110.52.145.234

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Hunan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	[portscan] Port scan	2020-04-20 13:40:51
attackspambots	Fail2Ban - FTP Abuse Attempt	2019-12-25 19:28:34
attackbotsspam	Fail2Ban - FTP Abuse Attempt	2019-10-16 16:49:41
attackbots	Fail2Ban - FTP Abuse Attempt	2019-08-21 10:28:39

Comments on same subnet:

IP	Type	Details	Datetime
110.52.145.241	attackbots	(ftpd) Failed FTP login from 110.52.145.241 (CN/China/-): 10 in the last 3600 secs	2020-06-01 21:17:28
110.52.145.241	attackspambots	prod6 ...	2020-04-22 04:49:03
110.52.145.241	attack	Automatic report - Port Scan Attack	2020-02-08 15:04:39
110.52.145.213	attackbotsspam	Fail2Ban - FTP Abuse Attempt	2019-11-30 08:25:53
110.52.145.241	attackbotsspam	Fail2Ban - FTP Abuse Attempt	2019-08-25 07:14:52
110.52.145.240	attackbots	Jul 9 05:12:00 ns3042688 proftpd\[5474\]: 127.0.0.1 \(110.52.145.240\[110.52.145.240\]\) - USER anonymous: no such user found from 110.52.145.240 \[110.52.145.240\] to 51.254.197.112:21 Jul 9 05:12:05 ns3042688 proftpd\[5555\]: 127.0.0.1 \(110.52.145.240\[110.52.145.240\]\) - USER www: no such user found from 110.52.145.240 \[110.52.145.240\] to 51.254.197.112:21 Jul 9 05:12:13 ns3042688 proftpd\[5582\]: 127.0.0.1 \(110.52.145.240\[110.52.145.240\]\) - USER www: no such user found from 110.52.145.240 \[110.52.145.240\] to 51.254.197.112:21 Jul 9 05:12:25 ns3042688 proftpd\[5637\]: 127.0.0.1 \(110.52.145.240\[110.52.145.240\]\) - USER cesumin \(Login failed\): Incorrect password Jul 9 05:12:30 ns3042688 proftpd\[5670\]: 127.0.0.1 \(110.52.145.240\[110.52.145.240\]\) - USER cesumin \(Login failed\): Incorrect password ...	2019-07-09 20:34:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 110.52.145.234
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48442
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;110.52.145.234.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082002 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 21 10:28:23 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 234.145.52.110.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 234.145.52.110.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.231.35.39	attack	2020-07-23T00:55:31+0200 Failed SSH Authentication/Brute Force Attack. (Server 10)	2020-07-23 07:06:15
195.54.160.21	attackspambots	firewall-block, port(s): 2375/tcp, 4506/tcp	2020-07-23 07:33:10
54.71.115.235	attackbots	54.71.115.235 - - [23/Jul/2020:00:55:32 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.71.115.235 - - [23/Jul/2020:00:55:33 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.71.115.235 - - [23/Jul/2020:00:55:33 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.71.115.235 - - [23/Jul/2020:00:55:34 +0200] "POST /wp-login.php HTTP/1.1" 200 2007 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.71.115.235 - - [23/Jul/2020:00:55:34 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.71.115.235 - - [23/Jul/2020:00:55:34 +0200] "POST /wp-login.php HTTP/1.1" 200 2008 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Fir ...	2020-07-23 07:03:34
171.251.159.3	attack	Jul 23 00:55:20 debian-2gb-nbg1-2 kernel: \[17717048.122744\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=171.251.159.3 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=38475 PROTO=TCP SPT=54897 DPT=4904 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-23 07:21:13
1.10.185.145	attackbots	Failed RDP login	2020-07-23 07:36:57
176.116.187.156	attackbotsspam	Failed RDP login	2020-07-23 07:29:56
113.179.152.71	attackbotsspam	Failed RDP login	2020-07-23 07:17:35
51.38.238.165	attackbotsspam	Port Scan detected from 51.38.238.165 (FR/France/Hauts-de-France/Gravelines/165.ip-51-38-238.eu). 4 hits in the last 136 seconds	2020-07-23 07:33:49
51.222.12.106	attackbots	2020-07-22T23:14:34.688126shield sshd\[10304\]: Invalid user amy from 51.222.12.106 port 41006 2020-07-22T23:14:34.698125shield sshd\[10304\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vps-f6e8217e.vps.ovh.ca 2020-07-22T23:14:36.683190shield sshd\[10304\]: Failed password for invalid user amy from 51.222.12.106 port 41006 ssh2 2020-07-22T23:22:14.295231shield sshd\[12392\]: Invalid user run from 51.222.12.106 port 55494 2020-07-22T23:22:14.303749shield sshd\[12392\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vps-f6e8217e.vps.ovh.ca	2020-07-23 07:36:12
190.78.249.34	attackspambots	IP 190.78.249.34 attacked honeypot on port: 3433 at 7/22/2020 3:54:52 PM	2020-07-23 07:18:09
223.83.138.104	attackbots	Jul 22 23:01:16 ws26vmsma01 sshd[23155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.83.138.104 Jul 22 23:01:18 ws26vmsma01 sshd[23155]: Failed password for invalid user support from 223.83.138.104 port 58680 ssh2 ...	2020-07-23 07:16:04
205.209.166.66	attack	Failed RDP login	2020-07-23 07:16:51
139.59.59.75	attackspam	139.59.59.75 - - [23/Jul/2020:00:55:20 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.59.75 - - [23/Jul/2020:00:55:20 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.59.75 - - [23/Jul/2020:00:55:21 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.59.75 - - [23/Jul/2020:00:55:21 +0200] "POST /wp-login.php HTTP/1.1" 200 2007 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.59.75 - - [23/Jul/2020:00:55:22 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.59.75 - - [23/Jul/2020:00:55:22 +0200] "POST /wp-login.php HTTP/1.1" 200 2008 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/6 ...	2020-07-23 07:19:28
168.128.70.151	attackspam	Jul 22 19:00:23 ny01 sshd[27885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.128.70.151 Jul 22 19:00:25 ny01 sshd[27885]: Failed password for invalid user orion from 168.128.70.151 port 52680 ssh2 Jul 22 19:03:27 ny01 sshd[28213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.128.70.151	2020-07-23 07:19:13
13.67.32.172	attack	Jul 23 01:46:01 ift sshd\[56389\]: Invalid user lma from 13.67.32.172Jul 23 01:46:03 ift sshd\[56389\]: Failed password for invalid user lma from 13.67.32.172 port 48782 ssh2Jul 23 01:50:45 ift sshd\[57122\]: Invalid user test from 13.67.32.172Jul 23 01:50:47 ift sshd\[57122\]: Failed password for invalid user test from 13.67.32.172 port 35448 ssh2Jul 23 01:55:16 ift sshd\[57964\]: Invalid user sims from 13.67.32.172 ...	2020-07-23 07:38:35

Recently Reported IPs

106.13.44.85	198.98.52.143	103.88.132.222	180.245.219.110
217.112.128.168	35.202.2.1	186.167.35.166	5.140.136.24
169.62.162.169	36.82.10.218	201.249.196.74	190.152.221.70
92.195.154.151	194.158.212.21	186.9.138.1	101.86.166.99
244.79.199.124	103.199.42.165	203.177.96.249	16.221.78.77