106.12.48.78 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	$f2bV_matches	2020-06-02 17:32:41
attack	Jun 1 00:33:14 vpn01 sshd[27807]: Failed password for root from 106.12.48.78 port 45140 ssh2 ...	2020-06-01 06:57:17
attackspambots	May 29 06:08:19 srv-ubuntu-dev3 sshd[35402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.78 user=root May 29 06:08:22 srv-ubuntu-dev3 sshd[35402]: Failed password for root from 106.12.48.78 port 44472 ssh2 May 29 06:11:37 srv-ubuntu-dev3 sshd[35928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.78 user=root May 29 06:11:39 srv-ubuntu-dev3 sshd[35928]: Failed password for root from 106.12.48.78 port 59398 ssh2 May 29 06:15:02 srv-ubuntu-dev3 sshd[36482]: Invalid user apache from 106.12.48.78 May 29 06:15:02 srv-ubuntu-dev3 sshd[36482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.78 May 29 06:15:02 srv-ubuntu-dev3 sshd[36482]: Invalid user apache from 106.12.48.78 May 29 06:15:04 srv-ubuntu-dev3 sshd[36482]: Failed password for invalid user apache from 106.12.48.78 port 46106 ssh2 May 29 06:18:10 srv-ubuntu-dev3 sshd[37075]: pa ...	2020-05-29 12:45:22
attackspambots	May 23 22:15:05 sso sshd[30657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.78 May 23 22:15:07 sso sshd[30657]: Failed password for invalid user npd from 106.12.48.78 port 33692 ssh2 ...	2020-05-24 05:24:35
attackspambots	prod8 ...	2020-04-09 17:09:27
attackbots	k+ssh-bruteforce	2020-04-01 13:25:14
attackspambots	Invalid user bruce from 106.12.48.78 port 41102	2020-03-28 02:37:45
attackspambots	Mar 16 23:07:42 haigwepa sshd[21482]: Failed password for root from 106.12.48.78 port 39142 ssh2 ...	2020-03-17 07:12:45

Comments on same subnet:

