119.45.137.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	frenzy	2020-09-29 23:46:09
attackspambots	Sep 12 09:55:43 root sshd[16290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52 ...	2020-09-13 03:06:06
attackspambots	Sep 12 09:55:43 root sshd[16290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52 ...	2020-09-12 19:11:15
attackbots	Sep 9 18:41:05 rush sshd[12597]: Failed password for root from 119.45.137.52 port 38614 ssh2 Sep 9 18:46:02 rush sshd[12675]: Failed password for root from 119.45.137.52 port 32806 ssh2 ...	2020-09-10 12:02:51
attackspam	Sep 9 18:21:21 rush sshd[12222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52 Sep 9 18:21:23 rush sshd[12222]: Failed password for invalid user ubuntu from 119.45.137.52 port 33580 ssh2 Sep 9 18:26:23 rush sshd[12337]: Failed password for root from 119.45.137.52 port 56014 ssh2 ...	2020-09-10 02:48:07
attackspam	2020-08-19T06:24:53.787939shield sshd\[3830\]: Invalid user julia from 119.45.137.52 port 57542 2020-08-19T06:24:53.796915shield sshd\[3830\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52 2020-08-19T06:24:56.417497shield sshd\[3830\]: Failed password for invalid user julia from 119.45.137.52 port 57542 ssh2 2020-08-19T06:28:19.423492shield sshd\[4098\]: Invalid user popeye from 119.45.137.52 port 48172 2020-08-19T06:28:19.433476shield sshd\[4098\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52	2020-08-19 15:56:58
attackspambots	(sshd) Failed SSH login from 119.45.137.52 (CN/China/-): 5 in the last 3600 secs	2020-08-17 00:28:53
attackbots	Aug 7 06:04:42 eventyay sshd[1608]: Failed password for root from 119.45.137.52 port 41686 ssh2 Aug 7 06:08:22 eventyay sshd[1742]: Failed password for root from 119.45.137.52 port 36124 ssh2 ...	2020-08-07 15:54:12
attackspam	2020-07-19T19:53:58.924684hostname sshd[36719]: Invalid user info from 119.45.137.52 port 44918 ...	2020-07-19 23:16:21
attack	2020-07-16T03:52:37.771536shield sshd\[23223\]: Invalid user lfy from 119.45.137.52 port 52092 2020-07-16T03:52:37.780013shield sshd\[23223\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52 2020-07-16T03:52:39.545775shield sshd\[23223\]: Failed password for invalid user lfy from 119.45.137.52 port 52092 ssh2 2020-07-16T03:55:51.911234shield sshd\[23962\]: Invalid user zabbix from 119.45.137.52 port 35200 2020-07-16T03:55:51.925270shield sshd\[23962\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52	2020-07-16 12:07:24
attack	Jul 11 19:45:55 web1 sshd\[25208\]: Invalid user marvela from 119.45.137.52 Jul 11 19:45:55 web1 sshd\[25208\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52 Jul 11 19:45:57 web1 sshd\[25208\]: Failed password for invalid user marvela from 119.45.137.52 port 34294 ssh2 Jul 11 19:49:06 web1 sshd\[25608\]: Invalid user ssingh from 119.45.137.52 Jul 11 19:49:06 web1 sshd\[25608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52	2020-07-12 13:52:01

相同子网IP讨论:

