106.75.134.239

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shanghai UCloud Information Technology Company Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Dec 4 06:28:09 ws25vmsma01 sshd[125361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.134.239 Dec 4 06:28:11 ws25vmsma01 sshd[125361]: Failed password for invalid user homerus from 106.75.134.239 port 41648 ssh2 ...	2019-12-04 17:08:12
attackspambots	Nov 20 01:15:36 MK-Soft-VM8 sshd[17181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.134.239 Nov 20 01:15:38 MK-Soft-VM8 sshd[17181]: Failed password for invalid user passwd000 from 106.75.134.239 port 54674 ssh2 ...	2019-11-20 09:08:08
attack	Nov 19 07:39:38 meumeu sshd[5566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.134.239 Nov 19 07:39:40 meumeu sshd[5566]: Failed password for invalid user noah123 from 106.75.134.239 port 44114 ssh2 Nov 19 07:44:11 meumeu sshd[6112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.134.239 ...	2019-11-19 16:54:18
attack	Nov 19 06:45:11 meumeu sshd[27603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.134.239 Nov 19 06:45:13 meumeu sshd[27603]: Failed password for invalid user psybnc from 106.75.134.239 port 41036 ssh2 Nov 19 06:49:34 meumeu sshd[28070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.134.239 ...	2019-11-19 13:55:28
attack	Repeated brute force against a port	2019-11-12 07:28:57
attackbotsspam	Nov 10 10:40:56 meumeu sshd[26382]: Failed password for root from 106.75.134.239 port 37444 ssh2 Nov 10 10:45:52 meumeu sshd[26935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.134.239 Nov 10 10:45:54 meumeu sshd[26935]: Failed password for invalid user openelec from 106.75.134.239 port 41310 ssh2 ...	2019-11-10 18:02:55
attack	Nov 5 09:35:42 MK-Soft-VM6 sshd[3749]: Failed password for root from 106.75.134.239 port 41434 ssh2 ...	2019-11-05 16:48:48
attackbots	Oct 28 05:39:43 tdfoods sshd\[15656\]: Invalid user Pass123 from 106.75.134.239 Oct 28 05:39:43 tdfoods sshd\[15656\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.134.239 Oct 28 05:39:45 tdfoods sshd\[15656\]: Failed password for invalid user Pass123 from 106.75.134.239 port 42398 ssh2 Oct 28 05:45:42 tdfoods sshd\[16142\]: Invalid user leeloo from 106.75.134.239 Oct 28 05:45:42 tdfoods sshd\[16142\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.134.239	2019-10-29 01:00:55

Comments on same subnet:

IP	Type	Details	Datetime
106.75.134.86	attack	Malicious IP / Malware	2024-04-16 12:45:08
106.75.134.101	attackspam	Received: from [106.75.134.101] (port=58978 helo=server1.trade10000.com) by sg3plcpnl0224.prod.sin3.secureserver.net with esmtp (Exim 4.92) (envelope-from ) id 1jU4gD-00Fbis-4S	2020-05-04 17:18:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.134.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26080
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.134.239.			IN	A

;; AUTHORITY SECTION:
.			384	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102800 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 29 01:00:49 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 239.134.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 239.134.75.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
209.141.35.79	attack	firewall-block, port(s): 123/udp	2020-10-03 02:02:15
212.95.213.194	attackspambots	23/tcp 23/tcp [2020-08-15/10-01]2pkt	2020-10-03 02:03:35
203.142.70.26	attackspam	445/tcp 445/tcp 445/tcp... [2020-08-29/10-01]4pkt,1pt.(tcp)	2020-10-03 01:58:03
37.46.133.44	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2020-10-03 02:11:25
191.255.232.53	attackbotsspam	Invalid user mc from 191.255.232.53 port 52690	2020-10-03 02:08:41
35.246.214.111	attack	02.10.2020 12:04:14 - Wordpress fail Detected by ELinOX-ALM	2020-10-03 02:17:47
185.142.236.35	attackbotsspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-03 01:49:25
51.254.156.114	attackspam	Oct 2 19:24:06 DAAP sshd[479]: Invalid user amsftp from 51.254.156.114 port 46082 Oct 2 19:24:06 DAAP sshd[479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.156.114 Oct 2 19:24:06 DAAP sshd[479]: Invalid user amsftp from 51.254.156.114 port 46082 Oct 2 19:24:09 DAAP sshd[479]: Failed password for invalid user amsftp from 51.254.156.114 port 46082 ssh2 Oct 2 19:27:46 DAAP sshd[536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.156.114 user=root Oct 2 19:27:49 DAAP sshd[536]: Failed password for root from 51.254.156.114 port 56278 ssh2 ...	2020-10-03 01:42:43
193.107.78.15	spam	spam what else?	2020-10-03 01:58:33
148.233.37.48	attackspambots	Unauthorized connection attempt from IP address 148.233.37.48 on Port 445(SMB)	2020-10-03 02:16:15
89.187.178.104	attackbots	[2020-10-01 16:35:15] NOTICE[1182][C-000002d0] chan_sip.c: Call from '' (89.187.178.104:59354) to extension '9993011972595725668' rejected because extension not found in context 'public'. [2020-10-01 16:35:15] SECURITY[1204] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-10-01T16:35:15.797-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9993011972595725668",SessionID="0x7f22f8010848",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/89.187.178.104/59354",ACLName="no_extension_match" [2020-10-01 16:39:32] NOTICE[1182][C-000002d4] chan_sip.c: Call from '' (89.187.178.104:50179) to extension '9997011972595725668' rejected because extension not found in context 'public'. [2020-10-01 16:39:32] SECURITY[1204] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-10-01T16:39:32.384-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9997011972595725668",SessionID="0x7f22f8033458",LocalAddress="IPV4/UDP/192.168.244.6/5060",Remot ...	2020-10-03 01:45:08
159.89.49.238	attackbotsspam	Invalid user paulo from 159.89.49.238 port 43424	2020-10-03 01:56:48
62.11.72.206	attackbots	Oct 1 22:39:30 mail sshd[22964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.11.72.206	2020-10-03 01:48:43
159.65.136.157	attackspambots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-10-03 02:12:34
5.188.84.242	attack	0,19-01/02 [bc01/m11] PostRequest-Spammer scoring: nairobi	2020-10-03 02:08:24

Recently Reported IPs

2.180.47.12	1.172.11.78	219.148.37.34	200.124.221.211
145.255.10.92	175.17.214.19	89.254.255.192	83.20.135.57
122.248.36.18	191.37.19.26	136.243.61.139	175.144.36.170
178.128.34.204	125.166.20.53	78.168.54.180	188.4.151.232
175.141.208.150	113.87.225.193	192.157.248.191	175.141.100.199