103.105.59.80 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: The North Part of the 1st Floor

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	28967/tcp 10914/tcp 1480/tcp... [2020-08-31/10-05]27pkt,22pt.(tcp)	2020-10-06 05:28:35
attackbotsspam	Oct 5 13:59:51 serwer sshd\[6168\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.105.59.80 user=root Oct 5 13:59:53 serwer sshd\[6168\]: Failed password for root from 103.105.59.80 port 59446 ssh2 Oct 5 14:08:20 serwer sshd\[7587\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.105.59.80 user=root ...	2020-10-05 21:34:08
attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-05 13:26:22
attackbots	(sshd) Failed SSH login from 103.105.59.80 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 23 08:36:18 idl1-dfw sshd[241373]: Invalid user 12345 from 103.105.59.80 port 37802 Sep 23 08:36:20 idl1-dfw sshd[241373]: Failed password for invalid user 12345 from 103.105.59.80 port 37802 ssh2 Sep 23 08:43:18 idl1-dfw sshd[250798]: Invalid user glenn from 103.105.59.80 port 52458 Sep 23 08:43:20 idl1-dfw sshd[250798]: Failed password for invalid user glenn from 103.105.59.80 port 52458 ssh2 Sep 23 08:45:57 idl1-dfw sshd[258131]: Invalid user usuario from 103.105.59.80 port 52542	2020-09-24 00:11:55
attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-23T07:07:08Z and 2020-09-23T07:15:13Z	2020-09-23 16:20:06
attack	SSH / Telnet Brute Force Attempts on Honeypot	2020-09-23 08:16:02
attack	Found on Github Combined on 3 lists / proto=6 . srcport=46285 . dstport=13829 . (250)	2020-09-17 20:46:51
attackspam	SSH / Telnet Brute Force Attempts on Honeypot	2020-09-17 12:57:27
attackbots	Sep 10 18:19:11 funkybot sshd[7392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.105.59.80 Sep 10 18:19:13 funkybot sshd[7392]: Failed password for invalid user ubuntu from 103.105.59.80 port 59610 ssh2 ...	2020-09-11 02:08:57
attackspam	Port Scan/VNC login attempt ...	2020-09-10 17:32:17
attackspambots	SSH / Telnet Brute Force Attempts on Honeypot	2020-09-10 08:04:55
attack	Aug 20 01:30:31 pornomens sshd\[29260\]: Invalid user saul from 103.105.59.80 port 53032 Aug 20 01:30:31 pornomens sshd\[29260\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.105.59.80 Aug 20 01:30:33 pornomens sshd\[29260\]: Failed password for invalid user saul from 103.105.59.80 port 53032 ssh2 ...	2020-08-20 08:50:38
attack	Aug 7 11:44:56 vps46666688 sshd[1583]: Failed password for root from 103.105.59.80 port 38516 ssh2 ...	2020-08-07 23:48:51
attackspambots	Aug 4 06:10:30 buvik sshd[28660]: Failed password for root from 103.105.59.80 port 49618 ssh2 Aug 4 06:14:54 buvik sshd[29226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.105.59.80 user=root Aug 4 06:14:56 buvik sshd[29226]: Failed password for root from 103.105.59.80 port 34388 ssh2 ...	2020-08-04 16:19:03
attackspambots	2020-08-02T17:31:25.148309shield sshd\[19018\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.105.59.80 user=root 2020-08-02T17:31:27.316730shield sshd\[19018\]: Failed password for root from 103.105.59.80 port 49698 ssh2 2020-08-02T17:35:37.661727shield sshd\[19577\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.105.59.80 user=root 2020-08-02T17:35:39.423821shield sshd\[19577\]: Failed password for root from 103.105.59.80 port 34544 ssh2 2020-08-02T17:39:54.666289shield sshd\[20106\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.105.59.80 user=root	2020-08-03 01:40:06

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.105.59.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56436
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.105.59.80.			IN	A

;; AUTHORITY SECTION:
.			247	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080201 1800 900 604800 86400

