103.242.106.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Lintas Jaringan Nusantara

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Feb 28 05:50:41 grey postfix/smtpd\[23504\]: NOQUEUE: reject: RCPT from unknown\[103.242.106.2\]: 554 5.7.1 Service unavailable\; Client host \[103.242.106.2\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?103.242.106.2\; from=\ to=\ proto=ESMTP helo=\<\[103.242.106.2\]\> ...	2020-02-28 19:05:09

Type

Details

Datetime

attackbotsspam

Feb 28 05:50:41 grey postfix/smtpd\[23504\]: NOQUEUE: reject: RCPT from unknown\[103.242.106.2\]: 554 5.7.1 Service unavailable\; Client host \[103.242.106.2\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?103.242.106.2\; from=\ to=\ proto=ESMTP helo=\<\[103.242.106.2\]\>
...

2020-02-28 19:05:09

Comments on same subnet:

IP	Type	Details	Datetime
103.242.106.119	attack	Unauthorized connection attempt detected from IP address 103.242.106.119 to port 445 [T]	2020-08-14 02:50:40
103.242.106.139	attack	20/5/3@23:58:59: FAIL: Alarm-Network address from=103.242.106.139 ...	2020-05-04 12:17:15
103.242.106.172	attackbots	Jan 15 04:39:27 XXXXXX sshd[55063]: Invalid user guest from 103.242.106.172 port 50849	2020-01-15 15:04:56

Type

Details

Datetime

103.242.106.119

attack

Unauthorized connection attempt detected from IP address 103.242.106.119 to port 445 [T]

2020-08-14 02:50:40

103.242.106.139

attack

20/5/3@23:58:59: FAIL: Alarm-Network address from=103.242.106.139
...

2020-05-04 12:17:15

103.242.106.172

attackbots

Jan 15 04:39:27 XXXXXX sshd[55063]: Invalid user guest from 103.242.106.172 port 50849

2020-01-15 15:04:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.242.106.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4591
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.242.106.2.			IN	A

