45.119.80.39 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: Long Van System Solution JSC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	'Fail2Ban'	2020-04-05 23:23:02
attackbots	Invalid user postgres from 45.119.80.39 port 33504	2020-03-26 21:38:10
attack	2020-03-19T04:57:54.794055jannga.de sshd[6431]: Invalid user postgres from 45.119.80.39 port 57332 2020-03-19T04:57:56.468374jannga.de sshd[6431]: Failed password for invalid user postgres from 45.119.80.39 port 57332 ssh2 ...	2020-03-19 12:09:46
attackbotsspam	Mar 11 08:48:54 sigma sshd\[4346\]: Invalid user flytlink from 45.119.80.39Mar 11 08:48:56 sigma sshd\[4346\]: Failed password for invalid user flytlink from 45.119.80.39 port 57750 ssh2 ...	2020-03-11 17:05:05
attackbotsspam	Mar 7 13:10:36 odroid64 sshd\[7724\]: Invalid user test from 45.119.80.39 Mar 7 13:10:36 odroid64 sshd\[7724\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.119.80.39 ...	2020-03-07 20:28:14
attackspambots	Mar 6 15:04:00 php1 sshd\[20450\]: Invalid user test from 45.119.80.39 Mar 6 15:04:00 php1 sshd\[20450\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.119.80.39 Mar 6 15:04:02 php1 sshd\[20450\]: Failed password for invalid user test from 45.119.80.39 port 55992 ssh2 Mar 6 15:08:06 php1 sshd\[20845\]: Invalid user www from 45.119.80.39 Mar 6 15:08:06 php1 sshd\[20845\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.119.80.39	2020-03-07 09:40:13
attack	Mar 3 15:52:49 ift sshd\[60468\]: Invalid user test from 45.119.80.39Mar 3 15:52:51 ift sshd\[60468\]: Failed password for invalid user test from 45.119.80.39 port 35800 ssh2Mar 3 15:56:54 ift sshd\[60981\]: Invalid user www from 45.119.80.39Mar 3 15:56:55 ift sshd\[60981\]: Failed password for invalid user www from 45.119.80.39 port 33614 ssh2Mar 3 16:00:57 ift sshd\[62188\]: Failed password for ift from 45.119.80.39 port 59618 ssh2 ...	2020-03-03 22:05:08

Comments on same subnet:

IP	Type	Details	Datetime
45.119.80.8	attackspam	$f2bV_matches	2020-07-04 23:29:53
45.119.80.98	attackspam	xmlrpc attack	2019-11-04 01:34:57
45.119.80.98	attack	45.119.80.98 - - [15/Sep/2019:04:46:27 +0200] "POST /wp-login.php HTTP/1.1" 403 1595 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 009046d19e1abd8596fa790b4ec5f2e4 Vietnam VN Quang Ngai B\xECnh Th\xE0nh 45.119.80.98 - - [15/Sep/2019:04:46:28 +0200] "POST /xmlrpc.php HTTP/1.1" 403 240 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 5cdeedfe15aecde3cb640edb8d973ae9 Vietnam VN Quang Ngai B\xECnh Th\xE0nh	2019-09-15 21:17:51
45.119.80.34	attackbotsspam	Automatic report - Banned IP Access	2019-08-20 09:23:12
45.119.80.34	attackspambots	xmlrpc attack	2019-07-29 08:20:51
45.119.80.34	attackspam	fail2ban honeypot	2019-07-28 22:27:47
45.119.80.34	attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-07-17 11:15:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.119.80.39
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41494
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.119.80.39.			IN	A

