119.45.137.52 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	frenzy	2020-09-29 23:46:09
attackspambots	Sep 12 09:55:43 root sshd[16290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52 ...	2020-09-13 03:06:06
attackspambots	Sep 12 09:55:43 root sshd[16290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52 ...	2020-09-12 19:11:15
attackbots	Sep 9 18:41:05 rush sshd[12597]: Failed password for root from 119.45.137.52 port 38614 ssh2 Sep 9 18:46:02 rush sshd[12675]: Failed password for root from 119.45.137.52 port 32806 ssh2 ...	2020-09-10 12:02:51
attackspam	Sep 9 18:21:21 rush sshd[12222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52 Sep 9 18:21:23 rush sshd[12222]: Failed password for invalid user ubuntu from 119.45.137.52 port 33580 ssh2 Sep 9 18:26:23 rush sshd[12337]: Failed password for root from 119.45.137.52 port 56014 ssh2 ...	2020-09-10 02:48:07
attackspam	2020-08-19T06:24:53.787939shield sshd\[3830\]: Invalid user julia from 119.45.137.52 port 57542 2020-08-19T06:24:53.796915shield sshd\[3830\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52 2020-08-19T06:24:56.417497shield sshd\[3830\]: Failed password for invalid user julia from 119.45.137.52 port 57542 ssh2 2020-08-19T06:28:19.423492shield sshd\[4098\]: Invalid user popeye from 119.45.137.52 port 48172 2020-08-19T06:28:19.433476shield sshd\[4098\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52	2020-08-19 15:56:58
attackspambots	(sshd) Failed SSH login from 119.45.137.52 (CN/China/-): 5 in the last 3600 secs	2020-08-17 00:28:53
attackbots	Aug 7 06:04:42 eventyay sshd[1608]: Failed password for root from 119.45.137.52 port 41686 ssh2 Aug 7 06:08:22 eventyay sshd[1742]: Failed password for root from 119.45.137.52 port 36124 ssh2 ...	2020-08-07 15:54:12
attackspam	2020-07-19T19:53:58.924684hostname sshd[36719]: Invalid user info from 119.45.137.52 port 44918 ...	2020-07-19 23:16:21
attack	2020-07-16T03:52:37.771536shield sshd\[23223\]: Invalid user lfy from 119.45.137.52 port 52092 2020-07-16T03:52:37.780013shield sshd\[23223\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52 2020-07-16T03:52:39.545775shield sshd\[23223\]: Failed password for invalid user lfy from 119.45.137.52 port 52092 ssh2 2020-07-16T03:55:51.911234shield sshd\[23962\]: Invalid user zabbix from 119.45.137.52 port 35200 2020-07-16T03:55:51.925270shield sshd\[23962\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52	2020-07-16 12:07:24
attack	Jul 11 19:45:55 web1 sshd\[25208\]: Invalid user marvela from 119.45.137.52 Jul 11 19:45:55 web1 sshd\[25208\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52 Jul 11 19:45:57 web1 sshd\[25208\]: Failed password for invalid user marvela from 119.45.137.52 port 34294 ssh2 Jul 11 19:49:06 web1 sshd\[25608\]: Invalid user ssingh from 119.45.137.52 Jul 11 19:49:06 web1 sshd\[25608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.52	2020-07-12 13:52:01

Comments on same subnet:

