JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.208.106.49

104.208.106.49 was found in our database!

This IP was reported 175 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.208.106.49

Whois 104.208.106.49

IP Abuse Reports for 104.208.106.49:

This IP address has been reported a total of 175 times from 65 distinct sources. 104.208.106.49 was first reported on July 3rd 2023, and the most recent report was 2 years ago.

Old Reports: The most recent abuse report for this IP address is from 2 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 Parth Maniar	2023-07-07 19:10:39 (2 years ago)	This IP address carried out 38 SSH credential attack (attempts) on 06-07-2023. For more information ... show more This IP address carried out 38 SSH credential attack (attempts) on 06-07-2023. For more information or to report interesting/incorrect findings, give me a shoutout @parthmaniar on Twitter. show less	Brute-Force SSH
🇮🇳 Parth Maniar	2023-07-06 15:50:43 (2 years ago)	This IP address carried out 18 SSH credential attack (attempts) on 05-07-2023. For more information ... show more This IP address carried out 18 SSH credential attack (attempts) on 05-07-2023. For more information or to report interesting/incorrect findings, give me a shoutout @parthmaniar on Twitter. show less	Brute-Force SSH
🇮🇳 Parth Maniar	2023-07-06 13:52:43 (2 years ago)	This IP address carried out 78 port scanning attempts on 06-07-2023. For more information or to repo ... show more This IP address carried out 78 port scanning attempts on 06-07-2023. For more information or to report interesting/incorrect findings, give me a shoutout @parthmaniar on Twitter. show less	Port Scan SSH
🇩🇪 ipcop.net	2023-07-05 23:40:47 (2 years ago)	Jul 6 01:33:22 router01.kfo-fricke.de sshd[2937763]: Invalid user supervisor from 104.208.106.49 po ... show more Jul 6 01:33:22 router01.kfo-fricke.de sshd[2937763]: Invalid user supervisor from 104.208.106.49 port 40744 Jul 6 01:33:22 router01.kfo-fricke.de sshd[2937763]: Disconnected from invalid user supervisor 104.208.106.49 port 40744 [preauth] Jul 6 01:38:38 router01.kfo-fricke.de sshd[2938274]: Invalid user wangwei from 104.208.106.49 port 38312 Jul 6 01:38:38 router01.kfo-fricke.de sshd[2938274]: Disconnected from invalid user wangwei 104.208.106.49 port 38312 [preauth] Jul 6 01:40:46 router01.kfo-fricke.de sshd[2938543]: Invalid user suporte from 104.208.106.49 port 36552 show less	Brute-Force
🇩🇪 ipcop.net	2023-07-05 23:40:47 (2 years ago)	Jul 6 01:33:22 router01.kfo-fricke.de sshd[2937763]: Invalid user supervisor from 104.208.106.49 po ... show more Jul 6 01:33:22 router01.kfo-fricke.de sshd[2937763]: Invalid user supervisor from 104.208.106.49 port 40744 Jul 6 01:33:22 router01.kfo-fricke.de sshd[2937763]: Disconnected from invalid user supervisor 104.208.106.49 port 40744 [preauth] Jul 6 01:38:38 router01.kfo-fricke.de sshd[2938274]: Invalid user wangwei from 104.208.106.49 port 38312 Jul 6 01:38:38 router01.kfo-fricke.de sshd[2938274]: Disconnected from invalid user wangwei 104.208.106.49 port 38312 [preauth] Jul 6 01:40:46 router01.kfo-fricke.de sshd[2938543]: Invalid user suporte from 104.208.106.49 port 36552 show less	Brute-Force
