128.199.52.45 - IPInfo

基本信息:

城市(city): Amsterdam

省份(region): North Holland

国家(country): Netherlands

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Automatic report - Banned IP Access	2020-10-08 06:45:12
attackbotsspam	Oct 7 15:23:25 serwer sshd\[3709\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 user=root Oct 7 15:23:27 serwer sshd\[3709\]: Failed password for root from 128.199.52.45 port 45242 ssh2 Oct 7 15:30:17 serwer sshd\[4566\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 user=root ...	2020-10-07 23:06:46
attackbotsspam	(sshd) Failed SSH login from 128.199.52.45 (NL/Netherlands/-): 5 in the last 3600 secs	2020-10-07 15:12:45
attackbotsspam	Oct 1 22:27:29 sip sshd[24873]: Failed password for root from 128.199.52.45 port 43966 ssh2 Oct 1 22:30:19 sip sshd[25590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 Oct 1 22:30:20 sip sshd[25590]: Failed password for invalid user ubuntu from 128.199.52.45 port 47712 ssh2	2020-10-02 04:34:11
attackbotsspam	SSH login attempts.	2020-10-01 20:50:49
attack	Oct 1 05:15:33 gospond sshd[21609]: Invalid user zimbra from 128.199.52.45 port 49304 Oct 1 05:15:36 gospond sshd[21609]: Failed password for invalid user zimbra from 128.199.52.45 port 49304 ssh2 Oct 1 05:24:54 gospond sshd[21709]: Invalid user oracle from 128.199.52.45 port 33616 ...	2020-10-01 13:03:10
attackspambots	2020-09-18T14:13:33.802212ionos.janbro.de sshd[118820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 user=root 2020-09-18T14:13:35.599524ionos.janbro.de sshd[118820]: Failed password for root from 128.199.52.45 port 58978 ssh2 2020-09-18T14:20:15.577305ionos.janbro.de sshd[118854]: Invalid user user from 128.199.52.45 port 41562 2020-09-18T14:20:15.876488ionos.janbro.de sshd[118854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 2020-09-18T14:20:15.577305ionos.janbro.de sshd[118854]: Invalid user user from 128.199.52.45 port 41562 2020-09-18T14:20:18.547088ionos.janbro.de sshd[118854]: Failed password for invalid user user from 128.199.52.45 port 41562 ssh2 2020-09-18T14:26:56.096186ionos.janbro.de sshd[118919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 user=root 2020-09-18T14:26:57.798170ionos.janbro.de sshd[1189 ...	2020-09-19 02:46:12
attackbots	20 attempts against mh-ssh on echoip	2020-09-18 18:46:57
attack	Aug 30 12:12:45 ws19vmsma01 sshd[234482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 Aug 30 12:12:47 ws19vmsma01 sshd[234482]: Failed password for invalid user edp from 128.199.52.45 port 55482 ssh2 ...	2020-08-30 23:56:33
attack	Aug 30 10:26:55 vps768472 sshd\[2708\]: Invalid user colin from 128.199.52.45 port 48914 Aug 30 10:26:55 vps768472 sshd\[2708\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 Aug 30 10:26:57 vps768472 sshd\[2708\]: Failed password for invalid user colin from 128.199.52.45 port 48914 ssh2 ...	2020-08-30 15:38:06
attackspambots	Time: Thu Aug 27 21:07:02 2020 +0000 IP: 128.199.52.45 (-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 27 20:49:57 ca-18-ede1 sshd[27977]: Invalid user mts from 128.199.52.45 port 53620 Aug 27 20:49:59 ca-18-ede1 sshd[27977]: Failed password for invalid user mts from 128.199.52.45 port 53620 ssh2 Aug 27 21:00:12 ca-18-ede1 sshd[29063]: Invalid user move from 128.199.52.45 port 54738 Aug 27 21:00:14 ca-18-ede1 sshd[29063]: Failed password for invalid user move from 128.199.52.45 port 54738 ssh2 Aug 27 21:06:58 ca-18-ede1 sshd[29838]: Invalid user user1 from 128.199.52.45 port 33314	2020-08-28 05:23:19
attackbotsspam	2020-08-20T07:54:00.754017+02:00 sshd[32674]: Failed password for root from 128.199.52.45 port 59830 ssh2	2020-08-20 14:38:58
attackbotsspam	2020-08-16T11:20:44.261757sorsha.thespaminator.com sshd[10377]: Invalid user kawa from 128.199.52.45 port 34464 2020-08-16T11:20:46.345393sorsha.thespaminator.com sshd[10377]: Failed password for invalid user kawa from 128.199.52.45 port 34464 ssh2 ...	2020-08-17 02:03:21
attackbots	Aug 7 05:49:30 web-main sshd[795412]: Failed password for root from 128.199.52.45 port 50434 ssh2 Aug 7 05:56:32 web-main sshd[795441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 user=root Aug 7 05:56:34 web-main sshd[795441]: Failed password for root from 128.199.52.45 port 33618 ssh2	2020-08-07 13:59:23
