103.119.66.135

Basic Info

City: Jakarta

Region: Jakarta

Country: Indonesia

Internet Service Provider: unknown

Hostname: unknown

Organization: PT. Eka Mas Republik

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
103.119.66.254	attackspambots	Brute forcing RDP port 3389	2020-08-11 01:46:01
103.119.66.31	attackspam	Dovecot Invalid User Login Attempt.	2020-07-10 22:11:25
103.119.66.56	attack	From CCTV User Interface Log ...::ffff:103.119.66.56 - - [11/May/2020:08:09:03 +0000] "GET / HTTP/1.1" 200 960 ...	2020-05-11 20:48:17
103.119.66.119	attackbots	Unauthorized connection attempt from IP address 103.119.66.119 on Port 445(SMB)	2020-04-07 04:12:42
103.119.66.74	attackbotsspam	Feb 9 23:06:35 h2177944 kernel: \[4484021.859575\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.119.66.74 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=43325 DF PROTO=TCP SPT=22442 DPT=40 WINDOW=64240 RES=0x00 SYN URGP=0 Feb 9 23:06:35 h2177944 kernel: \[4484021.859591\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.119.66.74 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=43325 DF PROTO=TCP SPT=22442 DPT=40 WINDOW=64240 RES=0x00 SYN URGP=0 Feb 9 23:06:36 h2177944 kernel: \[4484022.859664\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.119.66.74 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=43326 DF PROTO=TCP SPT=22442 DPT=40 WINDOW=64240 RES=0x00 SYN URGP=0 Feb 9 23:06:36 h2177944 kernel: \[4484022.859678\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.119.66.74 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=43326 DF PROTO=TCP SPT=22442 DPT=40 WINDOW=64240 RES=0x00 SYN URGP=0 Feb 9 23:06:36 h2177944 kernel: \[4484022.866537\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.119.66.74 DST=85.2	2020-02-10 08:25:09
103.119.66.247	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 26-11-2019 04:55:21.	2019-11-26 13:16:23
103.119.66.121	attack	Invalid user st from 103.119.66.121 port 57004	2019-07-28 06:23:14
103.119.66.34	attack	Automatic report - SSH Brute-Force Attack	2019-06-24 03:23:52
103.119.66.56	attackbotsspam	Unauthorized connection attempt from IP address 103.119.66.56 on Port 445(SMB)	2019-06-22 15:44:02

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.119.66.135
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9312
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.119.66.135.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062100 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jun 21 16:43:08 CST 2019
;; MSG SIZE  rcvd: 118

