119.45.137.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	frenzy	2020-09-29 23:46:09
attackspambots	Sep 12 09:55:43 root sshd[16290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52 ...	2020-09-13 03:06:06
attackspambots	Sep 12 09:55:43 root sshd[16290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52 ...	2020-09-12 19:11:15
attackbots	Sep 9 18:41:05 rush sshd[12597]: Failed password for root from 119.45.137.52 port 38614 ssh2 Sep 9 18:46:02 rush sshd[12675]: Failed password for root from 119.45.137.52 port 32806 ssh2 ...	2020-09-10 12:02:51
attackspam	Sep 9 18:21:21 rush sshd[12222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52 Sep 9 18:21:23 rush sshd[12222]: Failed password for invalid user ubuntu from 119.45.137.52 port 33580 ssh2 Sep 9 18:26:23 rush sshd[12337]: Failed password for root from 119.45.137.52 port 56014 ssh2 ...	2020-09-10 02:48:07
attackspam	2020-08-19T06:24:53.787939shield sshd\[3830\]: Invalid user julia from 119.45.137.52 port 57542 2020-08-19T06:24:53.796915shield sshd\[3830\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52 2020-08-19T06:24:56.417497shield sshd\[3830\]: Failed password for invalid user julia from 119.45.137.52 port 57542 ssh2 2020-08-19T06:28:19.423492shield sshd\[4098\]: Invalid user popeye from 119.45.137.52 port 48172 2020-08-19T06:28:19.433476shield sshd\[4098\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52	2020-08-19 15:56:58
attackspambots	(sshd) Failed SSH login from 119.45.137.52 (CN/China/-): 5 in the last 3600 secs	2020-08-17 00:28:53
attackbots	Aug 7 06:04:42 eventyay sshd[1608]: Failed password for root from 119.45.137.52 port 41686 ssh2 Aug 7 06:08:22 eventyay sshd[1742]: Failed password for root from 119.45.137.52 port 36124 ssh2 ...	2020-08-07 15:54:12
attackspam	2020-07-19T19:53:58.924684hostname sshd[36719]: Invalid user info from 119.45.137.52 port 44918 ...	2020-07-19 23:16:21
attack	2020-07-16T03:52:37.771536shield sshd\[23223\]: Invalid user lfy from 119.45.137.52 port 52092 2020-07-16T03:52:37.780013shield sshd\[23223\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52 2020-07-16T03:52:39.545775shield sshd\[23223\]: Failed password for invalid user lfy from 119.45.137.52 port 52092 ssh2 2020-07-16T03:55:51.911234shield sshd\[23962\]: Invalid user zabbix from 119.45.137.52 port 35200 2020-07-16T03:55:51.925270shield sshd\[23962\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52	2020-07-16 12:07:24
attack	Jul 11 19:45:55 web1 sshd\[25208\]: Invalid user marvela from 119.45.137.52 Jul 11 19:45:55 web1 sshd\[25208\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52 Jul 11 19:45:57 web1 sshd\[25208\]: Failed password for invalid user marvela from 119.45.137.52 port 34294 ssh2 Jul 11 19:49:06 web1 sshd\[25608\]: Invalid user ssingh from 119.45.137.52 Jul 11 19:49:06 web1 sshd\[25608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52	2020-07-12 13:52:01

相同子网IP讨论:

IP	类型	评论内容	时间
119.45.137.244	attackspambots	Aug 25 15:27:33 root sshd[22887]: Invalid user zsy from 119.45.137.244 ...	2020-08-26 01:42:20
119.45.137.244	attackbots	Aug 20 22:29:11 h2829583 sshd[25889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244	2020-08-21 04:53:27
119.45.137.210	attackspam	Bruteforce detected by fail2ban	2020-08-17 21:32:13
