103.45.99.49 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shenzhen Qianhai bird cloud computing Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Mar 19 10:08:31 woof sshd[23826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.99.49 user=r.r Mar 19 10:08:33 woof sshd[23826]: Failed password for r.r from 103.45.99.49 port 37612 ssh2 Mar 19 10:08:34 woof sshd[23826]: Received disconnect from 103.45.99.49: 11: Bye Bye [preauth] Mar 19 10:10:28 woof sshd[24104]: Invalid user bhostnamenami from 103.45.99.49 Mar 19 10:10:28 woof sshd[24104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.99.49 Mar 19 10:10:31 woof sshd[24104]: Failed password for invalid user bhostnamenami from 103.45.99.49 port 49602 ssh2 Mar 19 10:10:31 woof sshd[24104]: Received disconnect from 103.45.99.49: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.45.99.49	2020-03-21 08:02:57

Type

Details

Datetime

attack

Mar 19 10:08:31 woof sshd[23826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.99.49  user=r.r
Mar 19 10:08:33 woof sshd[23826]: Failed password for r.r from 103.45.99.49 port 37612 ssh2
Mar 19 10:08:34 woof sshd[23826]: Received disconnect from 103.45.99.49: 11: Bye Bye [preauth]
Mar 19 10:10:28 woof sshd[24104]: Invalid user bhostnamenami from 103.45.99.49
Mar 19 10:10:28 woof sshd[24104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.99.49
Mar 19 10:10:31 woof sshd[24104]: Failed password for invalid user bhostnamenami from 103.45.99.49 port 49602 ssh2
Mar 19 10:10:31 woof sshd[24104]: Received disconnect from 103.45.99.49: 11: Bye Bye [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=103.45.99.49

2020-03-21 08:02:57

Comments on same subnet:

