City: unknown
Region: unknown
Country: China
Internet Service Provider: Shanghai UCloud Information Technology Company Limited
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackbotsspam | fail2ban/Aug 13 05:54:45 h1962932 sshd[18144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.12.247 user=root Aug 13 05:54:47 h1962932 sshd[18144]: Failed password for root from 106.75.12.247 port 41514 ssh2 Aug 13 05:58:25 h1962932 sshd[18257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.12.247 user=root Aug 13 05:58:27 h1962932 sshd[18257]: Failed password for root from 106.75.12.247 port 54086 ssh2 Aug 13 06:02:07 h1962932 sshd[18421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.12.247 user=root Aug 13 06:02:09 h1962932 sshd[18421]: Failed password for root from 106.75.12.247 port 38420 ssh2 |
2020-08-13 13:28:12 |
| attackspam | Lines containing failures of 106.75.12.247 Aug 5 23:01:15 icinga sshd[26629]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.12.247 user=r.r Aug 5 23:01:17 icinga sshd[26629]: Failed password for r.r from 106.75.12.247 port 57766 ssh2 Aug 5 23:01:18 icinga sshd[26629]: Received disconnect from 106.75.12.247 port 57766:11: Bye Bye [preauth] Aug 5 23:01:18 icinga sshd[26629]: Disconnected from authenticating user r.r 106.75.12.247 port 57766 [preauth] Aug 5 23:11:49 icinga sshd[29549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.12.247 user=r.r Aug 5 23:11:51 icinga sshd[29549]: Failed password for r.r from 106.75.12.247 port 41100 ssh2 Aug 5 23:11:51 icinga sshd[29549]: Received disconnect from 106.75.12.247 port 41100:11: Bye Bye [preauth] Aug 5 23:11:51 icinga sshd[29549]: Disconnected from authenticating user r.r 106.75.12.247 port 41100 [preauth] Aug 5 23:15:5........ ------------------------------ |
2020-08-06 15:56:31 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 106.75.126.54 | attack | Fraud conect |
2024-03-25 13:56:26 |
| 106.75.122.191 | attackspambots | fail2ban -- 106.75.122.191 ... |
2020-09-14 20:13:37 |
| 106.75.122.191 | attack | fail2ban -- 106.75.122.191 ... |
2020-09-14 12:06:10 |
| 106.75.122.191 | attackspambots | Lines containing failures of 106.75.122.191 Sep 13 00:58:25 linuxrulz sshd[30003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.122.191 user=r.r Sep 13 00:58:27 linuxrulz sshd[30003]: Failed password for r.r from 106.75.122.191 port 54662 ssh2 Sep 13 00:58:28 linuxrulz sshd[30003]: Received disconnect from 106.75.122.191 port 54662:11: Bye Bye [preauth] Sep 13 00:58:28 linuxrulz sshd[30003]: Disconnected from authenticating user r.r 106.75.122.191 port 54662 [preauth] Sep 13 01:19:06 linuxrulz sshd[32759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.122.191 user=r.r Sep 13 01:19:08 linuxrulz sshd[32759]: Failed password for r.r from 106.75.122.191 port 50722 ssh2 Sep 13 01:19:09 linuxrulz sshd[32759]: Received disconnect from 106.75.122.191 port 50722:11: Bye Bye [preauth] Sep 13 01:19:09 linuxrulz sshd[32759]: Disconnected from authenticating user r.r 106.75.122.191 po........ ------------------------------ |
2020-09-14 04:08:46 |
| 106.75.123.95 | attackbots | Scanning for: Monero.Servers Bladabindi.Botnet Gh0st.Rat.Botnet Ganiw.Botnet |
2020-09-08 02:34:05 |
| 106.75.123.95 | attackspambots | Scanning for: Monero.Servers Bladabindi.Botnet Gh0st.Rat.Botnet Ganiw.Botnet |
2020-09-07 18:00:32 |
