103.119.45.72 - IPInfo

Basic Info

City: Central

Region: Central and Western District

Country: Hong Kong

Internet Service Provider: Guangdong Dahai Network Information Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 103.119.45.72 on Port 445(SMB)	2019-11-05 03:23:47

Comments on same subnet:

IP	Type	Details	Datetime
103.119.45.147	attack	SASL Brute Force	2019-10-01 02:30:35
103.119.45.161	attackbots	SASL Brute Force	2019-10-01 01:38:51
103.119.45.178	attack	port scan and connect, tcp 143 (imap)	2019-09-20 07:27:31
103.119.45.244	attackspambots	NAME : GDNITCL-CN CIDR : 103.119.44.0/22 DDoS attack China - block certain countries :) IP: 103.119.45.244 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-30 11:33:30
103.119.45.80	attack	攻击IP 103.119.45.80 - - [31/Mar/2019:21:06:23 +0800] "GET /MyAdmin/index.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)" 103.119.45.80 - - [31/Mar/2019:21:06:23 +0800] "GET /phpMyAdmin1/index.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)" 103.119.45.80 - - [31/Mar/2019:21:06:23 +0800] "GET /phpMyAdmin123/index.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)"	2019-03-31 21:17:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.119.45.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11025
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.119.45.72.			IN	A

