202.109.197.45

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Fujian Hongyu network Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-04 02:28:52
attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-03 18:16:03
attackbotsspam	SSH break in or HTTP scan ...	2020-07-13 16:35:55
attack	Port probing on unauthorized port 1433	2020-02-14 19:16:03

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.109.197.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6596
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.109.197.45.			IN	A

;; AUTHORITY SECTION:
.			591	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021400 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 14 19:15:58 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 45.197.109.202.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 45.197.109.202.in-addr.arpa.: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.253.104.50	attackbots	SMB Server BruteForce Attack	2020-07-08 12:34:07
188.49.36.188	attackbotsspam	1594179988 - 07/08/2020 05:46:28 Host: 188.49.36.188/188.49.36.188 Port: 445 TCP Blocked	2020-07-08 12:37:38
103.11.117.117	attackspambots	Malformed \x.. web request	2020-07-08 12:10:11
191.0.73.250	attack	Unauthorized connection attempt from IP address 191.0.73.250 on Port 445(SMB)	2020-07-08 12:37:06
27.71.122.74	attackspambots	Unauthorized connection attempt from IP address 27.71.122.74 on Port 445(SMB)	2020-07-08 12:33:22
123.207.111.151	attackbotsspam	Jul 7 23:46:20 Tower sshd[3223]: Connection from 123.207.111.151 port 54648 on 192.168.10.220 port 22 rdomain "" Jul 7 23:46:22 Tower sshd[3223]: Invalid user maurice from 123.207.111.151 port 54648 Jul 7 23:46:22 Tower sshd[3223]: error: Could not get shadow information for NOUSER Jul 7 23:46:22 Tower sshd[3223]: Failed password for invalid user maurice from 123.207.111.151 port 54648 ssh2 Jul 7 23:46:22 Tower sshd[3223]: Received disconnect from 123.207.111.151 port 54648:11: Bye Bye [preauth] Jul 7 23:46:22 Tower sshd[3223]: Disconnected from invalid user maurice 123.207.111.151 port 54648 [preauth]	2020-07-08 12:13:45
110.36.229.155	attackbotsspam	1594181018 - 07/08/2020 06:03:38 Host: 110.36.229.155/110.36.229.155 Port: 445 TCP Blocked	2020-07-08 12:26:28
206.189.88.27	attackspam	20 attempts against mh-ssh on water	2020-07-08 12:33:53
185.143.73.162	attackspam	Jul 8 06:26:12 srv01 postfix/smtpd\[7117\]: warning: unknown\[185.143.73.162\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 06:26:51 srv01 postfix/smtpd\[7117\]: warning: unknown\[185.143.73.162\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 06:27:30 srv01 postfix/smtpd\[10202\]: warning: unknown\[185.143.73.162\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 06:28:09 srv01 postfix/smtpd\[10202\]: warning: unknown\[185.143.73.162\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 06:28:48 srv01 postfix/smtpd\[7117\]: warning: unknown\[185.143.73.162\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-08 12:32:16
91.7.105.51	attackspambots	20 attempts against mh-ssh on hill	2020-07-08 12:22:27
117.50.48.238	attackspambots	"fail2ban match"	2020-07-08 12:29:22
180.243.230.19	attack	Unauthorized connection attempt from IP address 180.243.230.19 on Port 445(SMB)	2020-07-08 12:26:04
157.230.20.53	attackspam	20 attempts against mh-ssh on pluto	2020-07-08 12:16:21
2.82.170.124	attack	SSH Brute-Force Attack	2020-07-08 12:13:29
1.194.238.187	attackbotsspam	Jul 7 22:06:23 server1 sshd\[26905\]: Invalid user xiuma from 1.194.238.187 Jul 7 22:06:23 server1 sshd\[26905\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.194.238.187 Jul 7 22:06:26 server1 sshd\[26905\]: Failed password for invalid user xiuma from 1.194.238.187 port 34129 ssh2 Jul 7 22:08:32 server1 sshd\[27629\]: Invalid user shellinabox from 1.194.238.187 Jul 7 22:08:32 server1 sshd\[27629\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.194.238.187 ...	2020-07-08 12:09:48

Recently Reported IPs

119.206.126.197	94.25.182.167	219.74.192.93	201.148.64.46
78.140.56.107	120.31.160.67	172.0.5.59	2a03:2880:32ff::face:b00c
23.221.214.20	144.76.40.35	119.205.19.36	50.30.34.37
219.92.69.149	27.76.10.249	122.117.171.131	119.204.86.61
15.206.100.96	36.85.182.129	118.126.93.16	183.237.78.70