106.75.66.108 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shanghai UCloud Information Technology Company Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH login attempts.	2020-09-27 01:31:59
attackbots	Sep 26 07:53:04 ip-172-31-16-56 sshd\[2118\]: Invalid user op from 106.75.66.108\ Sep 26 07:53:07 ip-172-31-16-56 sshd\[2118\]: Failed password for invalid user op from 106.75.66.108 port 37556 ssh2\ Sep 26 07:57:43 ip-172-31-16-56 sshd\[2161\]: Failed password for root from 106.75.66.108 port 42392 ssh2\ Sep 26 08:02:31 ip-172-31-16-56 sshd\[2207\]: Invalid user scs from 106.75.66.108\ Sep 26 08:02:33 ip-172-31-16-56 sshd\[2207\]: Failed password for invalid user scs from 106.75.66.108 port 47230 ssh2\	2020-09-26 17:24:50
attackspambots	2020-09-23T01:19:16.260011n23.at sshd[2549366]: Failed password for invalid user manager from 106.75.66.108 port 36864 ssh2 2020-09-23T01:30:13.203241n23.at sshd[2559153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.66.108 user=root 2020-09-23T01:30:15.429921n23.at sshd[2559153]: Failed password for root from 106.75.66.108 port 55002 ssh2 ...	2020-09-23 20:21:08
attackspambots	2020-09-23T01:19:16.260011n23.at sshd[2549366]: Failed password for invalid user manager from 106.75.66.108 port 36864 ssh2 2020-09-23T01:30:13.203241n23.at sshd[2559153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.66.108 user=root 2020-09-23T01:30:15.429921n23.at sshd[2559153]: Failed password for root from 106.75.66.108 port 55002 ssh2 ...	2020-09-23 12:44:14
attackbots	Sep 22 19:05:24 * sshd[23229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.66.108 Sep 22 19:05:25 * sshd[23229]: Failed password for invalid user centos from 106.75.66.108 port 45206 ssh2	2020-09-23 04:29:10
attackbotsspam	Failed password for root from 106.75.66.108 port 45486 ssh2	2020-08-20 17:05:46

Comments on same subnet:

IP	Type	Details	Datetime
106.75.66.70	attack	Sep 28 18:40:51 vps sshd[25650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.66.70 Sep 28 18:40:53 vps sshd[25650]: Failed password for invalid user python from 106.75.66.70 port 33699 ssh2 Sep 28 18:48:08 vps sshd[26122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.66.70 ...	2020-09-29 03:56:34
106.75.66.70	attackbots	$f2bV_matches	2020-09-28 20:10:09
106.75.66.70	attackbots	Sep 28 05:00:19 vps647732 sshd[30106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.66.70 Sep 28 05:00:20 vps647732 sshd[30106]: Failed password for invalid user jared from 106.75.66.70 port 43724 ssh2 ...	2020-09-28 12:14:10

Type

Details

Datetime

106.75.66.70

attack

Sep 28 18:40:51 vps sshd[25650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.66.70 
Sep 28 18:40:53 vps sshd[25650]: Failed password for invalid user python from 106.75.66.70 port 33699 ssh2
Sep 28 18:48:08 vps sshd[26122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.66.70 
...

2020-09-29 03:56:34

106.75.66.70

attackbots

$f2bV_matches

2020-09-28 20:10:09

106.75.66.70

attackbots

Sep 28 05:00:19 vps647732 sshd[30106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.66.70
Sep 28 05:00:20 vps647732 sshd[30106]: Failed password for invalid user jared from 106.75.66.70 port 43724 ssh2
...

2020-09-28 12:14:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.66.108
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8757
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.66.108.			IN	A

;; AUTHORITY SECTION:
.			575	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082000 1800 900 604800 86400