IP	Type	Details	Datetime
103.45.99.227	attackbots	Lines containing failures of 103.45.99.227 Jun 29 08:44:31 shared03 postfix/smtpd[14314]: connect from unknown[103.45.99.227] Jun x@x Jun 29 08:44:35 shared03 postfix/smtpd[14314]: disconnect from unknown[103.45.99.227] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 Jun 29 08:44:39 shared03 postfix/smtpd[13526]: connect from unknown[103.45.99.227] Jun x@x Jun 29 08:44:42 shared03 postfix/smtpd[13526]: disconnect from unknown[103.45.99.227] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 Jun 29 08:44:57 shared03 postfix/smtpd[13526]: connect from unknown[103.45.99.227] Jun x@x Jun 29 08:45:00 shared03 postfix/smtpd[13526]: disconnect from unknown[103.45.99.227] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 Jun 29 08:45:04 shared03 postfix/smtpd[3758]: connect from unknown[103.45.99.227] Jun x@x Jun 29 08:45:06 shared03 postfix/smtpd[3758]: disconnect from unknown[103.45.99.227] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 Jun 29 08:45:09 shared03 postfix/smtpd[1........ ------------------------------	2020-07-06 08:46:05
103.45.99.172	attackspam	SSH invalid-user multiple login try	2020-04-19 13:50:52
103.45.99.172	attackbotsspam	Apr 3 08:25:36 sip sshd[26142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.99.172 Apr 3 08:25:37 sip sshd[26142]: Failed password for invalid user kdoboku from 103.45.99.172 port 43028 ssh2 Apr 3 08:35:57 sip sshd[28671]: Failed password for root from 103.45.99.172 port 36902 ssh2	2020-04-03 15:43:50
103.45.99.214	attackbotsspam	Oct 1 03:12:07 server sshd\[23883\]: Invalid user zarko from 103.45.99.214 port 45880 Oct 1 03:12:07 server sshd\[23883\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.99.214 Oct 1 03:12:10 server sshd\[23883\]: Failed password for invalid user zarko from 103.45.99.214 port 45880 ssh2 Oct 1 03:16:36 server sshd\[30529\]: Invalid user tester from 103.45.99.214 port 53892 Oct 1 03:16:36 server sshd\[30529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.99.214	2019-10-01 08:51:46
103.45.99.214	attack	Sep 25 09:37:47 mail sshd\[10014\]: Invalid user server from 103.45.99.214 port 52104 Sep 25 09:37:47 mail sshd\[10014\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.99.214 Sep 25 09:37:48 mail sshd\[10014\]: Failed password for invalid user server from 103.45.99.214 port 52104 ssh2 Sep 25 09:43:49 mail sshd\[10878\]: Invalid user Langomatisch from 103.45.99.214 port 34568 Sep 25 09:43:49 mail sshd\[10878\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.99.214	2019-09-25 19:09:03
103.45.99.214	attackspambots	Apr 12 19:03:27 vtv3 sshd\[3157\]: Invalid user chiosdental from 103.45.99.214 port 58392 Apr 12 19:03:28 vtv3 sshd\[3157\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.99.214 Apr 12 19:03:29 vtv3 sshd\[3157\]: Failed password for invalid user chiosdental from 103.45.99.214 port 58392 ssh2 Apr 12 19:11:50 vtv3 sshd\[8009\]: Invalid user divya from 103.45.99.214 port 33818 Apr 12 19:11:50 vtv3 sshd\[8009\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.99.214 Apr 12 19:28:29 vtv3 sshd\[17081\]: Invalid user Mauno from 103.45.99.214 port 41148 Apr 12 19:28:29 vtv3 sshd\[17081\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.99.214 Apr 12 19:28:30 vtv3 sshd\[17081\]: Failed password for invalid user Mauno from 103.45.99.214 port 41148 ssh2 Apr 12 19:36:42 vtv3 sshd\[22119\]: Invalid user factorio from 103.45.99.214 port 44798 Apr 12 19:36:42 vtv3 sshd\[2211	2019-09-24 04:08:10
103.45.99.214	attackspambots	Sep 22 00:59:13 dedicated sshd[24249]: Invalid user gp from 103.45.99.214 port 34962	2019-09-22 07:01:45
103.45.99.214	attackspam	Sep 17 16:47:46 www sshd\[211456\]: Invalid user digi-user from 103.45.99.214 Sep 17 16:47:46 www sshd\[211456\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.99.214 Sep 17 16:47:47 www sshd\[211456\]: Failed password for invalid user digi-user from 103.45.99.214 port 55288 ssh2 ...	2019-09-18 02:48:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.45.99.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50185
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.45.99.49.			IN	A