119.45.137.244	attackspam	Aug 16 16:12:58 abendstille sshd\[30760\]: Invalid user viki from 119.45.137.244 Aug 16 16:12:58 abendstille sshd\[30760\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 Aug 16 16:13:00 abendstille sshd\[30760\]: Failed password for invalid user viki from 119.45.137.244 port 40200 ssh2 Aug 16 16:16:32 abendstille sshd\[2931\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 user=root Aug 16 16:16:35 abendstille sshd\[2931\]: Failed password for root from 119.45.137.244 port 45574 ssh2 ...	2020-08-16 22:27:21
119.45.137.210	attackbots	Aug 13 13:15:08 rocket sshd[24806]: Failed password for root from 119.45.137.210 port 50932 ssh2 Aug 13 13:18:59 rocket sshd[25165]: Failed password for root from 119.45.137.210 port 33650 ssh2 ...	2020-08-13 22:21:32
119.45.137.210	attackbots	Aug 13 05:56:11 vps sshd[31472]: Failed password for root from 119.45.137.210 port 55068 ssh2 Aug 13 05:56:48 vps sshd[31497]: Failed password for root from 119.45.137.210 port 59638 ssh2 ...	2020-08-13 12:10:12
119.45.137.210	attackspam	Aug 12 08:58:30 pve1 sshd[26138]: Failed password for root from 119.45.137.210 port 44278 ssh2 ...	2020-08-12 15:53:07
119.45.137.244	attack	Aug 12 05:47:59 pornomens sshd\[6576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 user=root Aug 12 05:48:01 pornomens sshd\[6576\]: Failed password for root from 119.45.137.244 port 52048 ssh2 Aug 12 05:54:26 pornomens sshd\[6639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 user=root ...	2020-08-12 12:49:21
119.45.137.210	attackspambots	Aug 9 17:05:26 PorscheCustomer sshd[30264]: Failed password for root from 119.45.137.210 port 51558 ssh2 Aug 9 17:09:34 PorscheCustomer sshd[30367]: Failed password for root from 119.45.137.210 port 35318 ssh2 ...	2020-08-09 23:16:41
119.45.137.244	attackbotsspam	Aug 7 14:35:30 vps639187 sshd\[22107\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 user=root Aug 7 14:35:33 vps639187 sshd\[22107\]: Failed password for root from 119.45.137.244 port 38692 ssh2 Aug 7 14:39:30 vps639187 sshd\[22151\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 user=root ...	2020-08-08 01:16:28
119.45.137.210	attackspambots	Aug 4 17:01:01 sshd\[25046\]: User root from 119.45.137.210 not allowed because not listed in AllowUsersAug 4 17:01:04 sshd\[25046\]: Failed password for invalid user root from 119.45.137.210 port 49684 ssh2 ...	2020-08-04 23:25:23
119.45.137.210	attackspambots	Aug 3 09:14:46 sip sshd[1175268]: Failed password for root from 119.45.137.210 port 54216 ssh2 Aug 3 09:18:41 sip sshd[1175308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.210 user=root Aug 3 09:18:44 sip sshd[1175308]: Failed password for root from 119.45.137.210 port 39172 ssh2 ...	2020-08-03 15:41:45
119.45.137.244	attack	Jul 30 22:17:10 inter-technics sshd[31129]: Invalid user art from 119.45.137.244 port 43772 Jul 30 22:17:10 inter-technics sshd[31129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 Jul 30 22:17:10 inter-technics sshd[31129]: Invalid user art from 119.45.137.244 port 43772 Jul 30 22:17:12 inter-technics sshd[31129]: Failed password for invalid user art from 119.45.137.244 port 43772 ssh2 Jul 30 22:23:21 inter-technics sshd[31490]: Invalid user siding from 119.45.137.244 port 53000 ...	2020-07-31 04:45:56
119.45.137.210	attackbots	Jul 29 03:01:20 mx sshd[7821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.210 Jul 29 03:01:22 mx sshd[7821]: Failed password for invalid user ctt from 119.45.137.210 port 48668 ssh2	2020-07-29 15:32:42
