106.12.48.217 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	2020-06-10T12:36:49.938655shield sshd\[14216\]: Invalid user bay from 106.12.48.217 port 39338 2020-06-10T12:36:49.941143shield sshd\[14216\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 2020-06-10T12:36:52.431442shield sshd\[14216\]: Failed password for invalid user bay from 106.12.48.217 port 39338 ssh2 2020-06-10T12:41:02.776575shield sshd\[16178\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 user=root 2020-06-10T12:41:04.664938shield sshd\[16178\]: Failed password for root from 106.12.48.217 port 57092 ssh2	2020-06-10 21:48:04
attackbots	Jun 6 12:46:16 game-panel sshd[11281]: Failed password for root from 106.12.48.217 port 36852 ssh2 Jun 6 12:49:05 game-panel sshd[11419]: Failed password for root from 106.12.48.217 port 45144 ssh2	2020-06-06 21:04:01
attackbots	SSH Brute-Force reported by Fail2Ban	2020-06-01 01:55:35
attackspambots	May 30 06:39:40 web1 sshd[26874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 user=root May 30 06:39:41 web1 sshd[26874]: Failed password for root from 106.12.48.217 port 38248 ssh2 May 30 06:44:51 web1 sshd[28127]: Invalid user gogs from 106.12.48.217 port 40886 May 30 06:44:51 web1 sshd[28127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 May 30 06:44:51 web1 sshd[28127]: Invalid user gogs from 106.12.48.217 port 40886 May 30 06:44:54 web1 sshd[28127]: Failed password for invalid user gogs from 106.12.48.217 port 40886 ssh2 May 30 06:48:15 web1 sshd[28959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 user=root May 30 06:48:17 web1 sshd[28959]: Failed password for root from 106.12.48.217 port 54772 ssh2 May 30 06:51:12 web1 sshd[29745]: Invalid user eriksmoen from 106.12.48.217 port 40432 ...	2020-05-30 04:56:54
attack	Invalid user testuser from 106.12.48.217 port 39648	2020-05-17 08:40:32
attackspam	May 10 10:30:09 piServer sshd[29651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 May 10 10:30:11 piServer sshd[29651]: Failed password for invalid user yannick from 106.12.48.217 port 42458 ssh2 May 10 10:39:46 piServer sshd[30436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 ...	2020-05-10 16:51:32
attackbots	May 5 10:58:02 ns382633 sshd\[26690\]: Invalid user ftpuser from 106.12.48.217 port 36582 May 5 10:58:02 ns382633 sshd\[26690\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 May 5 10:58:04 ns382633 sshd\[26690\]: Failed password for invalid user ftpuser from 106.12.48.217 port 36582 ssh2 May 5 11:15:41 ns382633 sshd\[30210\]: Invalid user niu from 106.12.48.217 port 56850 May 5 11:15:41 ns382633 sshd\[30210\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217	2020-05-06 00:04:49
attackbotsspam	Jan 3 01:33:40 ms-srv sshd[30325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 Jan 3 01:33:42 ms-srv sshd[30325]: Failed password for invalid user trn from 106.12.48.217 port 52526 ssh2	2020-04-26 18:09:23
attack	2020-04-10T07:02:57.449501shield sshd\[29500\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 user=root 2020-04-10T07:02:59.434123shield sshd\[29500\]: Failed password for root from 106.12.48.217 port 50296 ssh2 2020-04-10T07:06:30.657454shield sshd\[30234\]: Invalid user admin from 106.12.48.217 port 34328 2020-04-10T07:06:30.661188shield sshd\[30234\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 2020-04-10T07:06:32.886748shield sshd\[30234\]: Failed password for invalid user admin from 106.12.48.217 port 34328 ssh2	2020-04-10 15:06:54
attack	SSH bruteforce (Triggered fail2ban)	2020-03-30 13:20:16
attack	Invalid user yle from 106.12.48.217 port 51204	2020-03-28 09:25:31
