103.242.119.65

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: Ocean Exports

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorized access detected from banned ip	2019-12-20 04:14:58

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.242.119.65
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32681
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.242.119.65.			IN	A

;; AUTHORITY SECTION:
.			313	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121901 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 20 04:14:53 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 65.119.242.103.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 65.119.242.103.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
74.82.47.2	attackspambots	8443/tcp 548/tcp 6379/tcp... [2019-04-27/06-27]35pkt,17pt.(tcp),1pt.(udp)	2019-06-27 20:16:13
180.254.8.147	attackspam	Jun 27 06:32:15 Proxmox sshd\[31807\]: Invalid user sysadmin from 180.254.8.147 port 36140 Jun 27 06:32:15 Proxmox sshd\[31807\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.254.8.147 Jun 27 06:32:17 Proxmox sshd\[31807\]: Failed password for invalid user sysadmin from 180.254.8.147 port 36140 ssh2 Jun 27 06:36:47 Proxmox sshd\[4122\]: Invalid user genoveva from 180.254.8.147 port 42394 Jun 27 06:36:47 Proxmox sshd\[4122\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.254.8.147 Jun 27 06:36:49 Proxmox sshd\[4122\]: Failed password for invalid user genoveva from 180.254.8.147 port 42394 ssh2	2019-06-27 20:18:08
201.148.247.13	attack	Jun 27 05:48:27 mailman postfix/smtpd[3040]: warning: unknown[201.148.247.13]: SASL PLAIN authentication failed: authentication failure	2019-06-27 20:38:47
51.255.86.223	attackbots	Jun 26 23:37:39 web1 postfix/smtpd[18195]: warning: unknown[51.255.86.223]: SASL LOGIN authentication failed: authentication failure ...	2019-06-27 20:22:49
68.8.80.12	attackbotsspam	Jun 27 08:40:29 ovpn sshd\[23376\]: Invalid user moodle from 68.8.80.12 Jun 27 08:40:29 ovpn sshd\[23376\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.8.80.12 Jun 27 08:40:31 ovpn sshd\[23376\]: Failed password for invalid user moodle from 68.8.80.12 port 44326 ssh2 Jun 27 08:47:23 ovpn sshd\[23405\]: Invalid user steam from 68.8.80.12 Jun 27 08:47:23 ovpn sshd\[23405\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.8.80.12	2019-06-27 20:28:51
164.132.119.83	attack	Automatic report - Web App Attack	2019-06-27 20:29:24
72.47.70.98	attackspam	Blocked for port scanning (Port 23 / Telnet brute-force). Time: Wed Jun 26. 21:13:22 2019 +0200 IP: 72.47.70.98 (US/United States/72-47-70-98.plptcmtk01.com.dyn.suddenlink.net) Sample of block hits: Jun 26 21:11:33 vserv kernel: [11216584.406413] Firewall: TCP_IN Blocked IN=venet0 OUT= MAC= SRC=72.47.70.98 DST=[removed] LEN=40 TOS=0x00 PREC=0x00 TTL=54 ID=42164 PROTO=TCP SPT=5512 DPT=23 WINDOW=21696 RES=0x00 SYN URGP=0 Jun 26 21:12:05 vserv kernel: [11216616.413649] Firewall: TCP_IN Blocked IN=venet0 OUT= MAC= SRC=72.47.70.98 DST=[removed] LEN=40 TOS=0x00 PREC=0x00 TTL=54 ID=42164 PROTO=TCP SPT=5512 DPT=23 WINDOW=21696 RES=0x00 SYN URGP=0 Jun 26 21:12:05 vserv kernel: [11216616.591358] Firewall: TCP_IN Blocked IN=venet0 OUT= MAC= SRC=72.47.70.98 DST=[removed] LEN=40 TOS=0x00 PREC=0x00 TTL=54 ID=42164 PROTO=TCP SPT=5512 DPT=23 WINDOW=21696 RES=0x00 SYN URGP=0 Jun 26 21:12:08 vserv kernel: [11216619.063178] Firewall: TCP_IN Blocked IN=venet0 OUT= MAC= SRC=72.47.70.98 DST ....	2019-06-27 20:07:15
89.122.181.62	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-26 03:59:53,365 INFO [shellcode_manager] (89.122.181.62) no match, writing hexdump (aea85522d77ad537a2642cf5022ac048 :2214401) - MS17010 (EternalBlue)	2019-06-27 20:05:36
144.76.3.131	attack	20 attempts against mh-misbehave-ban on hill.magehost.pro	2019-06-27 20:04:30
24.54.198.220	attack	LinkSys E-series Routers Remote Code Execution Vulnerability, PTR: PTR record not found	2019-06-27 20:06:10
122.224.64.44	attack	Autoban 122.224.64.44 AUTH/CONNECT	2019-06-27 20:28:34
180.190.91.205	attackspambots	LGS,WP GET /wp-login.php	2019-06-27 19:59:07
66.249.69.77	attackbotsspam	Automatic report - Web App Attack	2019-06-27 19:56:27
159.89.165.127	attackbotsspam	2019-06-27T11:01:27.180102abusebot-4.cloudsearch.cf sshd\[15434\]: Invalid user ubuntu from 159.89.165.127 port 38544	2019-06-27 19:56:06
79.40.182.195	attackspam	27.06.2019 03:39:03 Command injection vulnerability attempt/scan (login.cgi)	2019-06-27 20:03:06

Recently Reported IPs

152.59.197.27	37.46.121.192	60.242.115.135	97.93.44.127
68.124.197.194	34.214.149.230	179.209.151.149	110.229.153.182
73.123.108.67	3.195.144.86	50.100.144.219	175.189.99.77
157.147.135.26	212.191.65.13	80.87.216.126	58.118.187.182
200.127.255.126	103.45.70.111	81.242.53.21	32.202.246.112