103.119.45.72 - IPInfo

Basic Info

City: Central

Region: Central and Western District

Country: Hong Kong

Internet Service Provider: Guangdong Dahai Network Information Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 103.119.45.72 on Port 445(SMB)	2019-11-05 03:23:47

Comments on same subnet:

IP	Type	Details	Datetime
103.119.45.147	attack	SASL Brute Force	2019-10-01 02:30:35
103.119.45.161	attackbots	SASL Brute Force	2019-10-01 01:38:51
103.119.45.178	attack	port scan and connect, tcp 143 (imap)	2019-09-20 07:27:31
103.119.45.244	attackspambots	NAME : GDNITCL-CN CIDR : 103.119.44.0/22 DDoS attack China - block certain countries :) IP: 103.119.45.244 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-30 11:33:30
103.119.45.80	attack	攻击IP 103.119.45.80 - - [31/Mar/2019:21:06:23 +0800] "GET /MyAdmin/index.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)" 103.119.45.80 - - [31/Mar/2019:21:06:23 +0800] "GET /phpMyAdmin1/index.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)" 103.119.45.80 - - [31/Mar/2019:21:06:23 +0800] "GET /phpMyAdmin123/index.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)"	2019-03-31 21:17:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.119.45.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11025
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.119.45.72.			IN	A

;; AUTHORITY SECTION:
.			194	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110401 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 05 03:23:44 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 72.45.119.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 72.45.119.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
52.174.139.98	attackbotsspam	Aug 9 01:11:01 lnxmysql61 sshd[1756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.174.139.98	2019-08-09 07:51:49
68.183.34.81	attackspambots	Unauthorised access (Aug 9) SRC=68.183.34.81 LEN=40 TTL=247 ID=54321 TCP DPT=3389 WINDOW=65535 SYN	2019-08-09 08:16:36
197.44.22.102	attackspambots	hacked into mail account and used it to send spam	2019-08-09 07:32:16
178.128.84.122	attackspam	Aug 9 01:47:21 vps647732 sshd[1990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.84.122 Aug 9 01:47:22 vps647732 sshd[1990]: Failed password for invalid user nnn from 178.128.84.122 port 59558 ssh2 ...	2019-08-09 07:50:12
186.148.172.19	attack	Aug 8 23:54:24 mout sshd[5739]: Invalid user 25 from 186.148.172.19 port 45816	2019-08-09 07:35:01
37.120.33.30	attackspam	Automatic report	2019-08-09 07:37:32
218.92.0.194	attack	Aug 9 02:14:16 eventyay sshd[24420]: Failed password for root from 218.92.0.194 port 51051 ssh2 Aug 9 02:14:18 eventyay sshd[24420]: Failed password for root from 218.92.0.194 port 51051 ssh2 Aug 9 02:14:21 eventyay sshd[24420]: Failed password for root from 218.92.0.194 port 51051 ssh2 ...	2019-08-09 08:15:21
112.85.42.174	attackspambots	Aug 8 23:53:24 plex sshd[32374]: Failed password for root from 112.85.42.174 port 5820 ssh2 Aug 8 23:53:18 plex sshd[32374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root Aug 8 23:53:21 plex sshd[32374]: Failed password for root from 112.85.42.174 port 5820 ssh2 Aug 8 23:53:24 plex sshd[32374]: Failed password for root from 112.85.42.174 port 5820 ssh2 Aug 8 23:53:27 plex sshd[32374]: Failed password for root from 112.85.42.174 port 5820 ssh2	2019-08-09 07:55:34
36.33.133.89	attack	Triggered by Fail2Ban at Ares web server	2019-08-09 08:07:06
218.92.0.154	attackspambots	Aug 8 23:53:36 dedicated sshd[31803]: Failed password for root from 218.92.0.154 port 42561 ssh2 Aug 8 23:53:39 dedicated sshd[31803]: Failed password for root from 218.92.0.154 port 42561 ssh2 Aug 8 23:53:41 dedicated sshd[31803]: Failed password for root from 218.92.0.154 port 42561 ssh2 Aug 8 23:53:44 dedicated sshd[31803]: Failed password for root from 218.92.0.154 port 42561 ssh2 Aug 8 23:53:47 dedicated sshd[31803]: Failed password for root from 218.92.0.154 port 42561 ssh2	2019-08-09 07:47:39
77.40.80.30	attackspam	2019-08-09T01:28:17.377627mail01 postfix/smtpd[6365]: warning: unknown[77.40.80.30]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-08-09T01:29:59.005395mail01 postfix/smtpd[6370]: warning: unknown[77.40.80.30]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-08-09T01:30:34.386322mail01 postfix/smtpd[6365]: warning: unknown[77.40.80.30]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-08-09 07:54:14
49.88.112.77	attackbots	Aug 8 22:54:23 ip-172-31-62-245 sshd\[23039\]: Failed password for root from 49.88.112.77 port 42124 ssh2\ Aug 8 22:54:39 ip-172-31-62-245 sshd\[23041\]: Failed password for root from 49.88.112.77 port 28540 ssh2\ Aug 8 22:54:54 ip-172-31-62-245 sshd\[23045\]: Failed password for root from 49.88.112.77 port 13966 ssh2\ Aug 8 22:55:09 ip-172-31-62-245 sshd\[23052\]: Failed password for root from 49.88.112.77 port 53585 ssh2\ Aug 8 22:55:25 ip-172-31-62-245 sshd\[23054\]: Failed password for root from 49.88.112.77 port 41067 ssh2\	2019-08-09 07:42:02
41.33.119.67	attackspam	Aug 9 01:31:49 root sshd[20847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.33.119.67 Aug 9 01:31:51 root sshd[20847]: Failed password for invalid user gao from 41.33.119.67 port 24038 ssh2 Aug 9 01:37:33 root sshd[20876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.33.119.67 ...	2019-08-09 07:44:41
146.185.130.101	attackspambots	Aug 9 01:29:29 vps647732 sshd[1596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.130.101 Aug 9 01:29:31 vps647732 sshd[1596]: Failed password for invalid user kp from 146.185.130.101 port 45476 ssh2 ...	2019-08-09 08:00:47
46.166.151.47	attackspam	\[2019-08-08 19:40:14\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-08T19:40:14.362-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01246406820923",SessionID="0x7ff4d0160998",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/58181",ACLName="no_extension_match" \[2019-08-08 19:45:42\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-08T19:45:42.432-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="001546812410249",SessionID="0x7ff4d0160998",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/53510",ACLName="no_extension_match" \[2019-08-08 19:49:22\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-08T19:49:22.933-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="46406829453",SessionID="0x7ff4d0160998",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/60644",ACLName="no_extensio	2019-08-09 07:56:08

Recently Reported IPs

209.45.84.176	77.42.103.183	202.133.54.228	125.163.53.35
210.16.81.131	23.254.228.80	45.233.12.8	5.234.233.127
186.121.251.75	103.219.60.170	2.62.154.249	190.207.201.154
113.252.242.128	36.76.80.178	61.153.103.143	212.58.114.180
113.183.32.192	122.121.29.248	89.237.192.189	37.49.230.7