103.18.2.242 - IPInfo

Basic Info

City: Kuala Lumpur

Region: Kuala Lumpur

Country: Malaysia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
103.18.242.18	attackspambots	Oct 3 22:10:06 mail.srvfarm.net postfix/smtpd[660372]: warning: unknown[103.18.242.18]: SASL PLAIN authentication failed: Oct 3 22:10:06 mail.srvfarm.net postfix/smtpd[660372]: lost connection after AUTH from unknown[103.18.242.18] Oct 3 22:15:36 mail.srvfarm.net postfix/smtps/smtpd[658711]: warning: unknown[103.18.242.18]: SASL PLAIN authentication failed: Oct 3 22:15:36 mail.srvfarm.net postfix/smtps/smtpd[658711]: lost connection after AUTH from unknown[103.18.242.18] Oct 3 22:16:51 mail.srvfarm.net postfix/smtps/smtpd[658711]: warning: unknown[103.18.242.18]: SASL PLAIN authentication failed:	2020-10-05 05:34:42
103.18.242.37	attackspambots	Oct 4 03:01:05 mail.srvfarm.net postfix/smtpd[696518]: warning: unknown[103.18.242.37]: SASL PLAIN authentication failed: Oct 4 03:01:05 mail.srvfarm.net postfix/smtpd[696518]: lost connection after AUTH from unknown[103.18.242.37] Oct 4 03:07:34 mail.srvfarm.net postfix/smtpd[700724]: warning: unknown[103.18.242.37]: SASL PLAIN authentication failed: Oct 4 03:07:34 mail.srvfarm.net postfix/smtpd[700724]: lost connection after AUTH from unknown[103.18.242.37] Oct 4 03:07:46 mail.srvfarm.net postfix/smtps/smtpd[697233]: warning: unknown[103.18.242.37]: SASL PLAIN authentication failed:	2020-10-05 05:34:17
103.18.242.18	attack	Oct 3 22:10:06 mail.srvfarm.net postfix/smtpd[660372]: warning: unknown[103.18.242.18]: SASL PLAIN authentication failed: Oct 3 22:10:06 mail.srvfarm.net postfix/smtpd[660372]: lost connection after AUTH from unknown[103.18.242.18] Oct 3 22:15:36 mail.srvfarm.net postfix/smtps/smtpd[658711]: warning: unknown[103.18.242.18]: SASL PLAIN authentication failed: Oct 3 22:15:36 mail.srvfarm.net postfix/smtps/smtpd[658711]: lost connection after AUTH from unknown[103.18.242.18] Oct 3 22:16:51 mail.srvfarm.net postfix/smtps/smtpd[658711]: warning: unknown[103.18.242.18]: SASL PLAIN authentication failed:	2020-10-04 21:29:56
103.18.242.37	attack	Oct 4 03:01:05 mail.srvfarm.net postfix/smtpd[696518]: warning: unknown[103.18.242.37]: SASL PLAIN authentication failed: Oct 4 03:01:05 mail.srvfarm.net postfix/smtpd[696518]: lost connection after AUTH from unknown[103.18.242.37] Oct 4 03:07:34 mail.srvfarm.net postfix/smtpd[700724]: warning: unknown[103.18.242.37]: SASL PLAIN authentication failed: Oct 4 03:07:34 mail.srvfarm.net postfix/smtpd[700724]: lost connection after AUTH from unknown[103.18.242.37] Oct 4 03:07:46 mail.srvfarm.net postfix/smtps/smtpd[697233]: warning: unknown[103.18.242.37]: SASL PLAIN authentication failed:	2020-10-04 21:29:34
103.18.242.18	attackbots	Oct 3 22:10:06 mail.srvfarm.net postfix/smtpd[660372]: warning: unknown[103.18.242.18]: SASL PLAIN authentication failed: Oct 3 22:10:06 mail.srvfarm.net postfix/smtpd[660372]: lost connection after AUTH from unknown[103.18.242.18] Oct 3 22:15:36 mail.srvfarm.net postfix/smtps/smtpd[658711]: warning: unknown[103.18.242.18]: SASL PLAIN authentication failed: Oct 3 22:15:36 mail.srvfarm.net postfix/smtps/smtpd[658711]: lost connection after AUTH from unknown[103.18.242.18] Oct 3 22:16:51 mail.srvfarm.net postfix/smtps/smtpd[658711]: warning: unknown[103.18.242.18]: SASL PLAIN authentication failed:	2020-10-04 13:16:53
