106.111.132.104

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 106.111.132.104 to port 2323	2020-05-30 19:22:30

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.111.132.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44043
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.111.132.104.		IN	A

;; AUTHORITY SECTION:
.			387	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020053000 1800 900 604800 86400

;; Query time: 131 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 30 19:22:25 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 104.132.111.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 104.132.111.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
212.81.57.188	attackspam	Apr 10 05:56:06 smtp postfix/smtpd[13360]: NOQUEUE: reject: RCPT from liquid.chocualo.com[212.81.57.188]: 554 5.7.1 Service unavailable; Client host [212.81.57.188] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/sbl/query/SBL440932; from= to= proto=ESMTP helo= ...	2020-04-10 14:54:41
35.187.153.215	attackbots	Apr 9 22:17:55 server1 sshd\[30215\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.187.153.215 Apr 9 22:17:57 server1 sshd\[30215\]: Failed password for invalid user Eddy from 35.187.153.215 port 51054 ssh2 Apr 9 22:21:43 server1 sshd\[31237\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.187.153.215 user=postgres Apr 9 22:21:44 server1 sshd\[31237\]: Failed password for postgres from 35.187.153.215 port 48356 ssh2 Apr 9 22:25:37 server1 sshd\[32299\]: Invalid user deploy from 35.187.153.215 ...	2020-04-10 15:32:46
217.133.58.148	attackspam	Apr 10 08:03:50 [host] sshd[19754]: Invalid user t Apr 10 08:03:50 [host] sshd[19754]: pam_unix(sshd: Apr 10 08:03:52 [host] sshd[19754]: Failed passwor	2020-04-10 15:38:50
222.186.173.215	attack	Brute force attempt	2020-04-10 15:24:22
179.124.34.8	attackspambots	Apr 10 09:02:00 srv-ubuntu-dev3 sshd[63556]: Invalid user test from 179.124.34.8 Apr 10 09:02:00 srv-ubuntu-dev3 sshd[63556]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.124.34.8 Apr 10 09:02:00 srv-ubuntu-dev3 sshd[63556]: Invalid user test from 179.124.34.8 Apr 10 09:02:01 srv-ubuntu-dev3 sshd[63556]: Failed password for invalid user test from 179.124.34.8 port 52615 ssh2 Apr 10 09:03:36 srv-ubuntu-dev3 sshd[63835]: Invalid user andoria from 179.124.34.8 Apr 10 09:03:36 srv-ubuntu-dev3 sshd[63835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.124.34.8 Apr 10 09:03:36 srv-ubuntu-dev3 sshd[63835]: Invalid user andoria from 179.124.34.8 Apr 10 09:03:38 srv-ubuntu-dev3 sshd[63835]: Failed password for invalid user andoria from 179.124.34.8 port 34225 ssh2 Apr 10 09:04:58 srv-ubuntu-dev3 sshd[64077]: Invalid user test from 179.124.34.8 ...	2020-04-10 15:05:37
103.58.249.82	attackspambots	DATE:2020-04-10 05:55:34, IP:103.58.249.82, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-04-10 15:22:55
111.67.193.109	attack	Apr 10 08:55:10 mout sshd[15601]: Invalid user deploy from 111.67.193.109 port 44380 Apr 10 08:55:12 mout sshd[15601]: Failed password for invalid user deploy from 111.67.193.109 port 44380 ssh2 Apr 10 09:09:29 mout sshd[16414]: Invalid user developer from 111.67.193.109 port 60324	2020-04-10 15:27:45
93.123.16.126	attackspambots	<6 unauthorized SSH connections	2020-04-10 15:13:00
159.89.194.103	attackbots	2020-04-10T08:07:28.108953cyberdyne sshd[1299219]: Failed password for invalid user elastic from 159.89.194.103 port 38634 ssh2 2020-04-10T08:11:08.899639cyberdyne sshd[1299378]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.194.103 user=root 2020-04-10T08:11:11.070760cyberdyne sshd[1299378]: Failed password for root from 159.89.194.103 port 41138 ssh2 2020-04-10T08:14:54.684813cyberdyne sshd[1299491]: Invalid user admin from 159.89.194.103 port 43640 ...	2020-04-10 15:12:44
182.84.124.201	attack	Apr 10 10:19:22 tuotantolaitos sshd[1954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.84.124.201 Apr 10 10:19:23 tuotantolaitos sshd[1954]: Failed password for invalid user pi from 182.84.124.201 port 55800 ssh2 ...	2020-04-10 15:22:03
180.182.47.132	attackbots	Apr 10 09:07:55 server sshd\[18928\]: Invalid user azureuser from 180.182.47.132 Apr 10 09:07:55 server sshd\[18928\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.182.47.132 Apr 10 09:07:57 server sshd\[18928\]: Failed password for invalid user azureuser from 180.182.47.132 port 35065 ssh2 Apr 10 09:22:02 server sshd\[22591\]: Invalid user admin from 180.182.47.132 Apr 10 09:22:02 server sshd\[22591\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.182.47.132 ...	2020-04-10 14:59:07
174.105.201.174	attackbots	Brute-force attempt banned	2020-04-10 15:02:16
106.52.44.179	attackspam	Apr 10 07:42:05 web2 sshd[5100]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.44.179 Apr 10 07:42:07 web2 sshd[5100]: Failed password for invalid user oracle from 106.52.44.179 port 58474 ssh2	2020-04-10 15:31:51
211.169.248.209	attack	SSH brute-force: detected 11 distinct usernames within a 24-hour window.	2020-04-10 15:10:39
114.67.100.245	attackbotsspam	Apr 10 05:55:58 sshd\[19791\]: Invalid user firebird from 114.67.100.245Apr 10 05:56:00 sshd\[19791\]: Failed password for invalid user firebird from 114.67.100.245 port 41358 ssh2 ...	2020-04-10 15:01:06

Recently Reported IPs

187.200.69.33	23.100.105.121	179.83.125.202	86.150.234.135
111.94.40.187	197.211.198.162	191.232.234.17	202.21.104.246
183.157.167.82	171.240.76.112	183.157.166.171	197.255.160.226
178.32.47.218	67.44.176.180	47.186.253.245	190.211.217.139
81.14.182.98	156.222.169.137	51.68.189.111	121.35.168.125