;; Query time: 25 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Aug 03 01:39:59 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 80.59.105.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 80.59.105.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.85.42.188	attack	12/08/2019-12:05:58.776194 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2019-12-09 01:48:17
117.50.49.57	attack	Dec 8 18:00:24 ArkNodeAT sshd\[12668\]: Invalid user engeset from 117.50.49.57 Dec 8 18:00:24 ArkNodeAT sshd\[12668\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.49.57 Dec 8 18:00:25 ArkNodeAT sshd\[12668\]: Failed password for invalid user engeset from 117.50.49.57 port 33932 ssh2	2019-12-09 01:43:10
140.143.73.184	attack	Dec 8 16:27:54 vmd17057 sshd\[17809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.73.184 user=root Dec 8 16:27:55 vmd17057 sshd\[17809\]: Failed password for root from 140.143.73.184 port 33174 ssh2 Dec 8 16:36:05 vmd17057 sshd\[18472\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.73.184 user=backup ...	2019-12-09 01:32:20
185.143.223.104	attackbotsspam	2019-12-08T18:26:43.995781+01:00 lumpi kernel: [1115952.618474] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=185.143.223.104 DST=78.46.199.189 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=31241 PROTO=TCP SPT=41622 DPT=9991 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-12-09 01:44:18
204.42.253.132	attackbots	scan z	2019-12-09 01:15:49
180.250.115.121	attackbotsspam	Dec 8 22:12:45 itv-usvr-02 sshd[17995]: Invalid user malanie from 180.250.115.121 port 34909 Dec 8 22:12:45 itv-usvr-02 sshd[17995]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.115.121 Dec 8 22:12:45 itv-usvr-02 sshd[17995]: Invalid user malanie from 180.250.115.121 port 34909 Dec 8 22:12:47 itv-usvr-02 sshd[17995]: Failed password for invalid user malanie from 180.250.115.121 port 34909 ssh2 Dec 8 22:21:41 itv-usvr-02 sshd[18027]: Invalid user test from 180.250.115.121 port 49007	2019-12-09 01:19:57
80.15.35.178	attackbots	Unauthorized connection attempt detected from IP address 80.15.35.178 to port 445	2019-12-09 01:14:00
103.245.115.4	attackspambots	Dec 8 16:10:00 meumeu sshd[27941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.245.115.4 Dec 8 16:10:02 meumeu sshd[27941]: Failed password for invalid user 123456 from 103.245.115.4 port 39272 ssh2 Dec 8 16:17:41 meumeu sshd[29124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.245.115.4 ...	2019-12-09 01:22:27
80.252.74.68	attackspam	2019-12-08T17:28:48.472879abusebot-8.cloudsearch.cf sshd\[5025\]: Invalid user wwwwww from 80.252.74.68 port 36974	2019-12-09 01:31:10
176.31.217.184	attack	2019-12-03 15:07:16,528 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 176.31.217.184 2019-12-03 15:38:06,630 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 176.31.217.184 2019-12-03 16:16:22,532 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 176.31.217.184 2019-12-03 16:48:29,575 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 176.31.217.184 2019-12-03 17:20:28,855 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 176.31.217.184 ...	2019-12-09 01:09:08
159.203.90.161	attackbots	" "	2019-12-09 01:33:05
159.203.111.100	attackbotsspam	Dec 8 07:32:46 kapalua sshd\[29168\]: Invalid user 12345 from 159.203.111.100 Dec 8 07:32:46 kapalua sshd\[29168\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 Dec 8 07:32:48 kapalua sshd\[29168\]: Failed password for invalid user 12345 from 159.203.111.100 port 60357 ssh2 Dec 8 07:40:43 kapalua sshd\[30090\]: Invalid user watauchi from 159.203.111.100 Dec 8 07:40:43 kapalua sshd\[30090\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100	2019-12-09 01:41:00
192.144.142.72	attack	Dec 8 07:02:58 sachi sshd\[22844\]: Invalid user marchon from 192.144.142.72 Dec 8 07:02:58 sachi sshd\[22844\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.142.72 Dec 8 07:03:00 sachi sshd\[22844\]: Failed password for invalid user marchon from 192.144.142.72 port 49398 ssh2 Dec 8 07:10:03 sachi sshd\[23653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.142.72 user=root Dec 8 07:10:05 sachi sshd\[23653\]: Failed password for root from 192.144.142.72 port 48731 ssh2	2019-12-09 01:23:33
110.249.216.130	attackspambots	port scan and connect, tcp 1433 (ms-sql-s)	2019-12-09 01:49:27
213.21.174.189	attack	Dec 8 15:54:37 grey postfix/smtpd\[1817\]: NOQUEUE: reject: RCPT from unknown\[213.21.174.189\]: 554 5.7.1 Service unavailable\; Client host \[213.21.174.189\] blocked using dul.dnsbl.sorbs.net\; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml\?213.21.174.189\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-09 01:46:17

Recently Reported IPs

45.65.17.181	40.112.160.209	107.145.217.52	144.149.37.182
51.70.14.93	72.145.241.179	203.206.132.3	93.46.248.71
58.187.143.215	37.49.224.2	103.81.115.8	13.250.46.200
47.103.159.227	112.10.116.220	197.188.26.255	47.238.149.48
108.67.49.2	67.60.162.235	209.127.178.83	223.178.69.217