;; AUTHORITY SECTION:
.			471	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022800 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 28 19:05:03 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 2.106.242.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.106.242.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.141.191.238	attack	Nov 3 11:21:33 dev0-dcde-rnet sshd[32129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.141.191.238 Nov 3 11:21:35 dev0-dcde-rnet sshd[32129]: Failed password for invalid user roscoe from 114.141.191.238 port 54832 ssh2 Nov 3 11:25:33 dev0-dcde-rnet sshd[32144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.141.191.238	2019-11-03 19:51:35
5.152.159.31	attackbots	Nov 3 06:36:09 icinga sshd[6490]: Failed password for root from 5.152.159.31 port 59610 ssh2 ...	2019-11-03 20:26:41
164.52.24.178	attack	Connection by 164.52.24.178 on port: 6379 got caught by honeypot at 11/3/2019 4:47:22 AM	2019-11-03 20:11:51
80.211.172.45	attack	Nov 3 08:50:31 SilenceServices sshd[13546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.172.45 Nov 3 08:50:33 SilenceServices sshd[13546]: Failed password for invalid user yeziyan from 80.211.172.45 port 60396 ssh2 Nov 3 08:53:56 SilenceServices sshd[14554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.172.45	2019-11-03 19:57:31
106.241.16.105	attackbotsspam	"Fail2Ban detected SSH brute force attempt"	2019-11-03 20:17:58
182.53.206.198	attackbotsspam	xmlrpc attack	2019-11-03 20:05:18
114.32.153.15	attackbotsspam	Nov 3 09:52:28 vmanager6029 sshd\[1195\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.32.153.15 user=root Nov 3 09:52:30 vmanager6029 sshd\[1195\]: Failed password for root from 114.32.153.15 port 35360 ssh2 Nov 3 09:56:24 vmanager6029 sshd\[1252\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.32.153.15 user=root	2019-11-03 19:59:27
124.16.164.2	attack	Nov 3 01:53:16 mockhub sshd[20713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.164.2 Nov 3 01:53:18 mockhub sshd[20713]: Failed password for invalid user user from 124.16.164.2 port 40337 ssh2 ...	2019-11-03 20:33:14
111.230.185.56	attackspambots	(sshd) Failed SSH login from 111.230.185.56 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Nov 3 06:12:57 server2 sshd[24281]: Invalid user yamamoto from 111.230.185.56 port 30342 Nov 3 06:13:00 server2 sshd[24281]: Failed password for invalid user yamamoto from 111.230.185.56 port 30342 ssh2 Nov 3 06:41:42 server2 sshd[25008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.185.56 user=root Nov 3 06:41:44 server2 sshd[25008]: Failed password for root from 111.230.185.56 port 39914 ssh2 Nov 3 06:47:32 server2 sshd[25127]: Invalid user ru from 111.230.185.56 port 10755	2019-11-03 20:04:58
129.211.27.10	attack	Nov 3 06:38:18 localhost sshd\[32674\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.27.10 user=root Nov 3 06:38:20 localhost sshd\[32674\]: Failed password for root from 129.211.27.10 port 38401 ssh2 Nov 3 06:42:48 localhost sshd\[520\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.27.10 user=root Nov 3 06:42:50 localhost sshd\[520\]: Failed password for root from 129.211.27.10 port 57484 ssh2 Nov 3 06:47:15 localhost sshd\[771\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.27.10 user=root ...	2019-11-03 20:13:48
45.82.153.76	attack	Nov 3 12:30:51 relay postfix/smtpd\[15071\]: warning: unknown\[45.82.153.76\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 3 12:33:30 relay postfix/smtpd\[14974\]: warning: unknown\[45.82.153.76\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 3 12:33:56 relay postfix/smtpd\[21862\]: warning: unknown\[45.82.153.76\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 3 12:42:08 relay postfix/smtpd\[29398\]: warning: unknown\[45.82.153.76\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 3 12:42:27 relay postfix/smtpd\[28272\]: warning: unknown\[45.82.153.76\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-11-03 19:48:52
145.239.73.103	attackbotsspam	2019-11-03T09:22:11.940020scmdmz1 sshd\[11796\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.ip-145-239-73.eu user=root 2019-11-03T09:22:13.721708scmdmz1 sshd\[11796\]: Failed password for root from 145.239.73.103 port 41320 ssh2 2019-11-03T09:25:47.110557scmdmz1 sshd\[12124\]: Invalid user lakshmi from 145.239.73.103 port 51176 ...	2019-11-03 20:18:36
185.9.3.48	attack	Nov 3 13:22:23 dedicated sshd[5359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.9.3.48 user=root Nov 3 13:22:25 dedicated sshd[5359]: Failed password for root from 185.9.3.48 port 34456 ssh2 Nov 3 13:26:23 dedicated sshd[6070]: Invalid user wg from 185.9.3.48 port 45074 Nov 3 13:26:23 dedicated sshd[6070]: Invalid user wg from 185.9.3.48 port 45074	2019-11-03 20:31:29
86.120.62.75	attack	/editBlackAndWhiteList	2019-11-03 19:56:05
195.159.103.189	attackspambots	Nov 2 19:42:15 hanapaa sshd\[29693\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195-159-103-189.customer.powertech.no user=root Nov 2 19:42:17 hanapaa sshd\[29693\]: Failed password for root from 195.159.103.189 port 44562 ssh2 Nov 2 19:47:27 hanapaa sshd\[30090\]: Invalid user biz from 195.159.103.189 Nov 2 19:47:27 hanapaa sshd\[30090\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195-159-103-189.customer.powertech.no Nov 2 19:47:29 hanapaa sshd\[30090\]: Failed password for invalid user biz from 195.159.103.189 port 54576 ssh2	2019-11-03 20:06:34

Recently Reported IPs

36.65.80.175	123.22.31.85	74.134.5.236	188.162.43.178
117.3.80.4	122.155.27.1	110.138.211.102	116.111.185.78
103.216.218.52	202.179.188.66	180.145.24.44	125.167.114.219
178.219.123.76	66.249.65.110	173.208.184.28	106.51.64.90
87.197.137.176	180.140.126.212	103.212.211.140	36.92.10.97