119.45.137.244	attackbotsspam	Jul 27 22:07:32 ns382633 sshd\[7021\]: Invalid user shajiaojiao from 119.45.137.244 port 55042 Jul 27 22:07:32 ns382633 sshd\[7021\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 Jul 27 22:07:34 ns382633 sshd\[7021\]: Failed password for invalid user shajiaojiao from 119.45.137.244 port 55042 ssh2 Jul 27 22:18:29 ns382633 sshd\[9010\]: Invalid user lichengzhang from 119.45.137.244 port 42974 Jul 27 22:18:30 ns382633 sshd\[9010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244	2020-07-28 04:28:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.45.137.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45497
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.45.137.52.			IN	A

;; AUTHORITY SECTION:
.			554	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062400 1800 900 604800 86400

;; Query time: 125 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 24 18:02:16 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 52.137.45.119.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.137.45.119.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
182.156.196.67	attackspam	Jul 30 07:35:42 MK-Soft-Root1 sshd\[15136\]: Invalid user starbound from 182.156.196.67 port 48834 Jul 30 07:35:42 MK-Soft-Root1 sshd\[15136\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.156.196.67 Jul 30 07:35:44 MK-Soft-Root1 sshd\[15136\]: Failed password for invalid user starbound from 182.156.196.67 port 48834 ssh2 ...	2019-07-30 13:56:54
117.60.141.137	attackspambots	[Tue Jul 30 04:11:43 2019] Failed password for invalid user ubnt from 117.60.141.137 port 54971 ssh2 [Tue Jul 30 04:11:50 2019] Failed password for invalid user osboxes from 117.60.141.137 port 56387 ssh2 [Tue Jul 30 04:11:56 2019] Failed password for invalid user support from 117.60.141.137 port 58096 ssh2 [Tue Jul 30 04:12:03 2019] Failed password for invalid user NetLinx from 117.60.141.137 port 59281 ssh2 [Tue Jul 30 04:12:10 2019] Failed password for invalid user netscreen from 117.60.141.137 port 33379 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=117.60.141.137	2019-07-30 13:45:41
103.28.39.4	attackbots	Automatic report - Banned IP Access	2019-07-30 14:39:27
185.234.219.111	attack	Jul 30 05:28:06 postfix/smtpd: warning: unknown[185.234.219.111]: SASL LOGIN authentication failed	2019-07-30 13:56:09
219.135.99.20	attack	445/tcp 445/tcp 445/tcp... [2019-06-14/07-29]20pkt,1pt.(tcp)	2019-07-30 13:48:48
185.15.175.110	attackspam	445/tcp 445/tcp 445/tcp... [2019-05-29/07-29]8pkt,1pt.(tcp)	2019-07-30 14:37:28
111.12.148.103	attackbotsspam	2323/tcp 23/tcp... [2019-06-07/07-29]10pkt,2pt.(tcp)	2019-07-30 14:13:28
201.230.55.55	attackspam	Triggered by Fail2Ban at Vostok web server	2019-07-30 13:49:09
169.45.136.244	attackspambots	Jul 30 07:21:12 tuxlinux sshd[47619]: Invalid user mythic from 169.45.136.244 port 45448 Jul 30 07:21:12 tuxlinux sshd[47619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.45.136.244 Jul 30 07:21:12 tuxlinux sshd[47619]: Invalid user mythic from 169.45.136.244 port 45448 Jul 30 07:21:12 tuxlinux sshd[47619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.45.136.244 Jul 30 07:21:12 tuxlinux sshd[47619]: Invalid user mythic from 169.45.136.244 port 45448 Jul 30 07:21:12 tuxlinux sshd[47619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.45.136.244 Jul 30 07:21:13 tuxlinux sshd[47619]: Failed password for invalid user mythic from 169.45.136.244 port 45448 ssh2 ...	2019-07-30 13:45:21