IP	Type	Details	Datetime
119.45.137.244	attackspambots	Aug 25 15:27:33 root sshd[22887]: Invalid user zsy from 119.45.137.244 ...	2020-08-26 01:42:20
119.45.137.244	attackbots	Aug 20 22:29:11 h2829583 sshd[25889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244	2020-08-21 04:53:27
119.45.137.210	attackspam	Bruteforce detected by fail2ban	2020-08-17 21:32:13
119.45.137.244	attackspam	Aug 16 16:12:58 abendstille sshd\[30760\]: Invalid user viki from 119.45.137.244 Aug 16 16:12:58 abendstille sshd\[30760\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 Aug 16 16:13:00 abendstille sshd\[30760\]: Failed password for invalid user viki from 119.45.137.244 port 40200 ssh2 Aug 16 16:16:32 abendstille sshd\[2931\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 user=root Aug 16 16:16:35 abendstille sshd\[2931\]: Failed password for root from 119.45.137.244 port 45574 ssh2 ...	2020-08-16 22:27:21
119.45.137.210	attackbots	Aug 13 13:15:08 rocket sshd[24806]: Failed password for root from 119.45.137.210 port 50932 ssh2 Aug 13 13:18:59 rocket sshd[25165]: Failed password for root from 119.45.137.210 port 33650 ssh2 ...	2020-08-13 22:21:32
119.45.137.210	attackbots	Aug 13 05:56:11 vps sshd[31472]: Failed password for root from 119.45.137.210 port 55068 ssh2 Aug 13 05:56:48 vps sshd[31497]: Failed password for root from 119.45.137.210 port 59638 ssh2 ...	2020-08-13 12:10:12
119.45.137.210	attackspam	Aug 12 08:58:30 pve1 sshd[26138]: Failed password for root from 119.45.137.210 port 44278 ssh2 ...	2020-08-12 15:53:07
119.45.137.244	attack	Aug 12 05:47:59 pornomens sshd\[6576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 user=root Aug 12 05:48:01 pornomens sshd\[6576\]: Failed password for root from 119.45.137.244 port 52048 ssh2 Aug 12 05:54:26 pornomens sshd\[6639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 user=root ...	2020-08-12 12:49:21
119.45.137.210	attackspambots	Aug 9 17:05:26 PorscheCustomer sshd[30264]: Failed password for root from 119.45.137.210 port 51558 ssh2 Aug 9 17:09:34 PorscheCustomer sshd[30367]: Failed password for root from 119.45.137.210 port 35318 ssh2 ...	2020-08-09 23:16:41
119.45.137.244	attackbotsspam	Aug 7 14:35:30 vps639187 sshd\[22107\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 user=root Aug 7 14:35:33 vps639187 sshd\[22107\]: Failed password for root from 119.45.137.244 port 38692 ssh2 Aug 7 14:39:30 vps639187 sshd\[22151\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 user=root ...	2020-08-08 01:16:28
119.45.137.210	attackspambots	Aug 4 17:01:01 sshd\[25046\]: User root from 119.45.137.210 not allowed because not listed in AllowUsersAug 4 17:01:04 sshd\[25046\]: Failed password for invalid user root from 119.45.137.210 port 49684 ssh2 ...	2020-08-04 23:25:23
119.45.137.210	attackspambots	Aug 3 09:14:46 sip sshd[1175268]: Failed password for root from 119.45.137.210 port 54216 ssh2 Aug 3 09:18:41 sip sshd[1175308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.210 user=root Aug 3 09:18:44 sip sshd[1175308]: Failed password for root from 119.45.137.210 port 39172 ssh2 ...	2020-08-03 15:41:45
119.45.137.244	attack	Jul 30 22:17:10 inter-technics sshd[31129]: Invalid user art from 119.45.137.244 port 43772 Jul 30 22:17:10 inter-technics sshd[31129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 Jul 30 22:17:10 inter-technics sshd[31129]: Invalid user art from 119.45.137.244 port 43772 Jul 30 22:17:12 inter-technics sshd[31129]: Failed password for invalid user art from 119.45.137.244 port 43772 ssh2 Jul 30 22:23:21 inter-technics sshd[31490]: Invalid user siding from 119.45.137.244 port 53000 ...	2020-07-31 04:45:56
119.45.137.210	attackbots	Jul 29 03:01:20 mx sshd[7821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.210 Jul 29 03:01:22 mx sshd[7821]: Failed password for invalid user ctt from 119.45.137.210 port 48668 ssh2	2020-07-29 15:32:42
119.45.137.244	attackbotsspam	Jul 27 22:07:32 ns382633 sshd\[7021\]: Invalid user shajiaojiao from 119.45.137.244 port 55042 Jul 27 22:07:32 ns382633 sshd\[7021\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244 Jul 27 22:07:34 ns382633 sshd\[7021\]: Failed password for invalid user shajiaojiao from 119.45.137.244 port 55042 ssh2 Jul 27 22:18:29 ns382633 sshd\[9010\]: Invalid user lichengzhang from 119.45.137.244 port 42974 Jul 27 22:18:30 ns382633 sshd\[9010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.137.244	2020-07-28 04:28:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.45.137.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45497
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.45.137.52.			IN	A

;; AUTHORITY SECTION:
.			554	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062400 1800 900 604800 86400

