JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 106.75.9.232

106.75.9.232 was found in our database!

This IP was reported 511 times. Confidence of Abuse is 100%: ?

100%

ISP	Shanghai UCloud Information Technology Company Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4808
Domain Name	ucloud.cn
Country	🇨🇳 China
City	Beijing, Beijing

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 106.75.9.232

Whois 106.75.9.232

IP Abuse Reports for 106.75.9.232:

This IP address has been reported a total of 511 times from 126 distinct sources. 106.75.9.232 was first reported on January 7th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Justin F. \| AS204464	2026-05-06 12:29:04 (4 weeks ago)	Honeypot [nx-infrastructure]: Unauthorized traffic (53 bytes of payload); 8554 [6] TCP Reported by: ... show more Honeypot [nx-infrastructure]: Unauthorized traffic (53 bytes of payload); 8554 [6] TCP Reported by: Justin F. show less	Port Scan
🇩🇪 femboy.cat	2026-05-06 07:59:29 (4 weeks ago)	Port scan to tcp/2107 from 106.75.9.232	Brute-Force
🇳🇱 donarev419	2026-05-06 03:01:42 (4 weeks ago)	Connection to port 6666 with data transfer. Data preview: �	Port Scan Hacking
🇨🇳 ThreatBook.io	2026-05-06 01:10:45 (4 weeks ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/106.75.9.232 202 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/106.75.9.232 2026-05-05 05:42:11 / 2026-05-05 05:44:22 / show less	Web App Attack
🇵🇱 sefinek.net	2026-05-05 21:48:59 (4 weeks ago)	Honeypot hit: HTTP/1.1 request on 25105 GET / Accept: /; 25105 [5] TCP Reported by: https://githu ... show more Honeypot hit: HTTP/1.1 request on 25105 GET / Accept: /; 25105 [5] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇺🇸 kosada.com	2026-05-05 16:24:55 (4 weeks ago)	Web vulnerability probing: / (bogus vhost/SNI)	Web App Attack
🇫🇮 pixiekat	2026-05-05 14:55:02 (4 weeks ago)	[Tue May 05 15:54:59.169195 2026] [authz_core:error] [pid 171194:tid 171252] [client 106.75.9.232:47 ... show more [Tue May 05 15:54:59.169195 2026] [authz_core:error] [pid 171194:tid 171252] [client 106.75.9.232:47540] AH01630: client denied by server configuration: /var/www/html/version [Tue May 05 15:54:59.633642 2026] [authz_core:error] [pid 171194:tid 171235] [client 106.75.9.232:47628] AH01630: client denied by server configuration: /var/www/html/ [Tue May 05 15:55:00.780479 2026] [authz_core:error] [pid 171194:tid 171244] [client 106.75.9.232:47910] AH01630: client denied by server configuration: /var/www/html/ [Tue May 05 15:55:01.791096 2026] [authz_core:error] [pid 171137:tid 171192] [client 106.75.9.232:48098] AH01630: client denied by server configuration: /var/www/html/v1 [Tue May 05 15:55:02.135326 2026] [authz_core:error] [pid 171194:tid 171243] [client 106.75.9.232:48364] AH01630: client denied by server configuration: /var/www/html/ ... show less	Brute-Force
🇯🇵 mkaraki	2026-05-05 13:17:49 (4 weeks ago)	1777987064 # Service_probe # SIGNATURE_SEND # source_ip:106.75.9.232 # dst_port:2600 ...	Port Scan
🇺🇸 donarev419	2026-05-05 06:06:43 (4 weeks ago)	Connection to port 6007 with data transfer. Data preview: GET / HTTP/1.1 Host: 104.250.239.52:6007 ... show more Connection to port 6007 with data transfer. Data preview: GET / HTTP/1.1 Host: 104.250.239.52:6007 Accept: / show less	Port Scan Hacking
🇷🇺 Mga Admin	2026-05-05 02:53:12 (4 weeks ago)	106.75.9.232 - - [05/May/2026:09:53:11 +0700] "GET / HTTP/1.1" 400 226 "-" "NTRIP GNSSInternetRadio" ... show more 106.75.9.232 - - [05/May/2026:09:53:11 +0700] "GET / HTTP/1.1" 400 226 "-" "NTRIP GNSSInternetRadio" ... show less	Web App Attack
🇩🇪 ghostwarriors	2026-05-05 01:18:01 (4 weeks ago)	Tried to connect but listed on DNSBL	Phishing Web Spam Email Spam
🇦🇺 LiftUp Hosting	2026-05-04 18:16:08 (4 weeks ago)	Honeypot hit: HTTP/1.1 request on 12000 GET / Accept: /; 12000 [2] TCP	Hacking Bad Web Bot
🇵🇱 sefinek.net	2026-05-04 17:08:34 (4 weeks ago)	Honeypot hit: Unauthorized traffic (64 bytes of payload); 6001 [13] TCP Reported by: https://github. ... show more Honeypot hit: Unauthorized traffic (64 bytes of payload); 6001 [13] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇱🇻 garmtech.com	2026-05-04 15:43:09 (4 weeks ago)	Failed login to SQL database	Brute-Force
🇱🇻 garmtech.com	2026-05-04 15:42:29 (4 weeks ago)	Multiple aborted logins to database.	Brute-Force

Showing 121 to 135 of 511 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 207.46.13.63

🇩🇪 194.164.59.59

🇺🇸 194.5.52.12

🇺🇸 192.163.207.50

🇬🇧 185.247.137.207

🇺🇸 172.236.233.65

🇺🇸 162.216.150.201

🇩🇪 143.244.84.172

🇸🇬 139.99.38.177

🇺🇸 137.184.228.138

🇨🇦 57.134.215.133

🇳🇱 45.198.224.18

🇮🇳 20.198.126.159

🇮🇹 2.193.81.98

🇪🇸 212.30.33.120

🇧🇷 187.51.219.26

🇮🇳 183.83.196.151

🇮🇩 182.8.250.27

🇨🇳 171.36.7.218

🇳🇱 103.251.165.133