106.75.16.45 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Telecom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
106.75.169.106	attackspambots	IP blocked	2020-10-12 04:55:05
106.75.169.106	attackspambots	SSH login attempts.	2020-10-11 21:00:09
106.75.169.106	attackspam	Oct 10 18:14:37 web9 sshd\[7815\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.169.106 user=root Oct 10 18:14:39 web9 sshd\[7815\]: Failed password for root from 106.75.169.106 port 58562 ssh2 Oct 10 18:19:06 web9 sshd\[8461\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.169.106 user=root Oct 10 18:19:08 web9 sshd\[8461\]: Failed password for root from 106.75.169.106 port 51250 ssh2 Oct 10 18:23:43 web9 sshd\[9150\]: Invalid user tokend from 106.75.169.106	2020-10-11 12:56:30
106.75.169.106	attackbots	Oct 10 20:49:29 scw-6657dc sshd[31158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.169.106 Oct 10 20:49:29 scw-6657dc sshd[31158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.169.106 Oct 10 20:49:31 scw-6657dc sshd[31158]: Failed password for invalid user ooki from 106.75.169.106 port 56064 ssh2 ...	2020-10-11 06:19:19
106.75.169.106	attackspambots	Oct 9 15:20:11 jumpserver sshd[610500]: Failed password for invalid user oprofile from 106.75.169.106 port 40314 ssh2 Oct 9 15:27:19 jumpserver sshd[610570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.169.106 user=root Oct 9 15:27:21 jumpserver sshd[610570]: Failed password for root from 106.75.169.106 port 57502 ssh2 ...	2020-10-10 03:01:51
106.75.169.106	attackspam	SSH login attempts.	2020-10-09 18:50:22
106.75.169.24	attackbots	Invalid user server from 106.75.169.24 port 42288	2020-10-04 08:21:06
106.75.165.187	attackspam	Oct 3 00:14:25 pornomens sshd\[8067\]: Invalid user 123456 from 106.75.165.187 port 54596 Oct 3 00:14:25 pornomens sshd\[8067\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.165.187 Oct 3 00:14:27 pornomens sshd\[8067\]: Failed password for invalid user 123456 from 106.75.165.187 port 54596 ssh2 ...	2020-10-04 02:34:18
106.75.169.24	attackbotsspam	Invalid user server from 106.75.169.24 port 42288	2020-10-04 00:48:54
106.75.165.187	attackspam	Oct 3 00:14:25 pornomens sshd\[8067\]: Invalid user 123456 from 106.75.165.187 port 54596 Oct 3 00:14:25 pornomens sshd\[8067\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.165.187 Oct 3 00:14:27 pornomens sshd\[8067\]: Failed password for invalid user 123456 from 106.75.165.187 port 54596 ssh2 ...	2020-10-03 18:22:20
106.75.169.24	attackbotsspam	Invalid user git from 106.75.169.24 port 42474	2020-10-03 16:37:07
106.75.169.106	attackspam	Invalid user ftpuser from 106.75.169.106 port 36178	2020-10-02 03:55:02
106.75.169.106	attack	Invalid user ftpuser from 106.75.169.106 port 36178	2020-10-01 20:07:47
106.75.169.106	attackbotsspam	Banned for a week because repeated abuses, for example SSH, but not only	2020-10-01 12:16:55
106.75.169.106	attack	SSH Invalid Login	2020-09-27 06:35:25

Whois info:

% [whois.apnic.net]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

% Information related to '106.75.0.0 - 106.75.255.255'

% Abuse contact for '106.75.0.0 - 106.75.255.255' is 'jacky.jia@ucloud.cn'

inetnum:        106.75.0.0 - 106.75.255.255
netname:        UCLOUD-NET
descr:          Shanghai UCloud Information Technology Company Limited
country:        CN
admin-c:        JJ2197-AP
tech-c:         JJ2197-AP
abuse-c:        AC1601-AP
status:         ALLOCATED PORTABLE
mnt-by:         MAINT-CNNIC-AP
mnt-irt:        IRT-UCLOUD-NET-CN
mnt-lower:      MAINT-CNNIC-AP
mnt-routes:     MAINT-CNNIC-AP
last-modified:  2023-11-28T00:56:50Z
source:         APNIC

