182.242.104.23

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Yunnan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 182.242.104.23 to port 8088	2020-06-01 00:36:21
attackspam	Automatic report - Web App Attack	2019-12-05 17:07:55

Comments on same subnet:

IP	Type	Details	Datetime
182.242.104.218	attackspambots	Unauthorized connection attempt detected from IP address 182.242.104.218 to port 2086	2019-12-31 08:45:33
182.242.104.15	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 54140a9b2dd9e4c4 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.081397758 Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:55:56

Type

Details

Datetime

182.242.104.218

attackspambots

Unauthorized connection attempt detected from IP address 182.242.104.218 to port 2086

2019-12-31 08:45:33

182.242.104.15

attackspambots

The IP has triggered Cloudflare WAF. CF-Ray: 54140a9b2dd9e4c4 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: d.skk.moe | User-Agent: Mozilla/5.081397758 Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0) | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 04:55:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 182.242.104.23
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43409
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;182.242.104.23.			IN	A

;; AUTHORITY SECTION:
.			358	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120500 1800 900 604800 86400

;; Query time: 48 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 05 17:07:51 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 23.104.242.182.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 23.104.242.182.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.237.72.126	attack	fail2ban	2020-08-21 15:38:09
134.209.24.61	attack	Aug 21 10:39:02 dhoomketu sshd[2538818]: Failed password for invalid user cheryl from 134.209.24.61 port 41276 ssh2 Aug 21 10:42:52 dhoomketu sshd[2538986]: Invalid user bjr from 134.209.24.61 port 49796 Aug 21 10:42:52 dhoomketu sshd[2538986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.24.61 Aug 21 10:42:52 dhoomketu sshd[2538986]: Invalid user bjr from 134.209.24.61 port 49796 Aug 21 10:42:54 dhoomketu sshd[2538986]: Failed password for invalid user bjr from 134.209.24.61 port 49796 ssh2 ...	2020-08-21 15:40:15
113.193.253.86	attackspam	Port Scan ...	2020-08-21 15:06:17
103.145.13.133	attackspam	SIP Server BruteForce Attack	2020-08-21 15:19:14
120.53.1.97	attack	Aug 21 11:38:52 dhoomketu sshd[2540284]: Invalid user postgres from 120.53.1.97 port 36098 Aug 21 11:38:52 dhoomketu sshd[2540284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.53.1.97 Aug 21 11:38:52 dhoomketu sshd[2540284]: Invalid user postgres from 120.53.1.97 port 36098 Aug 21 11:38:54 dhoomketu sshd[2540284]: Failed password for invalid user postgres from 120.53.1.97 port 36098 ssh2 Aug 21 11:42:02 dhoomketu sshd[2540432]: Invalid user xbz from 120.53.1.97 port 41940 ...	2020-08-21 15:31:17
51.38.179.113	attack	Invalid user csvn from 51.38.179.113 port 45970	2020-08-21 15:10:45
171.25.193.77	attackbots	2020-08-21T09:04:45+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-08-21 15:37:31
74.141.132.233	attackspam	2020-08-21T06:12:47.237037shield sshd\[28414\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-74-141-132-233.kya.res.rr.com user=root 2020-08-21T06:12:49.297444shield sshd\[28414\]: Failed password for root from 74.141.132.233 port 60372 ssh2 2020-08-21T06:19:47.784273shield sshd\[31045\]: Invalid user xiongjiayu from 74.141.132.233 port 40336 2020-08-21T06:19:47.795200shield sshd\[31045\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-74-141-132-233.kya.res.rr.com 2020-08-21T06:19:49.849793shield sshd\[31045\]: Failed password for invalid user xiongjiayu from 74.141.132.233 port 40336 ssh2	2020-08-21 15:33:09
167.114.98.96	attackspambots	Invalid user cgp from 167.114.98.96 port 52534	2020-08-21 15:37:53
72.167.224.135	attack	$f2bV_matches	2020-08-21 15:25:08
157.230.41.242	attackbotsspam	SSH invalid-user multiple login attempts	2020-08-21 15:35:59
115.135.221.204	attackspambots	Aug 21 09:17:54 srv-ubuntu-dev3 sshd[4208]: Invalid user liuqiang from 115.135.221.204 Aug 21 09:17:54 srv-ubuntu-dev3 sshd[4208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.135.221.204 Aug 21 09:17:54 srv-ubuntu-dev3 sshd[4208]: Invalid user liuqiang from 115.135.221.204 Aug 21 09:17:57 srv-ubuntu-dev3 sshd[4208]: Failed password for invalid user liuqiang from 115.135.221.204 port 55170 ssh2 Aug 21 09:21:22 srv-ubuntu-dev3 sshd[4624]: Invalid user ola from 115.135.221.204 Aug 21 09:21:22 srv-ubuntu-dev3 sshd[4624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.135.221.204 Aug 21 09:21:22 srv-ubuntu-dev3 sshd[4624]: Invalid user ola from 115.135.221.204 Aug 21 09:21:24 srv-ubuntu-dev3 sshd[4624]: Failed password for invalid user ola from 115.135.221.204 port 37095 ssh2 Aug 21 09:24:48 srv-ubuntu-dev3 sshd[5053]: Invalid user monitor from 115.135.221.204 ...	2020-08-21 15:40:40
61.177.172.142	attack	Aug 21 09:13:55 pve1 sshd[6470]: Failed password for root from 61.177.172.142 port 54352 ssh2 Aug 21 09:13:58 pve1 sshd[6470]: Failed password for root from 61.177.172.142 port 54352 ssh2 ...	2020-08-21 15:19:47
106.12.209.157	attackbots	Aug 21 09:41:32 hosting sshd[11704]: Invalid user izt from 106.12.209.157 port 49664 ...	2020-08-21 15:43:54
209.244.77.241	attack	Aug 20 19:33:39 hanapaa sshd\[12042\]: Invalid user fes from 209.244.77.241 Aug 20 19:33:39 hanapaa sshd\[12042\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.244.77.241 Aug 20 19:33:40 hanapaa sshd\[12042\]: Failed password for invalid user fes from 209.244.77.241 port 49514 ssh2 Aug 20 19:36:05 hanapaa sshd\[12241\]: Invalid user giulia from 209.244.77.241 Aug 20 19:36:05 hanapaa sshd\[12241\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.244.77.241	2020-08-21 15:28:41

Recently Reported IPs

229.219.231.46	180.241.45.219	249.45.190.230	16.252.101.114
171.34.122.3	111.93.99.6	223.207.249.150	46.242.61.61
46.178.64.242	37.49.230.30	206.189.188.95	239.170.112.48
134.175.128.69	103.233.205.4	119.114.106.89	103.207.3.67
14.229.69.154	187.189.151.196	155.25.133.59	125.78.218.81