103.121.18.42 - IPInfo

Basic Info

City: Jakarta

Region: Jakarta

Country: Indonesia

Internet Service Provider: PT. Eka Mas Republik

Hostname: unknown

Organization: PT. Eka Mas Republik

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 103.121.18.42 on Port 445(SMB)	2019-07-13 00:22:35

Comments on same subnet:

IP	Type	Details	Datetime
103.121.18.27	attack	xmlrpc attack	2020-08-03 20:00:57
103.121.18.8	attack	langenachtfulda.de 103.121.18.8 [04/Jun/2020:05:47:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4276 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" langenachtfulda.de 103.121.18.8 [04/Jun/2020:05:47:15 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4276 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36"	2020-06-04 19:12:18
103.121.18.76	attackspambots	langenachtfulda.de 103.121.18.76 [04/Jun/2020:05:51:05 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4276 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" langenachtfulda.de 103.121.18.76 [04/Jun/2020:05:51:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4276 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36"	2020-06-04 17:01:09
103.121.18.3	attackspambots	xmlrpc attack	2020-06-04 02:32:53
103.121.18.94	attackbots	20/4/14@23:59:17: FAIL: Alarm-Network address from=103.121.18.94 20/4/14@23:59:17: FAIL: Alarm-Network address from=103.121.18.94 ...	2020-04-15 12:47:02
103.121.18.37	attack	Unauthorized connection attempt from IP address 103.121.18.37 on Port 445(SMB)	2020-03-18 19:20:40
103.121.18.110	attackspambots	CMS (WordPress or Joomla) login attempt.	2020-03-18 16:25:28
103.121.18.113	attack	Unauthorized connection attempt from IP address 103.121.18.113 on Port 445(SMB)	2020-03-12 06:29:30
103.121.18.35	attackbotsspam	Unauthorized connection attempt from IP address 103.121.18.35 on Port 445(SMB)	2019-11-08 01:48:56
103.121.18.116	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 17-10-2019 12:35:22.	2019-10-18 03:32:35
103.121.18.50	attack	Aug 27 03:41:02 rpi sshd[11626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.121.18.50 Aug 27 03:41:03 rpi sshd[11626]: Failed password for invalid user hamlet from 103.121.18.50 port 42370 ssh2	2019-08-27 15:39:53
103.121.18.122	attackspam	Aug 27 03:55:48 rpi sshd[11999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.121.18.122 Aug 27 03:55:50 rpi sshd[11999]: Failed password for invalid user del from 103.121.18.122 port 45250 ssh2	2019-08-27 11:01:32
103.121.18.82	attackbots	Unauthorized connection attempt from IP address 103.121.18.82 on Port 445(SMB)	2019-07-19 14:14:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.121.18.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34362
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.121.18.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071200 1800 900 604800 86400

;; Query time: 7 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 13 00:22:21 CST 2019
;; MSG SIZE  rcvd: 117

