106.75.12.4 — China Unicom Beijing Province Network, CN — High (72%)

Check an IP Address, Domain Name, Subnet, or ASN

106.75.12.4 was found in our database!

Confidence Level

72%

High?

Geolocation

🇨🇳

China

ISPChina Unicom Beijing Province Network

ASNAS4808

Activity Timeline

First seenJan 23, 2026, 03:28 AM

Last seen1h ago

95Sessions

136Events

Protocol Breakdown

SMTP

25 / 36

SIP

18 / 33

HTTP

18 / 18

IMAP

7 / 14

SSH

8 / 12

HTTPS

12 / 12

DOCKER

2 / 5

FTP

2 / 2

TELNET

1 / 2

SMB

1 / 1

RTSP

1 / 1

106.75.12.4 has a high threat confidence level of 72%, originating from China, on the China Unicom Beijing Province Network network (4808). It has been observed across 95 sessions targeting SMTP, SIP, HTTP, IMAP, SSH and 6 other protocols, First observed on January 23, 2026, most recently active March 5, 2026.

Behaviors

Classified behavioral patterns observed

Http Root Path Request

info8x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

Smtp Tls Capability Probe

info2x

Automated SMTP interaction performing a minimal capability check by issuing EHLO followed by a STARTTLS upgrade request and immediately terminating the session. This pattern is commonly associated with internet-wide scanners, security research crawlers, or opportunistic bots verifying whether an SMTP service supports encrypted communication. The absence of authentication attempts or message submission indicates reconnaissance or service fingerprinting rather than active abuse.

Ftp Tls Upgrade

info1x

FTP session where the client issues AUTH TLS to upgrade the connection to Transport Layer Security. This reflects protocol-level encryption negotiation prior to further interaction.

Https Root Path Request

info1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

Primitives

Individual actions observed

Smtp Ehlo Greeting11 Http Method Get9 Smtp Starttls Upgrade Request5 Docker Get Method2 Ftp Auth Tls1 Rtsp Options1 Ftp User Probe1 Https Path Root1 Http Path Bad Request1 Docker List Containers Endpoint1

Related Threats

Explore related threat intelligence

🇨🇳More threats fromChina ASMore threats fromChina Unicom Beijing Province Network SMTPMore threats targetingSMTP SIPMore threats targetingSIP HTTPMore threats targetingHTTP IMAPMore threats targetingIMAP SSHMore threats targetingSSH HTTPSMore threats targetingHTTPS DOCKERMore threats targetingDOCKER FTPMore threats targetingFTP TELNETMore threats targetingTELNET SMBMore threats targetingSMB RTSPMore threats targetingRTSP { }Browse allAttack Patterns

WHOIS Lookup

IP Address	Confidence	Events
125.34.171.202	100%	14,664
106.75.10.97	48%	66
106.75.15.181	74%	124
117.50.70.125	100%	492
106.75.13.182	63%	221

IP Address	Confidence	Events
218.92.212.222	80%	13,396
125.124.42.183	100%	827
8.162.14.145	85%	8,844
101.126.143.178	92%	43
121.43.151.100	77%	8,885