;; AUTHORITY SECTION:
.			346	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030202 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 03 22:05:01 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 39.80.119.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 39.80.119.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
14.187.57.103	attackbots	Nov 23 07:11:47 mail postfix/smtpd[22798]: warning: unknown[14.187.57.103]: SASL PLAIN authentication failed: Nov 23 07:15:13 mail postfix/smtpd[25396]: warning: unknown[14.187.57.103]: SASL PLAIN authentication failed: Nov 23 07:20:17 mail postfix/smtpd[26358]: warning: unknown[14.187.57.103]: SASL PLAIN authentication failed:	2019-11-23 18:49:20
205.185.114.16	attackbots	DATE:2019-11-23 07:24:52, IP:205.185.114.16, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-11-23 18:21:02
62.28.34.125	attackbots	Nov 23 11:57:15 ncomp sshd[15710]: Invalid user hr from 62.28.34.125 Nov 23 11:57:15 ncomp sshd[15710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.28.34.125 Nov 23 11:57:15 ncomp sshd[15710]: Invalid user hr from 62.28.34.125 Nov 23 11:57:17 ncomp sshd[15710]: Failed password for invalid user hr from 62.28.34.125 port 62212 ssh2	2019-11-23 18:15:13
96.30.69.142	attackspambots	Lines containing failures of 96.30.69.142 Nov 23 07:15:32 shared02 sshd[16358]: Invalid user admin from 96.30.69.142 port 44980 Nov 23 07:15:32 shared02 sshd[16358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.30.69.142 Nov 23 07:15:34 shared02 sshd[16358]: Failed password for invalid user admin from 96.30.69.142 port 44980 ssh2 Nov 23 07:15:34 shared02 sshd[16358]: Connection closed by invalid user admin 96.30.69.142 port 44980 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=96.30.69.142	2019-11-23 18:41:15
211.18.250.201	attack	2019-11-23T04:00:37.3476741495-001 sshd\[52373\]: Failed password for invalid user kapps from 211.18.250.201 port 47820 ssh2 2019-11-23T05:01:29.7912671495-001 sshd\[54522\]: Invalid user lindseth from 211.18.250.201 port 51953 2019-11-23T05:01:29.7997981495-001 sshd\[54522\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=aa2018080002d312fac9.userreverse.dion.ne.jp 2019-11-23T05:01:31.6140371495-001 sshd\[54522\]: Failed password for invalid user lindseth from 211.18.250.201 port 51953 ssh2 2019-11-23T05:05:18.8015051495-001 sshd\[54623\]: Invalid user glass from 211.18.250.201 port 41629 2019-11-23T05:05:18.8085821495-001 sshd\[54623\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=aa2018080002d312fac9.userreverse.dion.ne.jp ...	2019-11-23 18:54:12
42.118.218.248	attack	Nov 23 07:07:50 mxgate1 postfix/postscreen[17297]: CONNECT from [42.118.218.248]:25345 to [176.31.12.44]:25 Nov 23 07:07:50 mxgate1 postfix/dnsblog[17299]: addr 42.118.218.248 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 23 07:07:50 mxgate1 postfix/dnsblog[17299]: addr 42.118.218.248 listed by domain zen.spamhaus.org as 127.0.0.10 Nov 23 07:07:50 mxgate1 postfix/dnsblog[17299]: addr 42.118.218.248 listed by domain zen.spamhaus.org as 127.0.0.3 Nov 23 07:07:50 mxgate1 postfix/dnsblog[17300]: addr 42.118.218.248 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 23 07:07:51 mxgate1 postfix/dnsblog[17302]: addr 42.118.218.248 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 23 07:07:56 mxgate1 postfix/postscreen[17297]: DNSBL rank 4 for [42.118.218.248]:25345 Nov x@x Nov 23 07:07:59 mxgate1 postfix/postscreen[17297]: HANGUP after 3.3 from [42.118.218.248]:25345 in tests after SMTP handshake Nov 23 07:07:59 mxgate1 postfix/postscreen[17297]: DISCONNECT [42.118......... -------------------------------	2019-11-23 18:22:07
45.168.35.107	attack	Nov 23 07:07:45 * sshd[28983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.168.35.107 user=r.r Nov 23 07:07:48 * sshd[28983]: Failed password for r.r from 45.168.35.107 port 36153 ssh2 Nov 23 07:07:50 * sshd[28983]: Failed password for r.r from 45.168.35.107 port 36153 ssh2 Nov 23 07:07:52 * sshd[28983]: Failed password for r.r from 45.168.35.107 port 36153 ssh2 Nov 23 07:07:54 *** sshd[28983]: Failed password for r.r from 45.168.35.107 port 36153 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.168.35.107	2019-11-23 18:20:49
218.242.55.86	attackspam	SSH Brute Force, server-1 sshd[27314]: Failed password for invalid user kjellsverre from 218.242.55.86 port 43100 ssh2	2019-11-23 18:32:32
