103.31.109.54 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: Koperasi PRIMKOKAS

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Port scan: Attack repeated for 24 hours	2020-06-24 13:48:15

Comments on same subnet:

IP	Type	Details	Datetime
103.31.109.6	attackspambots	07/29/2020-23:51:56.477642 103.31.109.6 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-07-30 16:02:01
103.31.109.59	attackspam	Sending SPAM email	2020-02-06 03:00:18
103.31.109.205	attack	unauthorized connection attempt	2020-01-09 19:18:06
103.31.109.247	attack	postfix (unknown user, SPF fail or relay access denied)	2019-12-22 05:41:58
103.31.109.59	attackbots	email spam	2019-12-17 19:30:33
103.31.109.114	attack	Unauthorized connection attempt from IP address 103.31.109.114 on Port 445(SMB)	2019-11-27 00:19:29
103.31.109.194	attackbotsspam	Autoban 103.31.109.194 AUTH/CONNECT	2019-11-18 18:33:53
103.31.109.59	attackbots	Autoban 103.31.109.59 AUTH/CONNECT	2019-11-18 18:32:29
103.31.109.194	attackspambots	postfix (unknown user, SPF fail or relay access denied)	2019-11-08 16:21:28
103.31.109.247	attack	email spam	2019-11-07 21:46:23
103.31.109.59	attack	Mail sent to address hacked/leaked from atari.st	2019-09-13 23:41:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.31.109.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18125
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.31.109.54.			IN	A

;; AUTHORITY SECTION:
.			413	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062400 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 24 13:48:08 CST 2020
;; MSG SIZE  rcvd: 117

