103.23.102.3 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: Universitas Negeri Semarang

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Aug 15 22:40:52 piServer sshd[14297]: Failed password for root from 103.23.102.3 port 42271 ssh2 Aug 15 22:43:39 piServer sshd[14536]: Failed password for root from 103.23.102.3 port 60340 ssh2 Aug 15 22:46:30 piServer sshd[14804]: Failed password for root from 103.23.102.3 port 46362 ssh2 ...	2020-08-16 05:01:18
attackbots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-08-02 19:01:54
attackbots	Failed password for invalid user wengzihang from 103.23.102.3 port 55327 ssh2	2020-07-29 03:16:07
attackspam	Jul 18 17:18:57 NPSTNNYC01T sshd[1147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 Jul 18 17:18:58 NPSTNNYC01T sshd[1147]: Failed password for invalid user trade from 103.23.102.3 port 59717 ssh2 Jul 18 17:23:08 NPSTNNYC01T sshd[1649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 ...	2020-07-19 05:31:30
attack	Jul 11 05:36:38 pixelmemory sshd[2842211]: Invalid user guest from 103.23.102.3 port 38960 Jul 11 05:36:38 pixelmemory sshd[2842211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 Jul 11 05:36:38 pixelmemory sshd[2842211]: Invalid user guest from 103.23.102.3 port 38960 Jul 11 05:36:40 pixelmemory sshd[2842211]: Failed password for invalid user guest from 103.23.102.3 port 38960 ssh2 Jul 11 05:38:44 pixelmemory sshd[2844516]: Invalid user ruben from 103.23.102.3 port 51397 ...	2020-07-12 02:07:02
attackspam	Jul 5 06:44:46 web8 sshd\[29144\]: Invalid user user from 103.23.102.3 Jul 5 06:44:46 web8 sshd\[29144\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 Jul 5 06:44:47 web8 sshd\[29144\]: Failed password for invalid user user from 103.23.102.3 port 57277 ssh2 Jul 5 06:48:28 web8 sshd\[30976\]: Invalid user admin from 103.23.102.3 Jul 5 06:48:28 web8 sshd\[30976\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3	2020-07-05 15:16:55
attack	2020-07-04T14:04:24.524836vps751288.ovh.net sshd\[16458\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 user=root 2020-07-04T14:04:26.831854vps751288.ovh.net sshd\[16458\]: Failed password for root from 103.23.102.3 port 43249 ssh2 2020-07-04T14:07:44.301634vps751288.ovh.net sshd\[16479\]: Invalid user pptpd from 103.23.102.3 port 36000 2020-07-04T14:07:44.312212vps751288.ovh.net sshd\[16479\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 2020-07-04T14:07:46.408408vps751288.ovh.net sshd\[16479\]: Failed password for invalid user pptpd from 103.23.102.3 port 36000 ssh2	2020-07-05 03:15:03
attack	2020-06-19T07:25:16.485224rocketchat.forhosting.nl sshd[8761]: Invalid user ff from 103.23.102.3 port 43183 2020-06-19T07:25:18.253854rocketchat.forhosting.nl sshd[8761]: Failed password for invalid user ff from 103.23.102.3 port 43183 ssh2 2020-06-19T07:28:56.534978rocketchat.forhosting.nl sshd[8793]: Invalid user lfq from 103.23.102.3 port 38212 ...	2020-06-19 15:38:09
attackspambots	Invalid user service from 103.23.102.3 port 47484	2020-06-11 15:06:44
attackbotsspam	Jun 6 00:27:10 abendstille sshd\[27973\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 user=root Jun 6 00:27:11 abendstille sshd\[27973\]: Failed password for root from 103.23.102.3 port 43732 ssh2 Jun 6 00:29:40 abendstille sshd\[30290\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 user=root Jun 6 00:29:42 abendstille sshd\[30290\]: Failed password for root from 103.23.102.3 port 40907 ssh2 Jun 6 00:32:22 abendstille sshd\[32720\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 user=root ...	2020-06-06 06:34:31
attack	May 28 23:56:06 sip sshd[446098]: Failed password for invalid user openproject from 103.23.102.3 port 36998 ssh2 May 28 23:58:13 sip sshd[446158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 user=root May 28 23:58:15 sip sshd[446158]: Failed password for root from 103.23.102.3 port 52878 ssh2 ...	2020-05-29 06:39:56
