City: unknown
Region: unknown
Country: China
Internet Service Provider: China Telecom
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 106.75.217.16 | attack | Port probing on unauthorized port 4244 |
2020-10-08 02:08:13 |
| 106.75.217.16 | attackbotsspam | Attempted connection to port 4243. |
2020-10-07 18:16:49 |
| 106.75.211.130 | attackbots | SSH Invalid Login |
2020-10-02 07:16:05 |
| 106.75.211.130 | attack | Oct 1 17:22:48 eventyay sshd[18245]: Failed password for root from 106.75.211.130 port 60690 ssh2 Oct 1 17:26:56 eventyay sshd[21856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.211.130 Oct 1 17:26:57 eventyay sshd[21856]: Failed password for invalid user wpuser from 106.75.211.130 port 44738 ssh2 ... |
2020-10-01 23:47:36 |
| 106.75.211.130 | attackspambots | Invalid user deployer from 106.75.211.130 port 39986 |
2020-10-01 15:53:59 |
| 106.75.218.71 | attackspam | Sep 24 15:34:11 eventyay sshd[31751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.218.71 Sep 24 15:34:12 eventyay sshd[31751]: Failed password for invalid user peng from 106.75.218.71 port 53922 ssh2 Sep 24 15:35:20 eventyay sshd[31757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.218.71 ... |
2020-09-24 22:31:31 |
| 106.75.218.71 | attack | Invalid user desliga from 106.75.218.71 port 37718 |
2020-09-24 14:23:45 |
| 106.75.218.71 | attackbotsspam | Sep 24 03:43:47 NG-HHDC-SVS-001 sshd[2680]: Invalid user plex from 106.75.218.71 ... |
2020-09-24 05:50:59 |
| 106.75.210.176 | attackspambots | 5x Failed Password |
2020-09-13 02:12:09 |
| 106.75.210.176 | attackspambots | $f2bV_matches |
2020-09-12 18:12:47 |
| 106.75.214.102 | attack | Lines containing failures of 106.75.214.102 Sep 9 20:46:14 www sshd[7425]: Invalid user nx from 106.75.214.102 port 33308 Sep 9 20:46:14 www sshd[7425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.102 Sep 9 20:46:16 www sshd[7425]: Failed password for invalid user nx from 106.75.214.102 port 33308 ssh2 Sep 9 20:46:16 www sshd[7425]: Received disconnect from 106.75.214.102 port 33308:11: Bye Bye [preauth] Sep 9 20:46:16 www sshd[7425]: Disconnected from invalid user nx 106.75.214.102 port 33308 [preauth] Sep 9 20:48:45 www sshd[7762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.102 user=r.r Sep 9 20:48:47 www sshd[7762]: Failed password for r.r from 106.75.214.102 port 58240 ssh2 Sep 9 20:48:47 www sshd[7762]: Received disconnect from 106.75.214.102 port 58240:11: Bye Bye [preauth] Sep 9 20:48:47 www sshd[7762]: Disconnected from authenticating user r.r ........ ------------------------------ |
2020-09-12 00:22:02 |
| 106.75.214.102 | attackbots | Lines containing failures of 106.75.214.102 Sep 9 20:46:14 www sshd[7425]: Invalid user nx from 106.75.214.102 port 33308 Sep 9 20:46:14 www sshd[7425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.102 Sep 9 20:46:16 www sshd[7425]: Failed password for invalid user nx from 106.75.214.102 port 33308 ssh2 Sep 9 20:46:16 www sshd[7425]: Received disconnect from 106.75.214.102 port 33308:11: Bye Bye [preauth] Sep 9 20:46:16 www sshd[7425]: Disconnected from invalid user nx 106.75.214.102 port 33308 [preauth] Sep 9 20:48:45 www sshd[7762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.214.102 user=r.r Sep 9 20:48:47 www sshd[7762]: Failed password for r.r from 106.75.214.102 port 58240 ssh2 Sep 9 20:48:47 www sshd[7762]: Received disconnect from 106.75.214.102 port 58240:11: Bye Bye [preauth] Sep 9 20:48:47 www sshd[7762]: Disconnected from authenticating user r.r ........ ------------------------------ |
2020-09-11 16:23:01 |
| 106.75.214.102 | attack | Scanned 3 times in the last 24 hours on port 22 |
2020-09-11 08:34:12 |
| 106.75.210.176 | attackbots | 2020-09-09T12:24:26.713308vps-d63064a2 sshd[14413]: User root from 106.75.210.176 not allowed because not listed in AllowUsers 2020-09-09T12:24:28.471476vps-d63064a2 sshd[14413]: Failed password for invalid user root from 106.75.210.176 port 49556 ssh2 2020-09-09T12:27:47.034623vps-d63064a2 sshd[14467]: User root from 106.75.210.176 not allowed because not listed in AllowUsers 2020-09-09T12:27:47.052607vps-d63064a2 sshd[14467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.210.176 user=root 2020-09-09T12:27:47.034623vps-d63064a2 sshd[14467]: User root from 106.75.210.176 not allowed because not listed in AllowUsers 2020-09-09T12:27:49.052102vps-d63064a2 sshd[14467]: Failed password for invalid user root from 106.75.210.176 port 54288 ssh2 ... |