Host info

42.18.121.103.in-addr.arpa domain name pointer host-103-121-18-42.myrepublic.co.id.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
42.18.121.103.in-addr.arpa	name = host-103-121-18-42.myrepublic.co.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
99.46.143.22	attackbotsspam	Jul 12 22:13:46 bouncer sshd\[5938\]: Invalid user cactiuser from 99.46.143.22 port 33920 Jul 12 22:13:46 bouncer sshd\[5938\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=99.46.143.22 Jul 12 22:13:49 bouncer sshd\[5938\]: Failed password for invalid user cactiuser from 99.46.143.22 port 33920 ssh2 ...	2019-07-13 04:26:11
217.61.2.97	attack	Jul 12 22:10:00 cvbmail sshd\[21921\]: Invalid user nick from 217.61.2.97 Jul 12 22:10:00 cvbmail sshd\[21921\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.61.2.97 Jul 12 22:10:02 cvbmail sshd\[21921\]: Failed password for invalid user nick from 217.61.2.97 port 55793 ssh2	2019-07-13 04:51:11
27.0.141.4	attackspambots	SSH authentication failure x 6 reported by Fail2Ban ...	2019-07-13 04:38:31
170.81.148.7	attackspambots	Jul 12 20:10:22 MK-Soft-VM5 sshd\[28329\]: Invalid user zq from 170.81.148.7 port 56762 Jul 12 20:10:22 MK-Soft-VM5 sshd\[28329\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.81.148.7 Jul 12 20:10:24 MK-Soft-VM5 sshd\[28329\]: Failed password for invalid user zq from 170.81.148.7 port 56762 ssh2 ...	2019-07-13 04:35:14
202.179.137.54	attackbotsspam	SMB Server BruteForce Attack	2019-07-13 04:35:31
200.71.55.143	attack	Invalid user project from 200.71.55.143 port 52131 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.71.55.143 Failed password for invalid user project from 200.71.55.143 port 52131 ssh2 Invalid user admin from 200.71.55.143 port 52750 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.71.55.143	2019-07-13 04:35:58
112.175.238.149	attackspam	Jul 12 22:20:09 vps647732 sshd[29196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.175.238.149 Jul 12 22:20:11 vps647732 sshd[29196]: Failed password for invalid user andrew from 112.175.238.149 port 36990 ssh2 ...	2019-07-13 04:44:37
198.199.94.14	attackbots	xmlrpc attack	2019-07-13 04:27:27
202.71.0.78	attack	2019-07-12T22:04:38.479117lon01.zurich-datacenter.net sshd\[16884\]: Invalid user william from 202.71.0.78 port 57293 2019-07-12T22:04:38.488373lon01.zurich-datacenter.net sshd\[16884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.71.0.78 2019-07-12T22:04:40.412484lon01.zurich-datacenter.net sshd\[16884\]: Failed password for invalid user william from 202.71.0.78 port 57293 ssh2 2019-07-12T22:10:35.250382lon01.zurich-datacenter.net sshd\[17047\]: Invalid user mdh from 202.71.0.78 port 58063 2019-07-12T22:10:35.258142lon01.zurich-datacenter.net sshd\[17047\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.71.0.78 ...	2019-07-13 04:26:51
101.198.185.11	attackbotsspam	Jul 12 22:23:17 vps691689 sshd[3953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.198.185.11 Jul 12 22:23:19 vps691689 sshd[3953]: Failed password for invalid user somebody from 101.198.185.11 port 52324 ssh2 ...	2019-07-13 04:32:52
86.107.98.173	attackspambots	Jul 12 22:25:22 eventyay sshd[6136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.107.98.173 Jul 12 22:25:24 eventyay sshd[6136]: Failed password for invalid user marconi from 86.107.98.173 port 46896 ssh2 Jul 12 22:30:22 eventyay sshd[7458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.107.98.173 ...	2019-07-13 04:34:53
164.132.199.211	attack	Jul 12 22:05:05 bouncer sshd\[5839\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.199.211 user=root Jul 12 22:05:07 bouncer sshd\[5839\]: Failed password for root from 164.132.199.211 port 59596 ssh2 Jul 12 22:10:52 bouncer sshd\[5892\]: Invalid user admin from 164.132.199.211 port 35396 ...	2019-07-13 04:15:48
5.89.10.81	attackbotsspam	Jul 12 22:19:47 localhost sshd\[23490\]: Invalid user two from 5.89.10.81 Jul 12 22:19:47 localhost sshd\[23490\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.89.10.81 Jul 12 22:19:49 localhost sshd\[23490\]: Failed password for invalid user two from 5.89.10.81 port 55448 ssh2 Jul 12 22:28:29 localhost sshd\[23857\]: Invalid user dspace from 5.89.10.81 Jul 12 22:28:29 localhost sshd\[23857\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.89.10.81 ...	2019-07-13 04:29:15
41.227.106.168	attack	Jul 12 22:01:07 mxgate1 postfix/postscreen[21604]: CONNECT from [41.227.106.168]:17859 to [176.31.12.44]:25 Jul 12 22:01:07 mxgate1 postfix/dnsblog[21960]: addr 41.227.106.168 listed by domain zen.spamhaus.org as 127.0.0.11 Jul 12 22:01:07 mxgate1 postfix/dnsblog[21960]: addr 41.227.106.168 listed by domain zen.spamhaus.org as 127.0.0.4 Jul 12 22:01:07 mxgate1 postfix/dnsblog[22234]: addr 41.227.106.168 listed by domain cbl.abuseat.org as 127.0.0.2 Jul 12 22:01:08 mxgate1 postfix/dnsblog[21961]: addr 41.227.106.168 listed by domain b.barracudacentral.org as 127.0.0.2 Jul 12 22:01:08 mxgate1 postfix/dnsblog[21958]: addr 41.227.106.168 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Jul 12 22:01:13 mxgate1 postfix/postscreen[21604]: DNSBL rank 5 for [41.227.106.168]:17859 Jul x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=41.227.106.168	2019-07-13 04:22:50
103.80.117.214	attackbotsspam	Jul 12 20:23:06 *** sshd[3398]: Invalid user sebastian from 103.80.117.214	2019-07-13 04:28:45

Recently Reported IPs

203.242.193.68	97.94.10.235	52.161.249.56	55.37.244.77
185.78.72.128	32.61.185.81	187.109.49.50	191.250.56.31
118.24.102.178	92.77.70.191	181.190.212.210	67.242.186.29
109.240.40.191	152.6.11.16	210.196.156.18	65.244.114.238
87.213.112.202	173.150.33.193	65.95.192.144	190.133.204.36