106.104.7.104 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Taiwan, Province of China

Internet Service Provider: New Century Infocomm Tech. Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	1588737608 - 05/06/2020 06:00:08 Host: 106.104.7.104/106.104.7.104 Port: 445 TCP Blocked	2020-05-06 19:57:18

Comments on same subnet:

IP	Type	Details	Datetime
106.104.72.215	attackbots	SSH Bruteforce Attempt on Honeypot	2020-09-11 22:37:32
106.104.72.215	attackspam	SSH Bruteforce Attempt on Honeypot	2020-09-11 14:44:28
106.104.72.215	attack	SSH Bruteforce Attempt on Honeypot	2020-09-11 06:54:35
106.104.79.125	attack	Jan 21 19:59:03 mercury kernel: [UFW ALLOW] IN=eth0 OUT= MAC=f2:3c:91:bc:4d:f8:84:78:ac:5a:1a:41:08:00 SRC=106.104.79.125 DST=109.74.200.221 LEN=32 TOS=0x00 PREC=0x00 TTL=50 ID=0 DF PROTO=UDP SPT=123 DPT=123 LEN=12 ...	2020-03-04 02:05:15
106.104.71.47	attackspambots	Unauthorized connection attempt from IP address 106.104.71.47 on Port 445(SMB)	2019-07-07 01:02:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.104.7.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20761
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.104.7.104.			IN	A

;; AUTHORITY SECTION:
.			472	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050600 1800 900 604800 86400

;; Query time: 97 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 06 19:57:10 CST 2020
;; MSG SIZE  rcvd: 117

Host info

104.7.104.106.in-addr.arpa domain name pointer 106-104-7-104.adsl.dynamic.seed.net.tw.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
104.7.104.106.in-addr.arpa	name = 106-104-7-104.adsl.dynamic.seed.net.tw.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
98.206.26.226	attackbots	Automatic report - SSH Brute-Force Attack	2020-03-24 00:19:21
222.186.42.136	attackbots	Mar 23 21:44:08 areeb-Workstation sshd[17461]: Failed password for root from 222.186.42.136 port 38600 ssh2 Mar 23 21:44:12 areeb-Workstation sshd[17461]: Failed password for root from 222.186.42.136 port 38600 ssh2 ...	2020-03-24 00:20:02
222.186.30.209	attackbotsspam	Mar 23 17:33:21 vmanager6029 sshd\[22338\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.209 user=root Mar 23 17:33:23 vmanager6029 sshd\[22336\]: error: PAM: Authentication failure for root from 222.186.30.209 Mar 23 17:33:23 vmanager6029 sshd\[22339\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.209 user=root	2020-03-24 00:43:33
185.2.12.230	attack	(sshd) Failed SSH login from 185.2.12.230 (IR/Iran/185-2-12-230.faraso.org): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Mar 23 20:18:31 ir1 sshd[2532704]: Invalid user 5.63.12.44-vps1 from 185.2.12.230 port 38383	2020-03-24 00:57:14
40.115.159.114	attackspam	Mar 23 15:45:11 vlre-nyc-1 sshd\[24881\]: Invalid user wini from 40.115.159.114 Mar 23 15:45:11 vlre-nyc-1 sshd\[24881\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.115.159.114 Mar 23 15:45:14 vlre-nyc-1 sshd\[24881\]: Failed password for invalid user wini from 40.115.159.114 port 39596 ssh2 Mar 23 15:49:31 vlre-nyc-1 sshd\[24948\]: Invalid user user from 40.115.159.114 Mar 23 15:49:31 vlre-nyc-1 sshd\[24948\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.115.159.114 ...	2020-03-23 23:57:38
45.14.150.130	attack	SSH Brute-Force attacks	2020-03-24 00:18:08
202.93.217.207	attack	[MonMar2316:48:29.8026612020][:error][pid11991:tid47054575503104][client202.93.217.207:45402][client202.93.217.207]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles$disablethisruleifyourequireaccesstofilesthatendwith.sql$"][severity"CRITICAL"][hostname"ristorantedelponte.ch"][uri"/backup.sql"][unique_id"XnjaTapyk@mc506q5f8e1QAAAIc"][MonMar2316:48:32.5593742020][:error][pid12186:tid47054665565952][client202.93.217.207:54804][client202.93.217.207]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles\(disablethisruleifyourequireaccesstofilesthatendwith	2020-03-24 00:55:41
157.245.113.214	attackbots	[MonMar2316:48:57.3672402020][:error][pid11991:tid47054583908096][client157.245.113.214:59284][client157.245.113.214]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles$disablethisruleifyourequireaccesstofilesthatendwith.sql$"][severity"CRITICAL"][hostname"patriziatodiosogna.ch"][uri"/backup.sql"][unique_id"Xnjaaapyk@mc506q5f8e2AAAAIs"][MonMar2316:49:05.6735492020][:error][pid12186:tid47054571300608][client157.245.113.214:54742][client157.245.113.214]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles\(disablethisruleifyourequireaccesstofilesthatend	2020-03-24 00:20:52
200.165.167.10	attack	leo_www	2020-03-24 00:25:32
106.12.192.201	attack	Brute-force attempt banned	2020-03-24 00:10:16
145.239.78.59	attack	Mar 23 17:13:50 legacy sshd[32246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.78.59 Mar 23 17:13:51 legacy sshd[32246]: Failed password for invalid user tian from 145.239.78.59 port 43116 ssh2 Mar 23 17:17:26 legacy sshd[32308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.78.59 ...	2020-03-24 00:36:03
194.67.51.48	attackspambots	1584978574 - 03/23/2020 16:49:34 Host: 194.67.51.48/194.67.51.48 Port: 445 TCP Blocked	2020-03-23 23:55:47
209.160.32.108	attack	Mar 23 18:49:13 hosting sshd[30539]: Invalid user yancy from 209.160.32.108 port 49236 ...	2020-03-24 00:12:18
115.238.44.237	attack	Fail2Ban Ban Triggered	2020-03-24 00:18:39
112.170.72.170	attack	Mar 23 16:54:39 localhost sshd\[22769\]: Invalid user student from 112.170.72.170 port 58720 Mar 23 16:54:39 localhost sshd\[22769\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.170.72.170 Mar 23 16:54:41 localhost sshd\[22769\]: Failed password for invalid user student from 112.170.72.170 port 58720 ssh2	2020-03-24 00:08:40

Recently Reported IPs

5.188.84.150	45.193.8.13	212.129.21.129	45.125.44.107
14.29.244.7	131.193.222.10	150.141.244.209	3.232.144.130
142.1.184.69	92.117.254.127	157.206.87.126	177.244.108.142
187.45.80.2	122.234.201.174	10.240.175.120	28.136.92.193
68.183.190.86	132.30.22.98	251.236.28.23	108.62.87.115