IP	Type	Details	Datetime
106.12.48.216	attack	Jun 20 22:15:57 zulu412 sshd\[32143\]: Invalid user monitor from 106.12.48.216 port 42510 Jun 20 22:15:57 zulu412 sshd\[32143\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.216 Jun 20 22:16:00 zulu412 sshd\[32143\]: Failed password for invalid user monitor from 106.12.48.216 port 42510 ssh2 ...	2020-06-21 04:37:43
106.12.48.216	attackbotsspam	Failed password for invalid user webster from 106.12.48.216 port 58952 ssh2	2020-06-16 18:47:04
106.12.48.216	attack	Jun 15 06:23:10 vps639187 sshd\[15653\]: Invalid user apache from 106.12.48.216 port 45924 Jun 15 06:23:10 vps639187 sshd\[15653\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.216 Jun 15 06:23:12 vps639187 sshd\[15653\]: Failed password for invalid user apache from 106.12.48.216 port 45924 ssh2 ...	2020-06-15 17:15:25
106.12.48.217	attackspam	2020-06-10T12:36:49.938655shield sshd\[14216\]: Invalid user bay from 106.12.48.217 port 39338 2020-06-10T12:36:49.941143shield sshd\[14216\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 2020-06-10T12:36:52.431442shield sshd\[14216\]: Failed password for invalid user bay from 106.12.48.217 port 39338 ssh2 2020-06-10T12:41:02.776575shield sshd\[16178\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 user=root 2020-06-10T12:41:04.664938shield sshd\[16178\]: Failed password for root from 106.12.48.217 port 57092 ssh2	2020-06-10 21:48:04
106.12.48.216	attackspam	2020-06-09T19:29:04+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-06-10 04:14:35
106.12.48.217	attackbots	Jun 6 12:46:16 game-panel sshd[11281]: Failed password for root from 106.12.48.217 port 36852 ssh2 Jun 6 12:49:05 game-panel sshd[11419]: Failed password for root from 106.12.48.217 port 45144 ssh2	2020-06-06 21:04:01
106.12.48.216	attackspam	Brute-force attempt banned	2020-06-06 07:06:17
106.12.48.217	attackbots	SSH Brute-Force reported by Fail2Ban	2020-06-01 01:55:35
106.12.48.217	attackspambots	May 30 06:39:40 web1 sshd[26874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 user=root May 30 06:39:41 web1 sshd[26874]: Failed password for root from 106.12.48.217 port 38248 ssh2 May 30 06:44:51 web1 sshd[28127]: Invalid user gogs from 106.12.48.217 port 40886 May 30 06:44:51 web1 sshd[28127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 May 30 06:44:51 web1 sshd[28127]: Invalid user gogs from 106.12.48.217 port 40886 May 30 06:44:54 web1 sshd[28127]: Failed password for invalid user gogs from 106.12.48.217 port 40886 ssh2 May 30 06:48:15 web1 sshd[28959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 user=root May 30 06:48:17 web1 sshd[28959]: Failed password for root from 106.12.48.217 port 54772 ssh2 May 30 06:51:12 web1 sshd[29745]: Invalid user eriksmoen from 106.12.48.217 port 40432 ...	2020-05-30 04:56:54
106.12.48.216	attackbotsspam	2020-05-27 14:41:50 server sshd[61577]: Failed password for invalid user root from 106.12.48.216 port 45738 ssh2	2020-05-29 02:13:59
106.12.48.216	attack	$f2bV_matches	2020-05-26 14:47:56
106.12.48.216	attack	Failed password for invalid user zpw from 106.12.48.216 port 33278 ssh2	2020-05-24 01:28:16
106.12.48.217	attack	Invalid user testuser from 106.12.48.217 port 39648	2020-05-17 08:40:32
106.12.48.217	attackspam	May 10 10:30:09 piServer sshd[29651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 May 10 10:30:11 piServer sshd[29651]: Failed password for invalid user yannick from 106.12.48.217 port 42458 ssh2 May 10 10:39:46 piServer sshd[30436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 ...	2020-05-10 16:51:32
106.12.48.217	attackbots	May 5 10:58:02 ns382633 sshd\[26690\]: Invalid user ftpuser from 106.12.48.217 port 36582 May 5 10:58:02 ns382633 sshd\[26690\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 May 5 10:58:04 ns382633 sshd\[26690\]: Failed password for invalid user ftpuser from 106.12.48.217 port 36582 ssh2 May 5 11:15:41 ns382633 sshd\[30210\]: Invalid user niu from 106.12.48.217 port 56850 May 5 11:15:41 ns382633 sshd\[30210\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217	2020-05-06 00:04:49

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.48.78
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29047
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.48.78.			IN	A

