112.119.134.203

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Telnet Server BruteForce Attack	2020-02-09 20:46:45

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.119.134.203
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46058
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.119.134.203.		IN	A

;; AUTHORITY SECTION:
.			577	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020900 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 09 20:46:42 CST 2020
;; MSG SIZE  rcvd: 119

Host info

203.134.119.112.in-addr.arpa domain name pointer n112119134203.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
203.134.119.112.in-addr.arpa	name = n112119134203.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
217.12.199.91	attack	DATE:2020-09-09 18:54:16, IP:217.12.199.91, PORT:1433 - MSSQL brute force auth on a honeypot server (epe-dc)	2020-09-10 15:05:24
92.154.89.19	attack	Dovecot Invalid User Login Attempt.	2020-09-10 14:55:36
213.30.47.142	attackspambots	Sep 9 18:53:52 v22019058497090703 sshd[13701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.30.47.142 Sep 9 18:53:54 v22019058497090703 sshd[13701]: Failed password for invalid user vyatta from 213.30.47.142 port 58128 ssh2 ...	2020-09-10 15:05:56
196.41.122.94	attackbotsspam	196.41.122.94 - - [10/Sep/2020:08:17:48 +0100] "POST /wp-login.php HTTP/1.1" 200 1874 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - [10/Sep/2020:08:17:49 +0100] "POST /wp-login.php HTTP/1.1" 200 1858 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - [10/Sep/2020:08:17:50 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-10 15:23:18
103.253.145.125	attackbotsspam	Lines containing failures of 103.253.145.125 Sep 9 04:04:00 shared03 sshd[9680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.253.145.125 user=r.r Sep 9 04:04:02 shared03 sshd[9680]: Failed password for r.r from 103.253.145.125 port 40216 ssh2 Sep 9 04:04:03 shared03 sshd[9680]: Received disconnect from 103.253.145.125 port 40216:11: Bye Bye [preauth] Sep 9 04:04:03 shared03 sshd[9680]: Disconnected from authenticating user r.r 103.253.145.125 port 40216 [preauth] Sep 9 04:09:38 shared03 sshd[11451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.253.145.125 user=r.r Sep 9 04:09:41 shared03 sshd[11451]: Failed password for r.r from 103.253.145.125 port 52672 ssh2 Sep 9 04:09:41 shared03 sshd[11451]: Received disconnect from 103.253.145.125 port 52672:11: Bye Bye [preauth] Sep 9 04:09:41 shared03 sshd[11451]: Disconnected from authenticating user r.r 103.253.145.125 port ........ ------------------------------	2020-09-10 14:52:45
184.105.247.250	attack	TCP (SYN) 184.105.247.250:60038 -> port 7547, len 44	2020-09-10 15:11:33
188.50.7.173	attackbots	445	2020-09-10 15:25:04
45.140.17.63	attackbotsspam	Port Scan: TCP/28704	2020-09-10 15:06:59
140.143.196.66	attackspam	(sshd) Failed SSH login from 140.143.196.66 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 10 08:29:42 srv sshd[4210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.196.66 user=root Sep 10 08:29:44 srv sshd[4210]: Failed password for root from 140.143.196.66 port 44864 ssh2 Sep 10 08:34:13 srv sshd[4298]: Invalid user vyto from 140.143.196.66 port 56188 Sep 10 08:34:14 srv sshd[4298]: Failed password for invalid user vyto from 140.143.196.66 port 56188 ssh2 Sep 10 08:35:50 srv sshd[4348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.196.66 user=root	2020-09-10 15:20:22
213.37.100.199	attack	bruteforce detected	2020-09-10 14:47:00
47.89.18.138	attackspam	47.89.18.138 - - \[09/Sep/2020:18:53:46 +0200\] "POST /wp-login.php HTTP/1.0" 200 3535 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 47.89.18.138 - - \[09/Sep/2020:18:53:50 +0200\] "POST /wp-login.php HTTP/1.0" 200 3489 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 47.89.18.138 - - \[09/Sep/2020:18:53:55 +0200\] "POST /wp-login.php HTTP/1.0" 200 3491 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-09-10 15:13:42
139.199.14.128	attack	Sep 10 03:31:39 firewall sshd[19772]: Failed password for root from 139.199.14.128 port 51398 ssh2 Sep 10 03:32:59 firewall sshd[19797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.14.128 user=root Sep 10 03:33:01 firewall sshd[19797]: Failed password for root from 139.199.14.128 port 37322 ssh2 ...	2020-09-10 15:03:26
27.128.233.3	attackspambots	$f2bV_matches	2020-09-10 14:50:24
200.119.193.82	attackspam	1599670436 - 09/09/2020 18:53:56 Host: 200.119.193.82/200.119.193.82 Port: 445 TCP Blocked	2020-09-10 15:14:48
200.27.202.61	attack	SMB Server BruteForce Attack	2020-09-10 15:25:30

Recently Reported IPs

185.17.229.97	123.204.47.37	123.22.133.205	1.69.104.122
212.47.229.4	157.245.155.129	171.38.146.149	78.85.138.146
1.65.158.151	165.225.104.109	150.242.254.43	119.130.142.15
112.175.114.15	181.167.122.102	117.92.16.233	31.13.131.149
45.236.183.45	37.159.221.228	140.249.18.118	113.167.81.58