106.55.21.141 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Oct 2 04:43:50 gw1 sshd[18136]: Failed password for root from 106.55.21.141 port 60176 ssh2 ...	2020-10-02 07:57:34
attackspam	Invalid user roel from 106.55.21.141 port 58830	2020-10-02 00:33:31
attack	Oct 1 08:55:59 ajax sshd[22850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.21.141 Oct 1 08:56:01 ajax sshd[22850]: Failed password for invalid user share from 106.55.21.141 port 54322 ssh2	2020-10-01 16:38:35

Type

Details

Datetime

attackbots

Oct  2 04:43:50 gw1 sshd[18136]: Failed password for root from 106.55.21.141 port 60176 ssh2
...

2020-10-02 07:57:34

attackspam

Invalid user roel from 106.55.21.141 port 58830

2020-10-02 00:33:31

attack

Oct  1 08:55:59 ajax sshd[22850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.21.141 
Oct  1 08:56:01 ajax sshd[22850]: Failed password for invalid user share from 106.55.21.141 port 54322 ssh2

2020-10-01 16:38:35

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.55.21.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22582
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.55.21.141.			IN	A

;; AUTHORITY SECTION:
.			493	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020093002 1800 900 604800 86400

;; Query time: 74 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 01 16:38:31 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 141.21.55.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 141.21.55.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.75.10.4	attackspambots	2020-04-22T23:18:56.887705shield sshd\[12970\]: Invalid user sz from 106.75.10.4 port 55042 2020-04-22T23:18:56.891739shield sshd\[12970\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.10.4 2020-04-22T23:18:59.254300shield sshd\[12970\]: Failed password for invalid user sz from 106.75.10.4 port 55042 ssh2 2020-04-22T23:28:02.690071shield sshd\[14515\]: Invalid user test1 from 106.75.10.4 port 59698 2020-04-22T23:28:02.695360shield sshd\[14515\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.10.4	2020-04-23 07:39:42
64.202.189.187	attackbots	64.202.189.187 - - [22/Apr/2020:22:47:54 +0200] "POST /wp-login.php HTTP/1.1" 200 3405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 64.202.189.187 - - [22/Apr/2020:22:47:56 +0200] "POST /wp-login.php HTTP/1.1" 200 3383 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-04-23 07:29:36
117.28.254.143	attackbotsspam	Unauthorized IMAP connection attempt	2020-04-23 07:18:35
203.90.233.7	attackspam	Apr 23 01:17:26 ns382633 sshd\[27421\]: Invalid user admin from 203.90.233.7 port 49579 Apr 23 01:17:26 ns382633 sshd\[27421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.90.233.7 Apr 23 01:17:29 ns382633 sshd\[27421\]: Failed password for invalid user admin from 203.90.233.7 port 49579 ssh2 Apr 23 01:24:52 ns382633 sshd\[28437\]: Invalid user teste from 203.90.233.7 port 63774 Apr 23 01:24:52 ns382633 sshd\[28437\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.90.233.7	2020-04-23 07:37:46
203.147.81.117	attack	(imapd) Failed IMAP login from 203.147.81.117 (NC/New Caledonia/host-203-147-81-117.h34.canl.nc): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 23 00:42:48 ir1 dovecot[264309]: imap-login: Disconnected (auth failed, 1 attempts in 7 secs): user=, method=PLAIN, rip=203.147.81.117, lip=5.63.12.44, TLS, session=	2020-04-23 07:30:09
211.157.179.38	attackbots	2020-04-22T22:34:32.100869homeassistant sshd[23828]: Invalid user ftpuser from 211.157.179.38 port 51375 2020-04-22T22:34:32.109673homeassistant sshd[23828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.157.179.38 ...	2020-04-23 07:21:18
35.220.201.170	attackbots	Apr 23 01:20:36 cloud sshd[17494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.220.201.170 Apr 23 01:20:38 cloud sshd[17494]: Failed password for invalid user test10 from 35.220.201.170 port 46754 ssh2	2020-04-23 07:30:53
187.188.83.115	attack	Apr 23 00:46:23 vps sshd[559849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=fixed-187-188-83-115.totalplay.net Apr 23 00:46:25 vps sshd[559849]: Failed password for invalid user admin from 187.188.83.115 port 37447 ssh2 Apr 23 00:50:36 vps sshd[581269]: Invalid user postgres from 187.188.83.115 port 44892 Apr 23 00:50:36 vps sshd[581269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=fixed-187-188-83-115.totalplay.net Apr 23 00:50:38 vps sshd[581269]: Failed password for invalid user postgres from 187.188.83.115 port 44892 ssh2 ...	2020-04-23 07:13:58
180.76.173.191	attackbots	Invalid user test from 180.76.173.191 port 48626	2020-04-23 07:45:32
222.174.213.178	attack	Invalid user oracle from 222.174.213.178 port 50582	2020-04-23 07:25:04
193.112.185.159	attack	Invalid user admin from 193.112.185.159 port 36414	2020-04-23 07:34:40
5.188.84.220	attack	"XSS Filter - Category 3: Attribute Vector - Matched Data: pattern using venturesome. Subsist a curt biography of the flame circumstances while you are assessing the progeny and providing care	2020-04-23 07:39:06
114.7.197.82	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-04-23 07:34:15
103.74.122.210	attackbotsspam	Invalid user nq from 103.74.122.210 port 49248	2020-04-23 07:36:24
203.128.21.152	attackspam	Autoban 203.128.21.152 AUTH/CONNECT	2020-04-23 07:37:34

Recently Reported IPs

44.40.147.248	171.108.101.39	190.111.151.207	52.149.8.172
193.126.225.207	85.40.53.183	176.67.86.156	159.91.38.35
124.8.209.23	113.230.127.218	17.133.207.33	95.116.82.133
2001:df4:6c00:a117:682f:fc1f:df0e:8d13	60.166.117.164	107.161.169.125	141.154.217.161
106.99.113.65	135.128.154.47	149.204.251.191	114.10.56.26