106.75.139.232

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shanghai UCloud Information Technology Company Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	SSH invalid-user multiple login try	2020-06-20 21:26:46
attackbots	Jun 13 19:06:23 ns392434 sshd[17156]: Invalid user hi from 106.75.139.232 port 39624 Jun 13 19:06:23 ns392434 sshd[17156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.232 Jun 13 19:06:23 ns392434 sshd[17156]: Invalid user hi from 106.75.139.232 port 39624 Jun 13 19:06:25 ns392434 sshd[17156]: Failed password for invalid user hi from 106.75.139.232 port 39624 ssh2 Jun 13 19:08:39 ns392434 sshd[17214]: Invalid user kapil from 106.75.139.232 port 59130 Jun 13 19:08:39 ns392434 sshd[17214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.232 Jun 13 19:08:39 ns392434 sshd[17214]: Invalid user kapil from 106.75.139.232 port 59130 Jun 13 19:08:42 ns392434 sshd[17214]: Failed password for invalid user kapil from 106.75.139.232 port 59130 ssh2 Jun 13 19:10:19 ns392434 sshd[17340]: Invalid user bwd from 106.75.139.232 port 45248	2020-06-14 04:08:00
attackbotsspam	Ssh brute force	2020-06-05 08:08:07
attackspambots	SSH brute force attempt	2020-06-01 05:44:12

Comments on same subnet:

IP	Type	Details	Datetime
106.75.139.131	attack	Oct 7 11:19:41 dhoomketu sshd[3625984]: Failed password for root from 106.75.139.131 port 40808 ssh2 Oct 7 11:21:25 dhoomketu sshd[3626010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 11:21:26 dhoomketu sshd[3626010]: Failed password for root from 106.75.139.131 port 57422 ssh2 Oct 7 11:23:06 dhoomketu sshd[3626061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 11:23:08 dhoomketu sshd[3626061]: Failed password for root from 106.75.139.131 port 45804 ssh2 ...	2020-10-07 20:38:21
106.75.139.131	attackbotsspam	Oct 7 09:44:01 dhoomketu sshd[3623264]: Failed password for root from 106.75.139.131 port 53698 ssh2 Oct 7 09:45:35 dhoomketu sshd[3623291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 09:45:38 dhoomketu sshd[3623291]: Failed password for root from 106.75.139.131 port 42080 ssh2 Oct 7 09:47:19 dhoomketu sshd[3623324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131 user=root Oct 7 09:47:22 dhoomketu sshd[3623324]: Failed password for root from 106.75.139.131 port 58694 ssh2 ...	2020-10-07 12:23:48

Type

Details

Datetime

106.75.139.131

attack

Oct  7 11:19:41 dhoomketu sshd[3625984]: Failed password for root from 106.75.139.131 port 40808 ssh2
Oct  7 11:21:25 dhoomketu sshd[3626010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131  user=root
Oct  7 11:21:26 dhoomketu sshd[3626010]: Failed password for root from 106.75.139.131 port 57422 ssh2
Oct  7 11:23:06 dhoomketu sshd[3626061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131  user=root
Oct  7 11:23:08 dhoomketu sshd[3626061]: Failed password for root from 106.75.139.131 port 45804 ssh2
...

2020-10-07 20:38:21

106.75.139.131

attackbotsspam

Oct  7 09:44:01 dhoomketu sshd[3623264]: Failed password for root from 106.75.139.131 port 53698 ssh2
Oct  7 09:45:35 dhoomketu sshd[3623291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131  user=root
Oct  7 09:45:38 dhoomketu sshd[3623291]: Failed password for root from 106.75.139.131 port 42080 ssh2
Oct  7 09:47:19 dhoomketu sshd[3623324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.139.131  user=root
Oct  7 09:47:22 dhoomketu sshd[3623324]: Failed password for root from 106.75.139.131 port 58694 ssh2
...

2020-10-07 12:23:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.139.232
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23008
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.139.232.			IN	A