103.18.242.37	attackbots	Oct 4 03:01:05 mail.srvfarm.net postfix/smtpd[696518]: warning: unknown[103.18.242.37]: SASL PLAIN authentication failed: Oct 4 03:01:05 mail.srvfarm.net postfix/smtpd[696518]: lost connection after AUTH from unknown[103.18.242.37] Oct 4 03:07:34 mail.srvfarm.net postfix/smtpd[700724]: warning: unknown[103.18.242.37]: SASL PLAIN authentication failed: Oct 4 03:07:34 mail.srvfarm.net postfix/smtpd[700724]: lost connection after AUTH from unknown[103.18.242.37] Oct 4 03:07:46 mail.srvfarm.net postfix/smtps/smtpd[697233]: warning: unknown[103.18.242.37]: SASL PLAIN authentication failed:	2020-10-04 13:16:31
103.18.242.34	attackspam	$f2bV_matches	2020-09-30 04:53:49
103.18.242.34	attack	$f2bV_matches	2020-09-29 21:01:44
103.18.242.34	attackspambots	$f2bV_matches	2020-09-29 13:13:28
103.18.242.23	attack	Sep 8 10:14:26 mail.srvfarm.net postfix/smtps/smtpd[1700326]: warning: unknown[103.18.242.23]: SASL PLAIN authentication failed: Sep 8 10:14:26 mail.srvfarm.net postfix/smtps/smtpd[1700326]: lost connection after AUTH from unknown[103.18.242.23] Sep 8 10:19:14 mail.srvfarm.net postfix/smtps/smtpd[1716015]: warning: unknown[103.18.242.23]: SASL PLAIN authentication failed: Sep 8 10:19:15 mail.srvfarm.net postfix/smtps/smtpd[1716015]: lost connection after AUTH from unknown[103.18.242.23] Sep 8 10:19:25 mail.srvfarm.net postfix/smtps/smtpd[1700325]: warning: unknown[103.18.242.23]: SASL PLAIN authentication failed:	2020-09-12 02:11:45
103.18.242.23	attackbotsspam	Sep 8 10:14:26 mail.srvfarm.net postfix/smtps/smtpd[1700326]: warning: unknown[103.18.242.23]: SASL PLAIN authentication failed: Sep 8 10:14:26 mail.srvfarm.net postfix/smtps/smtpd[1700326]: lost connection after AUTH from unknown[103.18.242.23] Sep 8 10:19:14 mail.srvfarm.net postfix/smtps/smtpd[1716015]: warning: unknown[103.18.242.23]: SASL PLAIN authentication failed: Sep 8 10:19:15 mail.srvfarm.net postfix/smtps/smtpd[1716015]: lost connection after AUTH from unknown[103.18.242.23] Sep 8 10:19:25 mail.srvfarm.net postfix/smtps/smtpd[1700325]: warning: unknown[103.18.242.23]: SASL PLAIN authentication failed:	2020-09-11 18:04:26
103.18.242.9	attackbots	Aug 27 05:34:14 mail.srvfarm.net postfix/smtps/smtpd[1357935]: warning: unknown[103.18.242.9]: SASL PLAIN authentication failed: Aug 27 05:34:14 mail.srvfarm.net postfix/smtps/smtpd[1357935]: lost connection after AUTH from unknown[103.18.242.9] Aug 27 05:35:40 mail.srvfarm.net postfix/smtps/smtpd[1355752]: warning: unknown[103.18.242.9]: SASL PLAIN authentication failed: Aug 27 05:35:40 mail.srvfarm.net postfix/smtps/smtpd[1355752]: lost connection after AUTH from unknown[103.18.242.9] Aug 27 05:42:13 mail.srvfarm.net postfix/smtpd[1362101]: warning: unknown[103.18.242.9]: SASL PLAIN authentication failed:	2020-08-28 07:35:55
103.18.242.14	attackspam	Brute force attempt	2020-08-21 20:18:47
103.18.242.44	attackspam	Attempted Brute Force (dovecot)	2020-08-21 02:37:06
103.18.242.45	attackspam	Aug 16 05:34:34 mail.srvfarm.net postfix/smtpd[1887514]: warning: unknown[103.18.242.45]: SASL PLAIN authentication failed: Aug 16 05:34:34 mail.srvfarm.net postfix/smtpd[1887514]: lost connection after AUTH from unknown[103.18.242.45] Aug 16 05:36:18 mail.srvfarm.net postfix/smtps/smtpd[1890437]: warning: unknown[103.18.242.45]: SASL PLAIN authentication failed: Aug 16 05:36:18 mail.srvfarm.net postfix/smtps/smtpd[1890437]: lost connection after AUTH from unknown[103.18.242.45] Aug 16 05:38:01 mail.srvfarm.net postfix/smtpd[1887514]: warning: unknown[103.18.242.45]: SASL PLAIN authentication failed:	2020-08-16 12:42:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.18.2.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5258
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.18.2.242.			IN	A

