103.31.45.72 - IPInfo

Basic Info

City: Medan

Region: North Sumatra

Country: Indonesia

Internet Service Provider: PT. Media Antar Nusa

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 103.31.45.72 to port 23	2019-12-26 08:31:37

Comments on same subnet:

IP	Type	Details	Datetime
103.31.45.104	attackbots	trying to access non-authorized port	2020-05-29 14:11:55
103.31.45.104	attackbots	port scan and connect, tcp 23 (telnet)	2020-04-24 15:50:27
103.31.45.71	attackbotsspam	1581915499 - 02/17/2020 05:58:19 Host: 103.31.45.71/103.31.45.71 Port: 445 TCP Blocked	2020-02-17 15:23:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.31.45.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44738
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.31.45.72.			IN	A

;; AUTHORITY SECTION:
.			578	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122502 1800 900 604800 86400

;; Query time: 70 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 26 08:31:34 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 72.45.31.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 72.45.31.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
24.42.207.235	attackbotsspam	Dec 2 01:05:13 TORMINT sshd\[3171\]: Invalid user nfs from 24.42.207.235 Dec 2 01:05:13 TORMINT sshd\[3171\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.42.207.235 Dec 2 01:05:15 TORMINT sshd\[3171\]: Failed password for invalid user nfs from 24.42.207.235 port 58872 ssh2 ...	2019-12-02 14:21:28
104.236.228.46	attackbots	Dec 2 06:38:48 [host] sshd[25781]: Invalid user nogroup from 104.236.228.46 Dec 2 06:38:48 [host] sshd[25781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.228.46 Dec 2 06:38:51 [host] sshd[25781]: Failed password for invalid user nogroup from 104.236.228.46 port 60506 ssh2	2019-12-02 14:02:17
222.184.233.222	attackspam	Dec 2 06:32:56 dev0-dcde-rnet sshd[11154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.184.233.222 Dec 2 06:32:58 dev0-dcde-rnet sshd[11154]: Failed password for invalid user leonmfs from 222.184.233.222 port 44134 ssh2 Dec 2 06:39:21 dev0-dcde-rnet sshd[11291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.184.233.222	2019-12-02 13:51:32
129.211.24.104	attackspambots	2019-12-02T06:38:06.690300struts4.enskede.local sshd\[15680\]: Invalid user webmaster from 129.211.24.104 port 34612 2019-12-02T06:38:06.696747struts4.enskede.local sshd\[15680\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.24.104 2019-12-02T06:38:09.850169struts4.enskede.local sshd\[15680\]: Failed password for invalid user webmaster from 129.211.24.104 port 34612 ssh2 2019-12-02T06:47:09.577188struts4.enskede.local sshd\[15731\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.24.104 user=root 2019-12-02T06:47:12.045797struts4.enskede.local sshd\[15731\]: Failed password for root from 129.211.24.104 port 46634 ssh2 ...	2019-12-02 13:50:06
81.22.45.95	attack	2019-12-02T07:21:34.576186+01:00 lumpi kernel: [557653.654440] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.95 DST=78.46.199.189 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=25556 PROTO=TCP SPT=45155 DPT=3485 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-12-02 14:27:28
187.121.211.164	attackspambots	UTC: 2019-12-01 pkts: 2 port: 26/tcp	2019-12-02 14:03:16
220.135.34.218	attackspam	UTC: 2019-12-01 port: 23/tcp	2019-12-02 14:24:04
163.172.84.50	attackbotsspam	Dec 2 00:51:06 linuxvps sshd\[52372\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.84.50 user=uucp Dec 2 00:51:09 linuxvps sshd\[52372\]: Failed password for uucp from 163.172.84.50 port 58028 ssh2 Dec 2 00:57:01 linuxvps sshd\[56093\]: Invalid user test from 163.172.84.50 Dec 2 00:57:01 linuxvps sshd\[56093\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.84.50 Dec 2 00:57:03 linuxvps sshd\[56093\]: Failed password for invalid user test from 163.172.84.50 port 35644 ssh2	2019-12-02 14:01:31
108.174.194.44	attack	Dec 2 07:03:04 jane sshd[12572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=108.174.194.44 Dec 2 07:03:05 jane sshd[12572]: Failed password for invalid user mckaylah from 108.174.194.44 port 35704 ssh2 ...	2019-12-02 14:05:18
178.62.23.108	attack	Dec 1 19:50:14 auw2 sshd\[15958\]: Invalid user test from 178.62.23.108 Dec 1 19:50:14 auw2 sshd\[15958\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.23.108 Dec 1 19:50:16 auw2 sshd\[15958\]: Failed password for invalid user test from 178.62.23.108 port 48340 ssh2 Dec 1 19:56:01 auw2 sshd\[16479\]: Invalid user pylat from 178.62.23.108 Dec 1 19:56:01 auw2 sshd\[16479\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.23.108	2019-12-02 13:57:32
159.89.188.167	attack	Dec 1 19:50:00 eddieflores sshd\[23291\]: Invalid user kayla1 from 159.89.188.167 Dec 1 19:50:00 eddieflores sshd\[23291\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.188.167 Dec 1 19:50:02 eddieflores sshd\[23291\]: Failed password for invalid user kayla1 from 159.89.188.167 port 43810 ssh2 Dec 1 19:55:44 eddieflores sshd\[23794\]: Invalid user serverroot from 159.89.188.167 Dec 1 19:55:44 eddieflores sshd\[23794\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.188.167	2019-12-02 14:09:08
109.97.158.118	attackbotsspam	DATE:2019-12-02 06:38:32, IP:109.97.158.118, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-12-02 14:27:15
154.95.20.6	attackspambots	2019-12-02T06:32:25.775080vps751288.ovh.net sshd\[28421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.95.20.6 user=root 2019-12-02T06:32:27.727666vps751288.ovh.net sshd\[28421\]: Failed password for root from 154.95.20.6 port 47622 ssh2 2019-12-02T06:38:40.299377vps751288.ovh.net sshd\[28493\]: Invalid user man from 154.95.20.6 port 59640 2019-12-02T06:38:40.308382vps751288.ovh.net sshd\[28493\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.95.20.6 2019-12-02T06:38:42.411056vps751288.ovh.net sshd\[28493\]: Failed password for invalid user man from 154.95.20.6 port 59640 ssh2	2019-12-02 14:18:34
184.105.247.248	attackbots	UTC: 2019-12-01 port: 389/udp	2019-12-02 13:45:10
60.163.129.227	attackbots	Dec 1 19:55:32 hpm sshd\[20577\]: Invalid user shatrau from 60.163.129.227 Dec 1 19:55:32 hpm sshd\[20577\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.163.129.227 Dec 1 19:55:34 hpm sshd\[20577\]: Failed password for invalid user shatrau from 60.163.129.227 port 40216 ssh2 Dec 1 20:03:55 hpm sshd\[21491\]: Invalid user Utilisateur1@3 from 60.163.129.227 Dec 1 20:03:55 hpm sshd\[21491\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.163.129.227	2019-12-02 14:05:52

Recently Reported IPs

124.122.37.176	189.201.236.238	104.43.160.73	91.130.103.41
185.82.90.56	122.51.161.222	171.127.18.38	10.92.71.130
92.114.82.190	117.82.66.19	185.220.87.193	138.110.13.33
99.152.167.26	218.157.179.146	218.112.80.116	144.0.120.30
51.207.158.1	37.52.247.230	123.243.237.119	203.186.47.48