;; AUTHORITY SECTION:
.			513	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020053101 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 01 05:44:09 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 232.139.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 232.139.75.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
117.3.69.229	attackspambots	Port probing on unauthorized port 445	2020-03-12 13:11:09
78.128.113.70	attack	Mar 12 05:19:09 blackbee postfix/smtpd\[23718\]: warning: unknown\[78.128.113.70\]: SASL LOGIN authentication failed: authentication failure Mar 12 05:19:12 blackbee postfix/smtpd\[23718\]: warning: unknown\[78.128.113.70\]: SASL LOGIN authentication failed: authentication failure Mar 12 05:19:26 blackbee postfix/smtpd\[23718\]: warning: unknown\[78.128.113.70\]: SASL LOGIN authentication failed: authentication failure Mar 12 05:19:29 blackbee postfix/smtpd\[23718\]: warning: unknown\[78.128.113.70\]: SASL LOGIN authentication failed: authentication failure Mar 12 05:21:16 blackbee postfix/smtpd\[23718\]: warning: unknown\[78.128.113.70\]: SASL LOGIN authentication failed: authentication failure ...	2020-03-12 13:21:23
222.186.30.57	attackbots	2020-03-12T06:07:35.371079scmdmz1 sshd[26516]: Failed password for root from 222.186.30.57 port 63964 ssh2 2020-03-12T06:07:37.732404scmdmz1 sshd[26516]: Failed password for root from 222.186.30.57 port 63964 ssh2 2020-03-12T06:07:39.996685scmdmz1 sshd[26516]: Failed password for root from 222.186.30.57 port 63964 ssh2 ...	2020-03-12 13:10:29
94.191.99.243	attackbotsspam	SSH Brute-Force Attack	2020-03-12 13:13:53
69.94.158.95	attack	Mar 12 05:31:55 mail.srvfarm.net postfix/smtpd[1659241]: NOQUEUE: reject: RCPT from cheap.swingthelamp.com[69.94.158.95]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 12 05:31:55 mail.srvfarm.net postfix/smtpd[1657488]: NOQUEUE: reject: RCPT from cheap.swingthelamp.com[69.94.158.95]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 12 05:31:55 mail.srvfarm.net postfix/smtpd[1659045]: NOQUEUE: reject: RCPT from cheap.swingthelamp.com[69.94.158.95]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 12 05:31:55 mail.srvfarm.net postfix/smtpd[1643582]: N	2020-03-12 13:21:45
69.94.134.230	attackspam	Mar 12 05:31:36 mail.srvfarm.net postfix/smtpd[1643479]: NOQUEUE: reject: RCPT from unknown[69.94.134.230]: 554 5.7.1 Service unavailable; Client host [69.94.134.230] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?69.94.134.230; from= to= proto=ESMTP helo= Mar 12 05:31:36 mail.srvfarm.net postfix/smtpd[1659045]: NOQUEUE: reject: RCPT from unknown[69.94.134.230]: 554 5.7.1 Service unavailable; Client host [69.94.134.230] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?69.94.134.230; from= to= proto=ESMTP helo= Mar 12 05:31:36 mail.srvfarm.net postfix/smtpd[1659046]: NOQUEUE: reject: RCPT from unknown[69.94.134.230]: 554 5.7.1 Service unavailable; Client host [69.94.134.230] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?69.94.134.230; from=	2020-03-12 13:22:45
122.51.62.121	attack	"SSH brute force auth login attempt."	2020-03-12 13:40:10
134.209.149.64	attackspam	Brute force SMTP login attempted. ...	2020-03-12 13:44:21
84.117.163.220	attackbots	Automatic report - Port Scan Attack	2020-03-12 13:41:45
103.40.132.22	attackbots	Mar 12 04:55:32 mail sshd[11816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.40.132.22 Mar 12 04:55:35 mail sshd[11816]: Failed password for invalid user tech from 103.40.132.22 port 52650 ssh2 ...	2020-03-12 13:05:40
98.162.25.15	attack	(imapd) Failed IMAP login from 98.162.25.15 (US/United States/-): 1 in the last 3600 secs	2020-03-12 13:47:28
113.239.84.249	attackbots	DATE:2020-03-12 04:52:05, IP:113.239.84.249, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-03-12 13:33:52
34.76.223.69	attackbots	/clients	2020-03-12 13:07:57
111.230.197.131	attackspambots	Mar 11 23:55:29 mail sshd\[46319\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.197.131 user=root ...	2020-03-12 13:08:14
63.80.185.75	attack	Mar 12 04:26:20 mail.srvfarm.net postfix/smtpd[1637570]: NOQUEUE: reject: RCPT from unknown[63.80.185.75]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 12 04:30:22 mail.srvfarm.net postfix/smtpd[1636119]: NOQUEUE: reject: RCPT from unknown[63.80.185.75]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 12 04:31:43 mail.srvfarm.net postfix/smtpd[1637564]: NOQUEUE: reject: RCPT from unknown[63.80.185.75]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 12 04:32:29 mail.srvfarm.net postfix/	2020-03-12 13:24:32

Recently Reported IPs

187.243.20.112	12.149.195.71	180.51.28.209	52.15.245.63
198.10.252.3	107.113.172.97	238.100.249.10	181.29.159.121
98.202.61.52	144.250.90.216	155.47.230.154	56.198.34.79
22.176.70.45	164.198.135.175	177.111.176.165	235.36.199.217
32.95.218.174	32.234.16.93	230.1.15.107	141.5.173.229