106.13.48.1 - IPInfo

Basic Info

City: unknown

Region: Beijing

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	SSH login attempts with user root at 2020-01-02.	2020-01-03 03:25:28

Comments on same subnet:

IP	Type	Details	Datetime
106.13.48.9	attackbotsspam	Oct 8 21:59:31 hidden sshd[4418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.9 Oct 8 21:59:33 hidden sshd[4418]: Failed password for invalid user kevin from 106.13.48.9 port 40514 ssh2 Oct 8 22:16:27 hidden sshd[11400]: Invalid user info from 106.13.48.9 port 38028	2020-10-10 04:46:19
106.13.48.9	attack	SSH bruteforce	2020-10-09 20:45:22
106.13.48.9	attackspam	2020-10-09T04:48:40+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-10-09 12:31:36
106.13.48.122	attack	firewall-block, port(s): 14602/tcp	2020-09-06 20:34:34
106.13.48.122	attackspam	TCP (SYN) 106.13.48.122:47133 -> port 27055, len 44	2020-09-06 12:14:05
106.13.48.122	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-06 04:36:40
106.13.48.122	attack	Aug 11 22:32:14 Ubuntu-1404-trusty-64-minimal sshd\[13632\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 user=root Aug 11 22:32:16 Ubuntu-1404-trusty-64-minimal sshd\[13632\]: Failed password for root from 106.13.48.122 port 42005 ssh2 Aug 11 22:35:19 Ubuntu-1404-trusty-64-minimal sshd\[14456\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 user=root Aug 11 22:35:21 Ubuntu-1404-trusty-64-minimal sshd\[14456\]: Failed password for root from 106.13.48.122 port 61109 ssh2 Aug 11 22:36:39 Ubuntu-1404-trusty-64-minimal sshd\[14851\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 user=root	2020-08-12 05:44:27
106.13.48.122	attack	Unauthorized connection attempt detected from IP address 106.13.48.122 to port 8812	2020-07-25 16:06:07
106.13.48.122	attack	Unauthorized connection attempt detected from IP address 106.13.48.122 to port 768 [T]	2020-07-08 02:06:02
106.13.48.122	attackbots	Jul 6 16:56:18 ift sshd\[32718\]: Invalid user zxc from 106.13.48.122Jul 6 16:56:19 ift sshd\[32718\]: Failed password for invalid user zxc from 106.13.48.122 port 29093 ssh2Jul 6 16:59:16 ift sshd\[33111\]: Failed password for invalid user admin from 106.13.48.122 port 50249 ssh2Jul 6 17:02:02 ift sshd\[34103\]: Invalid user zhangfeng from 106.13.48.122Jul 6 17:02:04 ift sshd\[34103\]: Failed password for invalid user zhangfeng from 106.13.48.122 port 14912 ssh2 ...	2020-07-07 01:17:17
106.13.48.122	attackspam	Jul 5 05:48:37 meumeu sshd[538171]: Invalid user wor from 106.13.48.122 port 40808 Jul 5 05:48:37 meumeu sshd[538171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 Jul 5 05:48:37 meumeu sshd[538171]: Invalid user wor from 106.13.48.122 port 40808 Jul 5 05:48:39 meumeu sshd[538171]: Failed password for invalid user wor from 106.13.48.122 port 40808 ssh2 Jul 5 05:54:07 meumeu sshd[538299]: Invalid user cloud from 106.13.48.122 port 25505 Jul 5 05:54:07 meumeu sshd[538299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 Jul 5 05:54:07 meumeu sshd[538299]: Invalid user cloud from 106.13.48.122 port 25505 Jul 5 05:54:09 meumeu sshd[538299]: Failed password for invalid user cloud from 106.13.48.122 port 25505 ssh2 Jul 5 05:55:56 meumeu sshd[538334]: Invalid user crb from 106.13.48.122 port 39249 ...	2020-07-05 12:46:16
106.13.48.122	attack	Jul 4 03:27:17 PorscheCustomer sshd[13634]: Failed password for root from 106.13.48.122 port 10034 ssh2 Jul 4 03:28:58 PorscheCustomer sshd[13646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.122 Jul 4 03:29:00 PorscheCustomer sshd[13646]: Failed password for invalid user vegeta from 106.13.48.122 port 24280 ssh2 ...	2020-07-04 10:26:34
106.13.48.122	attackbots	(sshd) Failed SSH login from 106.13.48.122 (CN/China/-): 5 in the last 3600 secs	2020-06-30 14:19:30
106.13.48.122	attackbotsspam	Unauthorized connection attempt detected from IP address 106.13.48.122 to port 1741	2020-06-29 03:37:13
106.13.48.122	attackspambots	TCP (SYN) 106.13.48.122:44166 -> port 9066, len 44	2020-06-25 19:55:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.48.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2655
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.48.1.			IN	A

