Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:
Type Details Datetime
attackspambots
$f2bV_matches
2020-06-02 17:32:41
attack
Jun  1 00:33:14 vpn01 sshd[27807]: Failed password for root from 106.12.48.78 port 45140 ssh2
...
2020-06-01 06:57:17
attackspambots
May 29 06:08:19 srv-ubuntu-dev3 sshd[35402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.78  user=root
May 29 06:08:22 srv-ubuntu-dev3 sshd[35402]: Failed password for root from 106.12.48.78 port 44472 ssh2
May 29 06:11:37 srv-ubuntu-dev3 sshd[35928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.78  user=root
May 29 06:11:39 srv-ubuntu-dev3 sshd[35928]: Failed password for root from 106.12.48.78 port 59398 ssh2
May 29 06:15:02 srv-ubuntu-dev3 sshd[36482]: Invalid user apache from 106.12.48.78
May 29 06:15:02 srv-ubuntu-dev3 sshd[36482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.78
May 29 06:15:02 srv-ubuntu-dev3 sshd[36482]: Invalid user apache from 106.12.48.78
May 29 06:15:04 srv-ubuntu-dev3 sshd[36482]: Failed password for invalid user apache from 106.12.48.78 port 46106 ssh2
May 29 06:18:10 srv-ubuntu-dev3 sshd[37075]: pa
...
2020-05-29 12:45:22
attackspambots
May 23 22:15:05 sso sshd[30657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.78
May 23 22:15:07 sso sshd[30657]: Failed password for invalid user npd from 106.12.48.78 port 33692 ssh2
...
2020-05-24 05:24:35
attackspambots
prod8
...
2020-04-09 17:09:27
attackbots
k+ssh-bruteforce
2020-04-01 13:25:14
attackspambots
Invalid user bruce from 106.12.48.78 port 41102
2020-03-28 02:37:45
attackspambots
Mar 16 23:07:42 haigwepa sshd[21482]: Failed password for root from 106.12.48.78 port 39142 ssh2
...
2020-03-17 07:12:45
Comments on same subnet:
IP Type Details Datetime
106.12.48.216 attack
Jun 20 22:15:57 zulu412 sshd\[32143\]: Invalid user monitor from 106.12.48.216 port 42510
Jun 20 22:15:57 zulu412 sshd\[32143\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.216
Jun 20 22:16:00 zulu412 sshd\[32143\]: Failed password for invalid user monitor from 106.12.48.216 port 42510 ssh2
...
2020-06-21 04:37:43
106.12.48.216 attackbotsspam
Failed password for invalid user webster from 106.12.48.216 port 58952 ssh2
2020-06-16 18:47:04
106.12.48.216 attack
Jun 15 06:23:10 vps639187 sshd\[15653\]: Invalid user apache from 106.12.48.216 port 45924
Jun 15 06:23:10 vps639187 sshd\[15653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.216
Jun 15 06:23:12 vps639187 sshd\[15653\]: Failed password for invalid user apache from 106.12.48.216 port 45924 ssh2
...
