134.249.106.21

Basic Info

City: unknown

Region: unknown

Country: Ukraine

Internet Service Provider: Kyivstar PJSC

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	(mod_security) mod_security (id:949110) triggered by 134.249.106.21 (UA/Ukraine/134-249-106-21.broadband.kyivstar.net): 5 in the last 14400 secs; ID: rub	2020-08-27 08:42:31
attack	[MK-Root1] Blocked by UFW	2020-06-05 16:27:03

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.249.106.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40498
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.249.106.21.			IN	A

;; AUTHORITY SECTION:
.			430	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060500 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 05 16:26:58 CST 2020
;; MSG SIZE  rcvd: 118

Host info

21.106.249.134.in-addr.arpa domain name pointer 134-249-106-21.broadband.kyivstar.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
21.106.249.134.in-addr.arpa	name = 134-249-106-21.broadband.kyivstar.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.145.55.89	attackbots	Jul 17 16:29:35 sshgateway sshd\[21315\]: Invalid user cr from 190.145.55.89 Jul 17 16:29:35 sshgateway sshd\[21315\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.55.89 Jul 17 16:29:37 sshgateway sshd\[21315\]: Failed password for invalid user cr from 190.145.55.89 port 43135 ssh2	2019-07-18 05:12:58
133.242.61.51	attackspam	2019-07-17 11:15:05 H=(mail.smb.schit.co.jp) [133.242.61.51]:45638 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed 2019-07-17 11:28:53 H=(mail.smb.schit.co.jp) [133.242.61.51]:54664 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed 2019-07-17 11:29:00 H=(mail.smb.schit.co.jp) [133.242.61.51]:55028 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed ...	2019-07-18 05:27:52
186.183.150.15	attackspambots	60001/tcp [2019-07-17]1pkt	2019-07-18 05:44:21
121.142.111.86	attackspambots	2019-07-18T02:28:44.531845luisaranguren sshd[3766]: Connection from 121.142.111.86 port 52940 on 10.10.10.6 port 22 2019-07-18T02:28:59.249345luisaranguren sshd[3766]: Invalid user oracle from 121.142.111.86 port 52940 2019-07-18T02:28:59.256435luisaranguren sshd[3766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.142.111.86 2019-07-18T02:28:44.531845luisaranguren sshd[3766]: Connection from 121.142.111.86 port 52940 on 10.10.10.6 port 22 2019-07-18T02:28:59.249345luisaranguren sshd[3766]: Invalid user oracle from 121.142.111.86 port 52940 2019-07-18T02:29:01.289900luisaranguren sshd[3766]: Failed password for invalid user oracle from 121.142.111.86 port 52940 ssh2 ...	2019-07-18 05:26:21
77.247.110.234	attackbots	\[2019-07-17 14:24:36\] SECURITY\[20812\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-17T14:24:36.629-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="99441315083233",SessionID="0x7f06f878a398",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.234/5060",ACLName="no_extension_match" \[2019-07-17 14:27:56\] SECURITY\[20812\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-17T14:27:56.492-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="90010041315083233",SessionID="0x7f06f8009f28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.234/5060",ACLName="no_extension_match" \[2019-07-17 14:30:16\] SECURITY\[20812\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-17T14:30:16.115-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="80041315083233",SessionID="0x7f06f878a398",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.234/5060",ACLName="no_	2019-07-18 05:56:38
64.31.33.70	attackspambots	\[2019-07-17 17:16:40\] NOTICE\[20804\] chan_sip.c: Registration from '"60" \' failed for '64.31.33.70:5938' - Wrong password \[2019-07-17 17:16:40\] SECURITY\[20812\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-17T17:16:40.136-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="60",SessionID="0x7f06f85ff978",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/64.31.33.70/5938",Challenge="73d6bafc",ReceivedChallenge="73d6bafc",ReceivedHash="b81f470213bfc0a0faca2405edf219d9" \[2019-07-17 17:16:40\] NOTICE\[20804\] chan_sip.c: Registration from '"60" \' failed for '64.31.33.70:5938' - Wrong password \[2019-07-17 17:16:40\] SECURITY\[20812\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-17T17:16:40.214-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="60",SessionID="0x7f06f804c2c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/64.31.33.70/	2019-07-18 05:38:44
104.131.175.24	attackbots	Invalid user visitante from 104.131.175.24 port 53642 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.175.24 Failed password for invalid user visitante from 104.131.175.24 port 53642 ssh2 Invalid user parking from 104.131.175.24 port 53647 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.175.24	2019-07-18 05:47:07
203.95.212.41	attackbots	Jul 17 17:17:31 TORMINT sshd\[30729\]: Invalid user studio from 203.95.212.41 Jul 17 17:17:31 TORMINT sshd\[30729\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.95.212.41 Jul 17 17:17:33 TORMINT sshd\[30729\]: Failed password for invalid user studio from 203.95.212.41 port 10596 ssh2 ...	2019-07-18 05:41:38
40.124.4.131	attack	Jul 17 19:46:47 ncomp sshd[17210]: Invalid user rocco from 40.124.4.131 Jul 17 19:46:47 ncomp sshd[17210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.124.4.131 Jul 17 19:46:47 ncomp sshd[17210]: Invalid user rocco from 40.124.4.131 Jul 17 19:46:49 ncomp sshd[17210]: Failed password for invalid user rocco from 40.124.4.131 port 45338 ssh2	2019-07-18 05:35:45
51.77.221.191	attack	Jul 17 21:42:57 mail sshd\[21083\]: Failed password for root from 51.77.221.191 port 39088 ssh2 Jul 17 21:59:58 mail sshd\[21254\]: Invalid user rabbitmq from 51.77.221.191 port 58154 ...	2019-07-18 05:15:37
218.201.14.134	attack	Brute force attempt	2019-07-18 05:46:37
54.37.68.191	attackbotsspam	2019-07-17T23:15:47.687090 sshd[24693]: Invalid user guest from 54.37.68.191 port 38282 2019-07-17T23:15:47.699236 sshd[24693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.68.191 2019-07-17T23:15:47.687090 sshd[24693]: Invalid user guest from 54.37.68.191 port 38282 2019-07-17T23:15:50.092275 sshd[24693]: Failed password for invalid user guest from 54.37.68.191 port 38282 ssh2 2019-07-17T23:20:18.151086 sshd[24728]: Invalid user wc from 54.37.68.191 port 35964 ...	2019-07-18 05:30:37
185.94.192.91	attackbots	1,52-00/00 concatform PostRequest-Spammer scoring: maputo01_x2b	2019-07-18 05:10:06
216.127.174.116	attack	failed_logins	2019-07-18 05:48:52
77.247.110.238	attackbotsspam	17.07.2019 20:41:59 Connection to port 5060 blocked by firewall	2019-07-18 05:31:33

Recently Reported IPs

145.176.0.63	165.33.224.89	165.208.18.70	13.82.175.149
40.87.22.193	173.248.9.5	213.195.222.28	89.248.167.192
213.195.222.126	118.171.144.221	189.146.187.70	185.191.215.45
212.69.138.5	212.244.23.8	62.77.173.240	212.244.23.41
203.195.167.74	162.243.141.140	52.170.6.37	212.244.23.148