103.247.21.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Wifian Solution

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-07 23:44:39

Comments on same subnet:

IP	Type	Details	Datetime
103.247.216.86	attackbots	Jul 11 05:56:17 mellenthin sshd[14801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.247.216.86 Jul 11 05:56:19 mellenthin sshd[14801]: Failed password for invalid user guest from 103.247.216.86 port 53703 ssh2	2020-07-11 13:38:56
103.247.217.147	attack	WordPress login Brute force / Web App Attack on client site.	2020-04-21 19:23:02
103.247.217.162	attack	Apr 19 23:32:42 eventyay sshd[18155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.247.217.162 Apr 19 23:32:44 eventyay sshd[18155]: Failed password for invalid user vn from 103.247.217.162 port 46987 ssh2 Apr 19 23:39:47 eventyay sshd[18287]: Failed password for root from 103.247.217.162 port 56443 ssh2 ...	2020-04-20 06:32:36
103.247.217.162	attackspambots	SSH Brute-Force reported by Fail2Ban	2020-04-11 03:24:17
103.247.217.162	attackspam	(sshd) Failed SSH login from 103.247.217.162 (ID/Indonesia/ip-162.217.hsp.net.id): 5 in the last 3600 secs	2020-04-07 05:10:42
103.247.217.147	attackbots	103.247.217.147 - - [30/Mar/2020:15:54:08 +0200] "GET /wp-login.php HTTP/1.1" 200 5688 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.247.217.147 - - [30/Mar/2020:15:54:11 +0200] "POST /wp-login.php HTTP/1.1" 200 6587 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.247.217.147 - - [30/Mar/2020:15:54:13 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-31 02:46:18
103.247.217.162	attack	2020-03-30T07:17:20.462447shield sshd\[29583\]: Invalid user hobbit from 103.247.217.162 port 43486 2020-03-30T07:17:20.466994shield sshd\[29583\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.247.217.162 2020-03-30T07:17:22.558190shield sshd\[29583\]: Failed password for invalid user hobbit from 103.247.217.162 port 43486 ssh2 2020-03-30T07:22:23.717902shield sshd\[30936\]: Invalid user ttm from 103.247.217.162 port 47285 2020-03-30T07:22:23.728447shield sshd\[30936\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.247.217.162	2020-03-30 15:38:11
103.247.219.14	attackspambots	Honeypot attack, port: 445, PTR: ip-14.219.hsp.net.id.	2020-02-21 20:59:27
103.247.217.229	attackbots	Unauthorised access (Feb 18) SRC=103.247.217.229 LEN=52 TTL=112 ID=17178 DF TCP DPT=445 WINDOW=8192 SYN	2020-02-18 16:21:49
103.247.217.145	attack	Automatic report - XMLRPC Attack	2020-01-10 06:26:44
103.247.217.145	attackspambots	Automatic report - XMLRPC Attack	2020-01-08 22:44:12
103.247.217.145	attack	php WP PHPmyadamin ABUSE blocked for 12h	2019-12-30 07:43:40
103.247.217.145	attack	www.geburtshaus-fulda.de 103.247.217.145 [20/Dec/2019:07:25:47 +0100] "POST /wp-login.php HTTP/1.1" 200 6350 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.geburtshaus-fulda.de 103.247.217.145 [20/Dec/2019:07:25:49 +0100] "POST /wp-login.php HTTP/1.1" 200 6354 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-12-20 19:35:03
103.247.217.121	attackspambots	email spam	2019-12-17 18:59:53
103.247.217.145	attack	Automatic report - Banned IP Access	2019-12-15 22:40:05

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.247.21.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5265
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.247.21.2.			IN	A

