45.252.25.216 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
45.252.250.64	attackbots	firewall-block, port(s): 18148/tcp	2020-06-26 12:42:00
45.252.250.64	attackbots	Port scan denied	2020-06-24 13:51:20
45.252.250.64	attackbotsspam	(sshd) Failed SSH login from 45.252.250.64 (VN/Vietnam/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 14 00:08:30 ubnt-55d23 sshd[22726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.252.250.64 user=root Jun 14 00:08:32 ubnt-55d23 sshd[22726]: Failed password for root from 45.252.250.64 port 43144 ssh2	2020-06-14 06:12:03
45.252.250.106	attack	45.252.250.106 - - [07/Jun/2020:21:14:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.252.250.106 - - [07/Jun/2020:21:14:40 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.252.250.106 - - [07/Jun/2020:21:28:23 +0100] "POST /wp-login.php HTTP/1.1" 200 2040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-08 04:54:13
45.252.250.106	attackspam	CMS (WordPress or Joomla) login attempt.	2020-06-02 01:27:57
45.252.250.106	attack	404 NOT FOUND	2020-05-17 06:39:58
45.252.250.13	attackbotsspam	Automatic report - XMLRPC Attack	2020-03-04 08:16:17
45.252.250.13	attack	Automatic report - XMLRPC Attack	2020-03-02 02:14:12
45.252.250.106	attackbotsspam	Automatic report - XMLRPC Attack	2020-02-08 21:42:28
45.252.250.11	attackbotsspam	45.252.250.11 - - \[16/Jan/2020:22:50:40 +0100\] "POST /wp-login.php HTTP/1.0" 200 6597 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 45.252.250.11 - - \[16/Jan/2020:22:50:44 +0100\] "POST /wp-login.php HTTP/1.0" 200 6410 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 45.252.250.11 - - \[16/Jan/2020:22:50:45 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-01-17 06:01:14
45.252.250.11	attackspam	xmlrpc attack	2019-11-28 02:34:31
45.252.250.106	attack	Automatic report - XMLRPC Attack	2019-11-26 02:51:08
45.252.250.11	attack	xmlrpc attack	2019-11-15 08:57:42
45.252.250.11	attack	WordPress wp-login brute force :: 45.252.250.11 0.188 - [14/Nov/2019:06:25:17 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 2043 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2019-11-14 18:36:03
45.252.250.11	attack	45.252.250.11 - - \[10/Nov/2019:15:46:17 +0100\] "POST /wp-login.php HTTP/1.0" 200 2406 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 45.252.250.11 - - \[10/Nov/2019:15:46:20 +0100\] "POST /wp-login.php HTTP/1.0" 200 2364 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 45.252.250.11 - - \[10/Nov/2019:15:46:23 +0100\] "POST /wp-login.php HTTP/1.0" 200 2374 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-10 23:40:08

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.252.25.216
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37617
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.252.25.216.			IN	A