2020-06-15 17:15:25
106.12.48.217 attackspam
2020-06-10T12:36:49.938655shield sshd\[14216\]: Invalid user bay from 106.12.48.217 port 39338
2020-06-10T12:36:49.941143shield sshd\[14216\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217
2020-06-10T12:36:52.431442shield sshd\[14216\]: Failed password for invalid user bay from 106.12.48.217 port 39338 ssh2
2020-06-10T12:41:02.776575shield sshd\[16178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217  user=root
2020-06-10T12:41:04.664938shield sshd\[16178\]: Failed password for root from 106.12.48.217 port 57092 ssh2
2020-06-10 21:48:04
106.12.48.216 attackspam
2020-06-09T19:29:04+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)
2020-06-10 04:14:35
106.12.48.217 attackbots
Jun  6 12:46:16 game-panel sshd[11281]: Failed password for root from 106.12.48.217 port 36852 ssh2
Jun  6 12:49:05 game-panel sshd[11419]: Failed password for root from 106.12.48.217 port 45144 ssh2
2020-06-06 21:04:01
106.12.48.216 attackspam
Brute-force attempt banned
2020-06-06 07:06:17
106.12.48.217 attackbots
SSH Brute-Force reported by Fail2Ban
2020-06-01 01:55:35
106.12.48.217 attackspambots
May 30 06:39:40 web1 sshd[26874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217  user=root
May 30 06:39:41 web1 sshd[26874]: Failed password for root from 106.12.48.217 port 38248 ssh2
May 30 06:44:51 web1 sshd[28127]: Invalid user gogs from 106.12.48.217 port 40886
May 30 06:44:51 web1 sshd[28127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217
May 30 06:44:51 web1 sshd[28127]: Invalid user gogs from 106.12.48.217 port 40886
May 30 06:44:54 web1 sshd[28127]: Failed password for invalid user gogs from 106.12.48.217 port 40886 ssh2
May 30 06:48:15 web1 sshd[28959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217  user=root
May 30 06:48:17 web1 sshd[28959]: Failed password for root from 106.12.48.217 port 54772 ssh2
May 30 06:51:12 web1 sshd[29745]: Invalid user eriksmoen from 106.12.48.217 port 40432
...
2020-05-30 04:56:54
106.12.48.216 attackbotsspam
2020-05-27 14:41:50 server sshd[61577]: Failed password for invalid user root from 106.12.48.216 port 45738 ssh2
2020-05-29 02:13:59
106.12.48.216 attack
$f2bV_matches
2020-05-26 14:47:56
106.12.48.216 attack
Failed password for invalid user zpw from 106.12.48.216 port 33278 ssh2
2020-05-24 01:28:16
106.12.48.217 attack
Invalid user testuser from 106.12.48.217 port 39648
2020-05-17 08:40:32
106.12.48.217 attackspam
May 10 10:30:09 piServer sshd[29651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 
May 10 10:30:11 piServer sshd[29651]: Failed password for invalid user yannick from 106.12.48.217 port 42458 ssh2
May 10 10:39:46 piServer sshd[30436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217 
...
2020-05-10 16:51:32
106.12.48.217 attackbots
May  5 10:58:02 ns382633 sshd\[26690\]: Invalid user ftpuser from 106.12.48.217 port 36582
May  5 10:58:02 ns382633 sshd\[26690\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217
May  5 10:58:04 ns382633 sshd\[26690\]: Failed password for invalid user ftpuser from 106.12.48.217 port 36582 ssh2
May  5 11:15:41 ns382633 sshd\[30210\]: Invalid user niu from 106.12.48.217 port 56850
May  5 11:15:41 ns382633 sshd\[30210\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.48.217
2020-05-06 00:04:49
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.48.78
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29047
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.48.78.			IN	A

;; AUTHORITY SECTION:
.			533	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031601 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 17 07:12:41 CST 2020
;; MSG SIZE  rcvd: 116
Host info
Host 78.48.12.106.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 78.48.12.106.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
