Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: Central

Region: Central and Western District

Country: Hong Kong

Internet Service Provider: Guangdong Dahai Network Information Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:
Type Details Datetime
attack
Unauthorized connection attempt from IP address 103.119.45.72 on Port 445(SMB)
2019-11-05 03:23:47
Comments on same subnet:
IP Type Details Datetime
103.119.45.147 attack
SASL Brute Force
2019-10-01 02:30:35
103.119.45.161 attackbots
SASL Brute Force
2019-10-01 01:38:51
103.119.45.178 attack
port scan and connect, tcp 143 (imap)
2019-09-20 07:27:31
103.119.45.244 attackspambots
NAME : GDNITCL-CN CIDR : 103.119.44.0/22 DDoS attack China - block certain countries :) IP: 103.119.45.244  Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN  - data recovery https://help-dysk.pl
2019-06-30 11:33:30
103.119.45.80 attack
攻击IP
103.119.45.80 - - [31/Mar/2019:21:06:23 +0800] "GET /MyAdmin/index.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)"
103.119.45.80 - - [31/Mar/2019:21:06:23 +0800] "GET /phpMyAdmin1/index.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)"
103.119.45.80 - - [31/Mar/2019:21:06:23 +0800] "GET /phpMyAdmin123/index.php HTTP/1.1" 301 194 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)"
2019-03-31 21:17:36
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.119.45.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11025
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.119.45.72.			IN	A

;; AUTHORITY SECTION:
.			194	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110401 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 05 03:23:44 CST 2019
;; MSG SIZE  rcvd: 117
Host info
Host 72.45.119.103.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 72.45.119.103.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
186.136.191.5 attackspambots
[N10.H2.VM2] Port Scanner Detected Blocked by UFW
2020-09-08 23:32:12
111.231.116.149 attackspam
Connection to SSH Honeypot - Detected by HoneypotDB
2020-09-08 23:31:42
101.231.124.6 attackspam
Sep  8 13:47:54 vserver sshd\[6367\]: Failed password for root from 101.231.124.6 port 59053 ssh2Sep  8 13:51:52 vserver sshd\[6388\]: Failed password for root from 101.231.124.6 port 21079 ssh2Sep  8 13:55:45 vserver sshd\[6422\]: Invalid user c0l4 from 101.231.124.6Sep  8 13:55:47 vserver sshd\[6422\]: Failed password for invalid user c0l4 from 101.231.124.6 port 26943 ssh2
...
2020-09-08 23:23:35
212.70.149.52 attackbots
Sep  8 16:46:37 relay postfix/smtpd\[28189\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Sep  8 16:47:04 relay postfix/smtpd\[1572\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Sep  8 16:47:31 relay postfix/smtpd\[30961\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Sep  8 16:47:57 relay postfix/smtpd\[32613\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Sep  8 16:48:23 relay postfix/smtpd\[1576\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
...
2020-09-08 22:51:52
121.148.65.131 attack
Sep  8 04:33:36 mail sshd\[47474\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.148.65.131  user=root
...
2020-09-08 23:35:36
193.29.15.169 attackbotsspam
 UDP 193.29.15.169:43402 -> port 1900, len 118
2020-09-08 22:56:41
129.158.74.141 attack
Sep  8 17:05:49 ns382633 sshd\[27557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.158.74.141  user=root
Sep  8 17:05:50 ns382633 sshd\[27557\]: Failed password for root from 129.158.74.141 port 44208 ssh2
Sep  8 17:18:54 ns382633 sshd\[29599\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.158.74.141  user=root
Sep  8 17:18:56 ns382633 sshd\[29599\]: Failed password for root from 129.158.74.141 port 38775 ssh2
Sep  8 17:22:49 ns382633 sshd\[30308\]: Invalid user cod from 129.158.74.141 port 40879
Sep  8 17:22:49 ns382633 sshd\[30308\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.158.74.141
2020-09-08 23:24:30
114.5.244.215 attackspam
Honeypot attack, port: 445, PTR: 114-5-244-215.resources.indosat.com.
2020-09-08 23:30:03
169.239.108.52 attack
Brute forcing RDP port 3389
2020-09-08 23:38:12
178.140.173.175 attackspam
Honeypot attack, port: 445, PTR: broadband-178-140-173-175.ip.moscow.rt.ru.
2020-09-08 23:14:40
203.86.193.48 attack
<6 unauthorized SSH connections
2020-09-08 23:26:52
92.40.195.121 attackbots
php WP PHPmyadamin ABUSE blocked for 12h
2020-09-08 23:14:18
58.222.133.82 attackbotsspam
Sep  7 22:32:11 sigma sshd\[7471\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.222.133.82  user=rootSep  7 22:43:10 sigma sshd\[7695\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.222.133.82  user=root
...
2020-09-08 23:28:59
113.161.82.85 attack
Honeypot attack, port: 445, PTR: static.vnpt.vn.
2020-09-08 23:01:31
186.154.234.165 attackbotsspam
Unauthorized connection attempt from IP address 186.154.234.165 on Port 445(SMB)
2020-09-08 22:57:04

Recently Reported IPs

209.45.84.176 77.42.103.183 202.133.54.228 125.163.53.35
210.16.81.131 23.254.228.80 45.233.12.8 5.234.233.127
186.121.251.75 103.219.60.170 2.62.154.249 190.207.201.154
113.252.242.128 36.76.80.178 61.153.103.143 212.58.114.180
113.183.32.192 122.121.29.248 89.237.192.189 37.49.230.7