🇩🇪 ipcop.net	2023-07-05 23:40:47 (2 years ago)	Jul 6 01:33:22 router01.kfo-fricke.de sshd[2937763]: Invalid user supervisor from 104.208.106.49 po ... show more Jul 6 01:33:22 router01.kfo-fricke.de sshd[2937763]: Invalid user supervisor from 104.208.106.49 port 40744 Jul 6 01:33:22 router01.kfo-fricke.de sshd[2937763]: Disconnected from invalid user supervisor 104.208.106.49 port 40744 [preauth] Jul 6 01:38:38 router01.kfo-fricke.de sshd[2938274]: Invalid user wangwei from 104.208.106.49 port 38312 Jul 6 01:38:38 router01.kfo-fricke.de sshd[2938274]: Disconnected from invalid user wangwei 104.208.106.49 port 38312 [preauth] Jul 6 01:40:46 router01.kfo-fricke.de sshd[2938543]: Invalid user suporte from 104.208.106.49 port 36552 show less	Brute-Force
🇩🇪 ipcop.net	2023-07-05 23:40:47 (2 years ago)	Jul 6 01:33:22 router01.kfo-fricke.de sshd[2937763]: Invalid user supervisor from 104.208.106.49 po ... show more Jul 6 01:33:22 router01.kfo-fricke.de sshd[2937763]: Invalid user supervisor from 104.208.106.49 port 40744 Jul 6 01:33:22 router01.kfo-fricke.de sshd[2937763]: Disconnected from invalid user supervisor 104.208.106.49 port 40744 [preauth] Jul 6 01:38:38 router01.kfo-fricke.de sshd[2938274]: Invalid user wangwei from 104.208.106.49 port 38312 Jul 6 01:38:38 router01.kfo-fricke.de sshd[2938274]: Disconnected from invalid user wangwei 104.208.106.49 port 38312 [preauth] Jul 6 01:40:46 router01.kfo-fricke.de sshd[2938543]: Invalid user suporte from 104.208.106.49 port 36552 show less	Brute-Force
Anonymous	2023-07-05 23:39:20 (2 years ago)	(sshd) Failed SSH login from 104.208.106.49 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: ; Dir ... show more (sshd) Failed SSH login from 104.208.106.49 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_SSHD; Logs: Jul 5 19:35:22 server2 sshd[20496]: Invalid user supervisor from 104.208.106.49 port 40102 Jul 5 19:35:22 server2 sshd[20496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.208.106.49 Jul 5 19:35:24 server2 sshd[20496]: Failed password for invalid user supervisor from 104.208.106.49 port 40102 ssh2 Jul 5 19:39:17 server2 sshd[21261]: Invalid user wangwei from 104.208.106.49 port 49456 Jul 5 19:39:17 server2 sshd[21261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.208.106.49 show less	Brute-Force
🇩🇪 aorth	2023-07-05 21:37:19 (2 years ago)	Jul 05 22:30:19 Invalid user delme from 104.208.106.49 port 58814	Brute-Force SSH
🇧🇷 ufn.edu.br	2023-07-05 21:36:45 (2 years ago)	Jul 5 21:36:42 lasmivm01 sshd[1940405]: Invalid user mysql from 104.208.106.49 port 60546 Jul 5 21 ... show more Jul 5 21:36:42 lasmivm01 sshd[1940405]: Invalid user mysql from 104.208.106.49 port 60546 Jul 5 21:36:42 lasmivm01 sshd[1940405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.208.106.49 Jul 5 21:36:44 lasmivm01 sshd[1940405]: Failed password for invalid user mysql from 104.208.106.49 port 60546 ssh2 ... show less	Brute-Force SSH
🇩🇪 www.blocklist.de	2023-07-05 20:23:10 (2 years ago)	Lines containing failures of 104.208.106.49 (max 1000) Jul 3 16:04:01 myhost sshd[801910]: User r.r ... show more Lines containing failures of 104.208.106.49 (max 1000) Jul 3 16:04:01 myhost sshd[801910]: User r.r from 104.208.106.49 not allowed because not listed in AllowUsers Jul 3 16:04:02 myhost sshd[801910]: Received disconnect from 104.208.106.49 port 51670:11: Bye Bye [preauth] Jul 3 16:04:02 myhost sshd[801910]: Disconnected from AD user r.r 104.208.106.49 port 51670 [preauth] Jul 3 16:08:55 myhost sshd[801925]: AD user umg from 104.208.106.49 port 40876 Jul 3 16:08:55 myhost sshd[801925]: Received disconnect from 104.208.106.49 port 40876:11: Bye Bye [preauth] Jul 3 16:08:55 myhost sshd[801925]: Disconnected from AD user umg 104.208.106.49 port 40876 [preauth] Jul 3 16:10:31 myhost sshd[801977]: AD user lighthouse from 104.208.106.49 port 42322 Jul 3 16:10:31 myhost sshd[801977]: Received disconnect from 104.208.106.49 port 42322:11: Bye Bye [preauth] Jul 3 16:10:31 myhost sshd[801977]: Disconnected from AD user lighthouse 104.208.106.49 port 42322 [preauth] Jul 3........ ------------------------------ show less	FTP Brute-Force Hacking