attackbotsspam	Mar 18 08:25:32 server1 sshd\[11518\]: Invalid user influxdb from 106.12.48.217 Mar 18 08:25:32 server1 sshd\[11518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 Mar 18 08:25:34 server1 sshd\[11518\]: Failed password for invalid user influxdb from 106.12.48.217 port 47616 ssh2 Mar 18 08:29:27 server1 sshd\[12495\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 user=root Mar 18 08:29:29 server1 sshd\[12495\]: Failed password for root from 106.12.48.217 port 60872 ssh2 ...	2020-03-19 02:34:09
attack	Mar 5 11:44:27 vps647732 sshd[19484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 Mar 5 11:44:29 vps647732 sshd[19484]: Failed password for invalid user omn from 106.12.48.217 port 59056 ssh2 ...	2020-03-05 18:53:55
attack	Unauthorized connection attempt detected from IP address 106.12.48.217 to port 2220 [J]	2020-01-13 00:35:23
attackspam	Dec 21 00:09:10 web9 sshd\[17861\]: Invalid user darth from 106.12.48.217 Dec 21 00:09:10 web9 sshd\[17861\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 Dec 21 00:09:12 web9 sshd\[17861\]: Failed password for invalid user darth from 106.12.48.217 port 42938 ssh2 Dec 21 00:15:20 web9 sshd\[18880\]: Invalid user kiyohisa from 106.12.48.217 Dec 21 00:15:20 web9 sshd\[18880\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217	2019-12-21 18:19:41
attackspam	Dec 14 00:56:20 srv206 sshd[2742]: Invalid user test from 106.12.48.217 ...	2019-12-14 08:11:25
attackspam	Dec 8 09:08:20 loxhost sshd\[6960\]: Invalid user thornber from 106.12.48.217 port 34256 Dec 8 09:08:20 loxhost sshd\[6960\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 Dec 8 09:08:23 loxhost sshd\[6960\]: Failed password for invalid user thornber from 106.12.48.217 port 34256 ssh2 Dec 8 09:15:27 loxhost sshd\[7271\]: Invalid user Admin@2017 from 106.12.48.217 port 33102 Dec 8 09:15:27 loxhost sshd\[7271\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 ...	2019-12-08 18:46:39
attackspambots	SSH bruteforce (Triggered fail2ban)	2019-12-04 03:57:16
attackspambots	2019-11-13T10:16:54.555103abusebot-7.cloudsearch.cf sshd\[27874\]: Invalid user ts3 from 106.12.48.217 port 53710	2019-11-13 18:17:50
attack	2019-11-10T10:32:37.560214abusebot-5.cloudsearch.cf sshd\[24502\]: Invalid user easyidc from 106.12.48.217 port 56662	2019-11-10 21:06:54
attack	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 user=root Failed password for root from 106.12.48.217 port 56154 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 user=root Failed password for root from 106.12.48.217 port 36116 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 user=root	2019-10-31 17:56:53
attackspam	$f2bV_matches	2019-10-14 12:24:29
attackbots	Oct 6 13:55:47 kmh-mb-001 sshd[14337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 user=r.r Oct 6 13:55:49 kmh-mb-001 sshd[14337]: Failed password for r.r from 106.12.48.217 port 34176 ssh2 Oct 6 13:55:49 kmh-mb-001 sshd[14337]: Received disconnect from 106.12.48.217 port 34176:11: Bye Bye [preauth] Oct 6 13:55:49 kmh-mb-001 sshd[14337]: Disconnected from 106.12.48.217 port 34176 [preauth] Oct 6 14:04:46 kmh-mb-001 sshd[14996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 user=r.r Oct 6 14:04:48 kmh-mb-001 sshd[14996]: Failed password for r.r from 106.12.48.217 port 52842 ssh2 Oct 6 14:04:48 kmh-mb-001 sshd[14996]: Received disconnect from 106.12.48.217 port 52842:11: Bye Bye [preauth] Oct 6 14:04:48 kmh-mb-001 sshd[14996]: Disconnected from 106.12.48.217 port 52842 [preauth] Oct 6 14:10:44 kmh-mb-001 sshd[15264]: pam_unix(sshd:auth): authenticat........ -------------------------------	2019-10-08 23:36:14
attackspambots	Oct 4 22:10:45 www_kotimaassa_fi sshd[23943]: Failed password for root from 106.12.48.217 port 58814 ssh2 ...	2019-10-05 06:35:32

Comments on same subnet:

IP	Type	Details	Datetime
106.12.48.216	attack	Jun 20 22:15:57 zulu412 sshd\[32143\]: Invalid user monitor from 106.12.48.216 port 42510 Jun 20 22:15:57 zulu412 sshd\[32143\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.216 Jun 20 22:16:00 zulu412 sshd\[32143\]: Failed password for invalid user monitor from 106.12.48.216 port 42510 ssh2 ...	2020-06-21 04:37:43