Host info

54.109.31.103.in-addr.arpa domain name pointer ip-cyberk-109-54.primkokas.co.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
54.109.31.103.in-addr.arpa	name = ip-cyberk-109-54.primkokas.co.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.49.231.130	attackbots	" "	2019-09-21 14:24:17
182.61.46.191	attackbots	Sep 20 19:58:31 auw2 sshd\[16798\]: Invalid user rpm from 182.61.46.191 Sep 20 19:58:31 auw2 sshd\[16798\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.46.191 Sep 20 19:58:33 auw2 sshd\[16798\]: Failed password for invalid user rpm from 182.61.46.191 port 59296 ssh2 Sep 20 20:03:39 auw2 sshd\[17436\]: Invalid user neelima from 182.61.46.191 Sep 20 20:03:39 auw2 sshd\[17436\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.46.191	2019-09-21 14:28:25
80.211.16.26	attack	Sep 20 19:58:12 web9 sshd\[5937\]: Invalid user maria from 80.211.16.26 Sep 20 19:58:12 web9 sshd\[5937\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.16.26 Sep 20 19:58:14 web9 sshd\[5937\]: Failed password for invalid user maria from 80.211.16.26 port 43746 ssh2 Sep 20 20:02:26 web9 sshd\[6677\]: Invalid user gitolite from 80.211.16.26 Sep 20 20:02:26 web9 sshd\[6677\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.16.26	2019-09-21 14:03:45
171.217.161.77	attack	Sep 21 08:31:27 plex sshd[28194]: Invalid user weldon from 171.217.161.77 port 54382	2019-09-21 14:31:49
190.215.112.122	attack	Sep 21 08:57:56 taivassalofi sshd[8352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.215.112.122 Sep 21 08:57:58 taivassalofi sshd[8352]: Failed password for invalid user crimson from 190.215.112.122 port 33848 ssh2 ...	2019-09-21 14:00:18
54.36.148.90	attackbots	Automatic report - Banned IP Access	2019-09-21 14:13:47
107.170.63.221	attackbots	$f2bV_matches	2019-09-21 13:48:00
180.96.69.215	attack	Sep 21 07:44:48 SilenceServices sshd[10674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.96.69.215 Sep 21 07:44:50 SilenceServices sshd[10674]: Failed password for invalid user aa123456 from 180.96.69.215 port 48264 ssh2 Sep 21 07:48:54 SilenceServices sshd[11833]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.96.69.215	2019-09-21 13:50:27
112.85.42.232	attackbots	19/9/21@02:06:58: FAIL: IoT-SSH address from=112.85.42.232 ...	2019-09-21 14:09:29
106.51.73.204	attackbots	Sep 21 07:29:09 mail sshd\[32734\]: Invalid user namote from 106.51.73.204 port 2219 Sep 21 07:29:09 mail sshd\[32734\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.73.204 Sep 21 07:29:11 mail sshd\[32734\]: Failed password for invalid user namote from 106.51.73.204 port 2219 ssh2 Sep 21 07:33:58 mail sshd\[698\]: Invalid user administrator from 106.51.73.204 port 42084 Sep 21 07:33:58 mail sshd\[698\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.73.204	2019-09-21 13:50:39
46.101.103.207	attack	Sep 20 19:46:31 auw2 sshd\[15714\]: Invalid user sgyuri from 46.101.103.207 Sep 20 19:46:31 auw2 sshd\[15714\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.103.207 Sep 20 19:46:34 auw2 sshd\[15714\]: Failed password for invalid user sgyuri from 46.101.103.207 port 36938 ssh2 Sep 20 19:50:48 auw2 sshd\[16091\]: Invalid user webmaster from 46.101.103.207 Sep 20 19:50:48 auw2 sshd\[16091\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.103.207	2019-09-21 13:55:51
118.24.83.41	attackspambots	Sep 20 19:39:57 tdfoods sshd\[29388\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.83.41 user=backup Sep 20 19:39:58 tdfoods sshd\[29388\]: Failed password for backup from 118.24.83.41 port 56122 ssh2 Sep 20 19:45:19 tdfoods sshd\[29877\]: Invalid user courses from 118.24.83.41 Sep 20 19:45:19 tdfoods sshd\[29877\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.83.41 Sep 20 19:45:21 tdfoods sshd\[29877\]: Failed password for invalid user courses from 118.24.83.41 port 43172 ssh2	2019-09-21 13:58:05
80.20.125.243	attackbots	Sep 20 19:57:00 sachi sshd\[26091\]: Invalid user anna from 80.20.125.243 Sep 20 19:57:00 sachi sshd\[26091\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host243-125-static.20-80-b.business.telecomitalia.it Sep 20 19:57:02 sachi sshd\[26091\]: Failed password for invalid user anna from 80.20.125.243 port 43762 ssh2 Sep 20 20:01:56 sachi sshd\[26485\]: Invalid user anto from 80.20.125.243 Sep 20 20:01:56 sachi sshd\[26485\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host243-125-static.20-80-b.business.telecomitalia.it	2019-09-21 14:11:27
218.92.0.154	attackbots	Sep 21 06:20:50 root sshd[7100]: Failed password for root from 218.92.0.154 port 11896 ssh2 Sep 21 06:20:54 root sshd[7100]: Failed password for root from 218.92.0.154 port 11896 ssh2 Sep 21 06:20:59 root sshd[7100]: Failed password for root from 218.92.0.154 port 11896 ssh2 Sep 21 06:21:03 root sshd[7100]: Failed password for root from 218.92.0.154 port 11896 ssh2 ...	2019-09-21 14:07:13
116.0.148.155	attack	Unauthorised access (Sep 21) SRC=116.0.148.155 LEN=40 TTL=47 ID=60302 TCP DPT=8080 WINDOW=22 SYN	2019-09-21 14:00:45

Recently Reported IPs

233.41.225.60	69.194.129.165	81.215.214.145	138.214.76.79
86.12.88.96	188.158.2.86	150.252.102.85	30.234.46.191
178.249.117.56	192.168.254.12	44.87.211.179	87.23.191.211
73.153.246.88	166.92.22.142	142.44.240.82	152.10.214.66
184.210.180.249	108.224.234.105	9.180.161.33	210.128.56.80