irt:            IRT-UCLOUD-NET-CN
address:        2nd Floor 3rd Building No.200 EAST Guoding Road,Yangpu District,Shanghai
e-mail:         jacky.jia@ucloud.cn
abuse-mailbox:  jacky.jia@ucloud.cn
auth:           # Filtered
admin-c:        JJ2197-AP
tech-c:         JJ2197-AP
mnt-by:         MAINT-CNNIC-AP
last-modified:  2021-09-01T00:41:22Z
source:         APNIC

role:           ABUSE CNNICCN
country:        ZZ
address:        Beijing, China
phone:          +000000000
e-mail:         ipas@cnnic.cn
admin-c:        IP50-AP
tech-c:         IP50-AP
nic-hdl:        AC1601-AP
remarks:        Generated from irt object IRT-CNNIC-CN
remarks:        ipas@cnnic.cn is invalid
abuse-mailbox:  ipas@cnnic.cn
mnt-by:         APNIC-ABUSE
last-modified:  2025-09-19T17:20:32Z
source:         APNIC

person:         Jinhui Jia
e-mail:         hegui@ucloud.cn
address:        510,SOHO B,Zhongguancun,Haidian, Beijing
phone:          +86-13811069300
country:        CN
mnt-by:         MAINT-CNNIC-AP
nic-hdl:        JJ2197-AP
last-modified:  2022-03-23T06:19:21Z
source:         APNIC

% This query was served by the APNIC Whois Service version 1.88.36-SNAPSHOT (WHOIS-AU5)

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.16.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49211
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;106.75.16.45.			IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025110901 1800 900 604800 86400

;; Query time: 34 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 10 08:30:42 CST 2025
;; MSG SIZE  rcvd: 105

