106.45.0.102 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Ningxia Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 5435d4069c57ebc5 \| WAF_Rule_ID: ipr24 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.0 (iPad; CPU OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:31:13

Type

Details

Datetime

attackbots

The IP has triggered Cloudflare WAF. CF-Ray: 5435d4069c57ebc5 | WAF_Rule_ID: ipr24 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.0 (iPad; CPU OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 06:31:13

Comments on same subnet:

IP	Type	Details	Datetime
106.45.0.198	attack	Detected by ModSecurity. Host header is an IP address, Request URI: /	2020-08-07 18:17:55
106.45.0.182	attackspam	Unauthorized connection attempt detected from IP address 106.45.0.182 to port 443	2020-07-25 20:37:03
106.45.0.43	attackspam	Unauthorized connection attempt detected from IP address 106.45.0.43 to port 8081 [J]	2020-03-02 20:37:01
106.45.0.168	attackbots	Unauthorized connection attempt detected from IP address 106.45.0.168 to port 8899 [J]	2020-03-02 17:15:57
106.45.0.111	attackbotsspam	Unauthorized connection attempt detected from IP address 106.45.0.111 to port 22 [J]	2020-03-02 15:06:55
106.45.0.255	attack	Unauthorized connection attempt detected from IP address 106.45.0.255 to port 22 [J]	2020-03-02 15:06:35
106.45.0.52	attack	Unauthorized connection attempt detected from IP address 106.45.0.52 to port 443 [J]	2020-02-05 09:42:09
106.45.0.64	attackbots	Unauthorized connection attempt detected from IP address 106.45.0.64 to port 8089 [T]	2020-01-29 17:45:51
106.45.0.208	attack	Unauthorized connection attempt detected from IP address 106.45.0.208 to port 8081 [T]	2020-01-29 17:45:22
106.45.0.171	attack	Unauthorized connection attempt detected from IP address 106.45.0.171 to port 8888 [J]	2020-01-29 10:31:04
106.45.0.45	attackspam	Unauthorized connection attempt detected from IP address 106.45.0.45 to port 8000 [J]	2020-01-27 17:38:30
106.45.0.112	attackspam	Unauthorized connection attempt detected from IP address 106.45.0.112 to port 8000 [J]	2020-01-27 14:48:50
106.45.0.56	attackspam	Unauthorized connection attempt detected from IP address 106.45.0.56 to port 8081 [J]	2020-01-27 00:51:09
106.45.0.77	attackbots	Unauthorized connection attempt detected from IP address 106.45.0.77 to port 8081 [J]	2020-01-27 00:19:12
106.45.0.97	attackbots	Unauthorized connection attempt detected from IP address 106.45.0.97 to port 80 [J]	2020-01-20 20:37:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.45.0.102
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53429
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.45.0.102.			IN	A

