202.104.12.123

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Sanshui Southwest Workstation Data Maintenance Special Line

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	02/18/2020-05:53:51.359630 202.104.12.123 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-02-18 16:49:05
attack	Port 1433 Scan	2020-01-20 15:41:31
attackbotsspam	Unauthorized connection attempt detected from IP address 202.104.12.123 to port 1433	2019-12-31 00:45:34

Comments on same subnet:

IP	Type	Details	Datetime
202.104.122.147	attackspam	frenzy	2020-07-06 20:16:15
202.104.122.149	attackspam	$f2bV_matches	2019-10-21 15:32:36
202.104.122.149	attackbots	Invalid user test2 from 202.104.122.149 port 45334 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.122.149 Failed password for invalid user test2 from 202.104.122.149 port 45334 ssh2 Invalid user superadmin from 202.104.122.149 port 45310 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.122.149	2019-10-18 19:20:27
202.104.122.149	attackspam	Oct 17 08:01:48 server sshd\[16498\]: Invalid user ubnt from 202.104.122.149 Oct 17 08:01:48 server sshd\[16498\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.122.149 Oct 17 08:01:50 server sshd\[16498\]: Failed password for invalid user ubnt from 202.104.122.149 port 45728 ssh2 Oct 17 08:29:36 server sshd\[25072\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.122.149 user=root Oct 17 08:29:37 server sshd\[25072\]: Failed password for root from 202.104.122.149 port 50176 ssh2 ...	2019-10-17 14:46:51
202.104.122.149	attack	Oct 6 08:02:47 xtremcommunity sshd\[239758\]: Invalid user Asdf!@\# from 202.104.122.149 port 50662 Oct 6 08:02:47 xtremcommunity sshd\[239758\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.122.149 Oct 6 08:02:49 xtremcommunity sshd\[239758\]: Failed password for invalid user Asdf!@\# from 202.104.122.149 port 50662 ssh2 Oct 6 08:07:21 xtremcommunity sshd\[240035\]: Invalid user p0o9i8u7y6t5r4e3w2q1 from 202.104.122.149 port 47576 Oct 6 08:07:21 xtremcommunity sshd\[240035\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.122.149 ...	2019-10-06 20:20:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.104.12.123
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 862
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.104.12.123.			IN	A

