106.75.21.94 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shanghai UCloud Information Technology Company Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	[UnAuth SENDMAIL login attempt]	2019-08-10 00:05:24
attackbots	Aug 8 21:06:29 web1 postfix/smtpd[19062]: warning: unknown[106.75.21.94]: SASL LOGIN authentication failed: authentication failure ...	2019-08-09 09:28:13

Comments on same subnet:

IP	Type	Details	Datetime
106.75.217.16	attack	Port probing on unauthorized port 4244	2020-10-08 02:08:13
106.75.217.16	attackbotsspam	Attempted connection to port 4243.	2020-10-07 18:16:49
106.75.211.130	attackbots	SSH Invalid Login	2020-10-02 07:16:05
106.75.211.130	attack	Oct 1 17:22:48 eventyay sshd[18245]: Failed password for root from 106.75.211.130 port 60690 ssh2 Oct 1 17:26:56 eventyay sshd[21856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.211.130 Oct 1 17:26:57 eventyay sshd[21856]: Failed password for invalid user wpuser from 106.75.211.130 port 44738 ssh2 ...	2020-10-01 23:47:36
106.75.211.130	attackspambots	Invalid user deployer from 106.75.211.130 port 39986	2020-10-01 15:53:59
106.75.218.71	attackspam	Sep 24 15:34:11 eventyay sshd[31751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.218.71 Sep 24 15:34:12 eventyay sshd[31751]: Failed password for invalid user peng from 106.75.218.71 port 53922 ssh2 Sep 24 15:35:20 eventyay sshd[31757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.218.71 ...	2020-09-24 22:31:31
106.75.218.71	attack	Invalid user desliga from 106.75.218.71 port 37718	2020-09-24 14:23:45
106.75.218.71	attackbotsspam	Sep 24 03:43:47 NG-HHDC-SVS-001 sshd[2680]: Invalid user plex from 106.75.218.71 ...	2020-09-24 05:50:59
106.75.210.176	attackspambots	5x Failed Password	2020-09-13 02:12:09
106.75.210.176	attackspambots	$f2bV_matches	2020-09-12 18:12:47
106.75.214.102	attack	Lines containing failures of 106.75.214.102 Sep 9 20:46:14 www sshd[7425]: Invalid user nx from 106.75.214.102 port 33308 Sep 9 20:46:14 www sshd[7425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.102 Sep 9 20:46:16 www sshd[7425]: Failed password for invalid user nx from 106.75.214.102 port 33308 ssh2 Sep 9 20:46:16 www sshd[7425]: Received disconnect from 106.75.214.102 port 33308:11: Bye Bye [preauth] Sep 9 20:46:16 www sshd[7425]: Disconnected from invalid user nx 106.75.214.102 port 33308 [preauth] Sep 9 20:48:45 www sshd[7762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.102 user=r.r Sep 9 20:48:47 www sshd[7762]: Failed password for r.r from 106.75.214.102 port 58240 ssh2 Sep 9 20:48:47 www sshd[7762]: Received disconnect from 106.75.214.102 port 58240:11: Bye Bye [preauth] Sep 9 20:48:47 www sshd[7762]: Disconnected from authenticating user r.r ........ ------------------------------	2020-09-12 00:22:02
106.75.214.102	attackbots	Lines containing failures of 106.75.214.102 Sep 9 20:46:14 www sshd[7425]: Invalid user nx from 106.75.214.102 port 33308 Sep 9 20:46:14 www sshd[7425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.102 Sep 9 20:46:16 www sshd[7425]: Failed password for invalid user nx from 106.75.214.102 port 33308 ssh2 Sep 9 20:46:16 www sshd[7425]: Received disconnect from 106.75.214.102 port 33308:11: Bye Bye [preauth] Sep 9 20:46:16 www sshd[7425]: Disconnected from invalid user nx 106.75.214.102 port 33308 [preauth] Sep 9 20:48:45 www sshd[7762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.102 user=r.r Sep 9 20:48:47 www sshd[7762]: Failed password for r.r from 106.75.214.102 port 58240 ssh2 Sep 9 20:48:47 www sshd[7762]: Received disconnect from 106.75.214.102 port 58240:11: Bye Bye [preauth] Sep 9 20:48:47 www sshd[7762]: Disconnected from authenticating user r.r ........ ------------------------------	2020-09-11 16:23:01
106.75.214.102	attack	Scanned 3 times in the last 24 hours on port 22	2020-09-11 08:34:12