;; AUTHORITY SECTION:
.			163	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 41 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 06:31:10 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 102.0.45.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 102.0.45.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.234.219.105	attack	Oct 17 05:05:05 mail postfix/smtpd\[1956\]: warning: unknown\[185.234.219.105\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 17 05:13:36 mail postfix/smtpd\[2017\]: warning: unknown\[185.234.219.105\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 17 05:48:45 mail postfix/smtpd\[3970\]: warning: unknown\[185.234.219.105\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 17 05:57:38 mail postfix/smtpd\[4176\]: warning: unknown\[185.234.219.105\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-10-17 12:37:34
106.13.217.93	attack	2019-10-17T03:57:32.977574abusebot.cloudsearch.cf sshd\[10716\]: Invalid user muhammad from 106.13.217.93 port 44214	2019-10-17 12:17:05
110.36.220.62	attack	Oct 17 05:57:06 lnxmail61 postfix/smtps/smtpd[2512]: lost connection after CONNECT from [munged]:[110.36.220.62] Oct 17 05:57:06 lnxmail61 postfix/smtpd[29607]: lost connection after CONNECT from [munged]:[110.36.220.62] Oct 17 05:57:06 lnxmail61 postfix/submission/smtpd[2549]: lost connection after CONNECT from [munged]:[110.36.220.62] Oct 17 05:57:06 lnxmail61 postfix/submission/smtpd[2465]: lost connection after CONNECT from [munged]:[110.36.220.62] Oct 17 05:57:06 lnxmail61 postfix/smtpd[2252]: lost connection after CONNECT from [munged]:[110.36.220.62]	2019-10-17 12:34:11
168.63.154.174	attack	Oct 17 05:56:53 icinga sshd[14276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.63.154.174 Oct 17 05:56:55 icinga sshd[14276]: Failed password for invalid user wasadrc from 168.63.154.174 port 45200 ssh2 ...	2019-10-17 12:40:55
119.42.175.200	attack	Oct 17 06:07:11 [host] sshd[26536]: Invalid user test from 119.42.175.200 Oct 17 06:07:11 [host] sshd[26536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.42.175.200 Oct 17 06:07:13 [host] sshd[26536]: Failed password for invalid user test from 119.42.175.200 port 58276 ssh2	2019-10-17 12:33:50
118.141.215.184	attackbotsspam	2019-10-17T05:56:39.492193lon01.zurich-datacenter.net sshd\[22653\]: Invalid user pi from 118.141.215.184 port 58824 2019-10-17T05:56:39.710342lon01.zurich-datacenter.net sshd\[22653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.141.215.184 2019-10-17T05:56:39.851576lon01.zurich-datacenter.net sshd\[22654\]: Invalid user pi from 118.141.215.184 port 58828 2019-10-17T05:56:40.111234lon01.zurich-datacenter.net sshd\[22654\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.141.215.184 2019-10-17T05:56:41.272164lon01.zurich-datacenter.net sshd\[22653\]: Failed password for invalid user pi from 118.141.215.184 port 58824 ssh2 ...	2019-10-17 12:47:42
5.135.181.11	attack	Oct 17 04:09:51 web8 sshd\[25741\]: Invalid user ccservice from 5.135.181.11 Oct 17 04:09:51 web8 sshd\[25741\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.181.11 Oct 17 04:09:54 web8 sshd\[25741\]: Failed password for invalid user ccservice from 5.135.181.11 port 34716 ssh2 Oct 17 04:14:02 web8 sshd\[27704\]: Invalid user vote4me from 5.135.181.11 Oct 17 04:14:02 web8 sshd\[27704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.181.11	2019-10-17 12:17:32
91.134.135.220	attackbots	Oct 16 23:53:53 xtremcommunity sshd\[594649\]: Invalid user moses from 91.134.135.220 port 58534 Oct 16 23:53:53 xtremcommunity sshd\[594649\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.135.220 Oct 16 23:53:55 xtremcommunity sshd\[594649\]: Failed password for invalid user moses from 91.134.135.220 port 58534 ssh2 Oct 16 23:57:30 xtremcommunity sshd\[594731\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.135.220 user=root Oct 16 23:57:32 xtremcommunity sshd\[594731\]: Failed password for root from 91.134.135.220 port 42622 ssh2 ...	2019-10-17 12:18:12
190.228.16.101	attackspam	Oct 16 18:33:56 hpm sshd\[31628\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host101.190-228-16.telecom.net.ar user=root Oct 16 18:33:58 hpm sshd\[31628\]: Failed password for root from 190.228.16.101 port 56622 ssh2 Oct 16 18:38:41 hpm sshd\[31991\]: Invalid user q from 190.228.16.101 Oct 16 18:38:41 hpm sshd\[31991\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host101.190-228-16.telecom.net.ar Oct 16 18:38:43 hpm sshd\[31991\]: Failed password for invalid user q from 190.228.16.101 port 39198 ssh2	2019-10-17 12:48:12
120.52.121.86	attackbots	Oct 17 04:14:25 unicornsoft sshd\[5974\]: User root from 120.52.121.86 not allowed because not listed in AllowUsers Oct 17 04:14:25 unicornsoft sshd\[5974\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.121.86 user=root Oct 17 04:14:28 unicornsoft sshd\[5974\]: Failed password for invalid user root from 120.52.121.86 port 49219 ssh2	2019-10-17 12:17:47
221.9.135.85	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/221.9.135.85/ CN - 1H : (557) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4837 IP : 221.9.135.85 CIDR : 221.9.0.0/16 PREFIX COUNT : 1262 UNIQUE IP COUNT : 56665856 WYKRYTE ATAKI Z ASN4837 : 1H - 8 3H - 28 6H - 61 12H - 101 24H - 191 DateTime : 2019-10-17 05:56:44 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-17 12:44:37
74.63.250.6	attackbotsspam	Oct 16 17:53:56 tdfoods sshd\[7286\]: Invalid user gmeee from 74.63.250.6 Oct 16 17:53:56 tdfoods sshd\[7286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.63.250.6 Oct 16 17:53:57 tdfoods sshd\[7286\]: Failed password for invalid user gmeee from 74.63.250.6 port 45428 ssh2 Oct 16 17:58:15 tdfoods sshd\[7609\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.63.250.6 user=root Oct 16 17:58:17 tdfoods sshd\[7609\]: Failed password for root from 74.63.250.6 port 56888 ssh2	2019-10-17 12:15:43
124.195.201.233	attackspambots	Automatic report - Port Scan Attack	2019-10-17 12:31:39
106.12.207.88	attackbots	Oct 17 05:53:17 dedicated sshd[25515]: Failed password for invalid user aag from 106.12.207.88 port 31378 ssh2 Oct 17 05:53:15 dedicated sshd[25515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.207.88 Oct 17 05:53:15 dedicated sshd[25515]: Invalid user aag from 106.12.207.88 port 31378 Oct 17 05:53:17 dedicated sshd[25515]: Failed password for invalid user aag from 106.12.207.88 port 31378 ssh2 Oct 17 05:57:38 dedicated sshd[26016]: Invalid user tlwebpack from 106.12.207.88 port 12349	2019-10-17 12:12:36
46.229.168.146	attackspam	Malicious Traffic/Form Submission	2019-10-17 12:27:16

Recently Reported IPs

222.94.195.140	222.82.62.23	220.200.175.97	220.200.160.45
219.133.46.189	211.141.213.86	181.180.194.243	192.99.14.130
182.138.163.6	42.194.236.192	150.255.4.207	105.112.120.10
152.4.135.155	124.88.113.25	165.124.190.106	123.191.130.87
123.160.173.172	123.145.11.119	123.144.20.191	121.57.229.29