attack	Aug 4 20:06:44 hidden sshd[16094]: Failed password for hidden from 128.199.52.45 port 48612 ssh2 Aug 4 20:13:53 hidden sshd[33075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 user=root Aug 4 20:13:55 hidden sshd[33075]: Failed password for hidden from 128.199.52.45 port 60772 ssh2 Aug 4 20:20:54 hidden sshd[50136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 user=root Aug 4 20:20:56 hidden sshd[50136]: Failed password for hidden from 128.199.52.45 port 44706 ssh2	2020-08-05 04:09:04
attackbotsspam	Invalid user hu from 128.199.52.45 port 44278	2020-07-25 08:13:59
attackspam	Invalid user zn from 128.199.52.45 port 47590	2020-07-21 13:14:30
attack	Jul 19 09:53:16 localhost sshd[66535]: Invalid user dingwei from 128.199.52.45 port 33806 Jul 19 09:53:16 localhost sshd[66535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 Jul 19 09:53:16 localhost sshd[66535]: Invalid user dingwei from 128.199.52.45 port 33806 Jul 19 09:53:18 localhost sshd[66535]: Failed password for invalid user dingwei from 128.199.52.45 port 33806 ssh2 Jul 19 10:00:30 localhost sshd[67323]: Invalid user reghan from 128.199.52.45 port 48614 ...	2020-07-19 19:01:01
attackbotsspam	Jul 6 00:11:39 srv-ubuntu-dev3 sshd[93653]: Invalid user elvis from 128.199.52.45 Jul 6 00:11:39 srv-ubuntu-dev3 sshd[93653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 Jul 6 00:11:39 srv-ubuntu-dev3 sshd[93653]: Invalid user elvis from 128.199.52.45 Jul 6 00:11:42 srv-ubuntu-dev3 sshd[93653]: Failed password for invalid user elvis from 128.199.52.45 port 43102 ssh2 Jul 6 00:16:29 srv-ubuntu-dev3 sshd[94523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 user=root Jul 6 00:16:31 srv-ubuntu-dev3 sshd[94523]: Failed password for root from 128.199.52.45 port 41314 ssh2 Jul 6 00:21:22 srv-ubuntu-dev3 sshd[95541]: Invalid user sekretariat from 128.199.52.45 Jul 6 00:21:22 srv-ubuntu-dev3 sshd[95541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 Jul 6 00:21:22 srv-ubuntu-dev3 sshd[95541]: Invalid user sekretariat ...	2020-07-06 06:23:51
attackspambots	Multiple SSH authentication failures from 128.199.52.45	2020-07-01 05:42:18
attack	Jun 9 07:38:33 ns381471 sshd[5830]: Failed password for root from 128.199.52.45 port 41744 ssh2	2020-06-09 14:10:32
attackspambots	2020-05-26T17:49:51.732114sd-86998 sshd[21874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 user=root 2020-05-26T17:49:53.998569sd-86998 sshd[21874]: Failed password for root from 128.199.52.45 port 60480 ssh2 2020-05-26T17:55:33.491682sd-86998 sshd[22809]: Invalid user tester from 128.199.52.45 port 35268 2020-05-26T17:55:33.493929sd-86998 sshd[22809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 2020-05-26T17:55:33.491682sd-86998 sshd[22809]: Invalid user tester from 128.199.52.45 port 35268 2020-05-26T17:55:35.043140sd-86998 sshd[22809]: Failed password for invalid user tester from 128.199.52.45 port 35268 ssh2 ...	2020-05-27 01:47:13
attackspam	May 8 08:00:43 ArkNodeAT sshd\[3626\]: Invalid user angie from 128.199.52.45 May 8 08:00:43 ArkNodeAT sshd\[3626\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 May 8 08:00:45 ArkNodeAT sshd\[3626\]: Failed password for invalid user angie from 128.199.52.45 port 36918 ssh2	2020-05-08 14:15:26
attackbotsspam	Invalid user ftpuser from 128.199.52.45 port 56658	2020-04-22 03:45:10
attackbots	Apr 20 16:21:18 [host] sshd[32408]: Invalid user p Apr 20 16:21:18 [host] sshd[32408]: pam_unix(sshd: Apr 20 16:21:20 [host] sshd[32408]: Failed passwor	2020-04-20 22:53:40
attackspam	Apr 16 01:37:56 lukav-desktop sshd\[26484\]: Invalid user tpuser from 128.199.52.45 Apr 16 01:37:56 lukav-desktop sshd\[26484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 Apr 16 01:37:58 lukav-desktop sshd\[26484\]: Failed password for invalid user tpuser from 128.199.52.45 port 54006 ssh2 Apr 16 01:44:01 lukav-desktop sshd\[26821\]: Invalid user oframe4 from 128.199.52.45 Apr 16 01:44:01 lukav-desktop sshd\[26821\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45	2020-04-16 07:12:16
attack	$f2bV_matches	2020-04-11 20:58:49
attackspam	Apr 7 07:16:15 XXX sshd[33535]: Invalid user csserver from 128.199.52.45 port 55750	2020-04-08 08:01:54
attackbots	Invalid user brs from 128.199.52.45 port 34558	2020-04-02 01:32:46
attackspam	Apr 1 01:50:15 mout sshd[13136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 user=root Apr 1 01:50:16 mout sshd[13136]: Failed password for root from 128.199.52.45 port 39180 ssh2	2020-04-01 08:42:38

