106.45.1.105 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Ningxia Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	The IP has triggered Cloudflare WAF. CF-Ray: 543838e36a86eba1 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 05:19:11

类型

评论内容

时间

attack

The IP has triggered Cloudflare WAF. CF-Ray: 543838e36a86eba1 | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 05:19:11

相同子网IP讨论:

IP	类型	评论内容	时间
106.45.172.230	attackbots	Invalid user server from 106.45.172.230 port 16352	2020-08-28 01:38:18
106.45.1.234	attackbotsspam	Web Server Scan. RayID: 594576a0de09d38e, UA: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729), Country: CN	2020-05-21 04:14:02
106.45.1.98	attackbotsspam	Scanning	2020-05-06 01:26:48
106.45.1.68	attackspambots	Unauthorized connection attempt detected from IP address 106.45.1.68 to port 8118 [J]	2020-03-02 18:44:45
106.45.1.241	attackspam	Unauthorized connection attempt detected from IP address 106.45.1.241 to port 80	2020-02-16 02:12:18
106.45.1.39	attack	The IP has triggered Cloudflare WAF. CF-Ray: 560547b4df36eae7 \| WAF_Rule_ID: a75424b44a1e4f27881d03344a122815 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2020-02-06 04:50:32
106.45.1.141	attackspam	Unauthorized connection attempt detected from IP address 106.45.1.141 to port 80 [J]	2020-02-05 09:41:40
106.45.1.5	attackspambots	Unauthorized connection attempt detected from IP address 106.45.1.5 to port 8080 [J]	2020-01-31 22:37:30
106.45.10.142	attack	Unauthorized connection attempt detected from IP address 106.45.10.142 to port 23 [T]	2020-01-30 08:46:48
106.45.1.20	attackspambots	Unauthorized connection attempt detected from IP address 106.45.1.20 to port 3979 [T]	2020-01-29 17:45:05
106.45.1.241	attackbots	Unauthorized connection attempt detected from IP address 106.45.1.241 to port 808 [J]	2020-01-27 15:16:25
106.45.1.219	attackbotsspam	Unauthorized connection attempt detected from IP address 106.45.1.219 to port 8080 [T]	2020-01-27 14:48:32
106.45.1.102	attack	Unauthorized connection attempt detected from IP address 106.45.1.102 to port 8118 [J]	2020-01-22 08:36:39
106.45.1.37	attackbotsspam	Unauthorized connection attempt detected from IP address 106.45.1.37 to port 8123 [J]	2020-01-22 08:12:04
106.45.1.181	attackspambots	Unauthorized connection attempt detected from IP address 106.45.1.181 to port 80 [J]	2020-01-19 16:05:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.45.1.105
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43756
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.45.1.105.			IN	A