IP	类型	评论内容	时间
119.45.137.244	attackspambots	Aug 25 15:27:33 root sshd[22887]: Invalid user zsy from 119.45.137.244 ...	2020-08-26 01:42:20
119.45.137.244	attackbots	Aug 20 22:29:11 h2829583 sshd[25889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244	2020-08-21 04:53:27
119.45.137.210	attackspam	Bruteforce detected by fail2ban	2020-08-17 21:32:13
119.45.137.244	attackspam	Aug 16 16:12:58 abendstille sshd\[30760\]: Invalid user viki from 119.45.137.244 Aug 16 16:12:58 abendstille sshd\[30760\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 Aug 16 16:13:00 abendstille sshd\[30760\]: Failed password for invalid user viki from 119.45.137.244 port 40200 ssh2 Aug 16 16:16:32 abendstille sshd\[2931\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 user=root Aug 16 16:16:35 abendstille sshd\[2931\]: Failed password for root from 119.45.137.244 port 45574 ssh2 ...	2020-08-16 22:27:21
119.45.137.210	attackbots	Aug 13 13:15:08 rocket sshd[24806]: Failed password for root from 119.45.137.210 port 50932 ssh2 Aug 13 13:18:59 rocket sshd[25165]: Failed password for root from 119.45.137.210 port 33650 ssh2 ...	2020-08-13 22:21:32
119.45.137.210	attackbots	Aug 13 05:56:11 vps sshd[31472]: Failed password for root from 119.45.137.210 port 55068 ssh2 Aug 13 05:56:48 vps sshd[31497]: Failed password for root from 119.45.137.210 port 59638 ssh2 ...	2020-08-13 12:10:12
119.45.137.210	attackspam	Aug 12 08:58:30 pve1 sshd[26138]: Failed password for root from 119.45.137.210 port 44278 ssh2 ...	2020-08-12 15:53:07
119.45.137.244	attack	Aug 12 05:47:59 pornomens sshd\[6576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 user=root Aug 12 05:48:01 pornomens sshd\[6576\]: Failed password for root from 119.45.137.244 port 52048 ssh2 Aug 12 05:54:26 pornomens sshd\[6639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 user=root ...	2020-08-12 12:49:21
119.45.137.210	attackspambots	Aug 9 17:05:26 PorscheCustomer sshd[30264]: Failed password for root from 119.45.137.210 port 51558 ssh2 Aug 9 17:09:34 PorscheCustomer sshd[30367]: Failed password for root from 119.45.137.210 port 35318 ssh2 ...	2020-08-09 23:16:41
119.45.137.244	attackbotsspam	Aug 7 14:35:30 vps639187 sshd\[22107\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 user=root Aug 7 14:35:33 vps639187 sshd\[22107\]: Failed password for root from 119.45.137.244 port 38692 ssh2 Aug 7 14:39:30 vps639187 sshd\[22151\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 user=root ...	2020-08-08 01:16:28
119.45.137.210	attackspambots	Aug 4 17:01:01 sshd\[25046\]: User root from 119.45.137.210 not allowed because not listed in AllowUsersAug 4 17:01:04 sshd\[25046\]: Failed password for invalid user root from 119.45.137.210 port 49684 ssh2 ...	2020-08-04 23:25:23
119.45.137.210	attackspambots	Aug 3 09:14:46 sip sshd[1175268]: Failed password for root from 119.45.137.210 port 54216 ssh2 Aug 3 09:18:41 sip sshd[1175308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.210 user=root Aug 3 09:18:44 sip sshd[1175308]: Failed password for root from 119.45.137.210 port 39172 ssh2 ...	2020-08-03 15:41:45
119.45.137.244	attack	Jul 30 22:17:10 inter-technics sshd[31129]: Invalid user art from 119.45.137.244 port 43772 Jul 30 22:17:10 inter-technics sshd[31129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 Jul 30 22:17:10 inter-technics sshd[31129]: Invalid user art from 119.45.137.244 port 43772 Jul 30 22:17:12 inter-technics sshd[31129]: Failed password for invalid user art from 119.45.137.244 port 43772 ssh2 Jul 30 22:23:21 inter-technics sshd[31490]: Invalid user siding from 119.45.137.244 port 53000 ...	2020-07-31 04:45:56
119.45.137.210	attackbots	Jul 29 03:01:20 mx sshd[7821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.210 Jul 29 03:01:22 mx sshd[7821]: Failed password for invalid user ctt from 119.45.137.210 port 48668 ssh2	2020-07-29 15:32:42
119.45.137.244	attackbotsspam	Jul 27 22:07:32 ns382633 sshd\[7021\]: Invalid user shajiaojiao from 119.45.137.244 port 55042 Jul 27 22:07:32 ns382633 sshd\[7021\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 Jul 27 22:07:34 ns382633 sshd\[7021\]: Failed password for invalid user shajiaojiao from 119.45.137.244 port 55042 ssh2 Jul 27 22:18:29 ns382633 sshd\[9010\]: Invalid user lichengzhang from 119.45.137.244 port 42974 Jul 27 22:18:30 ns382633 sshd\[9010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244	2020-07-28 04:28:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.45.137.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45497
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.45.137.52.			IN	A

;; AUTHORITY SECTION:
.			554	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062400 1800 900 604800 86400

