103.254.69.244

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Horizon Telecommunication

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-18 08:19:17,740 INFO [amun_request_handler] PortScan Detected on Port: 445 (103.254.69.244)	2019-07-18 23:30:38

Comments on same subnet:

IP	Type	Details	Datetime
103.254.69.246	attackbotsspam	Unauthorized connection attempt from IP address 103.254.69.246 on Port 445(SMB)	2020-07-01 22:44:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.254.69.244
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13505
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.254.69.244.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071800 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 18 23:30:19 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 244.69.254.103.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 244.69.254.103.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
195.3.146.113	attackbots	Multiport scan : 43 ports scanned 1112 1222 2008 2327 3304 3334 3336 3401 4010 4490 4501 4541 4545 4577 4949 4991 5003 5151 5231 5400 5476 5923 5960 6265 6746 6827 7003 7782 8005 9033 10004 10100 11110 11117 11986 12222 15412 33803 33806 33877 33881 50389 51111	2020-05-01 07:19:19
129.213.107.56	attack	20 attempts against mh-ssh on install-test	2020-05-01 07:28:43
87.251.74.34	attackbotsspam	Signature ET DROP Dshield Block Listed Source group 1. From: 87.251.74.34:49311	2020-05-01 07:44:51
202.107.188.197	attack	Brute-Force	2020-05-01 07:21:59
213.180.203.176	attackbots	[Fri May 01 03:53:10.021279 2020] [:error] [pid 26085:tid 140125603071744] [client 213.180.203.176:53658] [client 213.180.203.176] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "Xqs6tvMlxl4BPw63518gsQAAAfE"] ...	2020-05-01 07:13:56
210.209.87.193	attackbots	Invalid user sss from 210.209.87.193 port 55074	2020-05-01 07:09:44
122.155.223.48	attack	May 1 01:46:58 lukav-desktop sshd\[6928\]: Invalid user linux from 122.155.223.48 May 1 01:46:58 lukav-desktop sshd\[6928\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.155.223.48 May 1 01:47:00 lukav-desktop sshd\[6928\]: Failed password for invalid user linux from 122.155.223.48 port 53840 ssh2 May 1 01:49:25 lukav-desktop sshd\[12240\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.155.223.48 user=root May 1 01:49:27 lukav-desktop sshd\[12240\]: Failed password for root from 122.155.223.48 port 45972 ssh2	2020-05-01 07:10:36
77.40.48.95	attackspam	445/tcp 445/tcp 445/tcp [2020-04-21/30]3pkt	2020-05-01 07:34:22
45.238.65.178	attackspam	445/tcp 445/tcp 445/tcp [2020-04-23/30]3pkt	2020-05-01 07:13:05
61.34.105.66	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-01 07:32:17
23.88.167.10	attackbotsspam	445/tcp 445/tcp [2020-03-02/04-30]2pkt	2020-05-01 07:12:23
122.176.52.13	attackbotsspam	Invalid user anirudh from 122.176.52.13 port 39987	2020-05-01 07:34:00
157.245.207.198	attackspam	Invalid user furukawa from 157.245.207.198 port 38810	2020-05-01 07:23:50
66.153.195.73	attack	23/tcp 23/tcp 23/tcp [2020-04-12/30]3pkt	2020-05-01 07:35:17
111.231.71.157	attackbots	Apr 30 22:07:19 : SSH login attempts with invalid user	2020-05-01 07:16:27

Recently Reported IPs

86.100.173.81	83.83.204.124	37.35.147.175	66.207.18.26
58.34.62.35	109.91.20.156	92.114.118.117	94.221.28.142
2003:e9:d718:2d00:8054:ba15:751a:d457	36.236.234.100	136.160.113.79	156.68.38.103
214.132.199.255	178.153.238.89	52.146.90.180	42.106.119.216
176.121.190.254	157.4.174.253	220.225.82.10	89.171.167.46