;; AUTHORITY SECTION:
.			574	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020090701 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 08 03:50:11 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 216.25.252.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 216.25.252.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
212.145.192.205	attackbotsspam	Aug 29 10:22:22 eventyay sshd[7703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.145.192.205 Aug 29 10:22:25 eventyay sshd[7703]: Failed password for invalid user riley from 212.145.192.205 port 35878 ssh2 Aug 29 10:29:54 eventyay sshd[8003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.145.192.205 ...	2020-08-29 16:49:45
159.89.199.229	attackbotsspam	$f2bV_matches	2020-08-29 17:11:55
84.17.60.216	attackbots	(From aiello.elvis@googlemail.com) Hello, I have been informed to contact you. The CIA has been doing intensive research for the past fifty years researching on what we call so called life. That information has been collected and presented for you here https://cutt.ly/cfgu7Vw This has been the finding as of seventeen years ago as of today. Now governments and other large organizations have develop technology around these concepts for their own deceptive uses. Soon you will be contacted by other means for counter measures and the part that you play in all this. Please get this as soon as possible because there are powers that be to take down this information about this.	2020-08-29 16:39:08
148.72.212.161	attack	Aug 29 05:59:46 vps46666688 sshd[3375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.212.161 Aug 29 05:59:48 vps46666688 sshd[3375]: Failed password for invalid user lionel from 148.72.212.161 port 40080 ssh2 ...	2020-08-29 17:01:05
112.238.191.154	attackbotsspam	23/tcp 37215/tcp... [2020-08-17/28]9pkt,2pt.(tcp)	2020-08-29 16:35:04
120.210.89.180	attackspambots	$f2bV_matches	2020-08-29 16:28:28
36.230.234.72	attack	Port Scan detected from 36.230.234.72 (TW/Taiwan/Taiwan/Taipei/36-230-234-72.dynamic-ip.hinet.net). 4 hits in the last 190 seconds	2020-08-29 17:03:54
160.251.4.143	attack	bruteforce detected	2020-08-29 16:40:52
106.12.146.9	attackspam	Aug 29 10:08:46 home sshd[2454061]: Invalid user data from 106.12.146.9 port 55782 Aug 29 10:08:46 home sshd[2454061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.146.9 Aug 29 10:08:46 home sshd[2454061]: Invalid user data from 106.12.146.9 port 55782 Aug 29 10:08:48 home sshd[2454061]: Failed password for invalid user data from 106.12.146.9 port 55782 ssh2 Aug 29 10:10:49 home sshd[2454791]: Invalid user lachlan from 106.12.146.9 port 50954 ...	2020-08-29 16:33:24
194.29.63.96	attack	Aug 29 10:31:16 abendstille sshd\[15687\]: Invalid user admin from 194.29.63.96 Aug 29 10:31:16 abendstille sshd\[15687\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.29.63.96 Aug 29 10:31:18 abendstille sshd\[15687\]: Failed password for invalid user admin from 194.29.63.96 port 33252 ssh2 Aug 29 10:35:04 abendstille sshd\[19265\]: Invalid user xzh from 194.29.63.96 Aug 29 10:35:04 abendstille sshd\[19265\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.29.63.96 ...	2020-08-29 16:36:09
51.158.21.162	attackspambots	51.158.21.162 - - [29/Aug/2020:05:52:48 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.158.21.162 - - [29/Aug/2020:05:52:49 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.158.21.162 - - [29/Aug/2020:05:52:49 +0100] "POST /wp/xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-29 16:49:10
74.82.47.60	attack	8080/tcp 11211/tcp 873/tcp... [2020-06-28/08-29]30pkt,16pt.(tcp),1pt.(udp)	2020-08-29 16:31:17
42.117.14.228	attackspam	TCP (SYN) 42.117.14.228:61866 -> port 445, len 52	2020-08-29 17:11:28
45.142.120.183	attackbots	2020-08-29 10:24:55 dovecot_login authenticator failed for $User$ \[45.142.120.183\]: 535 Incorrect authentication data $set_id=shimoyama@no-server.de$ 2020-08-29 10:24:56 dovecot_login authenticator failed for $User$ \[45.142.120.183\]: 535 Incorrect authentication data $set_id=shimoyama@no-server.de$ 2020-08-29 10:24:57 dovecot_login authenticator failed for $User$ \[45.142.120.183\]: 535 Incorrect authentication data $set_id=shimoyama@no-server.de$ 2020-08-29 10:25:11 dovecot_login authenticator failed for $User$ \[45.142.120.183\]: 535 Incorrect authentication data $set_id=sochi@no-server.de$ 2020-08-29 10:25:31 dovecot_login authenticator failed for $User$ \[45.142.120.183\]: 535 Incorrect authentication data $set_id=sochi@no-server.de$ 2020-08-29 10:25:36 dovecot_login authenticator failed for $User$ \[45.142.120.183\]: 535 Incorrect authentication data $set_id=sochi@no-server.de$ 2020-08-29 10:25:37 dovecot_login authenticator failed for $User$ \[45.142 ...	2020-08-29 16:45:38
122.155.212.171	attackbots	Aug 29 10:04:28 h1745522 sshd[18476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.155.212.171 user=root Aug 29 10:04:30 h1745522 sshd[18476]: Failed password for root from 122.155.212.171 port 59498 ssh2 Aug 29 10:06:08 h1745522 sshd[18717]: Invalid user du from 122.155.212.171 port 53644 Aug 29 10:06:08 h1745522 sshd[18717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.155.212.171 Aug 29 10:06:08 h1745522 sshd[18717]: Invalid user du from 122.155.212.171 port 53644 Aug 29 10:06:10 h1745522 sshd[18717]: Failed password for invalid user du from 122.155.212.171 port 53644 ssh2 Aug 29 10:07:45 h1745522 sshd[18948]: Invalid user rustserver from 122.155.212.171 port 47786 Aug 29 10:07:45 h1745522 sshd[18948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.155.212.171 Aug 29 10:07:45 h1745522 sshd[18948]: Invalid user rustserver from 122.155.212.171 por ...	2020-08-29 16:37:41

Recently Reported IPs

196.205.87.78	123.58.47.232	179.174.15.2	116.88.168.250
49.234.126.35	180.249.164.172	181.174.144.169	95.111.228.21
79.8.243.10	62.210.101.46	3.131.95.190	150.129.6.108
146.178.142.246	115.31.128.77	162.158.255.228	188.191.185.23
186.216.68.183	51.15.231.237	172.105.28.132	105.105.110.1