Host info

135.66.119.103.in-addr.arpa domain name pointer host-103-119-66-135.myrepublic.co.id.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
135.66.119.103.in-addr.arpa	name = host-103-119-66-135.myrepublic.co.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
194.181.140.218	attack	$f2bV_matches	2019-09-09 14:43:49
2a05:26c0:d1:710::4	attackspam	[munged]::443 2a05:26c0:d1:710::4 - - [09/Sep/2019:06:39:25 +0200] "POST /[munged]: HTTP/1.1" 200 6977 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2a05:26c0:d1:710::4 - - [09/Sep/2019:06:39:28 +0200] "POST /[munged]: HTTP/1.1" 200 6852 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2a05:26c0:d1:710::4 - - [09/Sep/2019:06:39:30 +0200] "POST /[munged]: HTTP/1.1" 200 6850 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2a05:26c0:d1:710::4 - - [09/Sep/2019:06:39:31 +0200] "POST /[munged]: HTTP/1.1" 200 6847 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2a05:26c0:d1:710::4 - - [09/Sep/2019:06:39:32 +0200] "POST /[munged]: HTTP/1.1" 200 6847 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2a05:26c0:d1:710::4 - - [09/Sep/2019:06:39:33 +0200] "POST /[munged]: HTTP/1.1"	2019-09-09 14:40:50
188.12.187.231	attackbots	Sep 9 06:19:55 MK-Soft-VM3 sshd\[23390\]: Invalid user tracyf from 188.12.187.231 port 56312 Sep 9 06:19:55 MK-Soft-VM3 sshd\[23390\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.12.187.231 Sep 9 06:19:57 MK-Soft-VM3 sshd\[23390\]: Failed password for invalid user tracyf from 188.12.187.231 port 56312 ssh2 ...	2019-09-09 14:43:19
54.39.29.105	attackspambots	Sep 9 08:26:45 SilenceServices sshd[16955]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.29.105 Sep 9 08:26:47 SilenceServices sshd[16955]: Failed password for invalid user ubuntu from 54.39.29.105 port 41780 ssh2 Sep 9 08:32:24 SilenceServices sshd[19077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.29.105	2019-09-09 14:40:24
216.218.206.66	attackspambots	Unauthorized SSH login attempts	2019-09-09 15:04:05
183.131.82.99	attackspambots	Sep 9 13:06:59 webhost01 sshd[22131]: Failed password for root from 183.131.82.99 port 45792 ssh2 Sep 9 13:07:01 webhost01 sshd[22131]: Failed password for root from 183.131.82.99 port 45792 ssh2 ...	2019-09-09 14:38:44
198.23.189.18	attack	Sep 8 20:33:45 kapalua sshd\[4524\]: Invalid user 12345 from 198.23.189.18 Sep 8 20:33:45 kapalua sshd\[4524\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.23.189.18 Sep 8 20:33:47 kapalua sshd\[4524\]: Failed password for invalid user 12345 from 198.23.189.18 port 48518 ssh2 Sep 8 20:39:16 kapalua sshd\[5198\]: Invalid user sinusbot123 from 198.23.189.18 Sep 8 20:39:16 kapalua sshd\[5198\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.23.189.18	2019-09-09 14:42:54
51.68.170.178	attack	loopsrockreggae.com 51.68.170.178 \[09/Sep/2019:08:34:16 +0200\] "POST /wp-login.php HTTP/1.1" 200 5615 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" loopsrockreggae.com 51.68.170.178 \[09/Sep/2019:08:34:16 +0200\] "POST /wp-login.php HTTP/1.1" 200 5583 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-09-09 14:54:32
51.75.27.254	attackbots	Sep 9 07:49:48 meumeu sshd[25938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.27.254 Sep 9 07:49:50 meumeu sshd[25938]: Failed password for invalid user zabbix from 51.75.27.254 port 49172 ssh2 Sep 9 07:55:38 meumeu sshd[26642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.27.254 ...	2019-09-09 14:53:58
193.70.8.163	attack	Sep 9 07:55:20 mail sshd\[9301\]: Invalid user ts3srv from 193.70.8.163 port 34868 Sep 9 07:55:20 mail sshd\[9301\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.8.163 Sep 9 07:55:22 mail sshd\[9301\]: Failed password for invalid user ts3srv from 193.70.8.163 port 34868 ssh2 Sep 9 08:00:41 mail sshd\[10597\]: Invalid user ts from 193.70.8.163 port 39556 Sep 9 08:00:41 mail sshd\[10597\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.8.163	2019-09-09 14:11:28
61.19.247.121	attackspam	Sep 9 07:54:18 mail sshd\[9094\]: Invalid user userftp from 61.19.247.121 port 32910 Sep 9 07:54:18 mail sshd\[9094\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.247.121 Sep 9 07:54:20 mail sshd\[9094\]: Failed password for invalid user userftp from 61.19.247.121 port 32910 ssh2 Sep 9 08:01:32 mail sshd\[10763\]: Invalid user tomcat1 from 61.19.247.121 port 58382 Sep 9 08:01:32 mail sshd\[10763\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.247.121	2019-09-09 14:15:56
106.75.215.100	attackspam	Sep 9 08:47:15 h2177944 sshd\[5281\]: Invalid user teste from 106.75.215.100 port 57246 Sep 9 08:47:15 h2177944 sshd\[5281\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.215.100 Sep 9 08:47:17 h2177944 sshd\[5281\]: Failed password for invalid user teste from 106.75.215.100 port 57246 ssh2 Sep 9 08:50:26 h2177944 sshd\[5413\]: Invalid user factorio from 106.75.215.100 port 34348 ...	2019-09-09 14:53:00
178.128.208.73	attackbots	Sep 9 02:48:08 TORMINT sshd\[17603\]: Invalid user chris from 178.128.208.73 Sep 9 02:48:08 TORMINT sshd\[17603\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.208.73 Sep 9 02:48:10 TORMINT sshd\[17603\]: Failed password for invalid user chris from 178.128.208.73 port 48724 ssh2 ...	2019-09-09 14:56:40
153.36.236.35	attackspam	Sep 9 08:59:00 server2 sshd\[16910\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers Sep 9 08:59:00 server2 sshd\[16911\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers Sep 9 08:59:00 server2 sshd\[16916\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers Sep 9 08:59:00 server2 sshd\[16914\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers Sep 9 08:59:00 server2 sshd\[16918\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers Sep 9 09:01:54 server2 sshd\[17193\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers	2019-09-09 14:55:15
149.56.23.154	attackspambots	Sep 9 07:38:59 hosting sshd[710]: Invalid user ftpuser from 149.56.23.154 port 41970 ...	2019-09-09 15:06:58

Recently Reported IPs

203.93.109.188	147.7.208.4	141.114.232.15	113.70.35.155
53.68.249.118	92.253.77.31	12.214.7.34	80.192.193.146
68.201.246.101	213.6.129.2	149.202.51.240	198.3.247.11
35.72.191.162	92.253.0.172	49.184.185.182	184.111.77.130
59.51.202.222	158.49.19.227	175.127.76.189	75.51.98.28