;; Query time: 125 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 24 18:02:16 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 52.137.45.119.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.137.45.119.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
188.243.165.222	attack	Port scan	2019-11-16 21:53:54
113.198.82.214	attackspam	Nov 16 09:57:46 lnxmail61 sshd[14547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.198.82.214	2019-11-16 21:59:54
81.29.215.84	attack	81.29.215.84 - - \[16/Nov/2019:06:18:11 +0000\] "POST /wp/wp-login.php HTTP/1.1" 200 4205 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 81.29.215.84 - - \[16/Nov/2019:06:18:12 +0000\] "POST /wp/xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-11-16 21:42:19
202.120.39.141	attackbotsspam	Nov 16 15:11:45 lukav-desktop sshd\[13172\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.120.39.141 user=root Nov 16 15:11:45 lukav-desktop sshd\[13108\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.120.39.141 user=root Nov 16 15:11:45 lukav-desktop sshd\[13233\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.120.39.141 user=root Nov 16 15:11:47 lukav-desktop sshd\[13172\]: Failed password for root from 202.120.39.141 port 60822 ssh2 Nov 16 15:11:47 lukav-desktop sshd\[13108\]: Failed password for root from 202.120.39.141 port 36030 ssh2	2019-11-16 21:49:46
134.249.166.39	attackspambots	Port scan	2019-11-16 21:42:42
128.199.100.225	attackspam	Nov 16 10:20:33 andromeda sshd\[40982\]: Invalid user loyola from 128.199.100.225 port 39606 Nov 16 10:20:33 andromeda sshd\[40982\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.100.225 Nov 16 10:20:34 andromeda sshd\[40982\]: Failed password for invalid user loyola from 128.199.100.225 port 39606 ssh2	2019-11-16 21:41:46
51.83.32.232	attackbots	Nov 16 09:58:58 sshgateway sshd\[30122\]: Invalid user rpm from 51.83.32.232 Nov 16 09:58:58 sshgateway sshd\[30122\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.32.232 Nov 16 09:58:59 sshgateway sshd\[30122\]: Failed password for invalid user rpm from 51.83.32.232 port 39628 ssh2	2019-11-16 21:37:06
94.191.79.156	attackspambots	Nov 16 13:11:09 itv-usvr-01 sshd[28349]: Invalid user lisa from 94.191.79.156 Nov 16 13:11:09 itv-usvr-01 sshd[28349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.79.156 Nov 16 13:11:09 itv-usvr-01 sshd[28349]: Invalid user lisa from 94.191.79.156 Nov 16 13:11:11 itv-usvr-01 sshd[28349]: Failed password for invalid user lisa from 94.191.79.156 port 47730 ssh2 Nov 16 13:17:28 itv-usvr-01 sshd[28553]: Invalid user home from 94.191.79.156	2019-11-16 21:59:11
69.85.70.37	attackbots	Nov 16 11:49:33 legacy sshd[4200]: Failed password for root from 69.85.70.37 port 56226 ssh2 Nov 16 11:53:42 legacy sshd[4289]: Failed password for root from 69.85.70.37 port 37312 ssh2 ...	2019-11-16 21:51:08
185.86.79.152	attack	Unauthorized connection attempt from IP address 185.86.79.152 on Port 445(SMB)	2019-11-16 22:09:01
185.176.27.178	attackbots	Nov 16 14:48:28 mc1 kernel: \[5198373.887397\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=54492 PROTO=TCP SPT=45871 DPT=30354 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 16 14:53:10 mc1 kernel: \[5198655.602329\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=61459 PROTO=TCP SPT=45871 DPT=15768 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 16 14:56:14 mc1 kernel: \[5198839.567730\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=31784 PROTO=TCP SPT=45871 DPT=26553 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-16 22:08:42
119.29.243.100	attackbotsspam	Nov 16 10:58:13 legacy sshd[2441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.243.100 Nov 16 10:58:16 legacy sshd[2441]: Failed password for invalid user 123456 from 119.29.243.100 port 43312 ssh2 Nov 16 11:02:49 legacy sshd[2664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.243.100 ...	2019-11-16 22:05:17
24.2.205.235	attackspam	2019-11-16T13:13:25.828493abusebot-5.cloudsearch.cf sshd\[28686\]: Invalid user ts3bot from 24.2.205.235 port 38298	2019-11-16 21:43:06
179.134.185.157	attack	SSH/22 MH Probe, BF, Hack -	2019-11-16 22:10:45
134.209.152.90	attackbots	134.209.152.90 - - \[16/Nov/2019:07:04:04 +0000\] "POST /wp/wp-login.php HTTP/1.1" 200 4205 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 134.209.152.90 - - \[16/Nov/2019:07:04:05 +0000\] "POST /wp/xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-11-16 21:59:41

Recently Reported IPs

173.232.33.11	173.232.33.21	89.81.155.254	173.232.33.29
60.167.180.160	88.235.197.246	175.24.49.95	252.147.64.237
148.70.152.56	190.242.104.218	94.189.247.173	178.94.161.132
171.4.235.9	119.82.135.53	173.232.33.173	50.126.85.119
166.185.200.237	143.96.190.47	174.138.55.243	44.52.220.40