106.12.48.216	attackbotsspam	Failed password for invalid user webster from 106.12.48.216 port 58952 ssh2	2020-06-16 18:47:04
106.12.48.216	attack	Jun 15 06:23:10 vps639187 sshd\[15653\]: Invalid user apache from 106.12.48.216 port 45924 Jun 15 06:23:10 vps639187 sshd\[15653\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.216 Jun 15 06:23:12 vps639187 sshd\[15653\]: Failed password for invalid user apache from 106.12.48.216 port 45924 ssh2 ...	2020-06-15 17:15:25
106.12.48.216	attackspam	2020-06-09T19:29:04+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-06-10 04:14:35
106.12.48.216	attackspam	Brute-force attempt banned	2020-06-06 07:06:17
106.12.48.78	attackspambots	$f2bV_matches	2020-06-02 17:32:41
106.12.48.78	attack	Jun 1 00:33:14 vpn01 sshd[27807]: Failed password for root from 106.12.48.78 port 45140 ssh2 ...	2020-06-01 06:57:17
106.12.48.78	attackspambots	May 29 06:08:19 srv-ubuntu-dev3 sshd[35402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.78 user=root May 29 06:08:22 srv-ubuntu-dev3 sshd[35402]: Failed password for root from 106.12.48.78 port 44472 ssh2 May 29 06:11:37 srv-ubuntu-dev3 sshd[35928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.78 user=root May 29 06:11:39 srv-ubuntu-dev3 sshd[35928]: Failed password for root from 106.12.48.78 port 59398 ssh2 May 29 06:15:02 srv-ubuntu-dev3 sshd[36482]: Invalid user apache from 106.12.48.78 May 29 06:15:02 srv-ubuntu-dev3 sshd[36482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.78 May 29 06:15:02 srv-ubuntu-dev3 sshd[36482]: Invalid user apache from 106.12.48.78 May 29 06:15:04 srv-ubuntu-dev3 sshd[36482]: Failed password for invalid user apache from 106.12.48.78 port 46106 ssh2 May 29 06:18:10 srv-ubuntu-dev3 sshd[37075]: pa ...	2020-05-29 12:45:22
106.12.48.216	attackbotsspam	2020-05-27 14:41:50 server sshd[61577]: Failed password for invalid user root from 106.12.48.216 port 45738 ssh2	2020-05-29 02:13:59
106.12.48.216	attack	$f2bV_matches	2020-05-26 14:47:56
106.12.48.78	attackspambots	May 23 22:15:05 sso sshd[30657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.78 May 23 22:15:07 sso sshd[30657]: Failed password for invalid user npd from 106.12.48.78 port 33692 ssh2 ...	2020-05-24 05:24:35
106.12.48.216	attack	Failed password for invalid user zpw from 106.12.48.216 port 33278 ssh2	2020-05-24 01:28:16
106.12.48.216	attackspambots	$f2bV_matches	2020-05-04 17:39:29
106.12.48.216	attackspam	2020-05-03T03:54:15.856803homeassistant sshd[19290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.216 user=root 2020-05-03T03:54:17.475952homeassistant sshd[19290]: Failed password for root from 106.12.48.216 port 43116 ssh2 ...	2020-05-03 14:27:53
106.12.48.30	attack	SSH Brute Force	2020-04-29 13:08:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.48.217
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57408
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.48.217.			IN	A

;; AUTHORITY SECTION:
.			156	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100402 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 05 06:35:29 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 217.48.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 217.48.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
220.143.4.39	attack	Telnet Server BruteForce Attack	2019-11-06 20:25:30
146.185.181.37	attackspam	2019-11-06T10:43:58.545550abusebot-5.cloudsearch.cf sshd\[6435\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.181.37 user=root	2019-11-06 20:53:50
46.161.27.133	attack	Password spraying hacking attempt via VPN	2019-11-06 20:38:17
36.67.106.109	attackspambots	Automatic report - Banned IP Access	2019-11-06 20:58:21
