103.166.29.57 - IPInfo

Basic Info

City: Surabaya

Region: Jawa Timur

Country: Indonesia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.166.29.57
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24341
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;103.166.29.57.			IN	A

;; AUTHORITY SECTION:
.			421	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023100700 1800 900 604800 86400

;; Query time: 68 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 08 01:36:01 CST 2023
;; MSG SIZE  rcvd: 106

Host info

57.29.166.103.in-addr.arpa domain name pointer rdns-103-166-29-57.gmdp.net.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
57.29.166.103.in-addr.arpa	name = rdns-103-166-29-57.gmdp.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
173.212.218.126	attack	[Fri Feb 28 18:59:19.925693 2020] [:error] [pid 137691] [client 173.212.218.126:61000] [client 173.212.218.126] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ws22vmsma01.ufn.edu.br"] [uri "/"] [unique_id "XlmNNzm7SuqeUOxSGYtm7QAAAAg"] ...	2020-02-29 06:27:31
159.203.176.82	attackspambots	ENG,WP GET /wp-login.php	2020-02-29 05:51:29
67.207.89.207	attack	Feb 28 22:34:49 lnxmysql61 sshd[21742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.207.89.207	2020-02-29 05:57:07
51.15.157.223	attackspam	Host Scan	2020-02-29 06:23:44
140.143.19.50	attackspam	C2,DEF GET /shell.php	2020-02-29 06:26:23
191.35.55.65	attackbots	Automatic report - Port Scan Attack	2020-02-29 05:53:24
37.193.175.55	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-29 05:55:44
185.179.24.34	attack	21 attempts against mh-misbehave-ban on pine	2020-02-29 06:09:38
43.225.101.20	attackbotsspam	Feb 28 12:08:41 giraffe sshd[11866]: Invalid user user14 from 43.225.101.20 Feb 28 12:08:41 giraffe sshd[11866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.225.101.20 Feb 28 12:08:43 giraffe sshd[11866]: Failed password for invalid user user14 from 43.225.101.20 port 59094 ssh2 Feb 28 12:08:43 giraffe sshd[11866]: Received disconnect from 43.225.101.20 port 59094:11: Bye Bye [preauth] Feb 28 12:08:43 giraffe sshd[11866]: Disconnected from 43.225.101.20 port 59094 [preauth] Feb 28 12:19:02 giraffe sshd[12104]: Invalid user Adminixxxr from 43.225.101.20 Feb 28 12:19:02 giraffe sshd[12104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.225.101.20 Feb 28 12:19:05 giraffe sshd[12104]: Failed password for invalid user Adminixxxr from 43.225.101.20 port 37984 ssh2 Feb 28 12:19:05 giraffe sshd[12104]: Received disconnect from 43.225.101.20 port 37984:11: Bye Bye [preauth] Feb 28 12:19:0........ -------------------------------	2020-02-29 06:00:39
111.231.132.94	attack	Feb 28 22:53:34 sd-53420 sshd\[14492\]: Invalid user mmr from 111.231.132.94 Feb 28 22:53:34 sd-53420 sshd\[14492\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.132.94 Feb 28 22:53:36 sd-53420 sshd\[14492\]: Failed password for invalid user mmr from 111.231.132.94 port 44740 ssh2 Feb 28 22:59:29 sd-53420 sshd\[14940\]: User root from 111.231.132.94 not allowed because none of user's groups are listed in AllowGroups Feb 28 22:59:29 sd-53420 sshd\[14940\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.132.94 user=root ...	2020-02-29 06:21:20
167.99.190.0	attackbots	port scan and connect, tcp 80 (http)	2020-02-29 06:05:42
59.126.26.143	attackspambots	Port probing on unauthorized port 23	2020-02-29 06:25:47
185.36.81.57	attackbotsspam	Postfix Brute-Force reported by Fail2Ban	2020-02-29 06:15:54
111.95.141.34	attackbotsspam	Feb 28 11:49:59 web1 sshd\[13825\]: Invalid user sunqiang from 111.95.141.34 Feb 28 11:49:59 web1 sshd\[13825\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.95.141.34 Feb 28 11:50:01 web1 sshd\[13825\]: Failed password for invalid user sunqiang from 111.95.141.34 port 55685 ssh2 Feb 28 11:59:37 web1 sshd\[14712\]: Invalid user jinhaoxuan from 111.95.141.34 Feb 28 11:59:37 web1 sshd\[14712\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.95.141.34	2020-02-29 06:14:53
37.238.130.70	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-29 05:48:23

Recently Reported IPs

2601:2c2:600:8f0:501b:bfe2:fe0c:250c	168.163.185.9	211.18.27.37	16.140.230.225
250.115.244.202	216.83.91.35	242.76.21.162	246.217.234.71
42.215.7.132	160.106.145.8	101.33.228.246	187.64.37.105
0.238.123.73	22.61.176.238	14.66.37.53	217.2.150.207
194.121.71.1	99.71.210.30	238.2.164.156	36.50.196.130