2001:da8:20b:200:100::44

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: The China Education and Research Network

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 54113c804f45775e \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:46:20

Type

Details

Datetime

attackspam

The IP has triggered Cloudflare WAF. CF-Ray: 54113c804f45775e | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: d.skk.moe | User-Agent: Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 06:46:20

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2001:da8:20b:200:100::44
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51334
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2001:da8:20b:200:100::44.	IN	A

;; AUTHORITY SECTION:
.			10800	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120701 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 100.100.2.136#53(100.100.2.136)
;; WHEN: Sun Dec 08 06:54:36 CST 2019
;; MSG SIZE  rcvd: 128

Host info

Host 4.4.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.0.b.0.2.0.8.a.d.0.1.0.0.2.ip6.arpa not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 4.4.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.2.0.b.0.2.0.8.a.d.0.1.0.0.2.ip6.arpa: NXDOMAIN

Related comments:

IP	Type	Details	Datetime
178.149.154.193	attack	Feb 8 15:28:23 sso sshd[30132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.149.154.193 Feb 8 15:28:25 sso sshd[30132]: Failed password for invalid user admin from 178.149.154.193 port 62996 ssh2 ...	2020-02-09 01:07:46
88.248.100.25	attack	Unauthorised access (Feb 8) SRC=88.248.100.25 LEN=44 TTL=243 ID=14539 TCP DPT=139 WINDOW=1024 SYN Unauthorised access (Feb 7) SRC=88.248.100.25 LEN=44 TTL=243 ID=38128 TCP DPT=139 WINDOW=1024 SYN Unauthorised access (Feb 5) SRC=88.248.100.25 LEN=44 TTL=243 ID=51666 TCP DPT=139 WINDOW=1024 SYN Unauthorised access (Feb 3) SRC=88.248.100.25 LEN=44 TTL=243 ID=36325 TCP DPT=139 WINDOW=1024 SYN Unauthorised access (Feb 2) SRC=88.248.100.25 LEN=44 TTL=244 ID=14857 TCP DPT=139 WINDOW=1024 SYN	2020-02-09 01:39:45
70.121.56.92	attackspam	Feb 8 17:13:10 server sshd\[27325\]: Invalid user fuj from 70.121.56.92 Feb 8 17:13:11 server sshd\[27325\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-70-121-56-92.tx.res.rr.com Feb 8 17:13:12 server sshd\[27325\]: Failed password for invalid user fuj from 70.121.56.92 port 55846 ssh2 Feb 8 18:07:47 server sshd\[5116\]: Invalid user siv from 70.121.56.92 Feb 8 18:07:47 server sshd\[5116\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-70-121-56-92.tx.res.rr.com ...	2020-02-09 01:11:29
77.42.107.226	attackspam	Automatic report - Port Scan Attack	2020-02-09 01:27:29
221.194.137.28	attack	Feb 8 15:27:51 cvbnet sshd[5348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.194.137.28 Feb 8 15:27:52 cvbnet sshd[5348]: Failed password for invalid user csi from 221.194.137.28 port 34326 ssh2 ...	2020-02-09 01:26:59
193.56.28.220	attackbotsspam	2020-02-08T17:49:32.098832www postfix/smtpd[32441]: warning: unknown[193.56.28.220]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-02-08T17:49:40.196205www postfix/smtpd[32441]: warning: unknown[193.56.28.220]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-02-08T17:49:41.197181www postfix/smtpd[31048]: warning: unknown[193.56.28.220]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-02-09 01:40:19
190.9.130.159	attackspambots	Feb 8 17:13:50 web8 sshd\[24961\]: Invalid user gak from 190.9.130.159 Feb 8 17:13:50 web8 sshd\[24961\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.9.130.159 Feb 8 17:13:53 web8 sshd\[24961\]: Failed password for invalid user gak from 190.9.130.159 port 42440 ssh2 Feb 8 17:16:37 web8 sshd\[26341\]: Invalid user ahi from 190.9.130.159 Feb 8 17:16:37 web8 sshd\[26341\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.9.130.159	2020-02-09 01:36:08
178.60.197.1	attack	Feb 8 15:17:28 ovpn sshd\[30517\]: Invalid user lgj from 178.60.197.1 Feb 8 15:17:28 ovpn sshd\[30517\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.60.197.1 Feb 8 15:17:30 ovpn sshd\[30517\]: Failed password for invalid user lgj from 178.60.197.1 port 35222 ssh2 Feb 8 15:28:21 ovpn sshd\[717\]: Invalid user try from 178.60.197.1 Feb 8 15:28:21 ovpn sshd\[717\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.60.197.1	2020-02-09 01:10:45
218.78.10.183	attack	Tried sshing with brute force.	2020-02-09 01:01:38
122.51.5.69	attackbots	Feb 8 15:28:36 lnxmysql61 sshd[21684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.5.69	2020-02-09 00:58:47
196.46.192.73	attackspambots	Feb 8 15:56:40 silence02 sshd[11996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.46.192.73 Feb 8 15:56:42 silence02 sshd[11996]: Failed password for invalid user gjp from 196.46.192.73 port 56022 ssh2 Feb 8 16:00:49 silence02 sshd[12373]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.46.192.73	2020-02-09 01:34:23
186.225.220.178	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2020-02-09 01:17:03
220.130.129.164	attackspambots	Feb 8 13:59:54 firewall sshd[29175]: Invalid user sus from 220.130.129.164 Feb 8 13:59:56 firewall sshd[29175]: Failed password for invalid user sus from 220.130.129.164 port 44724 ssh2 Feb 8 14:07:27 firewall sshd[29534]: Invalid user srq from 220.130.129.164 ...	2020-02-09 01:18:05
27.254.136.29	attack	Feb 8 09:27:37 plusreed sshd[19690]: Invalid user gwm from 27.254.136.29 ...	2020-02-09 01:36:27
68.183.19.63	attack	Feb 8 17:29:11 MK-Soft-Root2 sshd[16366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.19.63 Feb 8 17:29:13 MK-Soft-Root2 sshd[16366]: Failed password for invalid user iob from 68.183.19.63 port 47390 ssh2 ...	2020-02-09 01:16:33

Recently Reported IPs

113.128.104.128	112.230.46.248	112.230.43.163	112.224.17.73
112.80.139.237	112.66.110.75	111.224.248.210	111.224.7.40
186.114.150.190	139.150.213.12	50.153.123.208	103.201.129.58
65.49.38.144	96.20.126.21	59.173.155.103	35.172.0.14
49.7.3.237	54.214.9.141	52.137.205.50	42.156.139.60