;; AUTHORITY SECTION:
.			494	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010200 1800 900 604800 86400

;; Query time: 521 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 03 03:25:25 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 1.48.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 1.48.13.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
189.59.138.3	attack	Fail2Ban Ban Triggered	2020-02-01 05:32:35
103.3.226.230	attackspambots	Feb 1 00:21:39 server sshd\[15423\]: Invalid user administrator from 103.3.226.230 Feb 1 00:21:39 server sshd\[15423\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.3.226.230 Feb 1 00:21:42 server sshd\[15423\]: Failed password for invalid user administrator from 103.3.226.230 port 35464 ssh2 Feb 1 00:34:54 server sshd\[17992\]: Invalid user test from 103.3.226.230 Feb 1 00:34:54 server sshd\[17992\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.3.226.230 ...	2020-02-01 06:28:11
106.13.37.203	attack	Jan 31 22:59:35 legacy sshd[9555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.203 Jan 31 22:59:37 legacy sshd[9555]: Failed password for invalid user user from 106.13.37.203 port 41444 ssh2 Jan 31 23:06:50 legacy sshd[10165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.203 ...	2020-02-01 06:27:51
144.91.124.255	attackspam	Jan 31 23:07:26 cp sshd[27356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.91.124.255 Jan 31 23:07:26 cp sshd[27356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.91.124.255	2020-02-01 06:12:37
178.62.224.96	attack	$f2bV_matches	2020-02-01 05:23:20
222.186.180.6	attackbots	Jan 31 23:12:35 MK-Soft-VM7 sshd[922]: Failed password for root from 222.186.180.6 port 5902 ssh2 Jan 31 23:12:39 MK-Soft-VM7 sshd[922]: Failed password for root from 222.186.180.6 port 5902 ssh2 ...	2020-02-01 06:17:52
188.234.245.161	attack	Unauthorized connection attempt detected from IP address 188.234.245.161 to port 2220 [J]	2020-02-01 06:30:18
182.61.182.50	attack	Unauthorized connection attempt detected from IP address 182.61.182.50 to port 2220 [J]	2020-02-01 05:27:33
84.57.0.153	attack	400 BAD REQUEST	2020-02-01 06:18:33
14.63.174.149	attackspam	Jan 31 22:28:28 silence02 sshd[17147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.174.149 Jan 31 22:28:29 silence02 sshd[17147]: Failed password for invalid user ts3server from 14.63.174.149 port 58665 ssh2 Jan 31 22:35:20 silence02 sshd[17624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.174.149	2020-02-01 06:07:16
36.89.251.105	attackspam	Jan 31 21:01:53 ns382633 sshd\[3995\]: Invalid user ts3server from 36.89.251.105 port 42612 Jan 31 21:01:53 ns382633 sshd\[3995\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.89.251.105 Jan 31 21:01:55 ns382633 sshd\[3995\]: Failed password for invalid user ts3server from 36.89.251.105 port 42612 ssh2 Jan 31 21:17:25 ns382633 sshd\[6764\]: Invalid user git from 36.89.251.105 port 38238 Jan 31 21:17:25 ns382633 sshd\[6764\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.89.251.105	2020-02-01 05:29:20
95.91.160.29	attackbots	SSH invalid-user multiple login try	2020-02-01 06:24:13
106.13.20.61	attack	Unauthorized connection attempt detected from IP address 106.13.20.61 to port 2220 [J]	2020-02-01 05:30:34
111.67.198.206	attackspam	Unauthorized connection attempt detected from IP address 111.67.198.206 to port 2220 [J]	2020-02-01 05:30:09
217.182.15.175	spam	Used till TEN times per day by verno.prim@gmail.com "Prim Vero Alba Iulia 20200 Chisinau MD" for SPAM on STOLLEN list we don't know with help of OVH, as usual with LIERS and ROBERS !	2020-02-01 05:43:45

Recently Reported IPs

102.39.162.60	72.234.112.247	96.240.220.21	106.12.69.2
166.128.60.172	177.55.66.72	61.80.7.254	106.12.211.2
180.211.29.17	216.200.61.93	12.94.56.45	31.249.78.255
106.12.3.1	188.52.245.179	106.12.100.1	139.168.232.26
176.250.43.254	68.12.249.188	106.0.36.1	1.215.26.113