;; AUTHORITY SECTION:
.			394	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 05:19:09 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 105.1.45.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 105.1.45.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
49.88.112.90	attack	Oct 3 15:58:40 dcd-gentoo sshd[10726]: User root from 49.88.112.90 not allowed because none of user's groups are listed in AllowGroups Oct 3 15:58:43 dcd-gentoo sshd[10726]: error: PAM: Authentication failure for illegal user root from 49.88.112.90 Oct 3 15:58:40 dcd-gentoo sshd[10726]: User root from 49.88.112.90 not allowed because none of user's groups are listed in AllowGroups Oct 3 15:58:43 dcd-gentoo sshd[10726]: error: PAM: Authentication failure for illegal user root from 49.88.112.90 Oct 3 15:58:40 dcd-gentoo sshd[10726]: User root from 49.88.112.90 not allowed because none of user's groups are listed in AllowGroups Oct 3 15:58:43 dcd-gentoo sshd[10726]: error: PAM: Authentication failure for illegal user root from 49.88.112.90 Oct 3 15:58:43 dcd-gentoo sshd[10726]: Failed keyboard-interactive/pam for invalid user root from 49.88.112.90 port 58801 ssh2 ...	2019-10-03 22:03:28
178.32.44.197	attackspam	Oct 3 13:38:12 web8 sshd\[9247\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.44.197 user=root Oct 3 13:38:14 web8 sshd\[9247\]: Failed password for root from 178.32.44.197 port 18513 ssh2 Oct 3 13:42:08 web8 sshd\[11071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.44.197 user=root Oct 3 13:42:10 web8 sshd\[11071\]: Failed password for root from 178.32.44.197 port 10503 ssh2 Oct 3 13:46:10 web8 sshd\[13041\]: Invalid user ftpadmin from 178.32.44.197	2019-10-03 21:54:38
167.114.0.23	attackbotsspam	Oct 3 03:45:20 eddieflores sshd\[31400\]: Invalid user manticore from 167.114.0.23 Oct 3 03:45:20 eddieflores sshd\[31400\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns506087.ip-167-114-0.net Oct 3 03:45:22 eddieflores sshd\[31400\]: Failed password for invalid user manticore from 167.114.0.23 port 55332 ssh2 Oct 3 03:49:12 eddieflores sshd\[31744\]: Invalid user support from 167.114.0.23 Oct 3 03:49:12 eddieflores sshd\[31744\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns506087.ip-167-114-0.net	2019-10-03 22:04:38
84.242.123.220	attackspambots	proto=tcp . spt=35990 . dpt=25 . (Listed on truncate-gbudb also unsubscore and rbldns-ru) (464)	2019-10-03 22:06:19
107.170.63.196	attack	Oct 3 15:56:49 nextcloud sshd\[6768\]: Invalid user HDP from 107.170.63.196 Oct 3 15:56:49 nextcloud sshd\[6768\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.63.196 Oct 3 15:56:51 nextcloud sshd\[6768\]: Failed password for invalid user HDP from 107.170.63.196 port 33264 ssh2 ...	2019-10-03 22:17:47
115.29.244.119	attackbots	ICMP MP Probe, Scan -	2019-10-03 22:17:35
182.61.175.71	attackspambots	Automatic report - Banned IP Access	2019-10-03 21:56:15
150.95.24.185	attack	Oct 3 15:56:14 mail sshd\[10962\]: Failed password for invalid user teste from 150.95.24.185 port 46675 ssh2 Oct 3 16:01:08 mail sshd\[11972\]: Invalid user testadmin from 150.95.24.185 port 31484 Oct 3 16:01:08 mail sshd\[11972\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.95.24.185 Oct 3 16:01:10 mail sshd\[11972\]: Failed password for invalid user testadmin from 150.95.24.185 port 31484 ssh2 Oct 3 16:05:53 mail sshd\[12569\]: Invalid user krishnala from 150.95.24.185 port 16287	2019-10-03 22:21:04
142.93.172.64	attackbots	Oct 3 08:28:51 mail sshd\[6241\]: Invalid user admin from 142.93.172.64 Oct 3 08:28:51 mail sshd\[6241\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.172.64 ...	2019-10-03 21:43:21
187.109.10.100	attackbotsspam	detected by Fail2Ban	2019-10-03 21:48:20
51.68.230.54	attackbotsspam	Bruteforce on SSH Honeypot	2019-10-03 22:19:35
186.112.108.140	attackspam	WordPress wp-login brute force :: 186.112.108.140 0.132 BYPASS [03/Oct/2019:22:28:46 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-03 21:52:01
115.88.201.58	attackbots	Oct 3 15:35:29 vps647732 sshd[13499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.88.201.58 Oct 3 15:35:31 vps647732 sshd[13499]: Failed password for invalid user m202 from 115.88.201.58 port 41924 ssh2 ...	2019-10-03 21:40:30
51.75.22.154	attackspam	Oct 3 15:41:46 vps01 sshd[13693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.22.154 Oct 3 15:41:49 vps01 sshd[13693]: Failed password for invalid user 23 from 51.75.22.154 port 43770 ssh2	2019-10-03 22:10:24
210.134.67.55	attack	10/03/2019-09:52:29.594425 210.134.67.55 Protocol: 6 ET SCAN Potential SSH Scan	2019-10-03 21:54:13

最近上报的IP列表

223.166.74.244	223.166.74.152	222.94.163.216	222.82.60.53
222.82.55.164	221.234.238.226	221.11.20.169	220.181.171.89
219.143.174.38	219.140.119.132	211.97.21.208	182.138.158.205
180.95.231.249	175.184.165.98	175.152.111.191	175.42.2.105
171.36.130.163	171.34.179.81	171.12.10.9	124.90.55.2