61.94.244.234	attack	Jul 30 04:11:57 garuda postfix/smtpd[21139]: connect from unknown[61.94.244.234] Jul 30 04:11:57 garuda postfix/smtpd[21140]: connect from unknown[61.94.244.234] Jul 30 04:11:57 garuda postfix/smtpd[21139]: SSL_accept error from unknown[61.94.244.234]: lost connection Jul 30 04:11:57 garuda postfix/smtpd[21140]: lost connection after CONNECT from unknown[61.94.244.234] Jul 30 04:11:57 garuda postfix/smtpd[21140]: disconnect from unknown[61.94.244.234] commands=0/0 Jul 30 04:11:57 garuda postfix/smtpd[21139]: lost connection after CONNECT from unknown[61.94.244.234] Jul 30 04:11:57 garuda postfix/smtpd[21139]: disconnect from unknown[61.94.244.234] commands=0/0 Jul 30 04:12:13 garuda postfix/smtpd[21139]: connect from unknown[61.94.244.234] Jul 30 04:12:14 garuda postfix/smtpd[21139]: warning: unknown[61.94.244.234]: SASL CRAM-MD5 authentication failed: authentication failure Jul 30 04:12:14 garuda postfix/smtpd[21139]: warning: unknown[61.94.244.234]: SASL PLAIN authent........ -------------------------------	2019-07-30 14:07:31
59.36.173.179	attackspambots	Jul 29 23:13:11 TORMINT sshd\[5428\]: Invalid user ramses from 59.36.173.179 Jul 29 23:13:11 TORMINT sshd\[5428\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.36.173.179 Jul 29 23:13:13 TORMINT sshd\[5428\]: Failed password for invalid user ramses from 59.36.173.179 port 57759 ssh2 ...	2019-07-30 14:09:37
84.93.153.9	attackbotsspam	Jul 30 03:23:51 mail sshd\[17888\]: Invalid user howard from 84.93.153.9 port 60185 Jul 30 03:23:51 mail sshd\[17888\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.93.153.9 ...	2019-07-30 14:27:14
66.96.238.121	attack	Jul 30 04:23:26 s1 postfix/smtps/smtpd\[20308\]: warning: unknown\[66.96.238.121\]: SASL PLAIN authentication failed: Jul 30 04:23:32 s1 postfix/smtps/smtpd\[20308\]: warning: unknown\[66.96.238.121\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 30 04:23:46 s1 postfix/smtps/smtpd\[20308\]: warning: unknown\[66.96.238.121\]: SASL PLAIN authentication failed: Jul 30 04:23:48 s1 postfix/smtps/smtpd\[20308\]: warning: unknown\[66.96.238.121\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 30 04:23:57 s1 postfix/smtps/smtpd\[20326\]: warning: unknown\[66.96.238.121\]: SASL PLAIN authentication failed: Jul 30 04:24:03 s1 postfix/smtps/smtpd\[20326\]: warning: unknown\[66.96.238.121\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 30 04:24:12 s1 postfix/smtps/smtpd\[20308\]: warning: unknown\[66.96.238.121\]: SASL PLAIN authentication failed: Jul 30 04:24:15 s1 postfix/smtps/smtpd\[20308\]: warning: unknown\[66.96.238.121\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 30 04:24:24 s1 postfix/s	2019-07-30 13:58:21
91.218.92.15	attackbotsspam	445/tcp 445/tcp [2019-07-03/29]2pkt	2019-07-30 14:45:19
41.42.66.28	attack	Lines containing failures of 41.42.66.28 Jul 30 04:12:11 MAKserver05 sshd[27580]: Invalid user admin from 41.42.66.28 port 42940 Jul 30 04:12:11 MAKserver05 sshd[27580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.42.66.28 Jul 30 04:12:13 MAKserver05 sshd[27580]: Failed password for invalid user admin from 41.42.66.28 port 42940 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=41.42.66.28	2019-07-30 14:04:31

最近上报的IP列表

173.232.33.11	173.232.33.21	89.81.155.254	173.232.33.29
60.167.180.160	88.235.197.246	175.24.49.95	252.147.64.237
148.70.152.56	190.242.104.218	94.189.247.173	178.94.161.132
171.4.235.9	119.82.135.53	173.232.33.173	50.126.85.119
166.185.200.237	143.96.190.47	174.138.55.243	44.52.220.40