相同子网IP讨论:

IP	类型	评论内容	时间
128.199.52.4	attack	Oct 9 23:58:19 melroy-server sshd[4868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.4 Oct 9 23:58:21 melroy-server sshd[4868]: Failed password for invalid user linux from 128.199.52.4 port 34806 ssh2 ...	2020-10-10 06:34:11
128.199.52.4	attackbots	2020-10-09T09:08:03+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-10-09 22:46:05
128.199.52.4	attackbotsspam	Oct 9 08:04:32 vpn01 sshd[29411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.4 Oct 9 08:04:34 vpn01 sshd[29411]: Failed password for invalid user nagios from 128.199.52.4 port 54062 ssh2 ...	2020-10-09 14:37:18
128.199.52.199	attack	Lines containing failures of 128.199.52.199 (max 1000) Jun 4 18:14:33 ks3373544 sshd[31395]: Invalid user fake from 128.199.52.199 port 34640 Jun 4 18:14:33 ks3373544 sshd[31395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.199 Jun 4 18:14:35 ks3373544 sshd[31395]: Failed password for invalid user fake from 128.199.52.199 port 34640 ssh2 Jun 4 18:14:35 ks3373544 sshd[31395]: Received disconnect from 128.199.52.199 port 34640:11: Bye Bye [preauth] Jun 4 18:14:35 ks3373544 sshd[31395]: Disconnected from 128.199.52.199 port 34640 [preauth] Jun 4 18:14:36 ks3373544 sshd[31410]: Invalid user admin from 128.199.52.199 port 38344 Jun 4 18:14:38 ks3373544 sshd[31410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.199 Jun 4 18:14:40 ks3373544 sshd[31410]: Failed password for invalid user admin from 128.199.52.199 port 38344 ssh2 Jun 4 18:14:40 ks3373544 sshd[31410]........ ------------------------------	2020-06-06 01:31:48
128.199.52.137	attackspambots	128.199.52.137 - - \[23/Jun/2019:16:17:46 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 128.199.52.137 - - \[23/Jun/2019:16:17:56 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 128.199.52.137 - - \[23/Jun/2019:16:18:28 +0200\] "POST /wp-login.php HTTP/1.1" 200 1396 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 128.199.52.137 - - \[23/Jun/2019:16:18:53 +0200\] "POST /wp-login.php HTTP/1.1" 200 1396 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 128.199.52.137 - - \[23/Jun/2019:16:18:57 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 128.199.52.137 - - \[23/Jun/2019:16:19:05 +0200\] "POST /wp-login.php HTTP/1.1" 200 1631 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:6	2019-06-24 00:55:22