🇩🇪 www.blocklist.de	2023-07-05 17:42:26 (2 years ago)	Lines containing failures of 104.208.106.49 (max 1000) Jul 3 16:04:01 myhost sshd[801910]: User r.r ... show more Lines containing failures of 104.208.106.49 (max 1000) Jul 3 16:04:01 myhost sshd[801910]: User r.r from 104.208.106.49 not allowed because not listed in AllowUsers Jul 3 16:04:02 myhost sshd[801910]: Received disconnect from 104.208.106.49 port 51670:11: Bye Bye [preauth] Jul 3 16:04:02 myhost sshd[801910]: Disconnected from AD user r.r 104.208.106.49 port 51670 [preauth] Jul 3 16:08:55 myhost sshd[801925]: AD user umg from 104.208.106.49 port 40876 Jul 3 16:08:55 myhost sshd[801925]: Received disconnect from 104.208.106.49 port 40876:11: Bye Bye [preauth] Jul 3 16:08:55 myhost sshd[801925]: Disconnected from AD user umg 104.208.106.49 port 40876 [preauth] Jul 3 16:10:31 myhost sshd[801977]: AD user lighthouse from 104.208.106.49 port 42322 Jul 3 16:10:31 myhost sshd[801977]: Received disconnect from 104.208.106.49 port 42322:11: Bye Bye [preauth] Jul 3 16:10:31 myhost sshd[801977]: Disconnected from AD user lighthouse 104.208.106.49 port 42322 [preauth] Jul 3........ ------------------------------ show less	FTP Brute-Force Hacking
🇩🇪 Admir Mehic	2023-07-05 17:18:28 (2 years ago)	Jul 5 19:07:05 mehic sshd[2851282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 eui ... show more Jul 5 19:07:05 mehic sshd[2851282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.208.106.49 user=root Jul 5 19:07:07 mehic sshd[2851282]: Failed password for root from 104.208.106.49 port 59756 ssh2 Jul 5 19:09:08 mehic sshd[2852453]: Invalid user exam from 104.208.106.49 port 56126 ... show less	Brute-Force SSH
🇺🇸 Nazgul	2023-07-05 17:03:57 (2 years ago)	SSH brute force attempt (mtx)	Brute-Force SSH
🇳🇱 Jordan	2023-07-05 16:45:05 (2 years ago)	Jul 5 18:37:18 sd-161123 sshd[3824912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 ... show more Jul 5 18:37:18 sd-161123 sshd[3824912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.208.106.49 Jul 5 18:37:20 sd-161123 sshd[3824912]: Failed password for invalid user compute from 104.208.106.49 port 52428 ssh2 Jul 5 18:45:03 sd-161123 sshd[3825075]: Invalid user debian from 104.208.106.49 port 36174 Jul 5 18:45:03 sd-161123 sshd[3825075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.208.106.49 Jul 5 18:45:05 sd-161123 sshd[3825075]: Failed password for invalid user debian from 104.208.106.49 port 36174 ssh2 show less	Brute-Force SSH

Showing 1 to 15 of 175 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.227

🇳🇱 209.85.218.54

🇰🇷 112.161.42.97

🇮🇹 95.231.249.182

🇺🇸 52.230.163.217

🇫🇷 13.140.175.36

🇩🇪 213.209.159.225

🇲🇿 197.219.210.94

🇳🇱 195.178.110.30

🇲🇽 187.213.154.138

🇮🇳 163.223.48.92

🇺🇸 130.131.220.154

🇮🇳 115.96.207.41

🇨🇳 112.47.86.236

🇺🇸 107.174.1.138

🇮🇹 79.49.178.149

🇧🇬 78.90.19.40

🇱🇺 46.151.182.34

🇹🇷 46.104.61.228

🇺🇸 20.124.80.111