;; AUTHORITY SECTION:
.			179	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030700 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 07 23:44:31 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 2.21.247.103.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 100.100.2.138, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 2.21.247.103.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
82.135.27.20	attackspam	invalid login attempt (ij)	2020-03-24 09:43:43
114.233.191.154	attackspam	port scan and connect, tcp 23 (telnet)	2020-03-24 09:47:07
164.132.62.233	attack	Mar 24 01:08:12 ns382633 sshd\[21246\]: Invalid user www from 164.132.62.233 port 33770 Mar 24 01:08:12 ns382633 sshd\[21246\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.62.233 Mar 24 01:08:14 ns382633 sshd\[21246\]: Failed password for invalid user www from 164.132.62.233 port 33770 ssh2 Mar 24 01:17:16 ns382633 sshd\[22993\]: Invalid user circ from 164.132.62.233 port 37142 Mar 24 01:17:16 ns382633 sshd\[22993\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.62.233	2020-03-24 09:53:44
208.180.131.204	attack	SMTP/25 AUTH	2020-03-24 09:27:28
108.211.226.221	attackbotsspam	Mar 24 02:58:01 markkoudstaal sshd[28340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=108.211.226.221 Mar 24 02:58:03 markkoudstaal sshd[28340]: Failed password for invalid user wusifan from 108.211.226.221 port 19044 ssh2 Mar 24 03:03:48 markkoudstaal sshd[29034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=108.211.226.221	2020-03-24 10:06:31
196.200.191.115	attackspambots	DATE:2020-03-24 01:03:00, IP:196.200.191.115, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-03-24 10:06:06
58.221.7.174	attackbots	Mar 24 02:08:15 ns3042688 sshd\[2187\]: Invalid user www from 58.221.7.174 Mar 24 02:08:15 ns3042688 sshd\[2187\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.221.7.174 Mar 24 02:08:17 ns3042688 sshd\[2187\]: Failed password for invalid user www from 58.221.7.174 port 54654 ssh2 Mar 24 02:12:33 ns3042688 sshd\[2537\]: Invalid user rm from 58.221.7.174 Mar 24 02:12:33 ns3042688 sshd\[2537\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.221.7.174 ...	2020-03-24 09:35:48
222.186.30.209	attackspam	Mar 24 01:24:01 localhost sshd[101195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.209 user=root Mar 24 01:24:03 localhost sshd[101195]: Failed password for root from 222.186.30.209 port 17230 ssh2 Mar 24 01:24:05 localhost sshd[101195]: Failed password for root from 222.186.30.209 port 17230 ssh2 Mar 24 01:24:01 localhost sshd[101195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.209 user=root Mar 24 01:24:03 localhost sshd[101195]: Failed password for root from 222.186.30.209 port 17230 ssh2 Mar 24 01:24:05 localhost sshd[101195]: Failed password for root from 222.186.30.209 port 17230 ssh2 Mar 24 01:24:01 localhost sshd[101195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.209 user=root Mar 24 01:24:03 localhost sshd[101195]: Failed password for root from 222.186.30.209 port 17230 ssh2 Mar 24 01:24:05 localhost sshd[10 ...	2020-03-24 09:30:27
167.172.145.231	attackspambots	Mar 24 01:00:00 ns382633 sshd\[19559\]: Invalid user jana from 167.172.145.231 port 39302 Mar 24 01:00:00 ns382633 sshd\[19559\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.145.231 Mar 24 01:00:03 ns382633 sshd\[19559\]: Failed password for invalid user jana from 167.172.145.231 port 39302 ssh2 Mar 24 01:07:48 ns382633 sshd\[21178\]: Invalid user joller from 167.172.145.231 port 51204 Mar 24 01:07:48 ns382633 sshd\[21178\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.145.231	2020-03-24 09:22:30
49.234.87.24	attackspambots	Mar 24 01:42:18 [host] sshd[19015]: Invalid user a Mar 24 01:42:18 [host] sshd[19015]: pam_unix(sshd: Mar 24 01:42:20 [host] sshd[19015]: Failed passwor	2020-03-24 09:33:12
112.213.89.74	attackspambots	Observed brute-forces/probes into wordpress endpoints	2020-03-24 09:49:50
167.250.31.82	attackspambots	Mar 24 02:50:02 markkoudstaal sshd[27344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.250.31.82 Mar 24 02:50:04 markkoudstaal sshd[27344]: Failed password for invalid user bw from 167.250.31.82 port 36472 ssh2 Mar 24 02:54:41 markkoudstaal sshd[27931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.250.31.82	2020-03-24 10:02:01
129.204.50.75	attackbots	$f2bV_matches	2020-03-24 09:52:53
49.233.90.66	attack	$f2bV_matches_ltvn	2020-03-24 10:04:38
138.68.148.177	attackspam	Mar 24 01:02:12 OPSO sshd\[25497\]: Invalid user cole from 138.68.148.177 port 36974 Mar 24 01:02:12 OPSO sshd\[25497\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.148.177 Mar 24 01:02:14 OPSO sshd\[25497\]: Failed password for invalid user cole from 138.68.148.177 port 36974 ssh2 Mar 24 01:07:06 OPSO sshd\[26597\]: Invalid user bbbbb from 138.68.148.177 port 51874 Mar 24 01:07:06 OPSO sshd\[26597\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.148.177	2020-03-24 09:48:58

Recently Reported IPs

212.29.222.12	81.9.127.89	141.226.221.242	178.206.127.58
193.38.226.201	122.161.14.227	32.115.177.51	35.226.165.144
94.241.60.178	178.27.57.184	40.246.222.194	185.99.144.17
14.231.193.117	191.96.249.236	171.227.85.176	202.128.89.161
170.254.230.186	144.178.67.49	214.154.195.175	49.204.229.230