84.201.165.126 attack
Aug 31 03:20:03 aiointranet sshd\[17913\]: Invalid user pr from 84.201.165.126
Aug 31 03:20:03 aiointranet sshd\[17913\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.201.165.126
Aug 31 03:20:06 aiointranet sshd\[17913\]: Failed password for invalid user pr from 84.201.165.126 port 55290 ssh2
Aug 31 03:24:23 aiointranet sshd\[18326\]: Invalid user vanessa from 84.201.165.126
Aug 31 03:24:23 aiointranet sshd\[18326\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.201.165.126
2019-08-31 21:29:48
223.25.99.34 attackspam
WordPress wp-login brute force :: 223.25.99.34 0.128 BYPASS [31/Aug/2019:23:16:44  1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
2019-08-31 21:37:19
114.32.218.77 attackbotsspam
Aug 31 02:57:32 eddieflores sshd\[4899\]: Invalid user test3 from 114.32.218.77
Aug 31 02:57:32 eddieflores sshd\[4899\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114-32-218-77.hinet-ip.hinet.net
Aug 31 02:57:33 eddieflores sshd\[4899\]: Failed password for invalid user test3 from 114.32.218.77 port 45623 ssh2
Aug 31 03:02:40 eddieflores sshd\[5480\]: Invalid user iwizservice from 114.32.218.77
Aug 31 03:02:40 eddieflores sshd\[5480\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114-32-218-77.hinet-ip.hinet.net
2019-08-31 21:08:23
31.14.135.117 attack
Aug 31 02:52:03 hanapaa sshd\[20754\]: Invalid user wordpress from 31.14.135.117
Aug 31 02:52:03 hanapaa sshd\[20754\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.14.135.117
Aug 31 02:52:05 hanapaa sshd\[20754\]: Failed password for invalid user wordpress from 31.14.135.117 port 47364 ssh2
Aug 31 02:56:27 hanapaa sshd\[21070\]: Invalid user www from 31.14.135.117
Aug 31 02:56:27 hanapaa sshd\[21070\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.14.135.117
2019-08-31 21:10:19
94.176.77.55 attackspambots
(Aug 31)  LEN=40 TTL=244 ID=52961 DF TCP DPT=23 WINDOW=14600 SYN 
 (Aug 31)  LEN=40 TTL=244 ID=10009 DF TCP DPT=23 WINDOW=14600 SYN 
 (Aug 31)  LEN=40 TTL=244 ID=50994 DF TCP DPT=23 WINDOW=14600 SYN 
 (Aug 31)  LEN=40 TTL=244 ID=26007 DF TCP DPT=23 WINDOW=14600 SYN 
 (Aug 31)  LEN=40 TTL=244 ID=33415 DF TCP DPT=23 WINDOW=14600 SYN 
 (Aug 31)  LEN=40 TTL=244 ID=30593 DF TCP DPT=23 WINDOW=14600 SYN 
 (Aug 31)  LEN=40 TTL=244 ID=13156 DF TCP DPT=23 WINDOW=14600 SYN 
 (Aug 31)  LEN=40 TTL=244 ID=17190 DF TCP DPT=23 WINDOW=14600 SYN 
 (Aug 31)  LEN=40 TTL=244 ID=50474 DF TCP DPT=23 WINDOW=14600 SYN 
 (Aug 31)  LEN=40 TTL=244 ID=31612 DF TCP DPT=23 WINDOW=14600 SYN 
 (Aug 30)  LEN=40 TTL=244 ID=14762 DF TCP DPT=23 WINDOW=14600 SYN 
 (Aug 30)  LEN=40 TTL=244 ID=49134 DF TCP DPT=23 WINDOW=14600 SYN 
 (Aug 30)  LEN=40 TTL=244 ID=22689 DF TCP DPT=23 WINDOW=14600 SYN 
 (Aug 30)  LEN=40 TTL=244 ID=38727 DF TCP DPT=23 WINDOW=14600 SYN 
 (Aug 30)  LEN=40 TTL=244 ID=15203 DF TCP DPT=23 WINDOW=14600 ...
2019-08-31 21:02:52
119.40.55.96 attack
Aug 31 12:43:02 MK-Soft-VM4 sshd\[27629\]: Invalid user postgresql from 119.40.55.96 port 52688
Aug 31 12:43:02 MK-Soft-VM4 sshd\[27629\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.40.55.96
Aug 31 12:43:04 MK-Soft-VM4 sshd\[27629\]: Failed password for invalid user postgresql from 119.40.55.96 port 52688 ssh2
...
2019-08-31 21:00:08
138.68.220.166 attackbotsspam
firewall-block, port(s): 8140/tcp
2019-08-31 21:45:52
206.189.166.172 attack
2019-08-31T15:01:32.731429  sshd[1112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.166.172  user=root
2019-08-31T15:01:34.360482  sshd[1112]: Failed password for root from 206.189.166.172 port 52746 ssh2
2019-08-31T15:06:28.393446  sshd[1164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.166.172  user=root
2019-08-31T15:06:30.323706  sshd[1164]: Failed password for root from 206.189.166.172 port 39818 ssh2
2019-08-31T15:12:14.688797  sshd[1252]: Invalid user test from 206.189.166.172 port 55106
...
