Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attackbots
Oct  1 22:56:02 mout sshd[22727]: Invalid user postgres from 119.45.30.53 port 45818
2020-10-02 05:08:52
attack
Invalid user user from 119.45.30.53 port 52422
2020-10-01 21:27:11
attackspambots
Invalid user user from 119.45.30.53 port 52422
2020-10-01 13:42:47
attack
(sshd) Failed SSH login from 119.45.30.53 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 27 17:15:53 server2 sshd[24074]: Invalid user oracle from 119.45.30.53
Sep 27 17:15:53 server2 sshd[24074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.30.53 
Sep 27 17:15:55 server2 sshd[24074]: Failed password for invalid user oracle from 119.45.30.53 port 39552 ssh2
Sep 27 17:24:28 server2 sshd[2760]: Invalid user dmdba from 119.45.30.53
Sep 27 17:24:28 server2 sshd[2760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.30.53
2020-09-28 07:04:10
attackspambots
s2.hscode.pl - SSH Attack
2020-09-27 23:32:14
attackbots
Sep 26 20:30:19 firewall sshd[11947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.30.53
Sep 26 20:30:19 firewall sshd[11947]: Invalid user setup from 119.45.30.53
Sep 26 20:30:21 firewall sshd[11947]: Failed password for invalid user setup from 119.45.30.53 port 48670 ssh2
...
2020-09-27 15:33:43
attackbots
SSH Brute-force
2020-09-26 22:28:18
attackspam
$f2bV_matches
2020-09-26 14:14:04
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.45.30.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9407
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.45.30.53.			IN	A

;; AUTHORITY SECTION:
.			149	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092600 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Sep 26 14:13:56 CST 2020
;; MSG SIZE  rcvd: 116
Host info
Host 53.30.45.119.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 53.30.45.119.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
106.75.15.108 attackbotsspam
Unauthorized connection attempt from IP address 106.75.15.108 on Port 3306(MYSQL)
2019-08-10 17:50:42
177.158.156.100 attackbotsspam
Aug  9 22:30:22 localhost kernel: [16648415.412636] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=177.158.156.100 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=7291 DF PROTO=TCP SPT=63334 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 
Aug  9 22:30:22 localhost kernel: [16648415.412665] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=177.158.156.100 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=7291 DF PROTO=TCP SPT=63334 DPT=445 SEQ=3584922420 ACK=0 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405A00103030201010402) 
Aug  9 22:30:25 localhost kernel: [16648418.404012] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=177.158.156.100 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=7544 DF PROTO=TCP SPT=63334 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 
Aug  9 22:30:25 localhost kernel: [16648418.404042] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=177.15
2019-08-10 17:39:04
125.212.178.27 attackspam
Unauthorized connection attempt from IP address 125.212.178.27 on Port 445(SMB)
2019-08-10 17:35:09
221.236.196.219 attack
Triggered by Fail2Ban at Ares web server
2019-08-10 17:34:20
180.136.144.62 attackspam
Aug 10 04:01:05 h2177944 kernel: \[3726268.519008\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=180.136.144.62 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=50 ID=11204 DF PROTO=TCP SPT=50224 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 
Aug 10 04:01:08 h2177944 kernel: \[3726271.538614\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=180.136.144.62 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=51 ID=13633 DF PROTO=TCP SPT=50224 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 
Aug 10 04:14:31 h2177944 kernel: \[3727074.989979\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=180.136.144.62 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=50 ID=14265 DF PROTO=TCP SPT=53291 DPT=65529 WINDOW=8192 RES=0x00 SYN URGP=0 
Aug 10 04:14:34 h2177944 kernel: \[3727077.990560\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=180.136.144.62 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=51 ID=15976 DF PROTO=TCP SPT=53291 DPT=65529 WINDOW=8192 RES=0x00 SYN URGP=0 
Aug 10 04:27:58 h2177944 kernel: \[3727881.973618\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=180.136.144.62 D
2019-08-10 18:30:38
194.28.115.251 attackspam
Automatic report - Banned IP Access
2019-08-10 18:06:42
185.81.157.182 attackspambots
19/8/9@22:28:08: FAIL: Alarm-Intrusion address from=185.81.157.182
...
2019-08-10 18:27:31
79.9.145.21 attackspambots
Chat Spam
2019-08-10 18:01:54
175.211.112.254 attack
Aug 10 05:21:54 fr01 sshd[18385]: Invalid user luna from 175.211.112.254
Aug 10 05:21:54 fr01 sshd[18385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.211.112.254
Aug 10 05:21:54 fr01 sshd[18385]: Invalid user luna from 175.211.112.254
Aug 10 05:21:56 fr01 sshd[18385]: Failed password for invalid user luna from 175.211.112.254 port 43844 ssh2
...
2019-08-10 17:55:58
111.193.82.127 attackspam
$f2bV_matches
2019-08-10 18:41:23
198.108.67.47 attackspambots
08/10/2019-05:12:51.401771 198.108.67.47 Protocol: 6 ET DROP Dshield Block Listed Source group 1
2019-08-10 17:47:28
92.118.161.5 attackspam
Scanning (more than 2 packets) random ports - tries to find possible vulnerable services
2019-08-10 18:12:26
198.245.60.56 attackspam
Aug 10 07:39:24 SilenceServices sshd[16742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.245.60.56
Aug 10 07:39:26 SilenceServices sshd[16742]: Failed password for invalid user crimson from 198.245.60.56 port 33960 ssh2
Aug 10 07:43:51 SilenceServices sshd[20535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.245.60.56
2019-08-10 17:35:56
103.207.39.21 attackspam
Aug 10 12:57:20 yabzik postfix/smtpd[31960]: warning: unknown[103.207.39.21]: SASL LOGIN authentication failed: authentication failure
Aug 10 12:57:24 yabzik postfix/smtpd[31960]: warning: unknown[103.207.39.21]: SASL LOGIN authentication failed: authentication failure
Aug 10 12:57:27 yabzik postfix/smtpd[31960]: warning: unknown[103.207.39.21]: SASL LOGIN authentication failed: authentication failure
Aug 10 12:57:30 yabzik postfix/smtpd[31960]: warning: unknown[103.207.39.21]: SASL LOGIN authentication failed: authentication failure
Aug 10 12:57:34 yabzik postfix/smtpd[31960]: warning: unknown[103.207.39.21]: SASL LOGIN authentication failed: authentication failure
2019-08-10 18:09:14
192.81.216.31 attackspambots
Aug 10 06:30:08 lnxded63 sshd[10941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.81.216.31
2019-08-10 18:19:47

Recently Reported IPs

179.7.243.83 103.141.234.34 41.39.105.69 190.237.93.172
120.192.31.142 79.49.104.39 167.71.227.75 106.75.169.106
51.195.180.209 113.89.99.52 182.235.231.149 115.50.65.193
114.88.62.176 125.204.7.187 182.151.204.23 156.207.45.68
148.237.64.54 120.53.223.186 87.121.98.38 42.154.51.173