103.212.140.135

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: Mayekar Broadband Pvt Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Jul 15 02:29:33 localhost kernel: [14416366.835441] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=103.212.140.135 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x20 TTL=48 ID=2112 DF PROTO=TCP SPT=58699 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Jul 15 02:29:33 localhost kernel: [14416366.835472] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=103.212.140.135 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x20 TTL=48 ID=2112 DF PROTO=TCP SPT=58699 DPT=8291 SEQ=1872484757 ACK=0 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405AC0103030201010402) Jul 15 02:29:36 localhost kernel: [14416370.044023] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=103.212.140.135 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x20 TTL=48 ID=28960 DF PROTO=TCP SPT=64314 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Jul 15 02:29:36 localhost kernel: [14416370.044052] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=103.2	2019-07-15 14:56:03

Type

Details

Datetime

attackbotsspam

Jul 15 02:29:33 localhost kernel: [14416366.835441] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=103.212.140.135 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x20 TTL=48 ID=2112 DF PROTO=TCP SPT=58699 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 
Jul 15 02:29:33 localhost kernel: [14416366.835472] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=103.212.140.135 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x20 TTL=48 ID=2112 DF PROTO=TCP SPT=58699 DPT=8291 SEQ=1872484757 ACK=0 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405AC0103030201010402) 
Jul 15 02:29:36 localhost kernel: [14416370.044023] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=103.212.140.135 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x20 TTL=48 ID=28960 DF PROTO=TCP SPT=64314 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 
Jul 15 02:29:36 localhost kernel: [14416370.044052] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=103.2

2019-07-15 14:56:03

Comments on same subnet:

IP	Type	Details	Datetime
103.212.140.133	attack	Sep 28 22:37:42 mellenthin postfix/smtpd[9356]: NOQUEUE: reject: RCPT from unknown[103.212.140.133]: 554 5.7.1 Service unavailable; Client host [103.212.140.133] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/103.212.140.133 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[103.212.140.133]>	2020-09-29 23:06:27
103.212.140.133	attack	Sep 28 22:37:42 mellenthin postfix/smtpd[9356]: NOQUEUE: reject: RCPT from unknown[103.212.140.133]: 554 5.7.1 Service unavailable; Client host [103.212.140.133] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/103.212.140.133 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[103.212.140.133]>	2020-09-29 15:25:19
103.212.140.149	attackspambots	Aug 7 13:51:47 iago sshd[12888]: Did not receive identification string from 103.212.140.149 Aug 7 13:52:51 iago sshd[12892]: Invalid user thostname0nich from 103.212.140.149 Aug 7 13:52:52 iago sshd[12892]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.212.140.149 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.212.140.149	2020-08-08 00:08:51
103.212.140.101	attack	xmlrpc attack	2020-07-10 12:16:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.212.140.135
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31790
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.212.140.135.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 15 14:55:40 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 135.140.212.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 135.140.212.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
72.27.224.22	attackspambots	SMTP	2020-09-29 12:03:07
185.217.1.246	attackbotsspam	Sep 29 05:37:18 heicom sshd\[6490\]: Invalid user 0 from 185.217.1.246 Sep 29 05:37:54 heicom sshd\[6531\]: Invalid user 22 from 185.217.1.246 Sep 29 05:39:13 heicom sshd\[6580\]: Invalid user 101 from 185.217.1.246 Sep 29 05:39:45 heicom sshd\[6676\]: Invalid user 123 from 185.217.1.246 Sep 29 05:39:56 heicom sshd\[6688\]: Invalid user 1111 from 185.217.1.246 ...	2020-09-29 12:18:01
65.181.123.252	attack	phishing	2020-09-29 12:19:12
125.162.208.114	attackbotsspam	Sep 28 22:36:19 iago sshd[24684]: Did not receive identification string from 125.162.208.114 Sep 28 22:36:28 iago sshd[24689]: Address 125.162.208.114 maps to 114.subnet125-162-208.speedy.telkom.net.id, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Sep 28 22:36:28 iago sshd[24689]: Invalid user service from 125.162.208.114 Sep 28 22:36:28 iago sshd[24689]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.162.208.114 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=125.162.208.114	2020-09-29 12:13:43
165.22.101.1	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-28T23:44:45Z and 2020-09-28T23:52:59Z	2020-09-29 12:18:16
165.232.39.229	attack	21 attempts against mh-ssh on unifi	2020-09-29 12:23:41
182.151.204.23	attackspam	Sep 29 00:21:03 rotator sshd\[5410\]: Failed password for root from 182.151.204.23 port 41992 ssh2Sep 29 00:22:52 rotator sshd\[5425\]: Invalid user landspace from 182.151.204.23Sep 29 00:22:55 rotator sshd\[5425\]: Failed password for invalid user landspace from 182.151.204.23 port 40794 ssh2Sep 29 00:24:55 rotator sshd\[5442\]: Invalid user git from 182.151.204.23Sep 29 00:24:56 rotator sshd\[5442\]: Failed password for invalid user git from 182.151.204.23 port 39610 ssh2Sep 29 00:26:46 rotator sshd\[6198\]: Failed password for root from 182.151.204.23 port 38386 ssh2 ...	2020-09-29 07:15:33
95.239.59.6	attackspambots	Automatic report - Port Scan Attack	2020-09-29 12:08:24
111.231.215.244	attackbots	SSH BruteForce Attack	2020-09-29 07:21:34
222.73.136.205	attackspam	1433/tcp 445/tcp... [2020-07-30/09-27]10pkt,2pt.(tcp)	2020-09-29 07:18:07
64.225.11.24	attack	...	2020-09-29 12:14:38
162.0.236.242	attack	Invalid user admin from 162.0.236.242 port 50924	2020-09-29 07:18:45
165.232.39.224	attackspambots	20 attempts against mh-ssh on rock	2020-09-29 12:22:03
157.245.70.68	attack	SSH Brute Force	2020-09-29 12:05:37
115.254.63.50	attackbotsspam	$f2bV_matches	2020-09-29 07:25:04

Recently Reported IPs

60.251.54.66	78.60.29.79	180.121.199.144	41.79.66.220
27.205.226.180	79.200.217.13	89.152.112.18	60.108.102.232
73.44.221.240	124.163.26.72	46.158.198.90	197.171.1.30
139.186.114.232	209.15.37.16	191.183.170.61	76.188.87.192
167.86.116.202	110.188.56.95	91.188.112.53	213.86.158.67