103.45.104.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shenzhen Qianhai bird cloud computing Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Port Scan ...	2020-08-04 16:47:56

Comments on same subnet:

IP	Type	Details	Datetime
103.45.104.181	attackspambots	Aug 19 23:17:15 cosmoit sshd[32069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.104.181	2020-08-20 05:31:32
103.45.104.36	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-06-27 04:30:04
103.45.104.36	attackspam	Jun 13 14:38:52 ip-172-31-61-156 sshd[20799]: Invalid user zhui from 103.45.104.36 Jun 13 14:38:54 ip-172-31-61-156 sshd[20799]: Failed password for invalid user zhui from 103.45.104.36 port 42692 ssh2 Jun 13 14:38:52 ip-172-31-61-156 sshd[20799]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.104.36 Jun 13 14:38:52 ip-172-31-61-156 sshd[20799]: Invalid user zhui from 103.45.104.36 Jun 13 14:38:54 ip-172-31-61-156 sshd[20799]: Failed password for invalid user zhui from 103.45.104.36 port 42692 ssh2 ...	2020-06-14 00:11:34
103.45.104.36	attack	Wordpress malicious attack:[sshd]	2020-06-13 16:49:01
103.45.104.145	attack	Lines containing failures of 103.45.104.145 Mar 3 22:13:04 shared07 sshd[9284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.104.145 user=gnats Mar 3 22:13:06 shared07 sshd[9284]: Failed password for gnats from 103.45.104.145 port 60242 ssh2 Mar 3 22:13:06 shared07 sshd[9284]: Received disconnect from 103.45.104.145 port 60242:11: Bye Bye [preauth] Mar 3 22:13:06 shared07 sshd[9284]: Disconnected from authenticating user gnats 103.45.104.145 port 60242 [preauth] Mar 3 22:56:20 shared07 sshd[28759]: Invalid user jessie from 103.45.104.145 port 41458 Mar 3 22:56:20 shared07 sshd[28759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.104.145 Mar 3 22:56:22 shared07 sshd[28759]: Failed password for invalid user jessie from 103.45.104.145 port 41458 ssh2 Mar 3 22:56:23 shared07 sshd[28759]: Received disconnect from 103.45.104.145 port 41458:11: Bye Bye [preauth] Mar 3 2........ ------------------------------	2020-03-05 01:30:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.45.104.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33342
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.45.104.2.			IN	A

