45.119.80.8 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: Long Van System Solution JSC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	$f2bV_matches	2020-07-04 23:29:53

Comments on same subnet:

IP	Type	Details	Datetime
45.119.80.39	attackbotsspam	'Fail2Ban'	2020-04-05 23:23:02
45.119.80.39	attackbots	Invalid user postgres from 45.119.80.39 port 33504	2020-03-26 21:38:10
45.119.80.39	attack	2020-03-19T04:57:54.794055jannga.de sshd[6431]: Invalid user postgres from 45.119.80.39 port 57332 2020-03-19T04:57:56.468374jannga.de sshd[6431]: Failed password for invalid user postgres from 45.119.80.39 port 57332 ssh2 ...	2020-03-19 12:09:46
45.119.80.39	attackbotsspam	Mar 11 08:48:54 sigma sshd\[4346\]: Invalid user flytlink from 45.119.80.39Mar 11 08:48:56 sigma sshd\[4346\]: Failed password for invalid user flytlink from 45.119.80.39 port 57750 ssh2 ...	2020-03-11 17:05:05
45.119.80.39	attackbotsspam	Mar 7 13:10:36 odroid64 sshd\[7724\]: Invalid user test from 45.119.80.39 Mar 7 13:10:36 odroid64 sshd\[7724\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.119.80.39 ...	2020-03-07 20:28:14
45.119.80.39	attackspambots	Mar 6 15:04:00 php1 sshd\[20450\]: Invalid user test from 45.119.80.39 Mar 6 15:04:00 php1 sshd\[20450\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.119.80.39 Mar 6 15:04:02 php1 sshd\[20450\]: Failed password for invalid user test from 45.119.80.39 port 55992 ssh2 Mar 6 15:08:06 php1 sshd\[20845\]: Invalid user www from 45.119.80.39 Mar 6 15:08:06 php1 sshd\[20845\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.119.80.39	2020-03-07 09:40:13
45.119.80.39	attack	Mar 3 15:52:49 ift sshd\[60468\]: Invalid user test from 45.119.80.39Mar 3 15:52:51 ift sshd\[60468\]: Failed password for invalid user test from 45.119.80.39 port 35800 ssh2Mar 3 15:56:54 ift sshd\[60981\]: Invalid user www from 45.119.80.39Mar 3 15:56:55 ift sshd\[60981\]: Failed password for invalid user www from 45.119.80.39 port 33614 ssh2Mar 3 16:00:57 ift sshd\[62188\]: Failed password for ift from 45.119.80.39 port 59618 ssh2 ...	2020-03-03 22:05:08
45.119.80.98	attackspam	xmlrpc attack	2019-11-04 01:34:57
45.119.80.98	attack	45.119.80.98 - - [15/Sep/2019:04:46:27 +0200] "POST /wp-login.php HTTP/1.1" 403 1595 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 009046d19e1abd8596fa790b4ec5f2e4 Vietnam VN Quang Ngai B\xECnh Th\xE0nh 45.119.80.98 - - [15/Sep/2019:04:46:28 +0200] "POST /xmlrpc.php HTTP/1.1" 403 240 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 5cdeedfe15aecde3cb640edb8d973ae9 Vietnam VN Quang Ngai B\xECnh Th\xE0nh	2019-09-15 21:17:51
45.119.80.34	attackbotsspam	Automatic report - Banned IP Access	2019-08-20 09:23:12
45.119.80.34	attackspambots	xmlrpc attack	2019-07-29 08:20:51
45.119.80.34	attackspam	fail2ban honeypot	2019-07-28 22:27:47
45.119.80.34	attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-07-17 11:15:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.119.80.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24845
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.119.80.8.			IN	A

;; AUTHORITY SECTION:
.			479	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070400 1800 900 604800 86400

;; Query time: 137 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jul 04 23:29:44 CST 2020
;; MSG SIZE  rcvd: 115

Host info

8.80.119.45.in-addr.arpa domain name pointer cpanelhcm2.longvan.net.

