106.120.14.169

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Beijing Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	The IP has triggered Cloudflare WAF. CF-Ray: 543032a06879ebd1 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_2) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.4 Safari/605.1.15 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:30:09

Type

Details

Datetime

attack

The IP has triggered Cloudflare WAF. CF-Ray: 543032a06879ebd1 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_2) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.4 Safari/605.1.15 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 06:30:09

Comments on same subnet:

IP	Type	Details	Datetime
106.120.14.97	attackbots	FTP	2019-12-23 03:50:44
106.120.14.176	attackspambots	Automatic report - FTP Brute Force	2019-10-22 03:18:23

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.120.14.169
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45216
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.120.14.169.			IN	A

;; AUTHORITY SECTION:
.			503	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 122 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 06:30:05 CST 2019
;; MSG SIZE  rcvd: 118

Host info

169.14.120.106.in-addr.arpa domain name pointer 169.14.120.106.static.bjtelecom.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
169.14.120.106.in-addr.arpa	name = 169.14.120.106.static.bjtelecom.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
52.252.62.114	attack	Invalid user apkmodo from 52.252.62.114 port 52567	2020-09-27 20:23:54
52.230.7.48	attack	Sep 27 05:43:02 firewall sshd[31749]: Invalid user 13.125.230.29 from 52.230.7.48 Sep 27 05:43:04 firewall sshd[31749]: Failed password for invalid user 13.125.230.29 from 52.230.7.48 port 29653 ssh2 Sep 27 05:49:34 firewall sshd[31942]: Invalid user 186 from 52.230.7.48 ...	2020-09-27 20:39:15
192.241.234.66	attackbots	TCP port : 5222	2020-09-27 20:26:52
51.79.35.114	attackbots	[H1.VM4] Blocked by UFW	2020-09-27 20:22:49
104.211.212.220	attack	Sep 27 10:46:05 haigwepa sshd[11617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.212.220 Sep 27 10:46:07 haigwepa sshd[11617]: Failed password for invalid user 186 from 104.211.212.220 port 62914 ssh2 ...	2020-09-27 20:19:57
113.174.63.46	attack	firewall-block, port(s): 445/tcp	2020-09-27 20:32:00
37.212.179.242	attack	Attempted Brute Force (dovecot)	2020-09-27 20:27:55
40.117.47.121	attack	Invalid user 123 from 40.117.47.121 port 41254	2020-09-27 20:31:00
118.24.73.115	attackbotsspam	(sshd) Failed SSH login from 118.24.73.115 (CN/China/-): 5 in the last 3600 secs	2020-09-27 20:18:55
213.177.221.128	attack	Port Scan: TCP/443	2020-09-27 20:17:35
52.130.73.105	attack	2375/tcp 2375/tcp [2020-07-31/09-26]2pkt	2020-09-27 20:43:41
119.29.133.220	attack	Found on Alienvault / proto=6 . srcport=7368 . dstport=23 . (3355)	2020-09-27 20:33:19
217.112.142.227	attack	E-Mail Spam (RBL) [REJECTED]	2020-09-27 20:19:23
125.19.16.194	attack	1433/tcp 445/tcp... [2020-08-02/09-26]18pkt,2pt.(tcp)	2020-09-27 20:38:32
216.218.206.124	attackspam	TCP (SYN) 216.218.206.124:52305 -> port 5900, len 44	2020-09-27 20:14:42

Recently Reported IPs

14.215.213.81	223.166.75.45	222.94.195.140	222.82.62.23
220.200.175.97	220.200.160.45	219.133.46.189	211.141.213.86
181.180.194.243	192.99.14.130	182.138.163.6	42.194.236.192
150.255.4.207	105.112.120.10	152.4.135.155	124.88.113.25
165.124.190.106	123.191.130.87	123.160.173.172	123.145.11.119