;; AUTHORITY SECTION:
.			556	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080301 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Aug 04 16:47:52 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 2.104.45.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.104.45.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.85.42.195	attack	2020-09-02T11:46:25.431321vps751288.ovh.net sshd\[27085\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root 2020-09-02T11:46:27.420119vps751288.ovh.net sshd\[27085\]: Failed password for root from 112.85.42.195 port 10741 ssh2 2020-09-02T11:46:29.725382vps751288.ovh.net sshd\[27085\]: Failed password for root from 112.85.42.195 port 10741 ssh2 2020-09-02T11:46:32.110764vps751288.ovh.net sshd\[27085\]: Failed password for root from 112.85.42.195 port 10741 ssh2 2020-09-02T11:48:20.563832vps751288.ovh.net sshd\[27096\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root	2020-09-02 18:21:57
222.137.220.137	attackspam	SP-Scan 35426:8080 detected 2020.09.01 01:04:38 blocked until 2020.10.20 18:07:25	2020-09-02 17:51:14
84.94.152.196	attack	Unauthorized connection attempt detected from IP address 84.94.152.196 to port 23 [T]	2020-09-02 17:59:20
141.149.36.27	attack	TCP (SYN) 141.149.36.27:39392 -> port 23, len 44	2020-09-02 18:01:11
46.101.164.27	attackbotsspam	Sep 2 11:16:32 rotator sshd\[2293\]: Invalid user ashok from 46.101.164.27Sep 2 11:16:34 rotator sshd\[2293\]: Failed password for invalid user ashok from 46.101.164.27 port 37500 ssh2Sep 2 11:21:45 rotator sshd\[3131\]: Invalid user oracle from 46.101.164.27Sep 2 11:21:47 rotator sshd\[3131\]: Failed password for invalid user oracle from 46.101.164.27 port 50730 ssh2Sep 2 11:24:23 rotator sshd\[3181\]: Invalid user guo from 46.101.164.27Sep 2 11:24:26 rotator sshd\[3181\]: Failed password for invalid user guo from 46.101.164.27 port 39868 ssh2 ...	2020-09-02 17:59:45
162.247.74.213	attack	Sep 2 09:46:46 IngegnereFirenze sshd[13915]: User sshd from 162.247.74.213 not allowed because not listed in AllowUsers ...	2020-09-02 18:05:57
20.49.2.187	attackspambots	leo_www	2020-09-02 18:08:47
61.244.70.248	attack	[munged]::443 61.244.70.248 - - [02/Sep/2020:11:32:28 +0200] "POST /[munged]: HTTP/1.1" 200 9200 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 61.244.70.248 - - [02/Sep/2020:11:32:30 +0200] "POST /[munged]: HTTP/1.1" 200 9200 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 61.244.70.248 - - [02/Sep/2020:11:32:32 +0200] "POST /[munged]: HTTP/1.1" 200 9200 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 61.244.70.248 - - [02/Sep/2020:11:32:34 +0200] "POST /[munged]: HTTP/1.1" 200 9200 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 61.244.70.248 - - [02/Sep/2020:11:32:36 +0200] "POST /[munged]: HTTP/1.1" 200 9200 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 61.244.70.248 - - [02/Sep/2020:11:32:38 +0200] "POST /[munged]: HTTP/1.1" 200 9200 "-" "Mozilla/5.0 (X11; Ubun	2020-09-02 17:39:39
77.68.20.116	attackbotsspam	Brute forcing email accounts	2020-09-02 17:54:05
160.153.154.3	attackspam	160.153.154.3 - - [01/Sep/2020:18:42:28 +0200] "POST /xmlrpc.php HTTP/1.1" 403 38248 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 160.153.154.3 - - [01/Sep/2020:18:42:28 +0200] "POST /xmlrpc.php HTTP/1.1" 403 38248 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" ...	2020-09-02 17:46:49
189.234.1.45	attackspambots	Cluster member 67.227.229.95 (US/United States/host.cjthedj97.me) said, DENY 189.234.1.45, Reason:[(sshd) Failed SSH login from 189.234.1.45 (MX/Mexico/dsl-189-234-1-45-dyn.prod-infinitum.com.mx): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER	2020-09-02 18:07:23
178.134.126.56	attackspam	Unauthorized connection attempt detected	2020-09-02 18:20:25
157.245.124.160	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-02 18:02:52
112.120.204.47	attackbots	(sshd) Failed SSH login from 112.120.204.47 (HK/Hong Kong/North/Kwu Tung/n112120204047.netvigator.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 1 12:41:19 atlas sshd[29151]: Invalid user admin from 112.120.204.47 port 59527 Sep 1 12:41:21 atlas sshd[29151]: Failed password for invalid user admin from 112.120.204.47 port 59527 ssh2 Sep 1 12:41:22 atlas sshd[29163]: Invalid user admin from 112.120.204.47 port 59616 Sep 1 12:41:25 atlas sshd[29163]: Failed password for invalid user admin from 112.120.204.47 port 59616 ssh2 Sep 1 12:41:27 atlas sshd[29170]: Invalid user admin from 112.120.204.47 port 59740	2020-09-02 18:21:26
66.70.142.214	attack	Port Scan detected from 66.70.142.214 (CI/Ivory Coast/Abidjan/Abidjan (Cocody)/-). 4 hits in the last 225 seconds	2020-09-02 18:11:04

Recently Reported IPs

213.43.172.242	103.224.81.73	171.227.64.252	184.82.27.166
145.93.3.61	0.255.31.105	75.200.192.50	158.193.126.194
120.142.114.165	89.229.149.145	244.63.179.121	238.29.232.48
177.107.35.26	237.160.216.236	18.163.112.105	153.36.8.101
116.110.217.247	36.250.68.230	143.137.144.82	88.198.61.244