attack	May 26 02:14:20 ws26vmsma01 sshd[239680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 May 26 02:14:22 ws26vmsma01 sshd[239680]: Failed password for invalid user weihu from 103.23.102.3 port 35279 ssh2 ...	2020-05-26 11:25:22
attackspambots	May 21 01:11:44 NPSTNNYC01T sshd[12284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 May 21 01:11:47 NPSTNNYC01T sshd[12284]: Failed password for invalid user zsx from 103.23.102.3 port 45244 ssh2 May 21 01:15:18 NPSTNNYC01T sshd[12520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 ...	2020-05-21 13:24:18
attackspam	Invalid user ghost from 103.23.102.3 port 33534	2020-05-15 03:12:14
attackspam	May 12 13:50:04 Ubuntu-1404-trusty-64-minimal sshd\[3059\]: Invalid user matt from 103.23.102.3 May 12 13:50:04 Ubuntu-1404-trusty-64-minimal sshd\[3059\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 May 12 13:50:06 Ubuntu-1404-trusty-64-minimal sshd\[3059\]: Failed password for invalid user matt from 103.23.102.3 port 58303 ssh2 May 12 14:10:45 Ubuntu-1404-trusty-64-minimal sshd\[26004\]: Invalid user sinus from 103.23.102.3 May 12 14:10:45 Ubuntu-1404-trusty-64-minimal sshd\[26004\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3	2020-05-12 20:27:10
attackbots	May 11 14:36:22 piServer sshd[14306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 May 11 14:36:24 piServer sshd[14306]: Failed password for invalid user subzero from 103.23.102.3 port 49941 ssh2 May 11 14:40:28 piServer sshd[14692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 ...	2020-05-11 22:34:35
attackbotsspam	$f2bV_matches	2020-05-02 23:25:58
attackbotsspam	"Unauthorized connection attempt on SSHD detected"	2020-04-27 21:46:33
attackbots	Brute force attempt	2020-04-21 22:28:22
attackbots	Invalid user hk from 103.23.102.3 port 51266	2020-04-21 18:05:37
attackbots	Apr 15 14:11:18 ws19vmsma01 sshd[101463]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 Apr 15 14:11:20 ws19vmsma01 sshd[101463]: Failed password for invalid user website from 103.23.102.3 port 47234 ssh2 ...	2020-04-16 03:25:20
attackspam	Mar 28 02:12:18 [HOSTNAME] sshd[12200]: Invalid user qtp from 103.23.102.3 port 35744 Mar 28 02:12:18 [HOSTNAME] sshd[12200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 Mar 28 02:12:20 [HOSTNAME] sshd[12200]: Failed password for invalid user qtp from 103.23.102.3 port 35744 ssh2 ...	2020-03-28 09:32:01
attack	Invalid user oc from 103.23.102.3 port 59742	2020-03-27 16:52:59
attackbotsspam	Mar 22 04:16:02 vps46666688 sshd[3257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 Mar 22 04:16:04 vps46666688 sshd[3257]: Failed password for invalid user kh from 103.23.102.3 port 50034 ssh2 ...	2020-03-22 19:39:09
attackbots	Mar 7 00:32:03 mail sshd\[2349\]: Invalid user dongtingting from 103.23.102.3 Mar 7 00:32:03 mail sshd\[2349\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 Mar 7 00:32:05 mail sshd\[2349\]: Failed password for invalid user dongtingting from 103.23.102.3 port 37192 ssh2 ...	2020-03-07 09:44:19
attackspambots	Mar 1 17:58:27 server sshd\[15469\]: Invalid user cpaneleximfilter from 103.23.102.3 Mar 1 17:58:27 server sshd\[15469\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 Mar 1 17:58:29 server sshd\[15469\]: Failed password for invalid user cpaneleximfilter from 103.23.102.3 port 33453 ssh2 Mar 1 18:11:57 server sshd\[18007\]: Invalid user node from 103.23.102.3 Mar 1 18:11:57 server sshd\[18007\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.102.3 ...	2020-03-02 02:08:36
attackspambots	Automatic report - Banned IP Access	2020-02-08 19:10:52
attackspambots	...	2020-02-03 19:57:23
attackspam	Feb 1 17:15:34 plusreed sshd[11522]: Invalid user guest from 103.23.102.3 ...	2020-02-02 06:26:05
attackbotsspam	SSH Brute-Force reported by Fail2Ban	2020-01-19 03:26:55