2020-09-09 20:56:54 |
| 106.75.210.176 | attackspambots | ... |
2020-09-09 14:54:36 |
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '106.75.0.0 - 106.75.255.255'
% Abuse contact for '106.75.0.0 - 106.75.255.255' is 'jacky.jia@ucloud.cn'
inetnum: 106.75.0.0 - 106.75.255.255
netname: UCLOUD-NET
descr: Shanghai UCloud Information Technology Company Limited
country: CN
admin-c: JJ2197-AP
tech-c: JJ2197-AP
abuse-c: AC1601-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-irt: IRT-UCLOUD-NET-CN
mnt-lower: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
last-modified: 2023-11-28T00:56:50Z
source: APNIC
irt: IRT-UCLOUD-NET-CN
address: 2nd Floor 3rd Building No.200 EAST Guoding Road,Yangpu District,Shanghai
e-mail: jacky.jia@ucloud.cn
abuse-mailbox: jacky.jia@ucloud.cn
auth: # Filtered
admin-c: JJ2197-AP
tech-c: JJ2197-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2021-09-01T00:41:22Z
source: APNIC
role: ABUSE CNNICCN
country: ZZ
address: Beijing, China
phone: +000000000
e-mail: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
nic-hdl: AC1601-AP
remarks: Generated from irt object IRT-CNNIC-CN
remarks: ipas@cnnic.cn is invalid
abuse-mailbox: ipas@cnnic.cn
mnt-by: APNIC-ABUSE
last-modified: 2025-09-19T17:20:32Z
source: APNIC
person: Jinhui Jia
e-mail: hegui@ucloud.cn
address: 510,SOHO B,Zhongguancun,Haidian, Beijing
phone: +86-13811069300
country: CN
mnt-by: MAINT-CNNIC-AP
nic-hdl: JJ2197-AP
last-modified: 2022-03-23T06:19:21Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.36-SNAPSHOT (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.21.200
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12070
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;106.75.21.200. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025110700 1800 900 604800 86400
;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 08 01:00:11 CST 2025
;; MSG SIZE rcvd: 106Host 200.21.75.106.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 200.21.75.106.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 81.111.52.38 | attack | Jul 15 22:08:34 sanyalnet-awsem3-1 sshd[32574]: Connection from 81.111.52.38 port 36968 on 172.30.0.184 port 22 Jul 15 22:08:37 sanyalnet-awsem3-1 sshd[32574]: Invalid user mao from 81.111.52.38 Jul 15 22:08:39 sanyalnet-awsem3-1 sshd[32574]: Failed password for invalid user mao from 81.111.52.38 port 36968 ssh2 Jul 15 22:08:39 sanyalnet-awsem3-1 sshd[32574]: Received disconnect from 81.111.52.38: 11: Bye Bye [preauth] Jul 15 22:55:25 sanyalnet-awsem3-1 sshd[2119]: Connection from 81.111.52.38 port 53888 on 172.30.0.184 port 22 Jul 15 22:55:29 sanyalnet-awsem3-1 sshd[2119]: Invalid user xk from 81.111.52.38 Jul 15 22:55:31 sanyalnet-awsem3-1 sshd[2119]: Failed password for invalid user xk from 81.111.52.38 port 53888 ssh2 Jul 15 22:55:31 sanyalnet-awsem3-1 sshd[2119]: Received disconnect from 81.111.52.38: 11: Bye Bye [preauth] Jul 15 23:22:53 sanyalnet-awsem3-1 sshd[3332]: Connection from 81.111.52.38 port 54772 on 172.30.0.184 port 22 Jul 15 23:22:57 sanyalnet-awsem3-........ ------------------------------- |
2019-07-18 16:54:03 |
| 37.210.145.48 | attackbotsspam | Jul 18 03:08:25 keyhelp sshd[14342]: Invalid user admin from 37.210.145.48 Jul 18 03:08:25 keyhelp sshd[14342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.210.145.48 Jul 18 03:08:27 keyhelp sshd[14342]: Failed password for invalid user admin from 37.210.145.48 port 39294 ssh2 Jul 18 03:08:27 keyhelp sshd[14342]: Connection closed by 37.210.145.48 port 39294 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.210.145.48 |
2019-07-18 16:22:44 |
| 171.36.227.57 | attack | TCP port 23 (Telnet) attempt blocked by firewall. [2019-07-18 03:14:27] |
2019-07-18 16:53:09 |
| 91.243.166.216 | attackspam | email spam |
2019-07-18 16:57:21 |
| 81.214.253.122 | attackbotsspam | Netgear DGN Device Remote Command Execution Vulnerability |
2019-07-18 17:07:58 |
