124.31.204.119

Basic Info

City: unknown

Region: Tibet

Country: China

Internet Service Provider: ChinaNet Xizang (Tibet) Province Network

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	1433/tcp 445/tcp... [2020-09-10/10-04]7pkt,2pt.(tcp)	2020-10-06 04:22:16
attack	1433/tcp 445/tcp... [2020-09-10/10-04]7pkt,2pt.(tcp)	2020-10-05 20:23:02
attackspambots	1433/tcp 445/tcp... [2020-09-10/10-04]7pkt,2pt.(tcp)	2020-10-05 12:13:46
attack	Unauthorized connection attempt from IP address 124.31.204.119 on Port 445(SMB)	2020-03-02 05:42:19
attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2019-12-11 05:22:24

Comments on same subnet:

IP	Type	Details	Datetime
124.31.204.116	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-06-01 03:36:46
124.31.204.60	attackbots	SMB Server BruteForce Attack	2019-10-30 04:30:57
124.31.204.116	attackspam	SMB Server BruteForce Attack	2019-09-25 08:27:26
124.31.204.60	attack	Port Scan: TCP/445	2019-09-14 10:44:33
124.31.204.116	attackspambots	Unauthorised access (Aug 6) SRC=124.31.204.116 LEN=44 TTL=240 ID=51927 TCP DPT=445 WINDOW=1024 SYN	2019-08-06 09:45:07
124.31.204.116	attack	SMB Server BruteForce Attack	2019-07-05 14:40:18
124.31.204.60	attackspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(06281018)	2019-06-28 18:03:18
124.31.204.60	attackbots	445/tcp 445/tcp 445/tcp... [2019-04-27/06-26]9pkt,1pt.(tcp)	2019-06-26 16:33:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.31.204.119
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36750
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.31.204.119.			IN	A

;; AUTHORITY SECTION:
.			422	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121001 1800 900 604800 86400

;; Query time: 136 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 11 05:22:18 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 119.204.31.124.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 119.204.31.124.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
192.119.71.147	attackspambots	Phishing	2020-09-23 17:37:28
94.245.128.5	attackspambots	Unauthorized connection attempt from IP address 94.245.128.5 on Port 445(SMB)	2020-09-23 17:44:35
62.94.206.57	attackbots	Invalid user ubuntu from 62.94.206.57 port 46574	2020-09-23 17:38:59
138.68.255.120	attack	2020-09-23T00:09:01.806877abusebot-2.cloudsearch.cf sshd[29538]: Invalid user sammy from 138.68.255.120 port 55530 2020-09-23T00:09:01.813930abusebot-2.cloudsearch.cf sshd[29538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.255.120 2020-09-23T00:09:01.806877abusebot-2.cloudsearch.cf sshd[29538]: Invalid user sammy from 138.68.255.120 port 55530 2020-09-23T00:09:03.970950abusebot-2.cloudsearch.cf sshd[29538]: Failed password for invalid user sammy from 138.68.255.120 port 55530 ssh2 2020-09-23T00:18:45.637387abusebot-2.cloudsearch.cf sshd[29560]: Invalid user ircd from 138.68.255.120 port 34316 2020-09-23T00:18:45.643419abusebot-2.cloudsearch.cf sshd[29560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.255.120 2020-09-23T00:18:45.637387abusebot-2.cloudsearch.cf sshd[29560]: Invalid user ircd from 138.68.255.120 port 34316 2020-09-23T00:18:47.639773abusebot-2.cloudsearch.cf sshd[29560]: F ...	2020-09-23 17:48:25
189.45.198.22	attackspambots	20 attempts against mh-ssh on star	2020-09-23 17:37:53
203.172.121.228	attackspambots	Unauthorized connection attempt from IP address 203.172.121.228 on Port 445(SMB)	2020-09-23 17:55:43
118.25.49.119	attack	(sshd) Failed SSH login from 118.25.49.119 (CN/China/-): 5 in the last 3600 secs	2020-09-23 17:47:47
3.104.13.187	attackbotsspam	Blocked by Sophos UTM Network Protection . / / proto=6 . srcport=443 . dstport=21633 . (3058)	2020-09-23 17:27:40
41.66.194.141	attackbotsspam	TCP (SYN) 41.66.194.141:49560 -> port 1433, len 40	2020-09-23 17:55:18
146.185.130.101	attackspambots	Brute-force attempt banned	2020-09-23 17:46:50
190.24.58.54	attack	Listed on zen-spamhaus also barracudaCentral and abuseat.org / proto=6 . srcport=10348 . dstport=2323 . (3057)	2020-09-23 17:40:50
116.0.56.110	attack	20/9/22@13:01:49: FAIL: Alarm-Network address from=116.0.56.110 20/9/22@13:01:50: FAIL: Alarm-Network address from=116.0.56.110 ...	2020-09-23 17:37:11
163.172.29.120	attackbots	Sep 23 08:23:07 DAAP sshd[3364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.29.120 user=root Sep 23 08:23:09 DAAP sshd[3364]: Failed password for root from 163.172.29.120 port 60556 ssh2 Sep 23 08:29:17 DAAP sshd[3461]: Invalid user jenkins from 163.172.29.120 port 41746 Sep 23 08:29:17 DAAP sshd[3461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.29.120 Sep 23 08:29:17 DAAP sshd[3461]: Invalid user jenkins from 163.172.29.120 port 41746 Sep 23 08:29:19 DAAP sshd[3461]: Failed password for invalid user jenkins from 163.172.29.120 port 41746 ssh2 ...	2020-09-23 17:31:39
45.129.33.8	attackbots	TCP (SYN) 45.129.33.8:53014 -> port 33245, len 44	2020-09-23 17:58:29
74.120.14.35	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-23 17:30:39

Recently Reported IPs

122.160.210.101	49.109.184.61	173.15.207.118	56.134.199.117
62.143.139.60	79.124.62.18	164.217.113.24	73.119.16.172
58.117.77.145	186.149.208.210	152.23.189.243	41.90.167.118
58.69.236.46	107.72.102.255	39.189.105.12	87.163.183.57
130.207.172.151	49.51.160.84	3.143.153.34	117.51.29.226