Comments on same subnet:

IP	Type	Details	Datetime
103.23.102.245	attackbots	spam	2020-01-24 15:33:24
103.23.102.245	attackbots	email spam	2019-12-17 17:57:40
103.23.102.245	attackspam	Autoban 103.23.102.245 AUTH/CONNECT	2019-11-18 19:11:42
103.23.102.111	attackspambots	11/07/2019-01:27:08.341804 103.23.102.111 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-11-07 17:08:08
103.23.102.245	attack	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:46:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.23.102.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24237
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.23.102.3.			IN	A

;; AUTHORITY SECTION:
.			433	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102700 1800 900 604800 86400

;; Query time: 127 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 27 15:32:47 CST 2019
;; MSG SIZE  rcvd: 116

Host info

3.102.23.103.in-addr.arpa domain name pointer 3.subnet-103.23.102.host.unnes.ac.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
3.102.23.103.in-addr.arpa	name = 3.subnet-103.23.102.host.unnes.ac.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.119.165.181	attackspambots	dow-CG Resa : wrong country/spammer...	2020-08-16 14:27:08
103.125.190.127	attack	Aug 16 00:54:26 HPCompaq6200-Xubuntu sshd[1282995]: Unable to negotiate with 103.125.190.127 port 4869: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] Aug 16 00:54:31 HPCompaq6200-Xubuntu sshd[1283010]: Unable to negotiate with 103.125.190.127 port 6780: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] Aug 16 00:54:34 HPCompaq6200-Xubuntu sshd[1283015]: Unable to negotiate with 103.125.190.127 port 7908: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] ...	2020-08-16 14:26:08
61.12.67.133	attackspambots	Aug 16 07:00:29 db sshd[27520]: User root from 61.12.67.133 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 14:20:13
125.35.92.130	attack	Aug 16 07:45:56 PorscheCustomer sshd[1901]: Failed password for root from 125.35.92.130 port 48421 ssh2 Aug 16 07:48:48 PorscheCustomer sshd[2024]: Failed password for root from 125.35.92.130 port 34912 ssh2 ...	2020-08-16 14:07:25
103.6.244.158	attack	103.6.244.158 - - \[16/Aug/2020:05:55:50 +0200\] "POST /wp-login.php HTTP/1.1" 200 12822 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 103.6.244.158 - - \[16/Aug/2020:05:55:52 +0200\] "POST /wp-login.php HTTP/1.1" 200 12722 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2020-08-16 14:00:29
14.17.114.203	attack	Aug 16 05:55:50 db sshd[21328]: User root from 14.17.114.203 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 14:01:45
68.132.136.198	attack	68.132.136.198 - - [16/Aug/2020:05:55:25 +0200] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 302 390 "-" "XTC"	2020-08-16 14:21:57
61.144.172.200	attackbotsspam	$f2bV_matches	2020-08-16 14:05:27
194.180.224.103	attack	...	2020-08-16 14:13:58
106.13.167.77	attackbots	SIP/5060 Probe, BF, Hack -	2020-08-16 14:38:42
107.189.10.93	attackspam	2020-08-16T03:55:43.315996abusebot-7.cloudsearch.cf sshd[4592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.189.10.93 user=root 2020-08-16T03:55:45.612752abusebot-7.cloudsearch.cf sshd[4592]: Failed password for root from 107.189.10.93 port 48224 ssh2 2020-08-16T03:55:48.316699abusebot-7.cloudsearch.cf sshd[4592]: Failed password for root from 107.189.10.93 port 48224 ssh2 2020-08-16T03:55:43.315996abusebot-7.cloudsearch.cf sshd[4592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.189.10.93 user=root 2020-08-16T03:55:45.612752abusebot-7.cloudsearch.cf sshd[4592]: Failed password for root from 107.189.10.93 port 48224 ssh2 2020-08-16T03:55:48.316699abusebot-7.cloudsearch.cf sshd[4592]: Failed password for root from 107.189.10.93 port 48224 ssh2 2020-08-16T03:55:43.315996abusebot-7.cloudsearch.cf sshd[4592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhos ...	2020-08-16 13:59:18
153.127.68.121	attackbotsspam	Brute-Force reported by Fail2Ban	2020-08-16 14:03:50
112.165.98.89	attackspambots	Aug 16 05:55:47 ns37 sshd[7092]: Failed password for root from 112.165.98.89 port 47660 ssh2 Aug 16 05:55:51 ns37 sshd[7094]: Failed password for root from 112.165.98.89 port 47937 ssh2	2020-08-16 13:58:58
104.211.241.188	attackbots	Aug 16 07:49:56 eventyay sshd[6066]: Failed password for root from 104.211.241.188 port 33776 ssh2 Aug 16 07:53:58 eventyay sshd[6185]: Failed password for root from 104.211.241.188 port 58420 ssh2 ...	2020-08-16 14:34:57
173.249.20.17	attack	Port Scan detected from 173.249.20.17 (DE/Germany/Bavaria/Munich (Ramersdorf-Perlach)/vmi429591.contaboserver.net). 4 hits in the last 261 seconds	2020-08-16 14:38:28

Recently Reported IPs

31.81.6.92	189.84.183.64	13.250.108.247	2002:b654:42a5::b654:42a5
210.74.11.97	77.49.206.180	36.155.114.198	83.20.113.252
134.236.161.243	77.40.62.238	176.239.252.190	154.160.9.244
140.201.172.39	214.213.205.255	213.45.245.242	244.164.51.65
52.72.234.124	179.36.43.212	154.51.139.63	251.152.35.124