JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 120.48.152.13

120.48.152.13 was found in our database!

This IP was reported 866 times. Confidence of Abuse is 100%: ?

100%

ISP	Beijing Baidu Netcom Science and Technology Co., Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS38365
Domain Name	baidu.com
Country	🇨🇳 China
City	Beijing, Beijing

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 120.48.152.13

Whois 120.48.152.13

IP Abuse Reports for 120.48.152.13:

This IP address has been reported a total of 866 times from 379 distinct sources. 120.48.152.13 was first reported on April 14th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 vereinshosting	2026-04-19 08:15:25 (1 month ago)	Invalid user admin from 120.48.152.13 port 33870	Brute-Force SSH
🇫🇷 security.rdmc.fr	2026-04-19 05:43:06 (1 month ago)	Port Scan Attack proto:TCP src:63738 dst:23	Port Scan
🇮🇩 hermawan	2026-04-19 04:29:59 (1 month ago)	1776572991.897261 120.48.152.13 103.166.156.58 65535__0_0 2026-04-19 11:29:51 WIB ...	Email Spam Hacking
🇩🇪 NetShield-DE	2026-04-19 04:07:28 (1 month ago)	Auto-report via Fail2Ban aggregation. IP observed in jails: abuseipdb. Events: 1. First: 2026-04-19T ... show more Auto-report via Fail2Ban aggregation. IP observed in jails: abuseipdb. Events: 1. First: 2026-04-19T06:07:02+0200. Last: 2026-04-19T06:07:02+0200. Samples: - 2026-04-19 03:09:22,141 fail2ban.actions [1942777]: NOTICE [abuseipdb] Ban 120.48.152.13 show less	Web App Attack
🇩🇪 Admins@FBN	2026-04-19 01:58:10 (1 month ago)	FW-PortScan: Traffic Blocked srcport=61258 dstport=22	Port Scan Hacking SSH
🇦🇺 bret.dk	2026-04-18 23:14:45 (1 month ago)	Apr 18 23:14:43 au-mirror sshd[247058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 ... show more Apr 18 23:14:43 au-mirror sshd[247058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.48.152.13 Apr 18 23:14:45 au-mirror sshd[247058]: Failed password for invalid user admin from 120.48.152.13 port 42008 ssh2 ... show less	Brute-Force SSH
🇩🇪 bret.dk	2026-04-18 22:02:16 (1 month ago)	Apr 18 22:02:13 dev sshd[1539659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid= ... show more Apr 18 22:02:13 dev sshd[1539659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.48.152.13 Apr 18 22:02:15 dev sshd[1539659]: Failed password for invalid user admin from 120.48.152.13 port 39652 ssh2 ... show less	Brute-Force SSH
🇺🇸 Silly Development	2026-04-18 20:32:34 (1 month ago)	2026-04-18T20:31:54.486855+00:00 panel.gamer3514.co.uk sshd[600939]: pam_unix(sshd:auth): authentica ... show more 2026-04-18T20:31:54.486855+00:00 panel.gamer3514.co.uk sshd[600939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.48.152.13 2026-04-18T20:31:56.976773+00:00 panel.gamer3514.co.uk sshd[600939]: Failed password for invalid user admin from 120.48.152.13 port 60684 ssh2 2026-04-18T20:32:33.432038+00:00 panel.gamer3514.co.uk sshd[601008]: Invalid user orangepi from 120.48.152.13 port 45714 ... show less	Brute-Force SSH
🇺🇸 RAP	2026-04-18 14:47:40 (1 month ago)	2026-04-18 14:47:40 UTC Unauthorized activity to TCP port 22. SSH	SSH
🇩🇪 ipcop.net	2026-04-18 14:00:14 (1 month ago)	2026-04-18T15:55:58.495751+02:00 router02.boersch-gmbh.de sshd[1637483]: Connection closed by authen ... show more 2026-04-18T15:55:58.495751+02:00 router02.boersch-gmbh.de sshd[1637483]: Connection closed by authenticating user admin 120.48.152.13 port 52920 [preauth] 2026-04-18T15:57:44.242509+02:00 router02.boersch-gmbh.de sshd[1637584]: Invalid user orangepi from 120.48.152.13 port 59088 2026-04-18T15:57:44.473742+02:00 router02.boersch-gmbh.de sshd[1637584]: Connection closed by invalid user orangepi 120.48.152.13 port 59088 [preauth] 2026-04-18T15:58:53.554786+02:00 router02.boersch-gmbh.de sshd[1637780]: Connection closed by authenticating user root 120.48.152.13 port 47936 [preauth] 2026-04-18T16:00:13.297531+02:00 router02.boersch-gmbh.de sshd[1637922]: Connection closed by authenticating user root 120.48.152.13 port 58536 [preauth] show less	Brute-Force
Anonymous	2026-04-18 13:02:43 (1 month ago)	ssh bruteforce	Brute-Force SSH
🇬🇧 Axel	2026-04-18 11:08:02 (1 month ago)	Blocked by ModSecurity. Rule ID: 218420 Message: COMODO WAF: PHP Injection Attack: I/O Stream Found\| ... show more Blocked by ModSecurity. Rule ID: 218420 Message: COMODO WAF: PHP Injection Attack: I/O Stream Found\|\|default-217-154-50-141\|F\|2 Phase: 2 Severity: CRITICAL URI: /hello.world Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇨🇦 Slackin' Jack	2026-04-18 10:21:46 (1 month ago)	Triggered honeypot on port 2222. (120.48.152.13)	Port Scan
🇹🇭 Sawasdee	2026-04-18 05:48:05 (1 month ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇸🇪 KIDOS	2026-04-18 05:22:40 (1 month ago)	KASM auto: exploit_/laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-	Brute-Force SSH

Showing 781 to 795 of 866 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇸 82.223.24.195

🇳🇱 217.60.195.4

🇧🇷 201.16.238.49

🇳🇮 190.212.216.61

🇦🇺 74.91.200.217

🇫🇮 46.62.131.178

🇳🇱 45.198.224.22

🇬🇧 35.203.210.95

🇺🇸 2607:ff10:c8:594::a

🇬🇧 194.61.3.162

🇩🇪 176.65.132.24

🇺🇸 162.216.150.82

🇧🇷 129.121.37.21

🇭🇷 93.136.174.131

🇩🇪 69.5.169.191

🇩🇪 69.5.169.90

🇭🇰 47.86.187.13

🇳🇱 45.148.10.152

🇿🇦 4.222.232.83

🇧🇷 187.72.128.177