103.119.45.72 - IPInfo

Basic Info

City: Central

Region: Central and Western District

Country: Hong Kong

Internet Service Provider: Guangdong Dahai Network Information Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 103.119.45.72 on Port 445(SMB)	2019-11-05 03:23:47

Comments on same subnet:

IP	Type	Details	Datetime
103.119.45.147	attack	SASL Brute Force	2019-10-01 02:30:35
103.119.45.161	attackbots	SASL Brute Force	2019-10-01 01:38:51
103.119.45.178	attack	port scan and connect, tcp 143 (imap)	2019-09-20 07:27:31
103.119.45.244	attackspambots	NAME : GDNITCL-CN CIDR : 103.119.44.0/22 DDoS attack China - block certain countries :) IP: 103.119.45.244 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-30 11:33:30
103.119.45.80	attack	攻击IP 103.119.45.80 - - [31/Mar/2019:21:06:23 +0800] "GET /MyAdmin/index.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)" 103.119.45.80 - - [31/Mar/2019:21:06:23 +0800] "GET /phpMyAdmin1/index.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)" 103.119.45.80 - - [31/Mar/2019:21:06:23 +0800] "GET /phpMyAdmin123/index.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)"	2019-03-31 21:17:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.119.45.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11025
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.119.45.72.			IN	A

;; AUTHORITY SECTION:
.			194	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110401 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 05 03:23:44 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 72.45.119.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 72.45.119.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
186.136.191.5	attackspambots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-08 23:32:12
111.231.116.149	attackspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-08 23:31:42
101.231.124.6	attackspam	Sep 8 13:47:54 vserver sshd\[6367\]: Failed password for root from 101.231.124.6 port 59053 ssh2Sep 8 13:51:52 vserver sshd\[6388\]: Failed password for root from 101.231.124.6 port 21079 ssh2Sep 8 13:55:45 vserver sshd\[6422\]: Invalid user c0l4 from 101.231.124.6Sep 8 13:55:47 vserver sshd\[6422\]: Failed password for invalid user c0l4 from 101.231.124.6 port 26943 ssh2 ...	2020-09-08 23:23:35
212.70.149.52	attackbots	Sep 8 16:46:37 relay postfix/smtpd\[28189\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 8 16:47:04 relay postfix/smtpd\[1572\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 8 16:47:31 relay postfix/smtpd\[30961\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 8 16:47:57 relay postfix/smtpd\[32613\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 8 16:48:23 relay postfix/smtpd\[1576\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-08 22:51:52
121.148.65.131	attack	Sep 8 04:33:36 mail sshd\[47474\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.148.65.131 user=root ...	2020-09-08 23:35:36
193.29.15.169	attackbotsspam	UDP 193.29.15.169:43402 -> port 1900, len 118	2020-09-08 22:56:41
129.158.74.141	attack	Sep 8 17:05:49 ns382633 sshd\[27557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.158.74.141 user=root Sep 8 17:05:50 ns382633 sshd\[27557\]: Failed password for root from 129.158.74.141 port 44208 ssh2 Sep 8 17:18:54 ns382633 sshd\[29599\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.158.74.141 user=root Sep 8 17:18:56 ns382633 sshd\[29599\]: Failed password for root from 129.158.74.141 port 38775 ssh2 Sep 8 17:22:49 ns382633 sshd\[30308\]: Invalid user cod from 129.158.74.141 port 40879 Sep 8 17:22:49 ns382633 sshd\[30308\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.158.74.141	2020-09-08 23:24:30
114.5.244.215	attackspam	Honeypot attack, port: 445, PTR: 114-5-244-215.resources.indosat.com.	2020-09-08 23:30:03
169.239.108.52	attack	Brute forcing RDP port 3389	2020-09-08 23:38:12
178.140.173.175	attackspam	Honeypot attack, port: 445, PTR: broadband-178-140-173-175.ip.moscow.rt.ru.	2020-09-08 23:14:40
203.86.193.48	attack	<6 unauthorized SSH connections	2020-09-08 23:26:52
92.40.195.121	attackbots	php WP PHPmyadamin ABUSE blocked for 12h	2020-09-08 23:14:18
58.222.133.82	attackbotsspam	Sep 7 22:32:11 sigma sshd\[7471\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.222.133.82 user=rootSep 7 22:43:10 sigma sshd\[7695\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.222.133.82 user=root ...	2020-09-08 23:28:59
113.161.82.85	attack	Honeypot attack, port: 445, PTR: static.vnpt.vn.	2020-09-08 23:01:31
186.154.234.165	attackbotsspam	Unauthorized connection attempt from IP address 186.154.234.165 on Port 445(SMB)	2020-09-08 22:57:04

Recently Reported IPs

209.45.84.176	77.42.103.183	202.133.54.228	125.163.53.35
210.16.81.131	23.254.228.80	45.233.12.8	5.234.233.127
186.121.251.75	103.219.60.170	2.62.154.249	190.207.201.154
113.252.242.128	36.76.80.178	61.153.103.143	212.58.114.180
113.183.32.192	122.121.29.248	89.237.192.189	37.49.230.7