| 106.75.126.239 | attackspambots | Jul 22 04:42:22 xxxxxxx5185820 sshd[18175]: Invalid user ikm from 106.75.126.239 port 45804 Jul 22 04:42:22 xxxxxxx5185820 sshd[18175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.126.239 Jul 22 04:42:24 xxxxxxx5185820 sshd[18175]: Failed password for invalid user ikm from 106.75.126.239 port 45804 ssh2 Jul 22 04:42:24 xxxxxxx5185820 sshd[18175]: Received disconnect from 106.75.126.239 port 45804:11: Bye Bye [preauth] Jul 22 04:42:24 xxxxxxx5185820 sshd[18175]: Disconnected from 106.75.126.239 port 45804 [preauth] Jul 22 04:50:08 xxxxxxx5185820 sshd[19126]: Invalid user jasmine from 106.75.126.239 port 37088 Jul 22 04:50:08 xxxxxxx5185820 sshd[19126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.126.239 Jul 22 04:50:10 xxxxxxx5185820 sshd[19126]: Failed password for invalid user jasmine from 106.75.126.239 port 37088 ssh2 Jul 22 04:50:10 xxxxxxx5185820 sshd[19126]: Recei........ ------------------------------- |
2020-07-27 03:51:53 |
| 106.75.126.239 | attackbots | Jul 22 18:04:24 h2779839 sshd[30018]: Invalid user valere from 106.75.126.239 port 58974 Jul 22 18:04:24 h2779839 sshd[30018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.126.239 Jul 22 18:04:24 h2779839 sshd[30018]: Invalid user valere from 106.75.126.239 port 58974 Jul 22 18:04:26 h2779839 sshd[30018]: Failed password for invalid user valere from 106.75.126.239 port 58974 ssh2 Jul 22 18:08:12 h2779839 sshd[30075]: Invalid user sentry from 106.75.126.239 port 35300 Jul 22 18:08:12 h2779839 sshd[30075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.126.239 Jul 22 18:08:12 h2779839 sshd[30075]: Invalid user sentry from 106.75.126.239 port 35300 Jul 22 18:08:14 h2779839 sshd[30075]: Failed password for invalid user sentry from 106.75.126.239 port 35300 ssh2 Jul 22 18:11:37 h2779839 sshd[30178]: Invalid user admin from 106.75.126.239 port 39856 ... |
2020-07-23 00:26:07 |
| 106.75.129.76 | attack | " " |
2020-06-22 02:46:53 |
| 106.75.12.192 | attack | Jun 9 21:09:20 hosting sshd[24375]: Invalid user shuttle from 106.75.12.192 port 55212 ... |
2020-06-10 03:13:04 |
| 106.75.12.192 | attackspam | Jun 7 20:06:04 h2646465 sshd[3741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.12.192 user=root Jun 7 20:06:06 h2646465 sshd[3741]: Failed password for root from 106.75.12.192 port 32902 ssh2 Jun 7 20:18:47 h2646465 sshd[4516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.12.192 user=root Jun 7 20:18:49 h2646465 sshd[4516]: Failed password for root from 106.75.12.192 port 39280 ssh2 Jun 7 20:21:21 h2646465 sshd[4711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.12.192 user=root Jun 7 20:21:23 h2646465 sshd[4711]: Failed password for root from 106.75.12.192 port 49298 ssh2 Jun 7 20:23:55 h2646465 sshd[4784]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.12.192 user=root Jun 7 20:23:57 h2646465 sshd[4784]: Failed password for root from 106.75.12.192 port 59314 ssh2 Jun 7 20:26:11 h2646465 sshd[4976]: |
2020-06-08 03:23:52 |
| 106.75.12.192 | attackspambots | 5x Failed Password |
2020-06-06 22:56:50 |
| 106.75.123.95 | attack | Unauthorized connection attempt detected from IP address 106.75.123.95 to port 8088 |
2020-05-30 03:47:40 |
| 106.75.123.95 | attackbotsspam | Unauthorized connection attempt detected from IP address 106.75.123.95 to port 8080 [T] |
