106.45.1.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Ningxia Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Unauthorized connection attempt detected from IP address 106.45.1.20 to port 3979 [T]	2020-01-29 17:45:05

相同子网IP讨论:

IP	类型	评论内容	时间
106.45.172.230	attackbots	Invalid user server from 106.45.172.230 port 16352	2020-08-28 01:38:18
106.45.1.234	attackbotsspam	Web Server Scan. RayID: 594576a0de09d38e, UA: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729), Country: CN	2020-05-21 04:14:02
106.45.1.98	attackbotsspam	Scanning	2020-05-06 01:26:48
106.45.1.68	attackspambots	Unauthorized connection attempt detected from IP address 106.45.1.68 to port 8118 [J]	2020-03-02 18:44:45
106.45.1.241	attackspam	Unauthorized connection attempt detected from IP address 106.45.1.241 to port 80	2020-02-16 02:12:18
106.45.1.39	attack	The IP has triggered Cloudflare WAF. CF-Ray: 560547b4df36eae7 \| WAF_Rule_ID: a75424b44a1e4f27881d03344a122815 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2020-02-06 04:50:32
106.45.1.141	attackspam	Unauthorized connection attempt detected from IP address 106.45.1.141 to port 80 [J]	2020-02-05 09:41:40
106.45.1.5	attackspambots	Unauthorized connection attempt detected from IP address 106.45.1.5 to port 8080 [J]	2020-01-31 22:37:30
106.45.10.142	attack	Unauthorized connection attempt detected from IP address 106.45.10.142 to port 23 [T]	2020-01-30 08:46:48
106.45.1.241	attackbots	Unauthorized connection attempt detected from IP address 106.45.1.241 to port 808 [J]	2020-01-27 15:16:25
106.45.1.219	attackbotsspam	Unauthorized connection attempt detected from IP address 106.45.1.219 to port 8080 [T]	2020-01-27 14:48:32
106.45.1.102	attack	Unauthorized connection attempt detected from IP address 106.45.1.102 to port 8118 [J]	2020-01-22 08:36:39
106.45.1.37	attackbotsspam	Unauthorized connection attempt detected from IP address 106.45.1.37 to port 8123 [J]	2020-01-22 08:12:04
106.45.1.181	attackspambots	Unauthorized connection attempt detected from IP address 106.45.1.181 to port 80 [J]	2020-01-19 16:05:34
106.45.1.50	attackspambots	Unauthorized connection attempt detected from IP address 106.45.1.50 to port 8899 [T]	2020-01-14 20:40:05

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.45.1.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21838
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.45.1.20.			IN	A

;; AUTHORITY SECTION:
.			591	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012900 1800 900 604800 86400

