103.119.66.56 - IPInfo

Basic Info

City: Jakarta

Region: Jakarta

Country: Indonesia

Internet Service Provider: PT. Eka Mas Republik

Hostname: unknown

Organization: PT. Eka Mas Republik

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	From CCTV User Interface Log ...::ffff:103.119.66.56 - - [11/May/2020:08:09:03 +0000] "GET / HTTP/1.1" 200 960 ...	2020-05-11 20:48:17
attackbotsspam	Unauthorized connection attempt from IP address 103.119.66.56 on Port 445(SMB)	2019-06-22 15:44:02

Comments on same subnet:

IP	Type	Details	Datetime
103.119.66.254	attackspambots	Brute forcing RDP port 3389	2020-08-11 01:46:01
103.119.66.31	attackspam	Dovecot Invalid User Login Attempt.	2020-07-10 22:11:25
103.119.66.119	attackbots	Unauthorized connection attempt from IP address 103.119.66.119 on Port 445(SMB)	2020-04-07 04:12:42
103.119.66.74	attackbotsspam	Feb 9 23:06:35 h2177944 kernel: \[4484021.859575\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.119.66.74 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=43325 DF PROTO=TCP SPT=22442 DPT=40 WINDOW=64240 RES=0x00 SYN URGP=0 Feb 9 23:06:35 h2177944 kernel: \[4484021.859591\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.119.66.74 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=43325 DF PROTO=TCP SPT=22442 DPT=40 WINDOW=64240 RES=0x00 SYN URGP=0 Feb 9 23:06:36 h2177944 kernel: \[4484022.859664\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.119.66.74 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=43326 DF PROTO=TCP SPT=22442 DPT=40 WINDOW=64240 RES=0x00 SYN URGP=0 Feb 9 23:06:36 h2177944 kernel: \[4484022.859678\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.119.66.74 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=43326 DF PROTO=TCP SPT=22442 DPT=40 WINDOW=64240 RES=0x00 SYN URGP=0 Feb 9 23:06:36 h2177944 kernel: \[4484022.866537\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.119.66.74 DST=85.2	2020-02-10 08:25:09
103.119.66.247	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 26-11-2019 04:55:21.	2019-11-26 13:16:23
103.119.66.121	attack	Invalid user st from 103.119.66.121 port 57004	2019-07-28 06:23:14
103.119.66.34	attack	Automatic report - SSH Brute-Force Attack	2019-06-24 03:23:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.119.66.56
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51867
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.119.66.56.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062201 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 22 15:43:53 CST 2019
;; MSG SIZE  rcvd: 117

Host info

56.66.119.103.in-addr.arpa domain name pointer host-103-119-66-56.myrepublic.co.id.

Nslookup info:

Server:		183.60.82.98
Address:	183.60.82.98#53

Non-authoritative answer:
56.66.119.103.in-addr.arpa	name = host-103-119-66-56.myrepublic.co.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
213.217.1.23	attackspambots	firewall-block, port(s): 39043/tcp	2020-08-27 20:13:57
68.183.203.152	attackbotsspam	IP 68.183.203.152 attacked honeypot on port: 161 at 8/26/2020 8:40:04 PM	2020-08-27 20:19:11
192.99.45.31	attackbotsspam	UDP 192.99.45.31:5083 -> port 5060, len 435	2020-08-27 20:48:28
60.190.185.142	attackspambots	20/8/26@23:39:06: FAIL: Alarm-Network address from=60.190.185.142 20/8/26@23:39:06: FAIL: Alarm-Network address from=60.190.185.142 ...	2020-08-27 20:41:29
52.143.52.199	attackbotsspam	52.143.52.199 - - [27/Aug/2020:09:29:25 +0100] "POST /wp-login.php HTTP/1.1" 200 2216 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.143.52.199 - - [27/Aug/2020:09:29:25 +0100] "POST /wp-login.php HTTP/1.1" 200 2240 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.143.52.199 - - [27/Aug/2020:09:29:25 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-27 20:39:32
95.91.41.38	attackspam	abuseConfidenceScore blocked for 12h	2020-08-27 20:46:31
51.178.78.152	attackbots	port	2020-08-27 20:48:44
92.118.160.29	attackbotsspam	5222/tcp 3493/tcp 8080/tcp... [2020-06-26/08-26]108pkt,72pt.(tcp),5pt.(udp)	2020-08-27 20:46:55
181.67.136.214	attack	181.67.136.214 - - [27/Aug/2020:04:40:23 +0100] "POST /xmlrpc.php HTTP/1.1" 200 229 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" 181.67.136.214 - - [27/Aug/2020:04:40:28 +0100] "POST /xmlrpc.php HTTP/1.1" 200 229 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" 181.67.136.214 - - [27/Aug/2020:04:40:34 +0100] "POST /xmlrpc.php HTTP/1.1" 200 229 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" ...	2020-08-27 20:09:21
119.130.107.92	attackbots	Port scan detected on ports: 3389[TCP], 3389[TCP], 3389[TCP]	2020-08-27 20:18:10
162.142.125.39	attackspambots	Unauthorized connection attempt detected from IP address 162.142.125.39 to port 1521 [T]	2020-08-27 20:19:32
91.241.19.171	attack	Repeated RDP login failures. Last user: Test	2020-08-27 20:28:44
209.159.195.253	attackbots	Brute forcing email accounts	2020-08-27 20:32:43
190.108.228.113	attackspambots	Email Spam	2020-08-27 20:10:34
157.230.248.89	attackbots	CMS (WordPress or Joomla) login attempt.	2020-08-27 20:07:08

Recently Reported IPs

216.14.113.158	74.133.227.150	205.131.122.36	74.205.35.88
70.54.245.87	14.188.23.68	27.145.204.158	156.193.213.206
38.145.121.101	95.250.8.164	108.228.151.178	110.156.135.211
222.39.160.44	151.195.230.114	84.228.35.170	27.88.4.143
37.108.76.142	104.248.158.113	57.152.211.229	118.215.193.202