106.75.210.176	attackbots	2020-09-09T12:24:26.713308vps-d63064a2 sshd[14413]: User root from 106.75.210.176 not allowed because not listed in AllowUsers 2020-09-09T12:24:28.471476vps-d63064a2 sshd[14413]: Failed password for invalid user root from 106.75.210.176 port 49556 ssh2 2020-09-09T12:27:47.034623vps-d63064a2 sshd[14467]: User root from 106.75.210.176 not allowed because not listed in AllowUsers 2020-09-09T12:27:47.052607vps-d63064a2 sshd[14467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.210.176 user=root 2020-09-09T12:27:47.034623vps-d63064a2 sshd[14467]: User root from 106.75.210.176 not allowed because not listed in AllowUsers 2020-09-09T12:27:49.052102vps-d63064a2 sshd[14467]: Failed password for invalid user root from 106.75.210.176 port 54288 ssh2 ...	2020-09-09 20:56:54
106.75.210.176	attackspambots	...	2020-09-09 14:54:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.21.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2134
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.21.94.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 09 09:28:08 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 94.21.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 94.21.75.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
64.44.40.66	attackbotsspam	Port 22 Scan, PTR: None	2020-01-01 22:43:08
182.104.127.206	attack	Unauthorized connection attempt detected from IP address 182.104.127.206 to port 445	2020-01-01 22:21:38
222.186.190.92	attack	Jan 1 15:29:27 root sshd[13118]: Failed password for root from 222.186.190.92 port 40872 ssh2 Jan 1 15:29:31 root sshd[13118]: Failed password for root from 222.186.190.92 port 40872 ssh2 Jan 1 15:29:35 root sshd[13118]: Failed password for root from 222.186.190.92 port 40872 ssh2 Jan 1 15:29:39 root sshd[13118]: Failed password for root from 222.186.190.92 port 40872 ssh2 ...	2020-01-01 22:30:38
118.139.224.92	attackspam	01/01/2020-07:22:14.835088 118.139.224.92 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-01-01 22:39:53
175.162.215.106	attack	Scanning	2020-01-01 22:40:42
111.204.47.183	attackbots	Unauthorized connection attempt detected from IP address 111.204.47.183 to port 1433	2020-01-01 22:06:56
51.89.231.8	attack	Trying: / //wp-includes/wlwmanifest.xml //xmlrpc.php?rsd / //blog/wp-includes/wlwmanifest.xml //web/wp-includes/wlwmanifest.xml //wordpress/wp-includes/wlwmanifest.xml //website/wp-includes/wlwmanifest.xml //wp/wp-includes/wlwmanifest.xml //news/wp-includes/wlwmanifest.xml //2018/wp-includes/wlwmanifest.xml //2019/wp-includes/wlwmanifest.xml //shop/wp-includes/wlwmanifest.xml //wp1/wp-includes/wlwmanifest.xml //test/wp-includes/wlwmanifest.xml //media/wp-includes/wlwmanifest.xml //wp2/wp-includes/wlwmanifest.xml //site/wp-includes/wlwmanifest.xml //cms/wp-includes/wlwmanifest.xml //sito/wp-includes/wlwmanifest.xml	2020-01-01 22:40:53
202.70.80.27	attackbotsspam	SSH Brute Force	2020-01-01 22:40:26
103.9.159.39	attackspambots	Unauthorized connection attempt detected from IP address 103.9.159.39 to port 3389	2020-01-01 22:10:30
222.186.180.6	attack	SSH Brute Force	2020-01-01 22:34:57
27.185.1.18	attackbots	Unauthorized connection attempt detected from IP address 27.185.1.18 to port 1433	2020-01-01 22:17:54
111.61.100.67	attackbots	Unauthorized connection attempt detected from IP address 111.61.100.67 to port 22	2020-01-01 22:07:58
185.153.198.249	attack	Multiport scan : 68 ports scanned 80 443 1024 1111 2048 2222 3300 3311 3322 3333 3344 3355 3366 3377 3388 3390 3391 3392 3393 3394 3395 3396 3397 3398 3399 3400 4096 4444 5555 6666 7777 8192 8888 9999 11110 11111 11112 11113 11114 11115 11116 11117 11118 11119 12222 13333 13388 13389 13390 13399 14444 15555 16384 16666 17777 18888 19999 21111 22220 22221 22222 22223 22224 22225 22226 22227 22228 22229	2020-01-01 22:27:47
174.138.58.149	attack	Jan 1 14:50:00 localhost sshd\[26612\]: Invalid user Qaz666666 from 174.138.58.149 port 39914 Jan 1 14:50:00 localhost sshd\[26612\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.58.149 Jan 1 14:50:02 localhost sshd\[26612\]: Failed password for invalid user Qaz666666 from 174.138.58.149 port 39914 ssh2	2020-01-01 22:45:25
200.57.243.49	attackbotsspam	Automatic report - Port Scan Attack	2020-01-01 22:44:10

Recently Reported IPs

115.85.172.253	144.46.236.179	221.121.120.91	190.203.251.68
176.247.19.196	212.220.127.109	147.30.41.153	143.219.19.35
123.104.150.125	24.172.96.148	23.229.32.227	34.23.28.147
91.61.34.113	113.193.7.66	106.110.167.139	94.29.124.138
49.88.65.127	177.73.193.216	191.240.71.167	189.79.185.6