 ssh2 Aug 21 08:01:57 tux-35-217 sshd\[17414\]: Invalid user jonathan from 37.17.59.60 port 37838 Aug 21 08:01:57 tux-35-217 sshd\[17414\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.17.59.60 ...	2019-08-21 14:50:29
107.170.237.219	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-21 14:52:53
40.76.49.64	attackbots	Invalid user strenesse from 40.76.49.64 port 36440	2019-08-21 14:49:33
142.93.163.80	attackbotsspam	Aug 21 06:32:24 tux-35-217 sshd\[16720\]: Invalid user kiuchi from 142.93.163.80 port 54762 Aug 21 06:32:24 tux-35-217 sshd\[16720\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.163.80 Aug 21 06:32:25 tux-35-217 sshd\[16720\]: Failed password for invalid user kiuchi from 142.93.163.80 port 54762 ssh2 Aug 21 06:33:10 tux-35-217 sshd\[16722\]: Invalid user kong from 142.93.163.80 port 42694 Aug 21 06:33:10 tux-35-217 sshd\[16722\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.163.80 ...	2019-08-21 15:33:29
222.186.42.117	attackspam	Aug 20 20:49:12 php1 sshd\[29066\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.117 user=root Aug 20 20:49:14 php1 sshd\[29066\]: Failed password for root from 222.186.42.117 port 48606 ssh2 Aug 20 20:49:20 php1 sshd\[29075\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.117 user=root Aug 20 20:49:22 php1 sshd\[29075\]: Failed password for root from 222.186.42.117 port 50940 ssh2 Aug 20 20:49:27 php1 sshd\[29091\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.117 user=root	2019-08-21 14:54:08
103.130.218.125	attackspambots	Unauthorized SSH login attempts	2019-08-21 15:11:33
178.128.99.4	attackspam	Aug 21 06:42:26 OPSO sshd\[9190\]: Invalid user internet from 178.128.99.4 port 45222 Aug 21 06:42:26 OPSO sshd\[9190\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.99.4 Aug 21 06:42:29 OPSO sshd\[9190\]: Failed password for invalid user internet from 178.128.99.4 port 45222 ssh2 Aug 21 06:47:28 OPSO sshd\[10033\]: Invalid user test8 from 178.128.99.4 port 48172 Aug 21 06:47:28 OPSO sshd\[10033\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.99.4	2019-08-21 15:01:42
188.131.218.175	attackbotsspam	Aug 20 16:45:55 aiointranet sshd\[26928\]: Invalid user ionut123 from 188.131.218.175 Aug 20 16:45:55 aiointranet sshd\[26928\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.218.175 Aug 20 16:45:57 aiointranet sshd\[26928\]: Failed password for invalid user ionut123 from 188.131.218.175 port 44236 ssh2 Aug 20 16:47:32 aiointranet sshd\[27097\]: Invalid user ryo from 188.131.218.175 Aug 20 16:47:32 aiointranet sshd\[27097\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.218.175	2019-08-21 14:55:10
200.69.236.139	attackbotsspam	Aug 21 08:55:57 rpi sshd[21571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.69.236.139 Aug 21 08:56:00 rpi sshd[21571]: Failed password for invalid user polycom from 200.69.236.139 port 38681 ssh2	2019-08-21 15:04:13
222.186.42.94	attack	2019-08-21T06:54:11.170843abusebot-4.cloudsearch.cf sshd\[25251\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.94 user=root	2019-08-21 14:57:46
115.42.204.254	attackspambots	Unauthorized connection attempt from IP address 115.42.204.254 on Port 445(SMB)	2019-08-21 15:06:42

Recently Reported IPs

101.99.3.211	196.137.43.81	45.77.245.35	154.0.46.202
117.35.187.161	91.142.220.151	182.142.112.95	222.92.244.35
222.29.218.133	182.138.111.223	235.65.194.107	151.232.198.203
85.105.6.226	200.91.199.180	1.220.217.37	248.32.93.174
27.61.16.157	180.76.155.106	84.208.96.89	183.239.22.67