;; AUTHORITY SECTION:
.			523	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019123000 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 31 00:45:28 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 123.12.104.202.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 123.12.104.202.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
183.136.222.142	attackbotsspam	Sep 2 23:02:55 cho sshd[2122356]: Failed password for invalid user www from 183.136.222.142 port 45581 ssh2 Sep 2 23:06:39 cho sshd[2122512]: Invalid user qwt from 183.136.222.142 port 21314 Sep 2 23:06:39 cho sshd[2122512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.136.222.142 Sep 2 23:06:39 cho sshd[2122512]: Invalid user qwt from 183.136.222.142 port 21314 Sep 2 23:06:42 cho sshd[2122512]: Failed password for invalid user qwt from 183.136.222.142 port 21314 ssh2 ...	2020-09-03 05:22:52
109.228.166.242	attack	Sep 2 17:05:48 IngegnereFirenze sshd[27471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.228.166.242 user=root ...	2020-09-03 05:54:38
112.120.158.43	attackspam	Sep 2 18:47:56 vpn01 sshd[21269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.120.158.43 Sep 2 18:47:58 vpn01 sshd[21269]: Failed password for invalid user support from 112.120.158.43 port 52945 ssh2 ...	2020-09-03 05:49:26
167.172.186.32	attackspam	167.172.186.32 - - [02/Sep/2020:20:15:00 +0200] "GET /wp-login.php HTTP/1.1" 200 9163 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.172.186.32 - - [02/Sep/2020:20:15:01 +0200] "POST /wp-login.php HTTP/1.1" 200 9414 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.172.186.32 - - [02/Sep/2020:20:15:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-03 05:45:51
218.92.0.223	attackbotsspam	Sep 2 23:47:03 sshgateway sshd\[14641\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.223 user=root Sep 2 23:47:05 sshgateway sshd\[14641\]: Failed password for root from 218.92.0.223 port 52543 ssh2 Sep 2 23:47:22 sshgateway sshd\[14641\]: error: maximum authentication attempts exceeded for root from 218.92.0.223 port 52543 ssh2 \[preauth\]	2020-09-03 05:48:44
102.250.6.201	attack	Attempts against non-existent wp-login	2020-09-03 05:53:50
222.186.42.137	attack	Sep 2 23:48:04 theomazars sshd[12032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.137 user=root Sep 2 23:48:06 theomazars sshd[12032]: Failed password for root from 222.186.42.137 port 51626 ssh2	2020-09-03 05:52:22
45.142.120.137	attackbotsspam	2020-09-02 23:22:24 dovecot_login authenticator failed for $User$ \[45.142.120.137\]: 535 Incorrect authentication data $set_id=networks@no-server.de$ 2020-09-02 23:22:32 dovecot_login authenticator failed for $User$ \[45.142.120.137\]: 535 Incorrect authentication data $set_id=networks@no-server.de$ 2020-09-02 23:22:44 dovecot_login authenticator failed for $User$ \[45.142.120.137\]: 535 Incorrect authentication data $set_id=scheduler@no-server.de$ 2020-09-02 23:23:01 dovecot_login authenticator failed for $User$ \[45.142.120.137\]: 535 Incorrect authentication data $set_id=scheduler@no-server.de$ 2020-09-02 23:23:03 dovecot_login authenticator failed for $User$ \[45.142.120.137\]: 535 Incorrect authentication data $set_id=scheduler@no-server.de$ 2020-09-02 23:23:27 dovecot_login authenticator failed for $User$ \[45.142.120.137\]: 535 Incorrect authentication data $set_id=dev9@no-server.de$ ...	2020-09-03 05:31:23
117.28.25.50	attack	Sep 2 22:17:25 vpn01 sshd[23960]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.28.25.50 Sep 2 22:17:27 vpn01 sshd[23960]: Failed password for invalid user status from 117.28.25.50 port 15005 ssh2 ...	2020-09-03 05:24:00
106.12.84.33	attack	Sep 2 22:04:08 ns3164893 sshd[2590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.84.33 Sep 2 22:04:10 ns3164893 sshd[2590]: Failed password for invalid user osvaldo from 106.12.84.33 port 36314 ssh2 ...	2020-09-03 05:50:09
129.226.160.128	attackspambots	Port Scan ...	2020-09-03 05:39:05
132.232.1.8	attack	2020-09-02T13:04:28.189787morrigan.ad5gb.com sshd[2719428]: Invalid user zqe from 132.232.1.8 port 38564 2020-09-02T13:04:30.930719morrigan.ad5gb.com sshd[2719428]: Failed password for invalid user zqe from 132.232.1.8 port 38564 ssh2	2020-09-03 05:47:28
40.84.156.241	attackspambots	WordPress XMLRPC scan :: 40.84.156.241 0.352 - [02/Sep/2020:19:23:15 0000] www.[censored_1] "POST //xmlrpc.php HTTP/1.1" 503 18231 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" "HTTP/1.1"	2020-09-03 05:28:24
106.12.46.179	attackbots	Sep 2 17:30:12 mail sshd\[34917\]: Invalid user vnc from 106.12.46.179 Sep 2 17:30:12 mail sshd\[34917\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.46.179 ...	2020-09-03 05:53:22
104.248.244.119	attackbots	2020-09-02T21:01:53.859965mail.standpoint.com.ua sshd[6092]: Failed password for root from 104.248.244.119 port 53674 ssh2 2020-09-02T21:05:10.783134mail.standpoint.com.ua sshd[6492]: Invalid user scan from 104.248.244.119 port 57918 2020-09-02T21:05:10.787051mail.standpoint.com.ua sshd[6492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.244.119 2020-09-02T21:05:10.783134mail.standpoint.com.ua sshd[6492]: Invalid user scan from 104.248.244.119 port 57918 2020-09-02T21:05:13.289334mail.standpoint.com.ua sshd[6492]: Failed password for invalid user scan from 104.248.244.119 port 57918 ssh2 ...	2020-09-03 05:36:03

Recently Reported IPs

118.71.97.169	118.25.38.83	116.9.143.219	115.220.182.237
56.229.67.230	114.224.47.11	47.78.227.34	6.241.101.1
214.209.218.210	135.98.135.142	104.187.236.137	114.95.219.136
252.17.172.63	159.188.21.175	83.85.195.94	68.224.152.142
113.88.167.144	37.202.87.128	146.170.53.163	158.239.242.153