106.75.106.221

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shanghai UCloud Information Technology Company Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Automatic report - Banned IP Access	2020-09-16 02:57:49
attackbots	Automatic report - Banned IP Access	2020-09-15 18:57:08
attack	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 1911 [T]	2020-08-29 21:17:12
attack	Aug 15 04:49:44 l03 sshd[28722]: Invalid user from 106.75.106.221 port 32996 ...	2020-08-15 19:00:45
attack	Suspicious access to SMTP/POP/IMAP services.	2020-08-11 15:53:20
attackbots	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 636	2020-07-22 19:19:24
attackbots	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 2323	2020-05-31 21:42:28
attackspambots	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 4022 [T]	2020-05-20 09:27:25
attack	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 8080 [T]	2020-04-22 23:59:57
attack	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 11 [T]	2020-03-24 23:24:28
attack	Attempts against SMTP/SSMTP	2020-02-16 09:16:39
attackbotsspam	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 4840 [J]	2020-02-01 18:30:57
attackbots	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 4786 [J]	2020-01-29 19:32:14
attackbots	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 5555 [J]	2020-01-26 09:03:37
attackspam	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 9 [T]	2020-01-21 00:55:36
attack	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 119 [T]	2020-01-19 16:05:11
attackspambots	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 1521 [J]	2020-01-17 07:33:57
attackbotsspam	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 1701 [J]	2020-01-14 17:35:15
attackspam	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 3388	2020-01-04 08:08:24
attackspam	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 8443	2020-01-02 21:22:24
attack	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 79	2020-01-01 21:34:58
attackspambots	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 5007	2020-01-01 04:42:17
attackbotsspam	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 5432	2019-12-31 21:53:35
attack	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 6665	2019-12-31 06:32:05
attackspam	Unauthorized connection attempt detected from IP address 106.75.106.221 to port 993	2019-12-31 01:34:44
attackbots	Port scan and direct access per IP instead of hostname	2019-07-28 17:37:50
attack	port scan and connect, tcp 80 (http)	2019-07-25 12:56:28
attackbots	1563993951 - 07/25/2019 01:45:51 Host: 106.75.106.221/106.75.106.221 Port: 26 TCP Blocked ...	2019-07-25 04:00:28
attackspambots	3389BruteforceFW21	2019-07-20 06:40:15
attack	Automatic report - Banned IP Access	2019-07-18 07:26:49