;; AUTHORITY SECTION:
.			265	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032001 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 21 08:02:53 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 49.99.45.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.99.45.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.30.248	attack	22.01.2020 23:58:44 SSH access blocked by firewall	2020-01-23 08:01:23
68.183.47.9	attack	Jan 23 00:48:39 vps691689 sshd[30965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.47.9 Jan 23 00:48:41 vps691689 sshd[30965]: Failed password for invalid user hannah from 68.183.47.9 port 51498 ssh2 ...	2020-01-23 07:59:21
146.185.25.188	attackspam	3389BruteforceFW23	2020-01-23 08:03:25
159.89.87.59	attack	01/22/2020-18:50:57.200886 159.89.87.59 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-01-23 08:23:00
180.76.158.224	attack	Jan 23 00:02:21 hcbbdb sshd\[631\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.158.224 user=root Jan 23 00:02:23 hcbbdb sshd\[631\]: Failed password for root from 180.76.158.224 port 35144 ssh2 Jan 23 00:06:58 hcbbdb sshd\[1346\]: Invalid user asu from 180.76.158.224 Jan 23 00:06:58 hcbbdb sshd\[1346\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.158.224 Jan 23 00:07:00 hcbbdb sshd\[1346\]: Failed password for invalid user asu from 180.76.158.224 port 58316 ssh2	2020-01-23 08:18:23
123.31.32.150	attackbotsspam	2020-01-23T10:54:09.493088luisaranguren sshd[648300]: Invalid user user2 from 123.31.32.150 port 50520 2020-01-23T10:54:11.023797luisaranguren sshd[648300]: Failed password for invalid user user2 from 123.31.32.150 port 50520 ssh2 ...	2020-01-23 08:30:12
177.68.148.10	attackbotsspam	Jan 22 13:47:52 php1 sshd\[5354\]: Invalid user acm from 177.68.148.10 Jan 22 13:47:52 php1 sshd\[5354\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.68.148.10 Jan 22 13:47:54 php1 sshd\[5354\]: Failed password for invalid user acm from 177.68.148.10 port 29979 ssh2 Jan 22 13:51:01 php1 sshd\[5731\]: Invalid user testmail from 177.68.148.10 Jan 22 13:51:01 php1 sshd\[5731\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.68.148.10	2020-01-23 08:19:02
194.67.197.109	attackbotsspam	Jan 23 02:06:15 www sshd\[55887\]: Invalid user mcserver from 194.67.197.109Jan 23 02:06:16 www sshd\[55887\]: Failed password for invalid user mcserver from 194.67.197.109 port 53446 ssh2Jan 23 02:08:45 www sshd\[55933\]: Invalid user luciana from 194.67.197.109 ...	2020-01-23 08:35:29
122.117.33.211	attackspam	Honeypot attack, port: 81, PTR: 122-117-33-211.HINET-IP.hinet.net.	2020-01-23 08:12:03
188.225.76.88	attackspambots	Honeypot attack, port: 5555, PTR: vds-ck99417.timeweb.ru.	2020-01-23 08:22:12
112.85.42.181	attackspam	Jan 23 00:11:15 sshgateway sshd\[4083\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.181 user=root Jan 23 00:11:17 sshgateway sshd\[4083\]: Failed password for root from 112.85.42.181 port 39678 ssh2 Jan 23 00:11:30 sshgateway sshd\[4083\]: error: maximum authentication attempts exceeded for root from 112.85.42.181 port 39678 ssh2 \[preauth\]	2020-01-23 08:15:16
114.67.113.90	attack	Unauthorized connection attempt detected from IP address 114.67.113.90 to port 2220 [J]	2020-01-23 08:11:40
93.144.81.36	attack	Honeypot attack, port: 81, PTR: net-93-144-81-36.cust.vodafonedsl.it.	2020-01-23 08:04:13
218.92.0.172	attackspambots	Jan 23 00:52:38 srv-ubuntu-dev3 sshd[124116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.172 user=root Jan 23 00:52:39 srv-ubuntu-dev3 sshd[124116]: Failed password for root from 218.92.0.172 port 23857 ssh2 Jan 23 00:52:44 srv-ubuntu-dev3 sshd[124116]: Failed password for root from 218.92.0.172 port 23857 ssh2 Jan 23 00:52:38 srv-ubuntu-dev3 sshd[124116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.172 user=root Jan 23 00:52:39 srv-ubuntu-dev3 sshd[124116]: Failed password for root from 218.92.0.172 port 23857 ssh2 Jan 23 00:52:44 srv-ubuntu-dev3 sshd[124116]: Failed password for root from 218.92.0.172 port 23857 ssh2 Jan 23 00:52:38 srv-ubuntu-dev3 sshd[124116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.172 user=root Jan 23 00:52:39 srv-ubuntu-dev3 sshd[124116]: Failed password for root from 218.92.0.172 port 23857 ssh2 J ...	2020-01-23 08:01:41
113.140.31.150	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-23 08:28:16

Recently Reported IPs

3.6.230.143	118.122.119.107	192.3.135.29	192.3.103.253
193.9.46.50	192.186.143.31	104.227.124.186	58.212.43.249
108.34.248.130	49.68.146.227	43.241.130.62	36.49.159.129
176.100.190.107	93.115.84.226	62.98.16.151	216.14.172.164
200.4.219.194	162.214.4.32	14.169.80.105	5.53.124.64