103.242.125.243

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: Universitas Negeri Surabaya

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Nov 24 07:28:19 exim[3114]: [1\29] 1iYlNa-0000oE-0R H=(lucanatractors.it) [103.242.125.243] F= rejected after DATA: This message scored 103.5 spam points.	2019-11-24 15:20:07
attack	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 07:21:15
attack	proto=tcp . spt=60261 . dpt=25 . (listed on Blocklist de Jul 27) (134)	2019-07-28 11:05:26

Type

Details

Datetime

attackspam

Nov 24 07:28:19  exim[3114]: [1\29] 1iYlNa-0000oE-0R H=(lucanatractors.it) [103.242.125.243] F= rejected after DATA: This message scored 103.5 spam points.

2019-11-24 15:20:07

attack

"Account brute force using dictionary attack against Exchange Online"

2019-08-06 07:21:15

attack

proto=tcp  .  spt=60261  .  dpt=25  .     (listed on Blocklist de  Jul 27)     (134)

2019-07-28 11:05:26

Comments on same subnet:

IP	Type	Details	Datetime
103.242.125.242	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-18 09:34:29,745 INFO [amun_request_handler] PortScan Detected on Port: 445 (103.242.125.242)	2019-07-18 21:57:42

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.242.125.243
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29429
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.242.125.243.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051402 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed May 15 07:45:04 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 243.125.242.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 243.125.242.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
122.51.57.78	attackbots	Mar 9 15:05:53 server sshd\[18165\]: Invalid user vaibhav from 122.51.57.78 Mar 9 15:05:53 server sshd\[18165\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.57.78 Mar 9 15:05:55 server sshd\[18165\]: Failed password for invalid user vaibhav from 122.51.57.78 port 45630 ssh2 Mar 9 15:24:32 server sshd\[21970\]: Invalid user vaibhav from 122.51.57.78 Mar 9 15:24:32 server sshd\[21970\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.57.78 ...	2020-03-10 03:14:44
69.229.6.2	attackspam	Mar 9 21:50:50 master sshd[7265]: Failed password for root from 69.229.6.2 port 3351 ssh2	2020-03-10 03:31:25
18.216.72.250	attackbotsspam	Lines containing failures of 18.216.72.250 Mar 9 11:14:55 shared09 sshd[14022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.216.72.250 user=r.r Mar 9 11:14:56 shared09 sshd[14022]: Failed password for r.r from 18.216.72.250 port 47504 ssh2 Mar 9 11:14:56 shared09 sshd[14022]: Received disconnect from 18.216.72.250 port 47504:11: Bye Bye [preauth] Mar 9 11:14:56 shared09 sshd[14022]: Disconnected from authenticating user r.r 18.216.72.250 port 47504 [preauth] Mar 9 11:39:51 shared09 sshd[21749]: Invalid user admin from 18.216.72.250 port 36176 Mar 9 11:39:51 shared09 sshd[21749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.216.72.250 Mar 9 11:39:54 shared09 sshd[21749]: Failed password for invalid user admin from 18.216.72.250 port 36176 ssh2 Mar 9 11:39:54 shared09 sshd[21749]: Received disconnect from 18.216.72.250 port 36176:11: Bye Bye [preauth] Mar 9 11:39:54 share........ ------------------------------	2020-03-10 03:13:56
182.253.186.139	attackbots	20/3/9@08:24:01: FAIL: Alarm-Network address from=182.253.186.139 20/3/9@08:24:02: FAIL: Alarm-Network address from=182.253.186.139 ...	2020-03-10 03:34:27
187.189.65.51	attackspam	$f2bV_matches	2020-03-10 03:29:30
190.153.27.98	attackbots	Mar 9 22:05:09 server sshd\[23215\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mx4.cfg.gob.ve user=root Mar 9 22:05:10 server sshd\[23215\]: Failed password for root from 190.153.27.98 port 40264 ssh2 Mar 9 22:13:00 server sshd\[24710\]: Invalid user jenkins from 190.153.27.98 Mar 9 22:13:00 server sshd\[24710\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mx4.cfg.gob.ve Mar 9 22:13:02 server sshd\[24710\]: Failed password for invalid user jenkins from 190.153.27.98 port 57066 ssh2 ...	2020-03-10 03:26:46
122.152.192.98	attackbotsspam	Mar 9 20:18:13 MK-Soft-VM3 sshd[15749]: Failed password for root from 122.152.192.98 port 57936 ssh2 ...	2020-03-10 03:48:08
95.186.194.92	attackspambots	Email rejected due to spam filtering	2020-03-10 03:42:57
61.177.172.128	attackspam	Mar 9 19:08:55 vlre-nyc-1 sshd\[18870\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.128 user=root Mar 9 19:08:57 vlre-nyc-1 sshd\[18870\]: Failed password for root from 61.177.172.128 port 4298 ssh2 Mar 9 19:09:01 vlre-nyc-1 sshd\[18870\]: Failed password for root from 61.177.172.128 port 4298 ssh2 Mar 9 19:09:04 vlre-nyc-1 sshd\[18870\]: Failed password for root from 61.177.172.128 port 4298 ssh2 Mar 9 19:09:07 vlre-nyc-1 sshd\[18870\]: Failed password for root from 61.177.172.128 port 4298 ssh2 ...	2020-03-10 03:18:42
122.161.155.43	attack	1583774956 - 03/09/2020 18:29:16 Host: 122.161.155.43/122.161.155.43 Port: 23 TCP Blocked	2020-03-10 03:13:26
45.140.169.135	attackspam	Lines containing failures of 45.140.169.135 Mar 9 07:39:48 install sshd[30230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.140.169.135 user=r.r Mar 9 07:39:50 install sshd[30230]: Failed password for r.r from 45.140.169.135 port 57592 ssh2 Mar 9 07:39:50 install sshd[30230]: Received disconnect from 45.140.169.135 port 57592:11: Bye Bye [preauth] Mar 9 07:39:50 install sshd[30230]: Disconnected from authenticating user r.r 45.140.169.135 port 57592 [preauth] Mar 9 07:57:49 install sshd[1216]: Invalid user from 45.140.169.135 port 37996 Mar 9 07:57:49 install sshd[1216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.140.169.135 Mar 9 07:57:51 install sshd[1216]: Failed password for invalid user from 45.140.169.135 port 37996 ssh2 Mar 9 07:57:51 install sshd[1216]: Received disconnect from 45.140.169.135 port 37996:11: Bye Bye [preauth] Mar 9 07:57:51 install sshd[1216]........ ------------------------------	2020-03-10 03:46:33
1.38.155.180	attackspambots	Autoban 1.38.155.180 VIRUS	2020-03-10 03:43:47
179.93.56.85	attack	Email rejected due to spam filtering	2020-03-10 03:23:21
139.59.244.225	attackbotsspam	$f2bV_matches	2020-03-10 03:28:57
61.216.131.31	attackspambots	SSH authentication failure x 6 reported by Fail2Ban ...	2020-03-10 03:32:56

Recently Reported IPs

163.74.250.227	46.100.63.109	201.229.156.107	118.97.13.146
222.69.204.24	10.59.198.96	81.28.165.212	103.221.228.70
103.126.101.100	92.45.62.51	94.100.85.122	114.119.9.229
83.221.180.122	171.239.3.140	59.68.10.153	200.37.16.226
212.34.237.154	115.84.99.63	103.78.9.44	194.61.24.29