106.104.89.49 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Taiwan, Province of China

Internet Service Provider: New Century Infocomm Tech. Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-16 17:02:12,830 INFO [amun_request_handler] PortScan Detected on Port: 445 (106.104.89.49)	2019-09-17 10:09:17

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.104.89.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7627
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.104.89.49.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091601 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 17 10:09:12 CST 2019
;; MSG SIZE  rcvd: 117

Host info

49.89.104.106.in-addr.arpa domain name pointer 106-104-89-49.adsl.static.seed.net.tw.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
49.89.104.106.in-addr.arpa	name = 106-104-89-49.adsl.static.seed.net.tw.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
123.207.47.114	attackspam	2020-04-10T03:53:12.794741abusebot-3.cloudsearch.cf sshd[14081]: Invalid user applmgr from 123.207.47.114 port 50066 2020-04-10T03:53:12.802880abusebot-3.cloudsearch.cf sshd[14081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.47.114 2020-04-10T03:53:12.794741abusebot-3.cloudsearch.cf sshd[14081]: Invalid user applmgr from 123.207.47.114 port 50066 2020-04-10T03:53:15.491576abusebot-3.cloudsearch.cf sshd[14081]: Failed password for invalid user applmgr from 123.207.47.114 port 50066 ssh2 2020-04-10T03:57:30.991209abusebot-3.cloudsearch.cf sshd[14397]: Invalid user tomcat from 123.207.47.114 port 44397 2020-04-10T03:57:30.998258abusebot-3.cloudsearch.cf sshd[14397]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.47.114 2020-04-10T03:57:30.991209abusebot-3.cloudsearch.cf sshd[14397]: Invalid user tomcat from 123.207.47.114 port 44397 2020-04-10T03:57:32.769128abusebot-3.cloudsearch.cf sshd ...	2020-04-10 13:37:43
81.198.117.110	attack	Wordpress malicious attack:[sshd]	2020-04-10 14:07:31
37.59.61.13	attackbots	Apr 10 06:33:20 mout sshd[6118]: Invalid user iryanto from 37.59.61.13 port 51538	2020-04-10 13:51:26
49.235.242.163	attackbotsspam	2020-04-10T07:04:34.778896vps751288.ovh.net sshd\[23827\]: Invalid user webserver from 49.235.242.163 port 35726 2020-04-10T07:04:34.785601vps751288.ovh.net sshd\[23827\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.242.163 2020-04-10T07:04:37.318212vps751288.ovh.net sshd\[23827\]: Failed password for invalid user webserver from 49.235.242.163 port 35726 ssh2 2020-04-10T07:10:28.852406vps751288.ovh.net sshd\[23877\]: Invalid user mcserver from 49.235.242.163 port 32982 2020-04-10T07:10:28.859321vps751288.ovh.net sshd\[23877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.242.163	2020-04-10 14:05:17
106.54.201.240	attackbots	SSH Brute-Force Attack	2020-04-10 13:32:04
111.231.137.158	attackspambots	Apr 10 01:01:32 ny01 sshd[23419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.137.158 Apr 10 01:01:34 ny01 sshd[23419]: Failed password for invalid user deploy from 111.231.137.158 port 54716 ssh2 Apr 10 01:06:57 ny01 sshd[24138]: Failed password for root from 111.231.137.158 port 58458 ssh2	2020-04-10 13:43:20
209.50.62.36	attackbotsspam	Forbidden directory scan :: 2020/04/10 03:57:10 [error] 1156#1156: *625904 access forbidden by rule, client: 209.50.62.36, server: [censored_1], request: "GET /.env HTTP/1.1", host: "www.[censored_1]"	2020-04-10 13:33:26
139.59.85.120	attackbotsspam	Apr 10 06:59:18 markkoudstaal sshd[26152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.85.120 Apr 10 06:59:20 markkoudstaal sshd[26152]: Failed password for invalid user wwwdata from 139.59.85.120 port 45017 ssh2 Apr 10 07:07:11 markkoudstaal sshd[27208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.85.120	2020-04-10 13:52:23
106.75.95.80	attackspambots	Apr 10 04:55:34 scw-6657dc sshd[25733]: Failed password for mysql from 106.75.95.80 port 45492 ssh2 Apr 10 04:55:34 scw-6657dc sshd[25733]: Failed password for mysql from 106.75.95.80 port 45492 ssh2 Apr 10 04:59:37 scw-6657dc sshd[25886]: Invalid user postgres from 106.75.95.80 port 58740 ...	2020-04-10 13:57:25
110.35.79.23	attack	[ssh] SSH attack	2020-04-10 13:29:30
45.254.26.51	attackbots	Unauthorized connection attempt detected from IP address 45.254.26.51 to port 5900	2020-04-10 14:03:52
200.89.174.235	attackspambots	Apr 10 08:28:43 server sshd\[9221\]: Invalid user ubuntu from 200.89.174.235 Apr 10 08:28:43 server sshd\[9221\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=235-174-89-200.fibertel.com.ar Apr 10 08:28:45 server sshd\[9221\]: Failed password for invalid user ubuntu from 200.89.174.235 port 49410 ssh2 Apr 10 08:41:48 server sshd\[12661\]: Invalid user kai from 200.89.174.235 Apr 10 08:41:48 server sshd\[12661\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=235-174-89-200.fibertel.com.ar ...	2020-04-10 13:42:44
110.78.23.131	attackspam	Apr 10 06:32:52 server sshd[8215]: Failed password for invalid user user from 110.78.23.131 port 40028 ssh2 Apr 10 06:36:41 server sshd[20396]: Failed password for invalid user test2 from 110.78.23.131 port 10721 ssh2 Apr 10 06:39:32 server sshd[29184]: Failed password for invalid user zabbix from 110.78.23.131 port 26758 ssh2	2020-04-10 13:45:31
222.186.175.202	attack	Apr 10 07:42:56 plex sshd[13731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.202 user=root Apr 10 07:42:58 plex sshd[13731]: Failed password for root from 222.186.175.202 port 54526 ssh2	2020-04-10 13:54:13
112.85.42.172	attack	2020-04-10T07:25:53.918470rocketchat.forhosting.nl sshd[10829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.172 user=root 2020-04-10T07:25:55.698751rocketchat.forhosting.nl sshd[10829]: Failed password for root from 112.85.42.172 port 26802 ssh2 2020-04-10T07:25:59.111305rocketchat.forhosting.nl sshd[10829]: Failed password for root from 112.85.42.172 port 26802 ssh2 ...	2020-04-10 13:36:45

Recently Reported IPs

192.3.195.121	52.83.143.74	48.100.199.198	114.25.67.41
36.236.190.235	177.139.174.25	86.127.90.145	41.41.253.11
109.165.181.58	189.44.88.59	215.177.199.152	104.216.143.26
151.62.248.138	86.110.107.58	50.80.255.93	221.239.86.19
117.2.128.207	219.131.212.157	168.234.50.2	168.205.255.34