Host info

45.16.75.106.in-addr.arpa domain name pointer ethx6.cn.
45.16.75.106.in-addr.arpa domain name pointer dhuangrui8.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
45.16.75.106.in-addr.arpa	name = dhuangrui8.cn.
45.16.75.106.in-addr.arpa	name = ethx6.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.198.191.86	attackspambots	SSH Authentication Attempts Exceeded	2020-03-22 14:43:34
1.214.215.236	attack	Invalid user nitish from 1.214.215.236 port 33132	2020-03-22 14:27:48
167.99.234.59	attackbotsspam	167.99.234.59 - - \[22/Mar/2020:05:21:26 +0100\] "POST /wp-login.php HTTP/1.0" 200 7556 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 167.99.234.59 - - \[22/Mar/2020:05:21:29 +0100\] "POST /wp-login.php HTTP/1.0" 200 7552 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 167.99.234.59 - - \[22/Mar/2020:05:21:32 +0100\] "POST /wp-login.php HTTP/1.0" 200 7542 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-03-22 14:38:20
51.254.32.102	attack	3x Failed Password	2020-03-22 14:21:18
222.186.180.6	attack	SSH Brute-Force attacks	2020-03-22 14:39:31
139.59.161.78	attackspam	Mar 21 23:49:53 home sshd[26364]: Invalid user xn from 139.59.161.78 port 30158 Mar 21 23:49:53 home sshd[26364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.161.78 Mar 21 23:49:53 home sshd[26364]: Invalid user xn from 139.59.161.78 port 30158 Mar 21 23:49:55 home sshd[26364]: Failed password for invalid user xn from 139.59.161.78 port 30158 ssh2 Mar 21 23:58:21 home sshd[26582]: Invalid user olga from 139.59.161.78 port 21727 Mar 21 23:58:21 home sshd[26582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.161.78 Mar 21 23:58:21 home sshd[26582]: Invalid user olga from 139.59.161.78 port 21727 Mar 21 23:58:24 home sshd[26582]: Failed password for invalid user olga from 139.59.161.78 port 21727 ssh2 Mar 22 00:02:02 home sshd[26695]: Invalid user hall from 139.59.161.78 port 40132 Mar 22 00:02:02 home sshd[26695]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.161.7	2020-03-22 14:56:03
220.130.10.13	attackspam	Mar 22 04:55:01 ns381471 sshd[9826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Mar 22 04:55:03 ns381471 sshd[9826]: Failed password for invalid user vnc from 220.130.10.13 port 37230 ssh2	2020-03-22 14:57:38
112.85.42.237	attackbotsspam	Mar 22 02:11:44 NPSTNNYC01T sshd[31737]: Failed password for root from 112.85.42.237 port 22532 ssh2 Mar 22 02:11:46 NPSTNNYC01T sshd[31737]: Failed password for root from 112.85.42.237 port 22532 ssh2 Mar 22 02:11:48 NPSTNNYC01T sshd[31737]: Failed password for root from 112.85.42.237 port 22532 ssh2 ...	2020-03-22 14:27:04
182.61.40.214	attackspambots	Mar 21 23:59:36 server1 sshd\[17769\]: Failed password for invalid user qm from 182.61.40.214 port 53878 ssh2 Mar 22 00:00:36 server1 sshd\[18260\]: Invalid user rburns from 182.61.40.214 Mar 22 00:00:36 server1 sshd\[18260\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.40.214 Mar 22 00:00:38 server1 sshd\[18260\]: Failed password for invalid user rburns from 182.61.40.214 port 38318 ssh2 Mar 22 00:01:34 server1 sshd\[18553\]: Invalid user teste from 182.61.40.214 ...	2020-03-22 14:20:05
45.152.34.159	attack	(From eric@talkwithwebvisitor.com) Hey, this is Eric and I ran across poweroflifedartmouth.com a few minutes ago. Looks great… but now what? By that I mean, when someone like me finds your website – either through Search or just bouncing around – what happens next? Do you get a lot of leads from your site, or at least enough to make you happy? Honestly, most business websites fall a bit short when it comes to generating paying customers. Studies show that 70% of a site’s visitors disappear and are gone forever after just a moment. Here’s an idea… How about making it really EASY for every visitor who shows up to get a personal phone call you as soon as they hit your site… You can – Talk With Web Visitor is a software widget that’s works on your site, ready to capture any visitor’s Name, Email address and Phone Number. It signals you the moment they let you know they’re interested – so that you can talk to that lead while they’re literally looking over your site. CLICK HERE http://	2020-03-22 14:17:44
181.199.11.195	attackbots	2020-03-2204:53:571jFrgR-0004WP-7k\<=info@whatsup2013.chH=$localhost$[206.214.6.40]:55801P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3588id=848137646FBB9526FAFFB60ECA499140@whatsup2013.chT="iamChristina"forkjonwilliams09@icloud.comowenrackley@gmail.com2020-03-2204:53:301jFrfy-0004VG-An\<=info@whatsup2013.chH=$localhost$[115.84.99.42]:44894P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3677id=DEDB6D3E35E1CF7CA0A5EC54909574E6@whatsup2013.chT="iamChristina"forcelekabasele@gmail.comaustinhensleythree@gmail.com2020-03-2204:54:451jFrhE-0004Z3-3b\<=info@whatsup2013.chH=$localhost$[181.199.11.195]:55618P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3680id=B3B60053588CA211CDC88139FD55C24F@whatsup2013.chT="iamChristina"forhitbry826@gmail.comjeffcarson2017@gmail.com2020-03-2204:52:381jFrfB-0004Sb-Ei\<=info@whatsup2013.chH=$localhost$[123.28.136.66]:42658P=esmtpsaX=TLS1.2:EC	2020-03-22 14:52:51
123.207.58.86	attack	" "	2020-03-22 14:59:37
139.59.10.186	attack	$f2bV_matches	2020-03-22 14:18:20
182.43.215.50	attack	Fail2Ban Ban Triggered (2)	2020-03-22 14:20:28
51.38.234.3	attack	Invalid user oracle from 51.38.234.3 port 53826	2020-03-22 14:23:07

Recently Reported IPs

43.153.99.164	112.4.101.72	102.113.130.216	64.139.13.126
43.154.200.147	98.94.66.237	147.93.190.168	47.98.164.140
91.230.168.24	91.230.168.20	59.96.139.164	219.136.105.136
183.186.228.202	49.4.32.31	159.138.86.200	121.36.117.176
49.4.17.87	49.4.43.77	116.179.37.227	10.50.111.235