Critical Threat
IP 106.75.190.150 is a high-risk address linked to sustained, high-volume hacking activity with a threat level of 10/10 and a 98% confidence score, drawing from 621 abuse reports submitted by automated honeypot sensors over an eleven-month window between August 2025 and June 2026. The sheer volume of reports and an activity frequency rating of 8/10 indicate this is not an isolated probe but a systematic campaign originating from infrastructure registered to CHINANET Guangdong province network in China, operating under ASN AS58466.
The data paints a clear picture of persistent intrusion activity. All 621 reports attribute the observed behaviour to hacking attempts, with honeypot sensors capturing connection patterns consistent with vulnerability scanning, exploit delivery, and unauthorized access vectors. The eight-to-ten activity frequency metric confirms this is not background noise but repeated, deliberate engagement with target systems across a wide timeframe. With 98% confidence that the activity is malicious, the evidence base is exceptionally strong and the attribution to a single threat actor or automated campaign is highly reliable.
Hacking activity at this scale typically involves automated tooling designed to identify exposed services, brute-force authentication mechanisms, or exploit known vulnerabilities in web applications, remote access protocols, and network infrastructure. For any organisation with internet-facing assets, an IP with this reputation poses a concrete risk of credential compromise, data exfiltration, or initial access for further network intrusion. The sustained nature of the activity suggests the address may be part of a botnet or a leased infrastructure used across multiple campaigns.
Organisations should block or rate-limit traffic from 106.75.190.150 at the network edge, enforce strong authentication on all exposed services, and monitor logs for any matching connection attempts. Deploying tools such as fail2ban or equivalent intrusion prevention rules can automate defensive responses. Keeping systems patched, restricting exposure of management interfaces, and implementing strict access controls will reduce the impact of any successful intrusion attempt.
RO 
BG 
JP 
BE 
AR 
KR 
AU