;; Query time: 122 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 29 17:44:46 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 20.1.45.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.1.45.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
209.50.62.28	attackbots	This IP is associated with RDP abuse. It was found in a paste by https://twitter.com/RdpSnitch - https://pastebin.com/fZES2rHx For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-09-06 15:12:51
95.173.161.167	attack	95.173.161.167 - - [06/Sep/2020:08:04:35 +0100] "POST /wp-login.php HTTP/1.1" 200 1948 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 95.173.161.167 - - [06/Sep/2020:08:04:38 +0100] "POST /wp-login.php HTTP/1.1" 200 1890 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 95.173.161.167 - - [06/Sep/2020:08:04:40 +0100] "POST /wp-login.php HTTP/1.1" 200 1887 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-06 15:26:10
41.82.99.183	attackbots	Sep 5 23:22:31 mxgate1 postfix/postscreen[9512]: CONNECT from [41.82.99.183]:37756 to [176.31.12.44]:25 Sep 5 23:22:31 mxgate1 postfix/dnsblog[9554]: addr 41.82.99.183 listed by domain zen.spamhaus.org as 127.0.0.3 Sep 5 23:22:31 mxgate1 postfix/dnsblog[9554]: addr 41.82.99.183 listed by domain zen.spamhaus.org as 127.0.0.4 Sep 5 23:22:31 mxgate1 postfix/dnsblog[9554]: addr 41.82.99.183 listed by domain zen.spamhaus.org as 127.0.0.11 Sep 5 23:22:31 mxgate1 postfix/dnsblog[9555]: addr 41.82.99.183 listed by domain cbl.abuseat.org as 127.0.0.2 Sep 5 23:22:31 mxgate1 postfix/dnsblog[9553]: addr 41.82.99.183 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Sep 5 23:22:31 mxgate1 postfix/dnsblog[9552]: addr 41.82.99.183 listed by domain b.barracudacentral.org as 127.0.0.2 Sep 5 23:22:37 mxgate1 postfix/postscreen[9512]: DNSBL rank 5 for [41.82.99.183]:37756 Sep x@x Sep 5 23:22:39 mxgate1 postfix/postscreen[9512]: HANGUP after 1.6 from [41.82.99.183]:37756 in tests ........ -------------------------------	2020-09-06 15:35:24
112.85.42.89	attack	Sep 6 07:01:56 plex-server sshd[1996472]: Failed password for root from 112.85.42.89 port 48095 ssh2 Sep 6 07:02:00 plex-server sshd[1996472]: Failed password for root from 112.85.42.89 port 48095 ssh2 Sep 6 07:02:03 plex-server sshd[1996472]: Failed password for root from 112.85.42.89 port 48095 ssh2 Sep 6 07:02:42 plex-server sshd[1996866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.89 user=root Sep 6 07:02:44 plex-server sshd[1996866]: Failed password for root from 112.85.42.89 port 59433 ssh2 ...	2020-09-06 15:15:42
51.223.213.73	attackspam	Unauthorized connection attempt from IP address 51.223.213.73 on Port 445(SMB)	2020-09-06 15:33:13
191.6.135.86	attackspam	Dovecot Invalid User Login Attempt.	2020-09-06 15:20:28
51.83.131.234	attack	TOR exit node, malicious open proxy [06/Sep/2020]; Provider: OVH, FR (ovh.com), Hostname: n/a [51.83.131.234].	2020-09-06 15:16:44
124.158.12.202	attackspam	124.158.12.202 - - [06/Sep/2020:07:59:45 +0100] "POST /wp-login.php HTTP/1.1" 200 2208 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 124.158.12.202 - - [06/Sep/2020:07:59:48 +0100] "POST /wp-login.php HTTP/1.1" 200 2183 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 124.158.12.202 - - [06/Sep/2020:07:59:50 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-06 15:24:45
175.142.87.220	attack	xmlrpc attack	2020-09-06 14:59:37
171.103.190.158	attackspambots	failed attempts to access the website, searching for vulnerabilities, also using following IPs: 27.37.246.129 , 94.231.218.223 , 116.90.237.125 , 190.235.214.78 , 190.98.53.86 , 45.170.129.135 , 170.239.242.222 , 43.249.113.243 , 103.140.4.87 , 171.103.190.158 , 72.210.252.135	2020-09-06 15:33:29
68.228.215.87	attackbots	Aug 31 07:08:28 h1946882 sshd[20654]: pam_unix(sshd:auth): authenticati= on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3Dip68= -228-215-87.ph.ph.cox.net=20 Aug 31 07:08:30 h1946882 sshd[20654]: Failed password for invalid user = admin from 68.228.215.87 port 49694 ssh2 Aug 31 07:08:30 h1946882 sshd[20654]: Received disconnect from 68.228.2= 15.87: 11: Bye Bye [preauth] Aug 31 07:08:32 h1946882 sshd[20656]: pam_unix(sshd:auth): authenticati= on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3Dip68= -228-215-87.ph.ph.cox.net=20 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=68.228.215.87	2020-09-06 15:00:00
129.45.76.52	attack	2020-09-05 11:35:48.851568-0500 localhost smtpd[41784]: NOQUEUE: reject: RCPT from unknown[129.45.76.52]: 554 5.7.1 Service unavailable; Client host [129.45.76.52] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/129.45.76.52; from= to= proto=ESMTP helo=<[129.45.76.52]>	2020-09-06 15:39:38
145.239.80.14	attack	Sep 6 07:59:14 hidden sshd[50611]: Failed password for hidden from 145.239.80.14 port 42634 ssh2 Sep 6 08:03:07 hidden sshd[50753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.80.14 user=root Sep 6 08:03:09 hidden sshd[50753]: Failed password for hidden from 145.239.80.14 port 49416 ssh2	2020-09-06 15:09:40
49.88.112.72	attack	Sep 6 12:21:09 mx sshd[582441]: Failed password for root from 49.88.112.72 port 26984 ssh2 Sep 6 12:22:00 mx sshd[582446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.72 user=root Sep 6 12:22:02 mx sshd[582446]: Failed password for root from 49.88.112.72 port 60150 ssh2 Sep 6 12:22:56 mx sshd[582454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.72 user=root Sep 6 12:22:57 mx sshd[582454]: Failed password for root from 49.88.112.72 port 37065 ssh2 ...	2020-09-06 15:01:15
184.22.201.129	attackspambots	2020-09-05 11:39:40.808034-0500 localhost smtpd[42141]: NOQUEUE: reject: RCPT from unknown[184.22.201.129]: 554 5.7.1 Service unavailable; Client host [184.22.201.129] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/184.22.201.129 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<184-22-201-0.24.myaisfibre.com>	2020-09-06 15:35:52

最近上报的IP列表

222.90.40.107	219.155.179.235	183.166.135.218	183.166.118.116
183.165.41.207	183.161.228.122	182.38.14.192	182.34.20.210
180.118.76.227	175.154.202.36	125.109.194.110	123.190.191.53
123.179.129.180	123.179.129.153	123.179.129.120	123.168.92.216
123.156.187.72	122.7.208.140	119.185.237.250	119.185.237.55

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表