103.119.45.147

Basic Info

City: Central

Region: Central and Western District

Country: Hong Kong

Internet Service Provider: Guangdong Dahai Network Information Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SASL Brute Force	2019-10-01 02:30:35

Comments on same subnet:

IP	Type	Details	Datetime
103.119.45.72	attack	Unauthorized connection attempt from IP address 103.119.45.72 on Port 445(SMB)	2019-11-05 03:23:47
103.119.45.161	attackbots	SASL Brute Force	2019-10-01 01:38:51
103.119.45.178	attack	port scan and connect, tcp 143 (imap)	2019-09-20 07:27:31
103.119.45.244	attackspambots	NAME : GDNITCL-CN CIDR : 103.119.44.0/22 DDoS attack China - block certain countries :) IP: 103.119.45.244 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-30 11:33:30
103.119.45.80	attack	攻击IP 103.119.45.80 - - [31/Mar/2019:21:06:23 +0800] "GET /MyAdmin/index.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)" 103.119.45.80 - - [31/Mar/2019:21:06:23 +0800] "GET /phpMyAdmin1/index.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)" 103.119.45.80 - - [31/Mar/2019:21:06:23 +0800] "GET /phpMyAdmin123/index.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)"	2019-03-31 21:17:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.119.45.147
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28824
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.119.45.147.			IN	A

;; AUTHORITY SECTION:
.			239	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019093002 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 01 02:30:27 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 147.45.119.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 147.45.119.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.187.248.39	attackspam	Dec 19 23:27:36 gw1 sshd[32393]: Failed password for root from 37.187.248.39 port 38296 ssh2 ...	2019-12-20 03:00:59
35.188.242.129	attack	2019-12-19T14:57:57.086845homeassistant sshd[24758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.188.242.129 user=root 2019-12-19T14:57:59.307613homeassistant sshd[24758]: Failed password for root from 35.188.242.129 port 45038 ssh2 ...	2019-12-20 03:10:15
198.20.103.245	attackbotsspam	" "	2019-12-20 03:01:23
139.208.16.180	attackspambots	Fail2Ban Ban Triggered	2019-12-20 03:00:31
113.58.219.4	attackbotsspam	Automatic report - Port Scan	2019-12-20 02:54:18
170.233.69.72	attackbots	Dec 19 15:33:17 localhost sshd\[17673\]: Invalid user db2fenc1 from 170.233.69.72 Dec 19 15:33:17 localhost sshd\[17673\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.233.69.72 Dec 19 15:33:19 localhost sshd\[17673\]: Failed password for invalid user db2fenc1 from 170.233.69.72 port 59996 ssh2 Dec 19 15:35:19 localhost sshd\[17907\]: Invalid user monicadf from 170.233.69.72 Dec 19 15:35:19 localhost sshd\[17907\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.233.69.72 ...	2019-12-20 02:38:32
161.132.107.170	attack	RDP Brute-Force (Grieskirchen RZ1)	2019-12-20 02:52:25
81.45.56.199	attack	Dec 19 18:55:39 localhost sshd[51072]: Failed password for root from 81.45.56.199 port 36834 ssh2 Dec 19 19:02:15 localhost sshd[51254]: Failed password for invalid user 123 from 81.45.56.199 port 58722 ssh2 Dec 19 19:07:43 localhost sshd[51345]: Failed password for invalid user karademir from 81.45.56.199 port 37092 ssh2	2019-12-20 02:41:19
123.17.117.4	attackbotsspam	TCP Port: 25 invalid blocked dnsbl-sorbs also abuseat-org and barracuda (749)	2019-12-20 02:36:33
113.204.230.222	attackspambots	Dec 19 16:33:38 dev0-dcde-rnet sshd[31947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.204.230.222 Dec 19 16:33:40 dev0-dcde-rnet sshd[31947]: Failed password for invalid user voetsch from 113.204.230.222 port 7565 ssh2 Dec 19 16:39:27 dev0-dcde-rnet sshd[31983]: Failed password for root from 113.204.230.222 port 12579 ssh2	2019-12-20 03:11:45
125.227.236.60	attackspam	Dec 19 07:41:41 tdfoods sshd\[12533\]: Invalid user albino from 125.227.236.60 Dec 19 07:41:41 tdfoods sshd\[12533\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125-227-236-60.hinet-ip.hinet.net Dec 19 07:41:43 tdfoods sshd\[12533\]: Failed password for invalid user albino from 125.227.236.60 port 53888 ssh2 Dec 19 07:47:32 tdfoods sshd\[13102\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125-227-236-60.hinet-ip.hinet.net user=bin Dec 19 07:47:35 tdfoods sshd\[13102\]: Failed password for bin from 125.227.236.60 port 60044 ssh2	2019-12-20 02:49:26
222.186.173.154	attackspam	Dec 19 19:46:15 icinga sshd[28841]: Failed password for root from 222.186.173.154 port 24162 ssh2 Dec 19 19:46:38 icinga sshd[28841]: error: maximum authentication attempts exceeded for root from 222.186.173.154 port 24162 ssh2 [preauth] ...	2019-12-20 02:47:22
216.218.206.114	attackbots	firewall-block, port(s): 873/tcp	2019-12-20 02:59:00
185.184.79.31	attackbots	Unauthorized connection attempt detected from IP address 185.184.79.31 to port 3389	2019-12-20 03:14:19
222.186.175.212	attackspam	Dec 19 19:47:17 loxhost sshd\[22023\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.212 user=root Dec 19 19:47:19 loxhost sshd\[22023\]: Failed password for root from 222.186.175.212 port 54176 ssh2 Dec 19 19:47:22 loxhost sshd\[22023\]: Failed password for root from 222.186.175.212 port 54176 ssh2 Dec 19 19:47:25 loxhost sshd\[22023\]: Failed password for root from 222.186.175.212 port 54176 ssh2 Dec 19 19:47:29 loxhost sshd\[22023\]: Failed password for root from 222.186.175.212 port 54176 ssh2 ...	2019-12-20 02:51:13

Recently Reported IPs

182.136.11.126	60.50.70.249	85.228.12.201	188.204.83.254
83.237.82.112	134.181.169.62	85.118.126.237	91.150.231.77
166.89.224.166	102.97.14.243	2600:8800:3a00:15b8:b1bc:d5e8:7dcc:3c4b	223.149.230.151
58.3.127.118	185.50.196.127	39.237.115.16	44.85.47.33
177.193.237.78	214.127.243.95	99.92.80.166	131.71.198.117