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.106.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44587
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.106.221.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon May 06 14:32:14 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 221.106.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 221.106.75.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
175.207.29.235	attackbots	2020-06-02T07:01:02.997423morrigan.ad5gb.com sshd[25859]: Disconnected from authenticating user root 175.207.29.235 port 58702 [preauth] 2020-06-02T07:08:19.262061morrigan.ad5gb.com sshd[27782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.207.29.235 user=root 2020-06-02T07:08:21.607671morrigan.ad5gb.com sshd[27782]: Failed password for root from 175.207.29.235 port 37248 ssh2	2020-06-02 21:05:30
187.138.39.45	attackbotsspam	Lines containing failures of 187.138.39.45 Jun 2 13:53:13 kmh-wsh-001-nbg01 sshd[25919]: Invalid user pi from 187.138.39.45 port 49552 Jun 2 13:53:13 kmh-wsh-001-nbg01 sshd[25920]: Invalid user pi from 187.138.39.45 port 49550 Jun 2 13:53:13 kmh-wsh-001-nbg01 sshd[25919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.138.39.45 Jun 2 13:53:13 kmh-wsh-001-nbg01 sshd[25920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.138.39.45 Jun 2 13:53:15 kmh-wsh-001-nbg01 sshd[25919]: Failed password for invalid user pi from 187.138.39.45 port 49552 ssh2 Jun 2 13:53:15 kmh-wsh-001-nbg01 sshd[25920]: Failed password for invalid user pi from 187.138.39.45 port 49550 ssh2 Jun 2 13:53:15 kmh-wsh-001-nbg01 sshd[25919]: Connection closed by invalid user pi 187.138.39.45 port 49552 [preauth] Jun 2 13:53:15 kmh-wsh-001-nbg01 sshd[25920]: Connection closed by invalid user pi 187.138.39.45 por........ ------------------------------	2020-06-02 21:13:55
41.75.74.17	attackspam	DATE:2020-06-02 14:08:32, IP:41.75.74.17, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2020-06-02 20:56:32
186.3.83.42	attackbots	May 27 17:29:25 v2202003116398111542 sshd[25477]: Failed password for root from 186.3.83.42 port 50310 ssh2	2020-06-02 21:28:10
106.13.31.93	attack	Jun 2 14:40:03 vps639187 sshd\[5024\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.31.93 user=root Jun 2 14:40:05 vps639187 sshd\[5024\]: Failed password for root from 106.13.31.93 port 43630 ssh2 Jun 2 14:43:40 vps639187 sshd\[5108\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.31.93 user=root ...	2020-06-02 21:18:02
200.88.48.99	attackspam	IP blocked	2020-06-02 21:34:39
117.247.65.52	attackspambots	20/6/2@08:07:56: FAIL: Alarm-Network address from=117.247.65.52 20/6/2@08:07:56: FAIL: Alarm-Network address from=117.247.65.52 ...	2020-06-02 21:25:08
128.199.118.27	attackspambots	$f2bV_matches	2020-06-02 21:29:24
62.210.205.141	attack	Automatic report - WordPress Brute Force	2020-06-02 21:32:01
46.38.145.253	attackspam	Jun 2 03:11:07 tamoto postfix/smtpd[25368]: connect from unknown[46.38.145.253] Jun 2 03:11:08 tamoto postfix/smtpd[25403]: connect from unknown[46.38.145.253] Jun 2 03:11:12 tamoto postfix/smtpd[25368]: warning: unknown[46.38.145.253]: SASL LOGIN authentication failed: authentication failure Jun 2 03:11:13 tamoto postfix/smtpd[25368]: disconnect from unknown[46.38.145.253] Jun 2 03:11:13 tamoto postfix/smtpd[25403]: warning: unknown[46.38.145.253]: SASL LOGIN authentication failed: authentication failure Jun 2 03:11:15 tamoto postfix/smtpd[25403]: disconnect from unknown[46.38.145.253] Jun 2 03:11:41 tamoto postfix/smtpd[25368]: connect from unknown[46.38.145.253] Jun 2 03:11:45 tamoto postfix/smtpd[25368]: warning: unknown[46.38.145.253]: SASL LOGIN authentication failed: authentication failure Jun 2 03:11:45 tamoto postfix/smtpd[25368]: disconnect from unknown[46.38.145.253] Jun 2 03:11:47 tamoto postfix/smtpd[26020]: connect from unknown[46.38.145.253] Jun........ -------------------------------	2020-06-02 21:15:41
194.169.190.145	attackspam	Automatic report - Port Scan Attack	2020-06-02 21:02:30
34.89.224.149	attackspam	10 attempts against mh-misc-ban on star	2020-06-02 21:20:08
201.219.50.217	attackbots	Lines containing failures of 201.219.50.217 Jun 1 20:00:35 g sshd[7731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.219.50.217 user=r.r Jun 1 20:00:37 g sshd[7731]: Failed password for r.r from 201.219.50.217 port 57752 ssh2 Jun 1 20:00:37 g sshd[7731]: Received disconnect from 201.219.50.217 port 57752:11: Bye Bye [preauth] Jun 1 20:00:37 g sshd[7731]: Disconnected from authenticating user r.r 201.219.50.217 port 57752 [preauth] Jun 1 20:05:16 g sshd[7785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.219.50.217 user=r.r Jun 1 20:05:18 g sshd[7785]: Failed password for r.r from 201.219.50.217 port 44962 ssh2 Jun 1 20:05:18 g sshd[7785]: Received disconnect from 201.219.50.217 port 44962:11: Bye Bye [preauth] Jun 1 20:05:18 g sshd[7785]: Disconnected from authenticating user r.r 201.219.50.217 port 44962 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.	2020-06-02 20:55:35
49.233.185.109	attackspambots	Jun 2 12:24:17 ip-172-31-61-156 sshd[13951]: Failed password for root from 49.233.185.109 port 59450 ssh2 Jun 2 12:28:59 ip-172-31-61-156 sshd[14180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.185.109 user=root Jun 2 12:29:00 ip-172-31-61-156 sshd[14180]: Failed password for root from 49.233.185.109 port 54304 ssh2 Jun 2 12:33:42 ip-172-31-61-156 sshd[14412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.185.109 user=root Jun 2 12:33:44 ip-172-31-61-156 sshd[14412]: Failed password for root from 49.233.185.109 port 49166 ssh2 ...	2020-06-02 21:09:09
129.211.10.5	attackspam	Jun 2 00:44:52 localhost sshd[396194]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.10.5 user=r.r Jun 2 00:44:53 localhost sshd[396194]: Failed password for r.r from 129.211.10.5 port 44108 ssh2 Jun 2 01:04:03 localhost sshd[400989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.10.5 user=r.r Jun 2 01:04:05 localhost sshd[400989]: Failed password for r.r from 129.211.10.5 port 26774 ssh2 Jun 2 01:10:00 localhost sshd[402397]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.10.5 user=r.r Jun 2 01:10:02 localhost sshd[402397]: Failed password for r.r from 129.211.10.5 port 32651 ssh2 Jun 2 01:15:50 localhost sshd[404551]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.10.5 user=r.r Jun 2 01:15:52 localhost sshd[404551]: Failed password for r.r from 129.211.10.5 port ........ ------------------------------	2020-06-02 21:22:12

Recently Reported IPs

60.13.6.223	64.246.165.140	162.243.151.46	61.9.148.250
109.200.155.54	117.20.57.113	144.76.29.149	110.74.201.70
162.243.151.182	213.227.58.157	46.32.250.31	212.42.99.32
101.53.157.178	68.124.201.218	162.243.151.0	207.46.13.208
162.243.150.92	112.161.29.51	209.97.138.120	212.64.58.150