14.254.233.81	attackbotsspam	Nov 23 07:09:56 mxgate1 postfix/postscreen[17297]: CONNECT from [14.254.233.81]:20770 to [176.31.12.44]:25 Nov 23 07:09:56 mxgate1 postfix/dnsblog[17298]: addr 14.254.233.81 listed by domain zen.spamhaus.org as 127.0.0.11 Nov 23 07:09:56 mxgate1 postfix/dnsblog[17298]: addr 14.254.233.81 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 23 07:09:56 mxgate1 postfix/dnsblog[17301]: addr 14.254.233.81 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 23 07:10:02 mxgate1 postfix/postscreen[17297]: DNSBL rank 3 for [14.254.233.81]:20770 Nov x@x Nov 23 07:10:03 mxgate1 postfix/postscreen[17297]: HANGUP after 1.3 from [14.254.233.81]:20770 in tests after SMTP handshake Nov 23 07:10:03 mxgate1 postfix/postscreen[17297]: DISCONNECT [14.254.233.81]:20770 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.254.233.81	2019-11-23 18:28:44
222.186.180.17	attackbotsspam	Nov 23 11:27:56 dev0-dcde-rnet sshd[10215]: Failed password for root from 222.186.180.17 port 4036 ssh2 Nov 23 11:28:08 dev0-dcde-rnet sshd[10215]: error: maximum authentication attempts exceeded for root from 222.186.180.17 port 4036 ssh2 [preauth] Nov 23 11:28:14 dev0-dcde-rnet sshd[10217]: Failed password for root from 222.186.180.17 port 44810 ssh2	2019-11-23 18:30:15
66.70.206.215	attackbots	Invalid user 0 from 66.70.206.215 port 45916	2019-11-23 18:54:24
89.146.160.4	attack	Automatic report - Port Scan Attack	2019-11-23 18:35:27
141.98.80.143	attackspam	Nov 23 07:24:46 h2177944 kernel: \[7365659.960500\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=141.98.80.143 DST=85.214.117.9 LEN=52 TOS=0x02 PREC=0x00 TTL=122 ID=12230 DF PROTO=TCP SPT=2162 DPT=3389 WINDOW=200 RES=0x00 CWR ECE SYN URGP=0 Nov 23 07:24:46 h2177944 kernel: \[7365659.960506\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=141.98.80.143 DST=85.214.117.9 LEN=52 TOS=0x02 PREC=0x00 TTL=122 ID=12214 DF PROTO=TCP SPT=1188 DPT=3388 WINDOW=200 RES=0x00 CWR ECE SYN URGP=0 Nov 23 07:24:49 h2177944 kernel: \[7365662.957718\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=141.98.80.143 DST=85.214.117.9 LEN=52 TOS=0x02 PREC=0x00 TTL=122 ID=31634 DF PROTO=TCP SPT=1188 DPT=3388 WINDOW=200 RES=0x00 CWR ECE SYN URGP=0 Nov 23 07:24:49 h2177944 kernel: \[7365662.957839\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=141.98.80.143 DST=85.214.117.9 LEN=52 TOS=0x02 PREC=0x00 TTL=122 ID=31735 DF PROTO=TCP SPT=2162 DPT=3389 WINDOW=200 RES=0x00 CWR ECE SYN URGP=0 Nov 23 07:24:55 h2177944 kernel: \[7365668.972593\] \[UFW BLOCK\] IN=venet0 OUT= MAC	2019-11-23 18:17:22
218.146.168.239	attackspambots	Nov 23 10:21:07 MK-Soft-Root2 sshd[31881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.146.168.239 Nov 23 10:21:09 MK-Soft-Root2 sshd[31881]: Failed password for invalid user scaner from 218.146.168.239 port 55060 ssh2 ...	2019-11-23 18:18:19
212.162.149.88	attackspam	Nov 23 01:19:56 eola postfix/smtpd[11185]: connect from unknown[212.162.149.88] Nov 23 01:19:56 eola postfix/smtpd[11185]: lost connection after AUTH from unknown[212.162.149.88] Nov 23 01:19:56 eola postfix/smtpd[11185]: disconnect from unknown[212.162.149.88] ehlo=1 auth=0/1 commands=1/2 Nov 23 01:19:56 eola postfix/smtpd[11185]: connect from unknown[212.162.149.88] Nov 23 01:19:56 eola postfix/smtpd[11185]: lost connection after AUTH from unknown[212.162.149.88] Nov 23 01:19:56 eola postfix/smtpd[11185]: disconnect from unknown[212.162.149.88] ehlo=1 auth=0/1 commands=1/2 Nov 23 01:19:56 eola postfix/smtpd[11185]: connect from unknown[212.162.149.88] Nov 23 01:19:56 eola postfix/smtpd[11185]: lost connection after AUTH from unknown[212.162.149.88] Nov 23 01:19:56 eola postfix/smtpd[11185]: disconnect from unknown[212.162.149.88] ehlo=1 auth=0/1 commands=1/2 Nov 23 01:19:56 eola postfix/smtpd[11185]: connect from unknown[212.162.149.88] Nov 23 01:19:56 eola postfix/sm........ -------------------------------	2019-11-23 18:45:51

Recently Reported IPs

112.200.246.118	185.16.115.94	138.140.61.80	25.220.209.29
26.200.32.0	197.3.72.166	111.91.3.58	203.143.119.196
182.50.130.32	112.196.146.161	109.200.156.102	61.68.174.175
108.163.210.34	125.106.94.7	111.231.225.71	121.175.246.222
103.70.227.175	185.162.235.167	111.177.113.175	109.229.176.251