2019-08-31 21:17:18
167.71.214.237 attackspam
Aug 31 03:09:04 hcbb sshd\[20797\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.214.237  user=root
Aug 31 03:09:06 hcbb sshd\[20797\]: Failed password for root from 167.71.214.237 port 48188 ssh2
Aug 31 03:13:51 hcbb sshd\[21245\]: Invalid user user from 167.71.214.237
Aug 31 03:13:51 hcbb sshd\[21245\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.214.237
Aug 31 03:13:52 hcbb sshd\[21245\]: Failed password for invalid user user from 167.71.214.237 port 53048 ssh2
2019-08-31 21:27:20
114.108.181.139 attackspam
Aug 31 13:35:01 h2177944 sshd\[13894\]: Invalid user ftpuser1 from 114.108.181.139 port 42984
Aug 31 13:35:01 h2177944 sshd\[13894\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.108.181.139
Aug 31 13:35:03 h2177944 sshd\[13894\]: Failed password for invalid user ftpuser1 from 114.108.181.139 port 42984 ssh2
Aug 31 13:40:43 h2177944 sshd\[14038\]: Invalid user story from 114.108.181.139 port 37976
...
2019-08-31 21:31:09
18.18.248.17 attack
Aug 31 13:40:34 rotator sshd\[12921\]: Failed password for root from 18.18.248.17 port 11158 ssh2Aug 31 13:40:37 rotator sshd\[12921\]: Failed password for root from 18.18.248.17 port 11158 ssh2Aug 31 13:40:39 rotator sshd\[12921\]: Failed password for root from 18.18.248.17 port 11158 ssh2Aug 31 13:40:43 rotator sshd\[12921\]: Failed password for root from 18.18.248.17 port 11158 ssh2Aug 31 13:40:45 rotator sshd\[12921\]: Failed password for root from 18.18.248.17 port 11158 ssh2Aug 31 13:40:48 rotator sshd\[12921\]: Failed password for root from 18.18.248.17 port 11158 ssh2
...
2019-08-31 21:25:22
178.128.23.41 attackspam
Aug 31 03:26:51 lcdev sshd\[13496\]: Invalid user test2test2 from 178.128.23.41
Aug 31 03:26:51 lcdev sshd\[13496\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.23.41
Aug 31 03:26:53 lcdev sshd\[13496\]: Failed password for invalid user test2test2 from 178.128.23.41 port 58108 ssh2
Aug 31 03:31:26 lcdev sshd\[13864\]: Invalid user zheng123 from 178.128.23.41
Aug 31 03:31:26 lcdev sshd\[13864\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.23.41
2019-08-31 21:35:44
112.85.42.88 attack
Aug 31 15:45:57 h2177944 sshd\[19472\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.88  user=root
Aug 31 15:45:59 h2177944 sshd\[19472\]: Failed password for root from 112.85.42.88 port 55194 ssh2
Aug 31 15:46:01 h2177944 sshd\[19472\]: Failed password for root from 112.85.42.88 port 55194 ssh2
Aug 31 15:46:03 h2177944 sshd\[19472\]: Failed password for root from 112.85.42.88 port 55194 ssh2
...
2019-08-31 21:48:07
211.52.103.197 attack
Aug 31 13:36:03 dev0-dcfr-rnet sshd[31887]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.52.103.197
Aug 31 13:36:04 dev0-dcfr-rnet sshd[31887]: Failed password for invalid user granta from 211.52.103.197 port 44804 ssh2
Aug 31 13:40:44 dev0-dcfr-rnet sshd[31916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.52.103.197
2019-08-31 21:29:22
149.28.159.66 attack
fail2ban honeypot
2019-08-31 21:07:17

Recently Reported IPs

190.12.115.8 141.98.11.118 105.226.32.216 123.231.105.184
205.185.122.238 167.89.87.204 186.47.98.2 177.191.213.180
39.38.236.240 165.227.82.48 94.103.202.93 83.220.238.157
181.143.186.235 157.44.198.86 123.195.72.130 109.94.223.130
202.186.147.42 187.188.50.99 78.53.231.222 139.255.53.178