106.45.1.234 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Ningxia Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Web Server Scan. RayID: 594576a0de09d38e, UA: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729), Country: CN	2020-05-21 04:14:02

Type

Details

Datetime

attackbotsspam

Web Server Scan. RayID: 594576a0de09d38e, UA: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729), Country: CN

2020-05-21 04:14:02

Comments on same subnet:

IP	Type	Details	Datetime
106.45.172.230	attackbots	Invalid user server from 106.45.172.230 port 16352	2020-08-28 01:38:18
106.45.1.98	attackbotsspam	Scanning	2020-05-06 01:26:48
106.45.1.68	attackspambots	Unauthorized connection attempt detected from IP address 106.45.1.68 to port 8118 [J]	2020-03-02 18:44:45
106.45.1.241	attackspam	Unauthorized connection attempt detected from IP address 106.45.1.241 to port 80	2020-02-16 02:12:18
106.45.1.39	attack	The IP has triggered Cloudflare WAF. CF-Ray: 560547b4df36eae7 \| WAF_Rule_ID: a75424b44a1e4f27881d03344a122815 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2020-02-06 04:50:32
106.45.1.141	attackspam	Unauthorized connection attempt detected from IP address 106.45.1.141 to port 80 [J]	2020-02-05 09:41:40
106.45.1.5	attackspambots	Unauthorized connection attempt detected from IP address 106.45.1.5 to port 8080 [J]	2020-01-31 22:37:30
106.45.10.142	attack	Unauthorized connection attempt detected from IP address 106.45.10.142 to port 23 [T]	2020-01-30 08:46:48
106.45.1.20	attackspambots	Unauthorized connection attempt detected from IP address 106.45.1.20 to port 3979 [T]	2020-01-29 17:45:05
106.45.1.241	attackbots	Unauthorized connection attempt detected from IP address 106.45.1.241 to port 808 [J]	2020-01-27 15:16:25
106.45.1.219	attackbotsspam	Unauthorized connection attempt detected from IP address 106.45.1.219 to port 8080 [T]	2020-01-27 14:48:32
106.45.1.102	attack	Unauthorized connection attempt detected from IP address 106.45.1.102 to port 8118 [J]	2020-01-22 08:36:39
106.45.1.37	attackbotsspam	Unauthorized connection attempt detected from IP address 106.45.1.37 to port 8123 [J]	2020-01-22 08:12:04
106.45.1.181	attackspambots	Unauthorized connection attempt detected from IP address 106.45.1.181 to port 80 [J]	2020-01-19 16:05:34
106.45.1.50	attackspambots	Unauthorized connection attempt detected from IP address 106.45.1.50 to port 8899 [T]	2020-01-14 20:40:05

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.45.1.234
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55937
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.45.1.234.			IN	A

;; AUTHORITY SECTION:
.			452	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052001 1800 900 604800 86400