| 103.120.224.150 | attackbotsspam | SSH Brute Force, server-1 sshd[2874]: Failed password for invalid user gb from 103.120.224.150 port 1284 ssh2 |
2019-07-18 16:37:34 |
| 202.175.186.211 | attackbotsspam | Jul 18 10:35:10 legacy sshd[9376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.175.186.211 Jul 18 10:35:12 legacy sshd[9376]: Failed password for invalid user nishant from 202.175.186.211 port 55328 ssh2 Jul 18 10:40:26 legacy sshd[9547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.175.186.211 ... |
2019-07-18 16:43:15 |
| 218.92.0.175 | attackspambots | Jul 18 09:23:02 lnxded64 sshd[21933]: Failed password for root from 218.92.0.175 port 48959 ssh2 Jul 18 09:23:05 lnxded64 sshd[21933]: Failed password for root from 218.92.0.175 port 48959 ssh2 Jul 18 09:23:08 lnxded64 sshd[21933]: Failed password for root from 218.92.0.175 port 48959 ssh2 Jul 18 09:23:10 lnxded64 sshd[21933]: Failed password for root from 218.92.0.175 port 48959 ssh2 |
2019-07-18 16:23:54 |
| 149.202.56.194 | attack | Jul 17 12:06:36 vtv3 sshd\[28036\]: Invalid user exim from 149.202.56.194 port 42476 Jul 17 12:06:36 vtv3 sshd\[28036\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.56.194 Jul 17 12:06:38 vtv3 sshd\[28036\]: Failed password for invalid user exim from 149.202.56.194 port 42476 ssh2 Jul 17 12:13:51 vtv3 sshd\[31718\]: Invalid user lee from 149.202.56.194 port 46168 Jul 17 12:13:51 vtv3 sshd\[31718\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.56.194 Jul 17 12:26:42 vtv3 sshd\[5748\]: Invalid user ftptest from 149.202.56.194 port 41102 Jul 17 12:26:42 vtv3 sshd\[5748\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.56.194 Jul 17 12:26:44 vtv3 sshd\[5748\]: Failed password for invalid user ftptest from 149.202.56.194 port 41102 ssh2 Jul 17 12:31:12 vtv3 sshd\[8008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= r |
2019-07-18 17:11:10 |
| 65.48.219.28 | attackbots | Jul 18 06:24:04 microserver sshd[56877]: Invalid user fork from 65.48.219.28 port 59722 Jul 18 06:24:04 microserver sshd[56877]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.48.219.28 Jul 18 06:24:06 microserver sshd[56877]: Failed password for invalid user fork from 65.48.219.28 port 59722 ssh2 Jul 18 06:28:15 microserver sshd[57504]: Invalid user ks from 65.48.219.28 port 43330 Jul 18 06:28:15 microserver sshd[57504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.48.219.28 Jul 18 06:40:38 microserver sshd[59416]: Invalid user toto from 65.48.219.28 port 50622 Jul 18 06:40:38 microserver sshd[59416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.48.219.28 Jul 18 06:40:40 microserver sshd[59416]: Failed password for invalid user toto from 65.48.219.28 port 50622 ssh2 Jul 18 06:44:44 microserver sshd[59667]: Invalid user 6 from 65.48.219.28 port 34224 Jul 18 06:44:44 microserv |
2019-07-18 16:49:14 |
| 81.133.189.239 | attackspambots | Jul 18 10:56:13 localhost sshd\[24986\]: Invalid user bai from 81.133.189.239 port 39204 Jul 18 10:56:13 localhost sshd\[24986\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.133.189.239 Jul 18 10:56:16 localhost sshd\[24986\]: Failed password for invalid user bai from 81.133.189.239 port 39204 ssh2 |
2019-07-18 17:03:59 |
| 165.227.36.93 | attackbotsspam | Jul 18 08:09:36 mail sshd\[28380\]: Failed password for invalid user test from 165.227.36.93 port 46472 ssh2 Jul 18 08:27:27 mail sshd\[28461\]: Invalid user denis from 165.227.36.93 port 60140 Jul 18 08:27:27 mail sshd\[28461\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.36.93 ... |
2019-07-18 16:55:28 |
| 213.32.18.189 | attack | Jul 18 08:30:11 MK-Soft-VM3 sshd\[22970\]: Invalid user rs from 213.32.18.189 port 39560 Jul 18 08:30:11 MK-Soft-VM3 sshd\[22970\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.18.189 Jul 18 08:30:13 MK-Soft-VM3 sshd\[22970\]: Failed password for invalid user rs from 213.32.18.189 port 39560 ssh2 ... |
2019-07-18 17:09:48 |
| 153.36.236.35 | attackspambots | SSH Brute Force, server-1 sshd[24006]: Failed password for root from 153.36.236.35 port 42678 ssh2 |
2019-07-18 16:25:35 |
| 147.135.208.234 | attackspam | SSH Brute Force, server-1 sshd[32486]: Failed password for invalid user joelma from 147.135.208.234 port 53302 ssh2 |
2019-07-18 16:33:50 |