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

Non-authoritative answer:
8.80.119.45.in-addr.arpa	name = cpanelhcm2.longvan.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
14.29.195.135	attackbots	Invalid user martins from 14.29.195.135 port 54417	2020-05-15 07:26:22
49.233.148.2	attackspambots	May 14 16:40:21 server1 sshd\[18391\]: Failed password for invalid user pe from 49.233.148.2 port 37728 ssh2 May 14 16:44:40 server1 sshd\[19827\]: Invalid user testing from 49.233.148.2 May 14 16:44:40 server1 sshd\[19827\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.148.2 May 14 16:44:42 server1 sshd\[19827\]: Failed password for invalid user testing from 49.233.148.2 port 58474 ssh2 May 14 16:49:07 server1 sshd\[21166\]: Invalid user matt from 49.233.148.2 May 14 16:49:07 server1 sshd\[21166\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.148.2 ...	2020-05-15 07:06:33
176.251.18.143	attack	Invalid user user from 176.251.18.143 port 33770	2020-05-15 07:10:38
87.251.74.50	attackspambots	2020-05-14T23:23:01.015942abusebot-5.cloudsearch.cf sshd[19098]: Invalid user support from 87.251.74.50 port 29196 2020-05-14T23:23:01.342468abusebot-5.cloudsearch.cf sshd[19098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.251.74.50 2020-05-14T23:23:01.015942abusebot-5.cloudsearch.cf sshd[19098]: Invalid user support from 87.251.74.50 port 29196 2020-05-14T23:23:03.075401abusebot-5.cloudsearch.cf sshd[19098]: Failed password for invalid user support from 87.251.74.50 port 29196 ssh2 2020-05-14T23:23:01.378878abusebot-5.cloudsearch.cf sshd[19097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.251.74.50 user=root 2020-05-14T23:23:03.111840abusebot-5.cloudsearch.cf sshd[19097]: Failed password for root from 87.251.74.50 port 28598 ssh2 2020-05-14T23:23:03.460893abusebot-5.cloudsearch.cf sshd[19101]: Invalid user 0101 from 87.251.74.50 port 9306 ...	2020-05-15 07:28:21
58.87.90.156	attack	SSH Invalid Login	2020-05-15 07:13:22
185.238.219.18	attackbotsspam	Repeated attempts against wp-login	2020-05-15 07:32:30
178.154.200.105	attack	[Fri May 15 03:54:26.296850 2020] [:error] [pid 22861:tid 139881058109184] [client 178.154.200.105:41046] [client 178.154.200.105] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "Xr2wAkRI0TcagAXuPCtuzAAAAfA"] ...	2020-05-15 07:05:40
180.76.36.158	attackbots	May 15 00:00:37 nextcloud sshd\[24704\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.36.158 user=clamav May 15 00:00:39 nextcloud sshd\[24704\]: Failed password for clamav from 180.76.36.158 port 41932 ssh2 May 15 00:07:20 nextcloud sshd\[1940\]: Invalid user ftpuser from 180.76.36.158 May 15 00:07:20 nextcloud sshd\[1940\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.36.158	2020-05-15 06:53:43
222.186.175.23	attackbots	May 15 01:15:33 minden010 sshd[25908]: Failed password for root from 222.186.175.23 port 25417 ssh2 May 15 01:15:35 minden010 sshd[25908]: Failed password for root from 222.186.175.23 port 25417 ssh2 May 15 01:15:38 minden010 sshd[25908]: Failed password for root from 222.186.175.23 port 25417 ssh2 ...	2020-05-15 07:24:25
189.7.129.60	attackbots	Invalid user salim from 189.7.129.60 port 39963	2020-05-15 07:01:04
175.153.174.196	attack	May 14 22:53:59 debian-2gb-nbg1-2 kernel: \[11748491.699767\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=175.153.174.196 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=230 ID=9687 PROTO=TCP SPT=52119 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-15 07:25:04
45.55.180.7	attackbotsspam	May 14 22:53:53 v22018086721571380 sshd[20323]: Failed password for invalid user ansible from 45.55.180.7 port 55785 ssh2	2020-05-15 07:29:15
148.0.212.66	attack	May 14 22:54:14 blackhole sshd\[8174\]: Invalid user system from 148.0.212.66 port 62170 May 14 22:54:15 blackhole sshd\[8174\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.0.212.66 May 14 22:54:17 blackhole sshd\[8174\]: Failed password for invalid user system from 148.0.212.66 port 62170 ssh2 ...	2020-05-15 07:12:05
103.93.181.10	attackspam	2020-05-14T22:08:46.159509shield sshd\[2278\]: Invalid user admin from 103.93.181.10 port 49290 2020-05-14T22:08:46.162211shield sshd\[2278\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.181.10 2020-05-14T22:08:47.966053shield sshd\[2278\]: Failed password for invalid user admin from 103.93.181.10 port 49290 ssh2 2020-05-14T22:10:49.539882shield sshd\[3365\]: Invalid user ubuntu from 103.93.181.10 port 51734 2020-05-14T22:10:49.548589shield sshd\[3365\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.93.181.10	2020-05-15 06:54:04
221.225.117.141	attackspam	...	2020-05-15 06:51:27

Recently Reported IPs

36.129.227.145	72.22.110.9	60.35.154.2	45.160.93.52
48.144.196.148	65.165.182.12	179.250.29.44	55.212.60.0
138.120.103.125	143.0.166.93	51.178.9.174	182.43.158.63
85.26.151.114	4.149.12.194	193.181.190.218	186.176.138.190
84.19.188.189	177.233.87.33	192.92.74.129	119.96.120.113