103.45.128.55 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shenzhen Qianhai bird cloud computing Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jun 18 19:20:04 mail.srvfarm.net postfix/smtpd[1587328]: NOQUEUE: reject: RCPT from unknown[103.45.128.55]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 18 19:20:09 mail.srvfarm.net postfix/smtpd[1600609]: NOQUEUE: reject: RCPT from unknown[103.45.128.55]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 18 19:20:18 mail.srvfarm.net postfix/smtpd[1598438]: NOQUEUE: reject: RCPT from unknown[103.45.128.55]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 18 19:20:25 mail.srvfarm.net postfix/smtpd[1600092]: NOQUEUE: reject: RCPT from unknown[103.45.128.55]: 450 4.1.8 : Sender address rejected: Domain not found; from=<	2020-06-19 01:54:12

Type

Details

Datetime

attack

Jun 18 19:20:04 mail.srvfarm.net postfix/smtpd[1587328]: NOQUEUE: reject: RCPT from unknown[103.45.128.55]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo=
Jun 18 19:20:09 mail.srvfarm.net postfix/smtpd[1600609]: NOQUEUE: reject: RCPT from unknown[103.45.128.55]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo=
Jun 18 19:20:18 mail.srvfarm.net postfix/smtpd[1598438]: NOQUEUE: reject: RCPT from unknown[103.45.128.55]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo=
Jun 18 19:20:25 mail.srvfarm.net postfix/smtpd[1600092]: NOQUEUE: reject: RCPT from unknown[103.45.128.55]: 450 4.1.8 : Sender address rejected: Domain not found; from=<

2020-06-19 01:54:12

Comments on same subnet:

IP	Type	Details	Datetime
103.45.128.195	attack	2020-06-15T05:53:58.897157 X postfix/smtpd[641622]: NOQUEUE: reject: RCPT from unknown[103.45.128.195]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= 2020-06-15T05:54:01.359204 X postfix/smtpd[641622]: NOQUEUE: reject: RCPT from unknown[103.45.128.195]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= 2020-06-15T05:54:06.417137 X postfix/smtpd[641622]: NOQUEUE: reject: RCPT from unknown[103.45.128.195]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo=	2020-06-15 14:22:55
103.45.128.121	attackbotsspam	Brute-force attempt banned	2020-05-05 16:06:49
103.45.128.121	attack	Invalid user exx from 103.45.128.121 port 58910	2020-04-16 03:54:09
103.45.128.125	attackspambots	$f2bV_matches	2020-03-05 20:16:08
103.45.128.125	attackbotsspam	Mar 4 15:52:03 server sshd\[20272\]: Invalid user airflow from 103.45.128.125 Mar 4 15:52:03 server sshd\[20272\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.128.125 Mar 4 15:52:05 server sshd\[20272\]: Failed password for invalid user airflow from 103.45.128.125 port 45932 ssh2 Mar 4 16:34:11 server sshd\[28088\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.128.125 user=root Mar 4 16:34:14 server sshd\[28088\]: Failed password for root from 103.45.128.125 port 41642 ssh2 ...	2020-03-05 02:31:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.45.128.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23522
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.45.128.55.			IN	A

;; AUTHORITY SECTION:
.			220	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061801 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 19 01:54:07 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 55.128.45.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 55.128.45.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
194.61.24.250	attack	Dec 25 03:41:23 hpm sshd\[30038\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.61.24.250 user=root Dec 25 03:41:25 hpm sshd\[30038\]: Failed password for root from 194.61.24.250 port 54571 ssh2 Dec 25 03:41:29 hpm sshd\[30043\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.61.24.250 user=root Dec 25 03:41:31 hpm sshd\[30043\]: Failed password for root from 194.61.24.250 port 57269 ssh2 Dec 25 03:41:35 hpm sshd\[30045\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.61.24.250 user=root	2019-12-25 22:00:00
51.89.231.8	attack	WordpressAttack	2019-12-25 21:48:00
37.59.125.153	attackbotsspam	2019-12-25T13:52:15.610259 sshd[4835]: Invalid user redmine from 37.59.125.153 port 50566 2019-12-25T13:52:15.618693 sshd[4835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.125.153 2019-12-25T13:52:15.610259 sshd[4835]: Invalid user redmine from 37.59.125.153 port 50566 2019-12-25T13:52:17.409547 sshd[4835]: Failed password for invalid user redmine from 37.59.125.153 port 50566 ssh2 2019-12-25T13:57:50.935338 sshd[4918]: Invalid user redmine from 37.59.125.153 port 58400 ...	2019-12-25 21:53:52
119.148.29.10	attack	Telnet/23 MH Probe, BF, Hack -	2019-12-25 21:47:41
94.23.70.116	attack	Dec 25 14:22:58 ArkNodeAT sshd\[28582\]: Invalid user beaumier from 94.23.70.116 Dec 25 14:22:58 ArkNodeAT sshd\[28582\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.70.116 Dec 25 14:22:59 ArkNodeAT sshd\[28582\]: Failed password for invalid user beaumier from 94.23.70.116 port 46937 ssh2	2019-12-25 21:56:39
93.148.209.74	attackbotsspam	Dec 25 10:54:38 *** sshd[4491]: Invalid user kb from 93.148.209.74	2019-12-25 21:46:31
171.25.193.234	attackspam	Automatic report - XMLRPC Attack	2019-12-25 22:06:30
220.174.33.21	attack	Scanning	2019-12-25 21:35:10
216.218.206.74	attackbotsspam	3389BruteforceFW23	2019-12-25 22:02:46
103.116.91.134	attackbots	$f2bV_matches	2019-12-25 21:27:20
37.235.183.244	attackspam	Telnet/23 MH Probe, BF, Hack -	2019-12-25 21:36:08
193.31.24.113	attack	12/25/2019-14:46:22.000487 193.31.24.113 Protocol: 17 ET INFO Session Traversal Utilities for NAT (STUN Binding Request)	2019-12-25 21:55:23
183.22.255.150	attackbots	Fail2Ban - FTP Abuse Attempt	2019-12-25 21:39:23
34.92.123.255	attack	Scanning random ports - tries to find possible vulnerable services	2019-12-25 21:59:33
108.162.229.248	attackspam	IP blocked	2019-12-25 21:38:08

Recently Reported IPs

189.226.58.172	5.160.213.184	203.146.251.80	45.138.74.50
162.250.188.63	189.91.157.219	113.77.241.72	1.198.179.23
116.24.64.87	37.151.82.143	193.201.82.158	101.36.164.203
45.170.160.25	112.85.76.31	103.93.180.231	189.105.3.27
47.45.19.170	110.93.236.98	175.181.159.107	77.45.84.213