103.119.66.159

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
103.119.66.254	attackspambots	Brute forcing RDP port 3389	2020-08-11 01:46:01
103.119.66.31	attackspam	Dovecot Invalid User Login Attempt.	2020-07-10 22:11:25
103.119.66.56	attack	From CCTV User Interface Log ...::ffff:103.119.66.56 - - [11/May/2020:08:09:03 +0000] "GET / HTTP/1.1" 200 960 ...	2020-05-11 20:48:17
103.119.66.119	attackbots	Unauthorized connection attempt from IP address 103.119.66.119 on Port 445(SMB)	2020-04-07 04:12:42
103.119.66.74	attackbotsspam	Feb 9 23:06:35 h2177944 kernel: \[4484021.859575\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.119.66.74 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=43325 DF PROTO=TCP SPT=22442 DPT=40 WINDOW=64240 RES=0x00 SYN URGP=0 Feb 9 23:06:35 h2177944 kernel: \[4484021.859591\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.119.66.74 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=43325 DF PROTO=TCP SPT=22442 DPT=40 WINDOW=64240 RES=0x00 SYN URGP=0 Feb 9 23:06:36 h2177944 kernel: \[4484022.859664\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.119.66.74 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=43326 DF PROTO=TCP SPT=22442 DPT=40 WINDOW=64240 RES=0x00 SYN URGP=0 Feb 9 23:06:36 h2177944 kernel: \[4484022.859678\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.119.66.74 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=43326 DF PROTO=TCP SPT=22442 DPT=40 WINDOW=64240 RES=0x00 SYN URGP=0 Feb 9 23:06:36 h2177944 kernel: \[4484022.866537\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.119.66.74 DST=85.2	2020-02-10 08:25:09
103.119.66.247	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 26-11-2019 04:55:21.	2019-11-26 13:16:23
103.119.66.121	attack	Invalid user st from 103.119.66.121 port 57004	2019-07-28 06:23:14
103.119.66.34	attack	Automatic report - SSH Brute-Force Attack	2019-06-24 03:23:52
103.119.66.56	attackbotsspam	Unauthorized connection attempt from IP address 103.119.66.56 on Port 445(SMB)	2019-06-22 15:44:02

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.119.66.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15581
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;103.119.66.159.			IN	A

;; AUTHORITY SECTION:
.			430	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 10:26:07 CST 2022
;; MSG SIZE  rcvd: 107

