103.139.181.64

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT. Pertamina Bina Medika

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	SSH login attempts.	2020-03-29 17:40:36

Comments on same subnet:

IP	Type	Details	Datetime
103.139.181.1	attackspam	suspicious action Mon, 24 Feb 2020 20:19:22 -0300	2020-02-25 14:24:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.139.181.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27868
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.139.181.64.			IN	A

;; AUTHORITY SECTION:
.			424	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032900 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 29 17:40:29 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 64.181.139.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 64.181.139.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
213.32.31.108	attack	Sep 3 06:53:15 Tower sshd[38887]: Connection from 213.32.31.108 port 56336 on 192.168.10.220 port 22 rdomain "" Sep 3 06:53:16 Tower sshd[38887]: Invalid user minecraft from 213.32.31.108 port 56336 Sep 3 06:53:16 Tower sshd[38887]: error: Could not get shadow information for NOUSER Sep 3 06:53:16 Tower sshd[38887]: Failed password for invalid user minecraft from 213.32.31.108 port 56336 ssh2 Sep 3 06:53:16 Tower sshd[38887]: Received disconnect from 213.32.31.108 port 56336:11: Bye Bye [preauth] Sep 3 06:53:16 Tower sshd[38887]: Disconnected from invalid user minecraft 213.32.31.108 port 56336 [preauth]	2020-09-03 18:58:17
47.176.104.74	attackbots	Invalid user xk from 47.176.104.74 port 61821	2020-09-03 18:55:59
190.237.6.34	attackspam	190.237.6.34 - - [02/Sep/2020:18:40:22 +0200] "POST /xmlrpc.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 4.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36" 190.237.6.34 - - [02/Sep/2020:18:40:44 +0200] "POST /blog/xmlrpc.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 4.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36" ...	2020-09-03 18:59:36
157.245.227.165	attackspambots	SSH auth scanning - multiple failed logins	2020-09-03 19:00:38
45.14.150.51	attackbotsspam	" "	2020-09-03 18:40:27
89.144.47.28	attackspam	Sep 3 10:42:44 localhost sshd\[23437\]: Invalid user ubnt from 89.144.47.28 port 19768 Sep 3 10:42:44 localhost sshd\[23437\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.144.47.28 Sep 3 10:42:46 localhost sshd\[23437\]: Failed password for invalid user ubnt from 89.144.47.28 port 19768 ssh2 ...	2020-09-03 19:04:33
198.71.239.8	attack	Automatic report - XMLRPC Attack	2020-09-03 19:15:03
119.45.36.221	attack	(sshd) Failed SSH login from 119.45.36.221 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 3 04:05:04 server sshd[29515]: Invalid user wp from 119.45.36.221 port 47332 Sep 3 04:05:06 server sshd[29515]: Failed password for invalid user wp from 119.45.36.221 port 47332 ssh2 Sep 3 04:14:39 server sshd[32170]: Invalid user tommy from 119.45.36.221 port 52620 Sep 3 04:14:41 server sshd[32170]: Failed password for invalid user tommy from 119.45.36.221 port 52620 ssh2 Sep 3 04:23:36 server sshd[2308]: Invalid user cti from 119.45.36.221 port 58402	2020-09-03 18:38:21
121.58.212.108	attackspambots	Invalid user jenny from 121.58.212.108 port 45389	2020-09-03 19:17:14
112.85.42.238	attack	Sep 3 10:17:55 jumpserver sshd[199081]: Failed password for root from 112.85.42.238 port 33446 ssh2 Sep 3 10:19:12 jumpserver sshd[199097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.238 user=root Sep 3 10:19:14 jumpserver sshd[199097]: Failed password for root from 112.85.42.238 port 49777 ssh2 ...	2020-09-03 18:38:42
81.192.87.130	attack	SSH Brute Force	2020-09-03 18:45:33
192.24.211.62	attackbotsspam	trying to access non-authorized port	2020-09-03 18:46:27
125.227.236.60	attackbotsspam	SSH Brute-Forcing (server1)	2020-09-03 19:18:51
222.112.206.120	attackspambots	22/tcp 22/tcp [2020-08-20/09-02]2pkt	2020-09-03 18:49:47
192.35.168.233	attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-03 19:08:36

Recently Reported IPs

209.203.34.199	66.45.246.141	182.61.186.59	125.85.202.253
223.198.79.66	54.243.147.226	194.25.134.8	104.198.187.202
119.139.35.170	88.130.72.147	78.31.154.15	111.67.206.142
108.177.127.27	122.146.113.20	213.209.1.130	195.186.120.50
183.79.16.246	81.2.194.69	116.72.86.231	198.164.44.72