2020-05-20 09:58:17 |
| 106.75.123.54 | attackbotsspam | Apr 27 23:11:11 nextcloud sshd\[18340\]: Invalid user karim from 106.75.123.54 Apr 27 23:11:11 nextcloud sshd\[18340\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.123.54 Apr 27 23:11:12 nextcloud sshd\[18340\]: Failed password for invalid user karim from 106.75.123.54 port 50904 ssh2 |
2020-04-28 07:26:21 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.12.247
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57960
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.75.12.247. IN A
;; AUTHORITY SECTION:
. 457 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020080602 1800 900 604800 86400
;; Query time: 75 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 06 15:56:28 CST 2020
;; MSG SIZE rcvd: 117Host 247.12.75.106.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 247.12.75.106.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 182.52.22.6 | attack | Unauthorized connection attempt from IP address 182.52.22.6 on Port 445(SMB) |
2020-01-28 01:26:41 |
| 94.25.169.96 | attackspam | 1580118593 - 01/27/2020 10:49:53 Host: 94.25.169.96/94.25.169.96 Port: 445 TCP Blocked |
2020-01-28 01:26:08 |
| 218.94.72.202 | attackspam | Unauthorized connection attempt detected from IP address 218.94.72.202 to port 2220 [J] |
2020-01-28 01:12:51 |
| 49.149.102.79 | attackspam | Unauthorized connection attempt from IP address 49.149.102.79 on Port 445(SMB) |
2020-01-28 01:09:24 |
| 14.252.4.192 | attackbotsspam | firewall-block, port(s): 445/tcp |
2020-01-28 01:18:31 |
| 188.166.1.95 | attackspam | Jan 27 17:34:37 ns382633 sshd\[19274\]: Invalid user cristian from 188.166.1.95 port 46227 Jan 27 17:34:37 ns382633 sshd\[19274\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.1.95 Jan 27 17:34:39 ns382633 sshd\[19274\]: Failed password for invalid user cristian from 188.166.1.95 port 46227 ssh2 Jan 27 17:52:54 ns382633 sshd\[22849\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.1.95 user=root Jan 27 17:52:57 ns382633 sshd\[22849\]: Failed password for root from 188.166.1.95 port 56317 ssh2 |
2020-01-28 01:42:36 |
| 203.143.84.227 | attackbotsspam | fraudulent SSH attempt |
2020-01-28 01:29:41 |
| 112.200.1.240 | attackspambots | Attempt to attack host OS, exploiting network vulnerabilities, on 27-01-2020 09:50:09. |
2020-01-28 01:05:52 |
| 190.230.171.16 | attackbots | Unauthorized connection attempt detected from IP address 190.230.171.16 to port 2220 [J] |
2020-01-28 01:23:19 |
| 103.231.44.129 | attackbotsspam | 20/1/27@09:00:18: FAIL: Alarm-Network address from=103.231.44.129 ... |
2020-01-28 01:22:07 |
| 49.235.239.215 | attackspambots | Unauthorized connection attempt detected from IP address 49.235.239.215 to port 2220 [J] |
2020-01-28 01:10:22 |
| 134.209.97.228 | attackspam | Unauthorized connection attempt detected from IP address 134.209.97.228 to port 2220 [J] |
2020-01-28 01:16:49 |
| 212.156.51.134 | attackbotsspam | Unauthorized connection attempt from IP address 212.156.51.134 on Port 445(SMB) |
2020-01-28 01:22:49 |
| 69.80.70.115 | attackbotsspam | Unauthorized connection attempt detected from IP address 69.80.70.115 to port 1433 [J] |
2020-01-28 01:27:19 |
| 161.10.238.226 | attackbots | Unauthorized connection attempt detected from IP address 161.10.238.226 to port 2220 [J] |
2020-01-28 01:23:37 |