;; AUTHORITY SECTION:
.			194	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110401 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 05 03:23:44 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 72.45.119.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 72.45.119.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.203.216.159	attackspambots	Fail2Ban Ban Triggered	2020-07-07 01:33:02
46.38.150.188	attackbotsspam	2020-07-06 17:29:52 auth_plain authenticator failed for (User) [46.38.150.188]: 535 Incorrect authentication data (set_id=biomed@mail.csmailer.org) 2020-07-06 17:30:40 auth_plain authenticator failed for (User) [46.38.150.188]: 535 Incorrect authentication data (set_id=media-sharing@mail.csmailer.org) 2020-07-06 17:31:23 auth_plain authenticator failed for (User) [46.38.150.188]: 535 Incorrect authentication data (set_id=sr@mail.csmailer.org) 2020-07-06 17:32:11 auth_plain authenticator failed for (User) [46.38.150.188]: 535 Incorrect authentication data (set_id=iloveyou@mail.csmailer.org) 2020-07-06 17:32:56 auth_plain authenticator failed for (User) [46.38.150.188]: 535 Incorrect authentication data (set_id=ba@mail.csmailer.org) ...	2020-07-07 01:49:09
62.234.27.166	attackbots	5x Failed Password	2020-07-07 01:40:53
51.38.37.89	attack	Multiple SSH authentication failures from 51.38.37.89	2020-07-07 01:19:11
116.247.81.99	attackspam	Jul 6 09:52:23 pixelmemory sshd[3165201]: Invalid user wms from 116.247.81.99 port 49031 Jul 6 09:52:23 pixelmemory sshd[3165201]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.247.81.99 Jul 6 09:52:23 pixelmemory sshd[3165201]: Invalid user wms from 116.247.81.99 port 49031 Jul 6 09:52:25 pixelmemory sshd[3165201]: Failed password for invalid user wms from 116.247.81.99 port 49031 ssh2 Jul 6 09:54:24 pixelmemory sshd[3169380]: Invalid user dokuwiki from 116.247.81.99 port 58738 ...	2020-07-07 01:26:22
188.120.195.72	attack	Jul 6 14:43:54 web-main sshd[265692]: Invalid user freddy from 188.120.195.72 port 57326 Jul 6 14:43:56 web-main sshd[265692]: Failed password for invalid user freddy from 188.120.195.72 port 57326 ssh2 Jul 6 14:55:03 web-main sshd[265729]: Invalid user matt from 188.120.195.72 port 55010	2020-07-07 01:19:49
198.27.79.180	attackspam	2020-07-06T14:58:37.091996shield sshd\[31951\]: Invalid user csgo from 198.27.79.180 port 36215 2020-07-06T14:58:37.095568shield sshd\[31951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.27.79.180 2020-07-06T14:58:39.179376shield sshd\[31951\]: Failed password for invalid user csgo from 198.27.79.180 port 36215 ssh2 2020-07-06T15:01:03.125198shield sshd\[530\]: Invalid user etl from 198.27.79.180 port 55437 2020-07-06T15:01:03.128839shield sshd\[530\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.27.79.180	2020-07-07 01:47:32
103.26.40.145	attackspambots	2020-07-06T19:54:56.682278hostname sshd[8512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.26.40.145 2020-07-06T19:54:56.664409hostname sshd[8512]: Invalid user lb from 103.26.40.145 port 50508 2020-07-06T19:54:58.659805hostname sshd[8512]: Failed password for invalid user lb from 103.26.40.145 port 50508 ssh2 ...	2020-07-07 01:18:18
44.225.84.206	attackspambots	Fail2Ban Ban Triggered	2020-07-07 01:17:31
104.236.72.182	attackbots	Jul 6 17:10:17 minden010 sshd[10266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.72.182 Jul 6 17:10:18 minden010 sshd[10266]: Failed password for invalid user jianfei from 104.236.72.182 port 52412 ssh2 Jul 6 17:14:36 minden010 sshd[11744]: Failed password for root from 104.236.72.182 port 51551 ssh2 ...	2020-07-07 01:23:48
150.129.8.34	attackbots	SSH brute-force attempt	2020-07-07 01:33:21
114.67.91.203	attackbots	2020-07-06T18:59:04.411374ks3355764 sshd[8436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.91.203 user=root 2020-07-06T18:59:05.636524ks3355764 sshd[8436]: Failed password for root from 114.67.91.203 port 54376 ssh2 ...	2020-07-07 01:39:22
61.177.172.159	attackspambots	Jul 6 10:47:11 dignus sshd[29193]: error: maximum authentication attempts exceeded for root from 61.177.172.159 port 24312 ssh2 [preauth] Jul 6 10:47:15 dignus sshd[29228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.159 user=root Jul 6 10:47:18 dignus sshd[29228]: Failed password for root from 61.177.172.159 port 52989 ssh2 Jul 6 10:47:35 dignus sshd[29228]: Failed password for root from 61.177.172.159 port 52989 ssh2 Jul 6 10:47:35 dignus sshd[29228]: error: maximum authentication attempts exceeded for root from 61.177.172.159 port 52989 ssh2 [preauth] ...	2020-07-07 01:48:37
163.172.60.213	attackspam	REQUESTED PAGE: /wp-login.php	2020-07-07 01:35:56
112.85.42.172	attackbots	2020-07-06T17:21:13.726880mail.csmailer.org sshd[1580]: Failed password for root from 112.85.42.172 port 51462 ssh2 2020-07-06T17:21:16.959750mail.csmailer.org sshd[1580]: Failed password for root from 112.85.42.172 port 51462 ssh2 2020-07-06T17:21:19.926159mail.csmailer.org sshd[1580]: Failed password for root from 112.85.42.172 port 51462 ssh2 2020-07-06T17:21:19.926852mail.csmailer.org sshd[1580]: error: maximum authentication attempts exceeded for root from 112.85.42.172 port 51462 ssh2 [preauth] 2020-07-06T17:21:19.926880mail.csmailer.org sshd[1580]: Disconnecting: Too many authentication failures [preauth] ...	2020-07-07 01:28:04

Recently Reported IPs

209.45.84.176	77.42.103.183	202.133.54.228	125.163.53.35
210.16.81.131	23.254.228.80	45.233.12.8	5.234.233.127
186.121.251.75	103.219.60.170	2.62.154.249	190.207.201.154
113.252.242.128	36.76.80.178	61.153.103.143	212.58.114.180
113.183.32.192	122.121.29.248	89.237.192.189	37.49.230.7