;; AUTHORITY SECTION:
.			247	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121802 1800 900 604800 86400

;; Query time: 138 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 19 06:55:02 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 242.2.18.103.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 242.2.18.103.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
36.112.136.33	attack	2020-07-21T07:56:33.675290vps1033 sshd[21596]: Invalid user arul from 36.112.136.33 port 48288 2020-07-21T07:56:33.679674vps1033 sshd[21596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.112.136.33 2020-07-21T07:56:33.675290vps1033 sshd[21596]: Invalid user arul from 36.112.136.33 port 48288 2020-07-21T07:56:35.447013vps1033 sshd[21596]: Failed password for invalid user arul from 36.112.136.33 port 48288 ssh2 2020-07-21T08:01:01.835856vps1033 sshd[31046]: Invalid user hxy from 36.112.136.33 port 40291 ...	2020-07-21 19:01:50
166.170.220.85	attack	Brute forcing email accounts	2020-07-21 19:04:06
60.167.177.25	attackbots	Jul 21 03:50:38 marvibiene sshd[43574]: Invalid user administrador from 60.167.177.25 port 51492 Jul 21 03:50:38 marvibiene sshd[43574]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.167.177.25 Jul 21 03:50:38 marvibiene sshd[43574]: Invalid user administrador from 60.167.177.25 port 51492 Jul 21 03:50:40 marvibiene sshd[43574]: Failed password for invalid user administrador from 60.167.177.25 port 51492 ssh2 ...	2020-07-21 19:21:43
2.114.202.124	attack	prod6 ...	2020-07-21 19:08:54
49.235.35.133	attack	Jul 20 23:50:35 Tower sshd[35724]: Connection from 49.235.35.133 port 37126 on 192.168.10.220 port 22 rdomain "" Jul 20 23:50:40 Tower sshd[35724]: Invalid user dave from 49.235.35.133 port 37126 Jul 20 23:50:40 Tower sshd[35724]: error: Could not get shadow information for NOUSER Jul 20 23:50:40 Tower sshd[35724]: Failed password for invalid user dave from 49.235.35.133 port 37126 ssh2 Jul 20 23:50:41 Tower sshd[35724]: Received disconnect from 49.235.35.133 port 37126:11: Bye Bye [preauth] Jul 20 23:50:41 Tower sshd[35724]: Disconnected from invalid user dave 49.235.35.133 port 37126 [preauth]	2020-07-21 19:07:29
141.98.9.157	attackbots	Jul 21 12:39:27 haigwepa sshd[13851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.157 Jul 21 12:39:29 haigwepa sshd[13851]: Failed password for invalid user admin from 141.98.9.157 port 34863 ssh2 ...	2020-07-21 18:46:38
103.63.212.164	attack	20 attempts against mh-ssh on cloud	2020-07-21 19:04:54
193.112.19.133	attackbotsspam	$f2bV_matches	2020-07-21 18:39:29
111.229.126.37	attackspam	Failed password for invalid user helpdesk from 111.229.126.37 port 60040 ssh2	2020-07-21 19:31:52
223.240.86.204	attackbots	$f2bV_matches	2020-07-21 18:34:55
138.68.226.234	attack	Port scan: Attack repeated for 24 hours	2020-07-21 19:36:37
51.195.28.121	attackbotsspam	$f2bV_matches	2020-07-21 19:21:06
45.125.65.52	attack	Jul 21 12:35:54 srv01 postfix/smtpd\[21111\]: warning: unknown\[45.125.65.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 21 12:38:02 srv01 postfix/smtpd\[7588\]: warning: unknown\[45.125.65.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 21 12:43:00 srv01 postfix/smtpd\[21111\]: warning: unknown\[45.125.65.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 21 12:43:50 srv01 postfix/smtpd\[12044\]: warning: unknown\[45.125.65.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 21 12:45:04 srv01 postfix/smtpd\[21583\]: warning: unknown\[45.125.65.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-21 19:07:44
192.35.168.243	attackbotsspam	Unauthorized connection attempt detected from IP address 192.35.168.243 to port 139 [T]	2020-07-21 19:38:34
154.237.50.224	attackbots	Email rejected due to spam filtering	2020-07-21 18:30:20

Recently Reported IPs

77.107.59.243	220.38.58.92	85.27.208.8	95.134.189.21
167.75.59.60	40.92.67.54	3.204.14.47	70.133.243.246
1.254.228.121	93.92.160.81	46.49.148.18	83.170.214.142
85.113.41.207	1.26.52.25	175.104.243.1	14.186.45.174
77.253.192.166	61.180.201.77	50.127.216.102	144.21.177.214