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 128.199.52.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6159
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;128.199.52.45.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 16 16:26:08 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 45.52.199.128.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 45.52.199.128.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
54.201.195.166	attack	Suspicious WordPress-related activity, accessed by IP not domain: 54.201.195.166 - - [07/Sep/2020:14:03:54 +0100] "GET /wp-json/ HTTP/1.1" 403 244 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36"	2020-09-08 18:55:15
121.145.78.129	attack	Time: Tue Sep 8 11:47:09 2020 +0200 IP: 121.145.78.129 (KR/South Korea/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 8 11:39:24 mail-03 sshd[23288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root Sep 8 11:39:26 mail-03 sshd[23288]: Failed password for root from 121.145.78.129 port 38522 ssh2 Sep 8 11:43:37 mail-03 sshd[23348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root Sep 8 11:43:39 mail-03 sshd[23348]: Failed password for root from 121.145.78.129 port 50396 ssh2 Sep 8 11:47:07 mail-03 sshd[23449]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root	2020-09-08 18:47:03
77.0.218.36	attackspam	Scanning	2020-09-08 18:45:13
157.245.172.192	attack	[portscan] tcp/23 [TELNET] *(RWIN=65535)(09081006)	2020-09-08 18:56:37
101.39.231.98	attackbots	Sep 8 10:09:46 myvps sshd[21297]: Failed password for root from 101.39.231.98 port 41436 ssh2 Sep 8 10:29:00 myvps sshd[1041]: Failed password for root from 101.39.231.98 port 50430 ssh2 ...	2020-09-08 19:11:42
157.245.252.225	attack	TCP (SYN) 157.245.252.225:32767 -> port 8545, len 44	2020-09-08 19:03:29
114.84.151.23	attack	IP 114.84.151.23 attacked honeypot on port: 1433 at 9/7/2020 9:47:14 AM	2020-09-08 18:52:43
106.12.175.86	attackbotsspam	Sep 8 09:44:25 home sshd[1241152]: Failed password for root from 106.12.175.86 port 42978 ssh2 Sep 8 09:48:42 home sshd[1241604]: Invalid user smmsp from 106.12.175.86 port 38395 Sep 8 09:48:42 home sshd[1241604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.175.86 Sep 8 09:48:42 home sshd[1241604]: Invalid user smmsp from 106.12.175.86 port 38395 Sep 8 09:48:43 home sshd[1241604]: Failed password for invalid user smmsp from 106.12.175.86 port 38395 ssh2 ...	2020-09-08 19:23:35
139.59.29.252	attackbotsspam	srv.marc-hoffrichter.de:443 139.59.29.252 - - [07/Sep/2020:18:47:32 +0200] "GET / HTTP/1.1" 403 5565 "-" "Go-http-client/1.1"	2020-09-08 18:46:42
207.244.70.35	attackbots	Sep 8 06:34:54 NPSTNNYC01T sshd[5471]: Failed password for root from 207.244.70.35 port 42269 ssh2 Sep 8 06:34:56 NPSTNNYC01T sshd[5471]: Failed password for root from 207.244.70.35 port 42269 ssh2 Sep 8 06:34:59 NPSTNNYC01T sshd[5471]: Failed password for root from 207.244.70.35 port 42269 ssh2 Sep 8 06:35:01 NPSTNNYC01T sshd[5471]: Failed password for root from 207.244.70.35 port 42269 ssh2 ...	2020-09-08 19:10:02
201.11.159.50	attack	Portscan detected	2020-09-08 18:53:45
128.199.81.160	attackbotsspam	...	2020-09-08 19:08:48
45.142.120.147	attackspam	2020-09-08T04:56:42.722537linuxbox-skyline auth[151205]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=fortune rhost=45.142.120.147 ...	2020-09-08 18:57:02
52.231.54.27	attack	firewall-block, port(s): 10543/tcp	2020-09-08 18:50:14
210.22.78.74	attackbotsspam	2020-09-08T12:43:29.815015afi-git.jinr.ru sshd[15575]: Failed password for root from 210.22.78.74 port 29888 ssh2 2020-09-08T12:47:04.955367afi-git.jinr.ru sshd[16657]: Invalid user ms from 210.22.78.74 port 44736 2020-09-08T12:47:04.959147afi-git.jinr.ru sshd[16657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.22.78.74 2020-09-08T12:47:04.955367afi-git.jinr.ru sshd[16657]: Invalid user ms from 210.22.78.74 port 44736 2020-09-08T12:47:06.588944afi-git.jinr.ru sshd[16657]: Failed password for invalid user ms from 210.22.78.74 port 44736 ssh2 ...	2020-09-08 18:54:44

最近上报的IP列表

203.177.70.171	111.230.97.36	213.141.232.1	191.85.187.34
75.150.56.98	2400:6180:0:d0::e40:a001	207.180.238.165	54.196.167.12
113.110.228.244	103.192.159.94	193.176.86.170	194.88.106.79
42.114.196.184	103.17.51.114	128.199.155.212	109.201.152.231
185.49.241.230	75.75.225.7	41.60.238.48	213.182.115.124