;; Query time: 131 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 21 04:13:59 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 234.1.45.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 234.1.45.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
181.115.156.59	attack	Sep 5 11:42:52 hanapaa sshd\[18222\]: Invalid user 123456 from 181.115.156.59 Sep 5 11:42:52 hanapaa sshd\[18222\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.115.156.59 Sep 5 11:42:54 hanapaa sshd\[18222\]: Failed password for invalid user 123456 from 181.115.156.59 port 58592 ssh2 Sep 5 11:48:13 hanapaa sshd\[18672\]: Invalid user 123 from 181.115.156.59 Sep 5 11:48:13 hanapaa sshd\[18672\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.115.156.59	2019-09-06 05:49:22
59.14.73.108	attackbotsspam	Sep 5 22:15:13 microserver sshd[25823]: Invalid user qwe@123 from 59.14.73.108 port 45258 Sep 5 22:15:13 microserver sshd[25823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.14.73.108 Sep 5 22:15:15 microserver sshd[25823]: Failed password for invalid user qwe@123 from 59.14.73.108 port 45258 ssh2 Sep 5 22:20:37 microserver sshd[26729]: Invalid user test from 59.14.73.108 port 33572 Sep 5 22:20:37 microserver sshd[26729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.14.73.108 Sep 5 22:31:23 microserver sshd[28298]: Invalid user 321 from 59.14.73.108 port 38438 Sep 5 22:31:23 microserver sshd[28298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.14.73.108 Sep 5 22:31:26 microserver sshd[28298]: Failed password for invalid user 321 from 59.14.73.108 port 38438 ssh2 Sep 5 22:36:43 microserver sshd[29046]: Invalid user 123 from 59.14.73.108 port 54994 Sep 5 22:36:43 m	2019-09-06 05:50:41
156.96.157.183	attack	2019-09-05T21:08:55.612861 X postfix/smtpd[13011]: NOQUEUE: reject: RCPT from unknown[156.96.157.183]: 554 5.7.1 Service unavailable; Client host [156.96.157.183] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/156.96.157.183; from= to= proto=ESMTP helo=	2019-09-06 05:43:22
206.189.147.229	attackbots	2019-09-05T21:15:51.062944abusebot-2.cloudsearch.cf sshd\[20322\]: Invalid user test from 206.189.147.229 port 45202	2019-09-06 05:45:26
150.136.193.165	attack	Sep 5 23:11:34 ArkNodeAT sshd\[8282\]: Invalid user lamar from 150.136.193.165 Sep 5 23:11:34 ArkNodeAT sshd\[8282\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.193.165 Sep 5 23:11:35 ArkNodeAT sshd\[8282\]: Failed password for invalid user lamar from 150.136.193.165 port 43367 ssh2	2019-09-06 05:26:14
82.205.84.212	attackbots	Automatic report - Port Scan Attack	2019-09-06 05:47:24
167.99.143.90	attack	Sep 5 23:44:20 rpi sshd[596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.143.90 Sep 5 23:44:22 rpi sshd[596]: Failed password for invalid user letmein from 167.99.143.90 port 36602 ssh2	2019-09-06 05:52:16
103.119.145.130	attackspam	Sep 5 16:43:37 lvps83-169-44-148 sshd[21479]: reveeclipse mapping checking getaddrinfo for ip-145-130.balifiber.id [103.119.145.130] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 5 16:43:37 lvps83-169-44-148 sshd[21479]: Invalid user deployer from 103.119.145.130 Sep 5 16:43:37 lvps83-169-44-148 sshd[21479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.119.145.130 Sep 5 16:43:40 lvps83-169-44-148 sshd[21479]: Failed password for invalid user deployer from 103.119.145.130 port 38904 ssh2 Sep 5 17:21:26 lvps83-169-44-148 sshd[25494]: reveeclipse mapping checking getaddrinfo for ip-145-130.balifiber.id [103.119.145.130] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 5 17:21:26 lvps83-169-44-148 sshd[25494]: Invalid user minecraft from 103.119.145.130 Sep 5 17:21:26 lvps83-169-44-148 sshd[25494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.119.145.130 Sep 5 17:21:28 lvps83-169-44-148........ -------------------------------	2019-09-06 05:46:40
101.36.150.59	attack	Sep 5 11:45:57 lcdev sshd\[10471\]: Invalid user test from 101.36.150.59 Sep 5 11:45:57 lcdev sshd\[10471\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.36.150.59 Sep 5 11:45:59 lcdev sshd\[10471\]: Failed password for invalid user test from 101.36.150.59 port 57936 ssh2 Sep 5 11:49:27 lcdev sshd\[10716\]: Invalid user owncloud from 101.36.150.59 Sep 5 11:49:27 lcdev sshd\[10716\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.36.150.59	2019-09-06 05:51:35
183.131.82.99	attackspam	$f2bV_matches	2019-09-06 06:04:41
106.13.38.227	attackbots	Sep 5 22:08:43 localhost sshd\[32542\]: Invalid user 130 from 106.13.38.227 port 48480 Sep 5 22:08:43 localhost sshd\[32542\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.38.227 Sep 5 22:08:45 localhost sshd\[32542\]: Failed password for invalid user 130 from 106.13.38.227 port 48480 ssh2	2019-09-06 06:03:37
118.25.61.76	attackbotsspam	Sep 5 22:36:27 dedicated sshd[20395]: Invalid user vb0x from 118.25.61.76 port 45386	2019-09-06 06:05:39
176.10.232.53	attackbotsspam	Netgear DGN Device Remote Command Execution Vulnerability, PTR: h-232-53.A328.priv.bahnhof.se.	2019-09-06 05:32:49
2607:5300:60:6d87::	attackspambots	xmlrpc attack	2019-09-06 05:24:14
172.93.48.108	attackbots	Sep 6 00:23:46 www sshd\[50007\]: Invalid user daniel from 172.93.48.108 Sep 6 00:23:46 www sshd\[50007\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.93.48.108 Sep 6 00:23:47 www sshd\[50007\]: Failed password for invalid user daniel from 172.93.48.108 port 54814 ssh2 ...	2019-09-06 05:38:10

Recently Reported IPs

36.5.177.26	234.101.182.35	157.62.83.141	2400:dd0d:2000:0:7588:8d0a:7770:93f3
218.52.234.144	2001:da8:20b:200:100::99	27.224.136.50	27.184.93.53
13.82.88.218	172.255.224.80	37.49.226.155	23.95.128.7
51.79.55.230	172.98.67.23	185.234.216.38	152.89.245.138
222.247.107.223	94.23.103.195	180.175.194.157	87.56.50.203