103.134.16.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: unknown

Hostname: unknown

Organization: Institut Informatika & Bisnis Darmajaya

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt from IP address 103.134.16.2 on Port 445(SMB)	2019-08-20 00:14:25

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.134.16.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22042
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.134.16.2.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 20 00:13:55 CST 2019
;; MSG SIZE  rcvd: 116

Host info

2.16.134.103.in-addr.arpa domain name pointer gtw-firewall-01-dj.darmajaya.ac.id.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
2.16.134.103.in-addr.arpa	name = gtw-firewall-01-dj.darmajaya.ac.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.187.104.135	attack	Fail2Ban - SSH Bruteforce Attempt	2020-05-14 01:39:29
78.128.113.100	attackbots	2020-05-13 19:52:13 dovecot_plain authenticator failed for \(\[78.128.113.100\]\) \[78.128.113.100\]: 535 Incorrect authentication data \(set_id=giuseppe@opso.it\) 2020-05-13 19:52:28 dovecot_plain authenticator failed for \(\[78.128.113.100\]\) \[78.128.113.100\]: 535 Incorrect authentication data 2020-05-13 19:52:46 dovecot_plain authenticator failed for \(\[78.128.113.100\]\) \[78.128.113.100\]: 535 Incorrect authentication data 2020-05-13 19:53:03 dovecot_plain authenticator failed for \(\[78.128.113.100\]\) \[78.128.113.100\]: 535 Incorrect authentication data \(set_id=giuseppe\) 2020-05-13 19:53:07 dovecot_plain authenticator failed for \(\[78.128.113.100\]\) \[78.128.113.100\]: 535 Incorrect authentication data	2020-05-14 01:56:04
34.78.176.66	attackbots	Malicious/Probing: /util/login.aspx	2020-05-14 02:03:19
138.122.20.93	attackbotsspam	DATE:2020-05-13 14:34:32, IP:138.122.20.93, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-05-14 01:44:14
113.20.116.26	attackbots	May 13 14:34:48 prox sshd[17498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.20.116.26 May 13 14:34:49 prox sshd[17498]: Failed password for invalid user admin from 113.20.116.26 port 55911 ssh2	2020-05-14 01:30:02
177.153.11.11	attackbotsspam	From bounce-35cd4d53be0cb40ec1d4b79cbb1257a1@smtplw-11.com Wed May 13 09:34:24 2020 Received: from smtp10t11f11.saaspmta0001.correio.biz ([177.153.11.11]:56918)	2020-05-14 01:47:32
165.22.195.215	attack	May 13 19:29:32 meumeu sshd[1871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.195.215 May 13 19:29:33 meumeu sshd[1871]: Failed password for invalid user killer from 165.22.195.215 port 58204 ssh2 May 13 19:33:01 meumeu sshd[2459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.195.215 ...	2020-05-14 01:54:17
87.126.55.27	attackspam	13.05.2020 14:34:16 - SMTP Spam without Auth on hMailserver Detected by ELinOX-hMail-A2F	2020-05-14 02:03:36
139.199.78.228	attackspam	2020-05-13T10:29:37.8397641495-001 sshd[30739]: Failed password for invalid user swift from 139.199.78.228 port 49530 ssh2 2020-05-13T10:32:31.5021161495-001 sshd[30824]: Invalid user cedric from 139.199.78.228 port 51724 2020-05-13T10:32:31.5100511495-001 sshd[30824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.78.228 2020-05-13T10:32:31.5021161495-001 sshd[30824]: Invalid user cedric from 139.199.78.228 port 51724 2020-05-13T10:32:33.9905221495-001 sshd[30824]: Failed password for invalid user cedric from 139.199.78.228 port 51724 ssh2 2020-05-13T10:35:43.2093201495-001 sshd[30942]: Invalid user postgres from 139.199.78.228 port 53928 ...	2020-05-14 01:21:56
167.114.144.96	attackspambots	SSH invalid-user multiple login try	2020-05-14 01:21:26
110.137.101.75	attack	1589373293 - 05/13/2020 14:34:53 Host: 110.137.101.75/110.137.101.75 Port: 445 TCP Blocked	2020-05-14 01:27:27
88.202.177.221	attackbotsspam	honeypot forum registration (user=Francesfeask; email=spravka.xyz@rambler.ua)	2020-05-14 01:29:18
113.161.94.103	attackspam	1589373246 - 05/13/2020 14:34:06 Host: 113.161.94.103/113.161.94.103 Port: 445 TCP Blocked	2020-05-14 02:06:15
211.157.147.131	attackspam	Spam sent to honeypot address	2020-05-14 01:26:42
107.170.91.121	attack	May 13 14:28:47 v22019038103785759 sshd\[699\]: Invalid user guard from 107.170.91.121 port 59120 May 13 14:28:47 v22019038103785759 sshd\[699\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.91.121 May 13 14:28:49 v22019038103785759 sshd\[699\]: Failed password for invalid user guard from 107.170.91.121 port 59120 ssh2 May 13 14:34:14 v22019038103785759 sshd\[1134\]: Invalid user administrat\303\266r from 107.170.91.121 port 12862 May 13 14:34:14 v22019038103785759 sshd\[1134\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.91.121 ...	2020-05-14 02:00:13

Recently Reported IPs

120.26.197.206	49.209.160.131	165.106.66.201	222.84.193.47
194.33.199.215	131.244.59.52	100.25.254.27	115.131.130.109
142.155.222.206	2.102.211.255	161.133.24.89	106.0.191.194
157.230.115.60	112.230.42.104	170.139.120.132	203.93.9.94
27.164.23.155	164.138.121.134	70.51.77.46	217.206.30.23