193.34.145.6 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Contabo GmbH

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	2019-07-16 06:29:00 -> 2019-07-18 08:42:26 : 918 login attempts (193.34.145.6)	2019-07-19 08:02:20
attackbots	2019-07-14 06:27:54 -> 2019-07-16 23:01:46 : 1171 login attempts (193.34.145.6)	2019-07-17 07:53:37
attackbotsspam	2019-07-12 08:51:05 -> 2019-07-14 23:01:52 : 1140 login attempts (193.34.145.6)	2019-07-15 13:41:20

Type

Details

Datetime

attackbots

2019-07-16 06:29:00 -> 2019-07-18 08:42:26 : 918 login attempts (193.34.145.6)

2019-07-19 08:02:20

attackbots

2019-07-14 06:27:54 -> 2019-07-16 23:01:46 : 1171 login attempts (193.34.145.6)

2019-07-17 07:53:37

attackbotsspam

2019-07-12 08:51:05 -> 2019-07-14 23:01:52 : 1140 login attempts (193.34.145.6)

2019-07-15 13:41:20

Comments on same subnet:

IP	Type	Details	Datetime
193.34.145.204	attack	193.34.145.204 - - [29/Aug/2020:20:31:41 +0200] "GET /wp-login.php HTTP/1.1" 200 9163 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 193.34.145.204 - - [29/Aug/2020:20:31:43 +0200] "POST /wp-login.php HTTP/1.1" 200 9414 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 193.34.145.204 - - [29/Aug/2020:20:31:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-30 02:34:22
193.34.145.204	attack	Automatic report - XMLRPC Attack	2020-08-08 07:20:42
193.34.145.205	attackbots	193.34.145.205 - - [04/Jun/2020:04:55:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 193.34.145.205 - - [04/Jun/2020:04:55:22 +0100] "POST /wp-login.php HTTP/1.1" 200 1880 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 193.34.145.205 - - [04/Jun/2020:04:55:22 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-04 14:38:41
193.34.145.205	attackbots	WordPress login Brute force / Web App Attack on client site.	2020-05-29 12:08:04
193.34.145.205	attack	xmlrpc attack	2020-05-25 19:08:54
193.34.145.205	attackbotsspam	193.34.145.205 - - \[24/May/2020:23:34:02 +0200\] "POST /wp-login.php HTTP/1.0" 200 2797 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 193.34.145.205 - - \[24/May/2020:23:34:03 +0200\] "POST /wp-login.php HTTP/1.0" 200 2727 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 193.34.145.205 - - \[24/May/2020:23:34:04 +0200\] "POST /wp-login.php HTTP/1.0" 200 2764 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-05-25 08:04:53
193.34.145.205	attackbotsspam	xmlrpc attack	2020-05-16 04:12:40
193.34.145.203	attackspambots	Brute force VPN server	2019-12-21 07:03:33
193.34.145.18	attackbotsspam	fail2ban honeypot	2019-09-20 17:53:55
193.34.145.252	attack	port scan and connect, tcp 8080 (http-proxy)	2019-08-27 12:49:04
193.34.145.56	attack	Brute forcing Wordpress login	2019-08-13 14:08:40
193.34.145.202	attackspambots	xmlrpc attack	2019-08-12 16:15:05
193.34.145.18	attack	193.34.145.18 - - [01/Aug/2019:05:18:13 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 193.34.145.18 - - [01/Aug/2019:05:18:13 +0200] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 193.34.145.18 - - [01/Aug/2019:05:18:13 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 193.34.145.18 - - [01/Aug/2019:05:18:13 +0200] "POST /wp-login.php HTTP/1.1" 200 1684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 193.34.145.18 - - [01/Aug/2019:05:18:14 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 193.34.145.18 - - [01/Aug/2019:05:18:14 +0200] "POST /wp-login.php HTTP/1.1" 200 1688 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-08-01 21:28:10
193.34.145.18	attackspambots	Wordpress Admin Login attack	2019-07-20 03:14:27
193.34.145.56	attack	Wordpress Admin Login attack	2019-07-16 19:17:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 193.34.145.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25871
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;193.34.145.6.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071500 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 15 13:41:12 CST 2019
;; MSG SIZE  rcvd: 116

Host info

6.145.34.193.in-addr.arpa domain name pointer vmi30996.contabo.host.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
6.145.34.193.in-addr.arpa	name = vmi30996.contabo.host.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
122.51.150.134	attackbots	Brute-force attempt banned	2020-06-27 01:05:40
129.211.52.192	attack	Invalid user flink from 129.211.52.192 port 38130	2020-06-27 00:39:43
172.245.23.172	attackbotsspam	6,43-01/31 [bc01/m51] PostRequest-Spammer scoring: berlin	2020-06-27 01:07:01
218.62.110.213	attackspam	Scanned 281 unique addresses for 2 unique TCP ports in 24 hours (ports 5915,27966)	2020-06-27 01:18:20
51.178.138.1	attackbots	Invalid user zc from 51.178.138.1 port 55006	2020-06-27 00:47:50
200.105.163.116	attackbots	Failed password for invalid user sp from 200.105.163.116 port 44537 ssh2	2020-06-27 00:45:18
136.49.109.217	attackbots	Port Scan detected from 136.49.109.217 (US/United States/Texas/Austin/-). 4 hits in the last 206 seconds	2020-06-27 01:19:49
137.117.67.63	attackspam	Jun 26 14:34:29 mellenthin sshd[29810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.117.67.63 user=root Jun 26 14:34:31 mellenthin sshd[29810]: Failed password for invalid user root from 137.117.67.63 port 53486 ssh2	2020-06-27 00:54:40
51.210.111.223	attack	Jun 26 16:39:17 fhem-rasp sshd[3816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.210.111.223 user=root Jun 26 16:39:18 fhem-rasp sshd[3816]: Failed password for root from 51.210.111.223 port 57056 ssh2 ...	2020-06-27 01:08:04
178.205.174.172	attackspambots	1593170745 - 06/26/2020 13:25:45 Host: 178.205.174.172/178.205.174.172 Port: 445 TCP Blocked	2020-06-27 00:37:09
51.255.35.58	attackspam	Jun 26 16:17:50 jumpserver sshd[227607]: Invalid user tiger from 51.255.35.58 port 59556 Jun 26 16:17:52 jumpserver sshd[227607]: Failed password for invalid user tiger from 51.255.35.58 port 59556 ssh2 Jun 26 16:21:12 jumpserver sshd[227641]: Invalid user jack from 51.255.35.58 port 58944 ...	2020-06-27 01:13:41
101.69.200.162	attack	Invalid user nemo from 101.69.200.162 port 30914	2020-06-27 00:57:27
87.0.233.129	attackspam	Automatic report - Port Scan Attack	2020-06-27 00:49:56
184.105.247.236	attackspambots	" "	2020-06-27 00:36:43
125.16.195.253	attackspam	Unauthorised access (Jun 26) SRC=125.16.195.253 LEN=52 TTL=111 ID=27321 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Jun 25) SRC=125.16.195.253 LEN=52 TTL=111 ID=2069 DF TCP DPT=445 WINDOW=8192 SYN	2020-06-27 00:49:26

Recently Reported IPs

108.247.64.158	141.165.253.201	177.67.165.47	100.164.172.189
181.192.75.235	198.238.56.153	177.57.66.134	84.201.134.30
77.248.76.32	213.149.191.65	223.244.97.211	213.182.93.172
133.41.92.217	94.255.24.74	194.28.221.28	105.64.232.89
10.114.88.132	167.240.149.242	27.81.204.37	114.233.226.93