37.187.157.170	attack	Automatic report - XMLRPC Attack	2019-11-06 21:07:06
35.233.101.146	attackbots	Nov 6 02:42:49 auw2 sshd\[25698\]: Invalid user ines from 35.233.101.146 Nov 6 02:42:49 auw2 sshd\[25698\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.101.233.35.bc.googleusercontent.com Nov 6 02:42:51 auw2 sshd\[25698\]: Failed password for invalid user ines from 35.233.101.146 port 42196 ssh2 Nov 6 02:46:39 auw2 sshd\[26029\]: Invalid user pptpd from 35.233.101.146 Nov 6 02:46:39 auw2 sshd\[26029\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.101.233.35.bc.googleusercontent.com	2019-11-06 20:47:10
93.39.104.224	attackbotsspam	Nov 6 14:04:27 server sshd\[32132\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93-39-104-224.ip75.fastwebnet.it user=root Nov 6 14:04:29 server sshd\[32132\]: Failed password for root from 93.39.104.224 port 53082 ssh2 Nov 6 14:13:02 server sshd\[1977\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93-39-104-224.ip75.fastwebnet.it user=root Nov 6 14:13:04 server sshd\[1977\]: Failed password for root from 93.39.104.224 port 44514 ssh2 Nov 6 14:16:33 server sshd\[2982\]: Invalid user sysop from 93.39.104.224 Nov 6 14:16:33 server sshd\[2982\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93-39-104-224.ip75.fastwebnet.it ...	2019-11-06 20:41:17
139.59.59.75	attackspambots	B: zzZZzz blocked content access	2019-11-06 20:49:15
45.82.32.207	attack	Lines containing failures of 45.82.32.207 Nov 6 06:16:34 shared04 postfix/smtpd[20363]: connect from sense.oliviertylczak.com[45.82.32.207] Nov 6 06:16:35 shared04 policyd-spf[22387]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=45.82.32.207; helo=sense.lnndc.com; envelope-from=x@x Nov x@x Nov 6 06:16:36 shared04 postfix/smtpd[20363]: disconnect from sense.oliviertylczak.com[45.82.32.207] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Nov 6 06:17:13 shared04 postfix/smtpd[13784]: connect from sense.oliviertylczak.com[45.82.32.207] Nov 6 06:17:13 shared04 policyd-spf[22593]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=45.82.32.207; helo=sense.lnndc.com; envelope-from=x@x Nov x@x Nov 6 06:17:13 shared04 postfix/smtpd[13784]: disconnect from sense.oliviertylczak.com[45.82.32.207] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Nov 6 06:17:43 shared04 postfix/smtpd[23645]: connect from sense........ ------------------------------	2019-11-06 20:37:10
106.13.23.149	attack	Nov 6 19:13:51 itv-usvr-01 sshd[15015]: Invalid user 123 from 106.13.23.149 Nov 6 19:13:51 itv-usvr-01 sshd[15015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.23.149 Nov 6 19:13:51 itv-usvr-01 sshd[15015]: Invalid user 123 from 106.13.23.149 Nov 6 19:13:53 itv-usvr-01 sshd[15015]: Failed password for invalid user 123 from 106.13.23.149 port 44678 ssh2 Nov 6 19:19:46 itv-usvr-01 sshd[15253]: Invalid user asdfasdfasdf from 106.13.23.149	2019-11-06 20:39:43
103.111.86.241	attackspambots	ssh failed login	2019-11-06 20:42:53
198.108.67.134	attackspambots	198.108.67.134 was recorded 6 times by 6 hosts attempting to connect to the following ports: 1433,23,8080,4567,8090. Incident counter (4h, 24h, all-time): 6, 23, 65	2019-11-06 21:07:33
213.87.126.109	attack	Chat Spam	2019-11-06 20:51:47
46.38.144.57	attack	Nov 6 13:26:42 vmanager6029 postfix/smtpd\[31338\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 6 13:27:52 vmanager6029 postfix/smtpd\[31338\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-06 20:29:17
103.113.3.154	attackbots	Automatic report - Banned IP Access	2019-11-06 20:40:08

Recently Reported IPs

14.169.219.60	113.178.65.141	211.17.180.102	137.163.190.239
4.135.47.38	45.107.137.171	62.226.213.77	67.177.142.155
93.89.171.22	78.190.123.248	46.181.148.168	220.141.124.200
180.248.241.226	94.220.120.192	46.149.92.178	36.238.104.223
197.47.113.196	190.207.86.168	187.189.168.155	186.15.120.237