Host info

159.66.119.103.in-addr.arpa domain name pointer host-103-119-66-159.myrepublic.co.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
159.66.119.103.in-addr.arpa	name = host-103-119-66-159.myrepublic.co.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
67.85.246.74	attackspambots	Lines containing failures of 67.85.246.74 Aug 25 20:21:51 srv02 sshd[22994]: Invalid user admin from 67.85.246.74 port 52650 Aug 25 20:21:51 srv02 sshd[22994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.85.246.74 Aug 25 20:21:53 srv02 sshd[22994]: Failed password for invalid user admin from 67.85.246.74 port 52650 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=67.85.246.74	2019-08-26 10:48:12
83.53.110.214	attackbotsspam	Aug 25 11:44:01 hanapaa sshd\[19892\]: Invalid user sun from 83.53.110.214 Aug 25 11:44:01 hanapaa sshd\[19892\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=214.red-83-53-110.dynamicip.rima-tde.net Aug 25 11:44:03 hanapaa sshd\[19892\]: Failed password for invalid user sun from 83.53.110.214 port 33778 ssh2 Aug 25 11:48:00 hanapaa sshd\[20330\]: Invalid user csserver from 83.53.110.214 Aug 25 11:48:00 hanapaa sshd\[20330\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=214.red-83-53-110.dynamicip.rima-tde.net	2019-08-26 10:37:28
195.155.174.21	attackspambots	Bot ignores robot.txt restrictions	2019-08-26 10:44:33
51.235.215.255	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2019-08-26 10:40:49
14.192.17.145	attackbotsspam	Aug 26 04:16:21 cp sshd[5530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.192.17.145	2019-08-26 10:33:14
189.45.42.148	attackbots	Aug 26 01:23:13 our-server-hostname postfix/smtpd[6486]: connect from unknown[189.45.42.148] Aug x@x Aug 26 01:23:16 our-server-hostname postfix/smtpd[6486]: lost connection after RCPT from unknown[189.45.42.148] Aug 26 01:23:16 our-server-hostname postfix/smtpd[6486]: disconnect from unknown[189.45.42.148] Aug 26 01:47:47 our-server-hostname postfix/smtpd[12816]: connect from unknown[189.45.42.148] Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug 26 01:47:53 our-server-hostname postfix/smtpd[12816]: lost connection after RCPT from unknown[189.45.42.148] Aug 26 01:47:53 our-server-hostname postfix/smtpd[12816]: disconnect from unknown[189.45.42.148] Aug 26 01:50:10 our-server-hostname postfix/smtpd[10918]: connect from unknown[189.45.42.148] Aug x@x Aug 26 01:50:13 our-server-hostname postfix/smtpd[10918]: lost connection after RCPT from unknown[189.45.42.148] Aug 26 01:50:13 our-server-hostname postfix/smtpd[10918]: disconnect from unknown[189.45.42.148] Aug 26 02:0........ -------------------------------	2019-08-26 10:10:34
40.115.36.217	attackspam	DATE:2019-08-25 20:41:52, IP:40.115.36.217, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-08-26 10:51:19
114.39.147.19	attack	Honeypot attack, port: 23, PTR: 114-39-147-19.dynamic-ip.hinet.net.	2019-08-26 10:19:22
80.91.192.165	attack	[portscan] Port scan	2019-08-26 10:30:48
110.164.189.53	attack	Invalid user jeff from 110.164.189.53 port 37126	2019-08-26 10:36:44
195.154.33.152	attackspam	\[2019-08-25 21:47:32\] NOTICE\[1829\] chan_sip.c: Registration from '\' failed for '195.154.33.152:2387' - Wrong password \[2019-08-25 21:47:32\] SECURITY\[1837\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-25T21:47:32.303-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2846",SessionID="0x7f7b30613808",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/195.154.33.152/57385",Challenge="5d34aff7",ReceivedChallenge="5d34aff7",ReceivedHash="d21c763cc43018991de32c2c72f5c72a" \[2019-08-25 21:53:02\] NOTICE\[1829\] chan_sip.c: Registration from '\' failed for '195.154.33.152:2234' - Wrong password \[2019-08-25 21:53:02\] SECURITY\[1837\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-25T21:53:02.110-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2847",SessionID="0x7f7b30db7498",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/195.154.	2019-08-26 10:09:56
121.215.253.87	attackspam	Aug 25 18:36:22 XXX sshd[56753]: Invalid user carrerasoft from 121.215.253.87 port 60236	2019-08-26 10:32:05
89.104.76.42	attack	Aug 25 21:33:45 mail sshd[15834]: Invalid user emilio from 89.104.76.42 Aug 25 21:33:45 mail sshd[15834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.104.76.42 Aug 25 21:33:45 mail sshd[15834]: Invalid user emilio from 89.104.76.42 Aug 25 21:33:48 mail sshd[15834]: Failed password for invalid user emilio from 89.104.76.42 port 43110 ssh2 Aug 25 21:41:50 mail sshd[28366]: Invalid user p from 89.104.76.42 ...	2019-08-26 10:29:59
54.201.249.3	attackbotsspam	Aug 26 02:43:02 * sshd[9100]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.201.249.3 Aug 26 02:43:04 * sshd[9100]: Failed password for invalid user qhsupport from 54.201.249.3 port 39644 ssh2	2019-08-26 10:44:01
41.230.199.89	attackbots	port scan and connect, tcp 23 (telnet)	2019-08-26 10:26:53

Recently Reported IPs

89.139.10.59	190.17.222.160	201.156.155.13	14.169.98.187
186.179.37.228	118.31.7.187	193.176.84.103	113.88.114.173
156.146.60.131	183.30.201.157	42.236.214.221	88.232.172.189
92.28.22.146	3.20.214.41	108.174.195.107	39.43.38.86
36.106.10.95	178.128.88.202	113.254.169.251	14.191.99.227