;; Query time: 125 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 24 18:02:16 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 52.137.45.119.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.137.45.119.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.175.167	attackspambots	Time: Sat Sep 26 15:58:51 2020 +0000 IP: 222.186.175.167 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 26 15:58:38 47-1 sshd[71055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.167 user=root Sep 26 15:58:40 47-1 sshd[71055]: Failed password for root from 222.186.175.167 port 1194 ssh2 Sep 26 15:58:43 47-1 sshd[71055]: Failed password for root from 222.186.175.167 port 1194 ssh2 Sep 26 15:58:47 47-1 sshd[71055]: Failed password for root from 222.186.175.167 port 1194 ssh2 Sep 26 15:58:50 47-1 sshd[71055]: Failed password for root from 222.186.175.167 port 1194 ssh2	2020-09-29 01:43:30
123.129.153.9	attack	23/tcp [2020-09-27]1pkt	2020-09-29 01:36:34
45.143.221.92	attackbotsspam	UDP 45.143.221.92:5100 -> port 5060, len 441	2020-09-29 01:31:26
124.238.24.216	attack	IP 124.238.24.216 attacked honeypot on port: 1433 at 9/27/2020 1:35:35 PM	2020-09-29 01:30:22
118.113.146.198	attackspambots	Sep 28 11:43:36 george sshd[30875]: Failed password for invalid user openkm from 118.113.146.198 port 61057 ssh2 Sep 28 11:46:24 george sshd[30923]: Invalid user zhanglei from 118.113.146.198 port 38786 Sep 28 11:46:24 george sshd[30923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.113.146.198 Sep 28 11:46:26 george sshd[30923]: Failed password for invalid user zhanglei from 118.113.146.198 port 38786 ssh2 Sep 28 11:47:26 george sshd[30933]: Invalid user git from 118.113.146.198 port 56577 ...	2020-09-29 02:02:24
141.98.80.191	attack	Sep 28 19:17:38 cho postfix/smtps/smtpd[3846797]: warning: unknown[141.98.80.191]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 28 19:17:54 cho postfix/smtps/smtpd[3846718]: warning: unknown[141.98.80.191]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 28 19:22:41 cho postfix/smtps/smtpd[3846938]: warning: unknown[141.98.80.191]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 28 19:22:58 cho postfix/smtps/smtpd[3847011]: warning: unknown[141.98.80.191]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 28 19:27:05 cho postfix/smtps/smtpd[3847103]: warning: unknown[141.98.80.191]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-29 01:30:03
153.126.187.46	attackspambots	Invalid user james from 153.126.187.46 port 58066	2020-09-29 02:02:41
153.127.67.228	attackbots	153.127.67.228 - - [28/Sep/2020:12:21:35 +0100] "POST /wp-login.php HTTP/1.1" 200 2861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 153.127.67.228 - - [28/Sep/2020:12:21:38 +0100] "POST /wp-login.php HTTP/1.1" 200 2857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 153.127.67.228 - - [28/Sep/2020:12:21:41 +0100] "POST /wp-login.php HTTP/1.1" 200 2857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-29 01:32:07
222.190.145.130	attackbots	Sep 28 19:36:40 srv-ubuntu-dev3 sshd[123737]: Invalid user deploy from 222.190.145.130 Sep 28 19:36:40 srv-ubuntu-dev3 sshd[123737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 Sep 28 19:36:40 srv-ubuntu-dev3 sshd[123737]: Invalid user deploy from 222.190.145.130 Sep 28 19:36:43 srv-ubuntu-dev3 sshd[123737]: Failed password for invalid user deploy from 222.190.145.130 port 34699 ssh2 Sep 28 19:39:14 srv-ubuntu-dev3 sshd[124042]: Invalid user gpadmin from 222.190.145.130 Sep 28 19:39:14 srv-ubuntu-dev3 sshd[124042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 Sep 28 19:39:14 srv-ubuntu-dev3 sshd[124042]: Invalid user gpadmin from 222.190.145.130 Sep 28 19:39:15 srv-ubuntu-dev3 sshd[124042]: Failed password for invalid user gpadmin from 222.190.145.130 port 52855 ssh2 Sep 28 19:41:44 srv-ubuntu-dev3 sshd[124276]: Invalid user dell from 222.190.145.130 ...	2020-09-29 01:52:31
92.9.156.63	attackbots	59354/udp [2020-09-27]1pkt	2020-09-29 01:42:02
36.74.64.36	attackspambots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-29 02:00:57
211.80.102.182	attackbots	211.80.102.182 (CN/China/-), 6 distributed sshd attacks on account [ftpuser] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Aug 25 19:45:52 server2 sshd[28698]: Invalid user ftpuser from 191.162.208.237 port 36589 Aug 25 19:45:54 server2 sshd[28698]: Failed password for invalid user ftpuser from 191.162.208.237 port 36589 ssh2 Sep 28 15:26:42 server2 sshd[29438]: Invalid user ftpuser from 211.80.102.182 port 11093 Aug 25 19:50:47 server2 sshd[29975]: Invalid user ftpuser from 106.12.144.219 port 57312 Aug 25 19:50:49 server2 sshd[29975]: Failed password for invalid user ftpuser from 106.12.144.219 port 57312 ssh2 Aug 25 19:50:58 server2 sshd[30029]: Invalid user ftpuser from 51.38.130.242 port 59822 IP Addresses Blocked: 191.162.208.237 (BR/Brazil/-)	2020-09-29 01:53:40
31.163.155.170	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-09-29 02:01:16
191.37.219.142	attack	445/tcp [2020-09-27]1pkt	2020-09-29 01:54:36
119.200.113.45	attackspambots	5060/udp [2020-09-27]1pkt	2020-09-29 01:48:44

最近上报的IP列表

173.232.33.11	173.232.33.21	89.81.155.254	173.232.33.29
60.167.180.160	88.235.197.246	175.24.49.95	252.147.64.237
148.70.152.56	190.242.104.218	94.189.247.173	178.94.161.132
171.4.235.9	119.82.135.53	173.232.33.173	50.126.85.119
166.185.200.237	143.96.190.47	174.138.55.243	44.52.220.40