;; AUTHORITY SECTION:
.			533	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031601 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 17 07:12:41 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 78.48.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 78.48.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.184.136	attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-11T12:11:10Z and 2020-08-11T12:20:12Z	2020-08-11 23:29:01
100.37.2.156	attackbotsspam	TCP (SYN) 100.37.2.156:36374 -> port 9530, len 44	2020-08-11 23:43:46
106.51.113.15	attackspambots	2020-08-11T15:07:11.034769lavrinenko.info sshd[18753]: Failed password for root from 106.51.113.15 port 46020 ssh2 2020-08-11T15:08:45.233829lavrinenko.info sshd[18901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.113.15 user=root 2020-08-11T15:08:47.213882lavrinenko.info sshd[18901]: Failed password for root from 106.51.113.15 port 57578 ssh2 2020-08-11T15:10:28.089966lavrinenko.info sshd[18946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.113.15 user=root 2020-08-11T15:10:30.541937lavrinenko.info sshd[18946]: Failed password for root from 106.51.113.15 port 41161 ssh2 ...	2020-08-11 23:50:06
112.85.42.89	attackbotsspam	Aug 11 20:52:35 dhoomketu sshd[2294628]: Failed password for root from 112.85.42.89 port 33046 ssh2 Aug 11 20:52:38 dhoomketu sshd[2294628]: Failed password for root from 112.85.42.89 port 33046 ssh2 Aug 11 20:52:41 dhoomketu sshd[2294628]: Failed password for root from 112.85.42.89 port 33046 ssh2 Aug 11 20:53:48 dhoomketu sshd[2294638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.89 user=root Aug 11 20:53:50 dhoomketu sshd[2294638]: Failed password for root from 112.85.42.89 port 45678 ssh2 ...	2020-08-11 23:24:25
103.111.116.110	attackbotsspam	20/8/11@08:10:55: FAIL: Alarm-Network address from=103.111.116.110 ...	2020-08-11 23:27:07
114.67.123.3	attack	leo_www	2020-08-11 23:55:07
192.169.200.135	attackspambots	php WP PHPmyadamin ABUSE blocked for 12h	2020-08-11 23:51:10
162.243.116.41	attackbotsspam	Aug 11 15:33:37 OPSO sshd\[17282\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.116.41 user=root Aug 11 15:33:39 OPSO sshd\[17282\]: Failed password for root from 162.243.116.41 port 55726 ssh2 Aug 11 15:37:08 OPSO sshd\[17882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.116.41 user=root Aug 11 15:37:10 OPSO sshd\[17882\]: Failed password for root from 162.243.116.41 port 52538 ssh2 Aug 11 15:40:41 OPSO sshd\[18439\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.116.41 user=root	2020-08-11 23:27:42
61.177.172.142	attackspam	Aug 11 07:57:46 dignus sshd[20886]: Failed password for root from 61.177.172.142 port 23963 ssh2 Aug 11 07:57:50 dignus sshd[20886]: Failed password for root from 61.177.172.142 port 23963 ssh2 Aug 11 07:57:53 dignus sshd[20886]: Failed password for root from 61.177.172.142 port 23963 ssh2 Aug 11 07:57:57 dignus sshd[20886]: Failed password for root from 61.177.172.142 port 23963 ssh2 Aug 11 07:58:00 dignus sshd[20886]: Failed password for root from 61.177.172.142 port 23963 ssh2 ...	2020-08-11 23:28:04
34.94.247.253	attackspam	Detected by ModSecurity. Request URI: /wp-login.php	2020-08-11 23:31:30
178.32.124.62	attack	Aug 10 04:51:06 spidey sshd[22936]: Invalid user admin from 178.32.124.62 port 35416 Aug 10 04:51:10 spidey sshd[22936]: error: PAM: User not known to the underlying authentication module for illegal user admin from 178.32.124.62 Aug 10 04:51:06 spidey sshd[22936]: Invalid user admin from 178.32.124.62 port 35416 Aug 10 04:51:10 spidey sshd[22936]: error: PAM: User not known to the underlying authentication module for illegal user admin from 178.32.124.62 Aug 10 04:51:06 spidey sshd[22936]: Invalid user admin from 178.32.124.62 port 35416 Aug 10 04:51:10 spidey sshd[22936]: error: PAM: User not known to the underlying authentication module for illegal user admin from 178.32.124.62 Aug 10 04:51:10 spidey sshd[22936]: Failed keyboard-interactive/pam for invalid user admin from 178.32.124.62 port 35416 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=178.32.124.62	2020-08-11 23:26:07
27.150.169.223	attackbots	Aug 11 15:32:16 vps647732 sshd[18873]: Failed password for root from 27.150.169.223 port 60903 ssh2 ...	2020-08-11 23:57:30
192.241.222.191	attackspam	firewall-block, port(s): 9042/tcp	2020-08-12 00:00:26
142.93.73.89	attackspam	142.93.73.89 - - [11/Aug/2020:14:10:37 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.73.89 - - [11/Aug/2020:14:10:38 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.73.89 - - [11/Aug/2020:14:10:39 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-11 23:42:40
112.243.7.250	attackspam	firewall-block, port(s): 2323/tcp	2020-08-12 00:05:21

Recently Reported IPs

190.12.115.8	141.98.11.118	105.226.32.216	123.231.105.184
205.185.122.238	167.89.87.204	186.47.98.2	177.191.213.180
39.38.236.240	165.227.82.48	94.103.202.93	83.220.238.157
181.143.186.235	157.44.198.86	123.195.72.130	109.94.223.130
202.186.147.42	187.188.50.99	78.53.231.222	139.255.53.178