;; Query time: 30 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 20 17:05:43 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 108.66.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 108.66.75.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
198.108.67.60	attack	TCP (SYN) 198.108.67.60:35011 -> port 9001, len 44	2020-06-03 15:27:48
122.51.49.32	attack	2020-06-03T05:48:24.361167mail.broermann.family sshd[496]: Failed password for root from 122.51.49.32 port 42756 ssh2 2020-06-03T05:51:31.058341mail.broermann.family sshd[813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.49.32 user=root 2020-06-03T05:51:33.165793mail.broermann.family sshd[813]: Failed password for root from 122.51.49.32 port 45998 ssh2 2020-06-03T05:54:43.376337mail.broermann.family sshd[1095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.49.32 user=root 2020-06-03T05:54:45.176355mail.broermann.family sshd[1095]: Failed password for root from 122.51.49.32 port 49240 ssh2 ...	2020-06-03 15:16:55
111.229.16.97	attack	Jun 3 07:01:34 marvibiene sshd[14497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.16.97 user=root Jun 3 07:01:36 marvibiene sshd[14497]: Failed password for root from 111.229.16.97 port 50654 ssh2 Jun 3 07:06:22 marvibiene sshd[14565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.16.97 user=root Jun 3 07:06:24 marvibiene sshd[14565]: Failed password for root from 111.229.16.97 port 36346 ssh2 ...	2020-06-03 15:30:55
222.186.15.115	attackspam	2020-06-03T10:28:44.938123lavrinenko.info sshd[12605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.115 user=root 2020-06-03T10:28:47.249682lavrinenko.info sshd[12605]: Failed password for root from 222.186.15.115 port 20611 ssh2 2020-06-03T10:28:44.938123lavrinenko.info sshd[12605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.115 user=root 2020-06-03T10:28:47.249682lavrinenko.info sshd[12605]: Failed password for root from 222.186.15.115 port 20611 ssh2 2020-06-03T10:28:50.172739lavrinenko.info sshd[12605]: Failed password for root from 222.186.15.115 port 20611 ssh2 ...	2020-06-03 15:29:24
49.248.3.10	attack	Jun 3 10:10:07 gw1 sshd[1123]: Failed password for root from 49.248.3.10 port 38684 ssh2 ...	2020-06-03 14:58:31
113.141.67.253	attack	SMB Server BruteForce Attack	2020-06-03 15:25:15
182.61.185.92	attackbots	2020-06-03T08:21:46.190351struts4.enskede.local sshd\[8324\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.185.92 user=root 2020-06-03T08:21:49.258765struts4.enskede.local sshd\[8324\]: Failed password for root from 182.61.185.92 port 54154 ssh2 2020-06-03T08:25:30.611316struts4.enskede.local sshd\[8346\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.185.92 user=root 2020-06-03T08:25:34.304634struts4.enskede.local sshd\[8346\]: Failed password for root from 182.61.185.92 port 58528 ssh2 2020-06-03T08:29:18.456824struts4.enskede.local sshd\[8367\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.185.92 user=root ...	2020-06-03 15:04:54
167.99.67.209	attack	Jun 3 07:59:10 pornomens sshd\[14275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.67.209 user=root Jun 3 07:59:12 pornomens sshd\[14275\]: Failed password for root from 167.99.67.209 port 53508 ssh2 Jun 3 08:00:15 pornomens sshd\[14287\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.67.209 user=root ...	2020-06-03 15:01:46
58.87.114.217	attackbots	2020-06-03 06:11:58,499 fail2ban.actions [937]: NOTICE [sshd] Ban 58.87.114.217 2020-06-03 06:45:32,959 fail2ban.actions [937]: NOTICE [sshd] Ban 58.87.114.217 2020-06-03 07:18:59,296 fail2ban.actions [937]: NOTICE [sshd] Ban 58.87.114.217 2020-06-03 07:52:52,729 fail2ban.actions [937]: NOTICE [sshd] Ban 58.87.114.217 2020-06-03 08:26:53,027 fail2ban.actions [937]: NOTICE [sshd] Ban 58.87.114.217 ...	2020-06-03 15:02:56
49.88.112.72	attackbots	Jun 3 09:25:42 eventyay sshd[7930]: Failed password for root from 49.88.112.72 port 24425 ssh2 Jun 3 09:25:44 eventyay sshd[7930]: Failed password for root from 49.88.112.72 port 24425 ssh2 Jun 3 09:25:47 eventyay sshd[7930]: Failed password for root from 49.88.112.72 port 24425 ssh2 ...	2020-06-03 15:38:35
142.4.209.40	attack	142.4.209.40 - - [03/Jun/2020:08:32:31 +0200] "GET /wp-login.php HTTP/1.1" 200 6364 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.4.209.40 - - [03/Jun/2020:08:32:32 +0200] "POST /wp-login.php HTTP/1.1" 200 6669 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.4.209.40 - - [03/Jun/2020:08:32:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-03 15:01:16
49.234.52.176	attackspambots	Jun 3 05:46:27 tuxlinux sshd[13639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.52.176 user=root Jun 3 05:46:28 tuxlinux sshd[13639]: Failed password for root from 49.234.52.176 port 35792 ssh2 Jun 3 05:46:27 tuxlinux sshd[13639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.52.176 user=root Jun 3 05:46:28 tuxlinux sshd[13639]: Failed password for root from 49.234.52.176 port 35792 ssh2 Jun 3 05:55:10 tuxlinux sshd[13822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.52.176 user=root ...	2020-06-03 15:03:18
2600:100d:b006:6d9:11d2:a433:2a0a:21bd	attackbotsspam	Fail2Ban Ban Triggered	2020-06-03 15:10:38
45.7.138.40	attack	Jun 2 23:57:40 server1 sshd\[30610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.7.138.40 user=root Jun 2 23:57:43 server1 sshd\[30610\]: Failed password for root from 45.7.138.40 port 35446 ssh2 Jun 3 00:01:32 server1 sshd\[31977\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.7.138.40 user=root Jun 3 00:01:34 server1 sshd\[31977\]: Failed password for root from 45.7.138.40 port 38083 ssh2 Jun 3 00:05:32 server1 sshd\[637\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.7.138.40 user=root ...	2020-06-03 15:21:01
182.93.83.15	attack	TCP (SYN) 182.93.83.15:16022 -> port 8080, len 44	2020-06-03 15:18:08

Recently Reported IPs

180.97.182.226	134.122.115.140	118.24.49.24	190.230.235.89
36.79.175.27	87.122.234.181	56.153.121.99	154.221.31.52
220.136.147.189	99.242.90.253	45.176.213.241	42.112.92.9
45.139.221.129	46.255.160.37	254.216.245.58	45.143.223.143
52.91.183.157	45.148.121.137	190.6.218.80	47.240.40.103