103.42.158.73 - IPInfo

Basic Info

City: Howrah

Region: West Bengal

Country: India

Internet Service Provider: Akashnet Broadband and Services Private Limited

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Mar 1 14:16:53 debian-2gb-nbg1-2 kernel: \[5327800.230257\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=103.42.158.73 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x20 TTL=44 ID=42309 PROTO=TCP SPT=52104 DPT=23 WINDOW=53392 RES=0x00 SYN URGP=0	2020-03-02 05:07:17

Type

Details

Datetime

attack

Mar  1 14:16:53 debian-2gb-nbg1-2 kernel: \[5327800.230257\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=103.42.158.73 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x20 TTL=44 ID=42309 PROTO=TCP SPT=52104 DPT=23 WINDOW=53392 RES=0x00 SYN URGP=0

2020-03-02 05:07:17

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.42.158.73
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39502
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.42.158.73.			IN	A

;; AUTHORITY SECTION:
.			318	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030101 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 02 05:07:13 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 73.158.42.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 73.158.42.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
171.83.14.187	attackbotsspam	Sep 7 11:56:38 ns37 sshd[9444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.83.14.187 Sep 7 11:56:40 ns37 sshd[9444]: Failed password for invalid user admin from 171.83.14.187 port 11566 ssh2 Sep 7 12:03:48 ns37 sshd[10267]: Failed password for root from 171.83.14.187 port 12751 ssh2	2020-09-07 18:22:24
87.255.25.165	attackbotsspam	2 VoIP Fraud Attacks in last 24 hours	2020-09-07 17:53:00
139.59.135.84	attackspam	Sep 7 10:04:28 ovpn sshd\[22015\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.135.84 user=root Sep 7 10:04:30 ovpn sshd\[22015\]: Failed password for root from 139.59.135.84 port 49936 ssh2 Sep 7 10:11:47 ovpn sshd\[23800\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.135.84 user=root Sep 7 10:11:49 ovpn sshd\[23800\]: Failed password for root from 139.59.135.84 port 44100 ssh2 Sep 7 10:16:44 ovpn sshd\[25013\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.135.84 user=root	2020-09-07 18:21:10
107.172.211.69	attack	2020-09-06 11:37:32.601708-0500 localhost smtpd[58387]: NOQUEUE: reject: RCPT from unknown[107.172.211.69]: 554 5.7.1 Service unavailable; Client host [107.172.211.69] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<00fd88f0.combatserous.co>	2020-09-07 17:52:15
222.186.175.169	attack	Sep 6 23:56:45 web9 sshd\[11461\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.169 user=root Sep 6 23:56:47 web9 sshd\[11461\]: Failed password for root from 222.186.175.169 port 65118 ssh2 Sep 6 23:56:50 web9 sshd\[11461\]: Failed password for root from 222.186.175.169 port 65118 ssh2 Sep 6 23:56:54 web9 sshd\[11461\]: Failed password for root from 222.186.175.169 port 65118 ssh2 Sep 6 23:56:57 web9 sshd\[11461\]: Failed password for root from 222.186.175.169 port 65118 ssh2	2020-09-07 18:02:22
123.206.95.243	attackspambots	$f2bV_matches	2020-09-07 17:57:59
34.80.168.36	attackspam	...	2020-09-07 17:55:09
131.108.158.227	attack	Autoban 131.108.158.227 AUTH/CONNECT	2020-09-07 18:03:56
192.227.223.165	attackbotsspam	Malicious/Probing: /wp-includes/wlwmanifest.xml	2020-09-07 18:00:11
168.151.116.105	attackspam	Automatic report - Banned IP Access	2020-09-07 18:10:06
45.146.252.30	attack	Port 22 Scan, PTR: None	2020-09-07 18:03:22
212.64.29.136	attackbotsspam	Sep 7 08:48:04 abendstille sshd\[1324\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.29.136 user=root Sep 7 08:48:06 abendstille sshd\[1324\]: Failed password for root from 212.64.29.136 port 55198 ssh2 Sep 7 08:52:23 abendstille sshd\[5263\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.29.136 user=root Sep 7 08:52:25 abendstille sshd\[5263\]: Failed password for root from 212.64.29.136 port 53528 ssh2 Sep 7 08:56:56 abendstille sshd\[9408\]: Invalid user gpadmin from 212.64.29.136 Sep 7 08:56:56 abendstille sshd\[9408\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.29.136 ...	2020-09-07 17:43:38
36.66.151.17	attack	Automatic Fail2ban report - Trying login SSH	2020-09-07 18:04:48
202.107.188.11	attackspam	Unauthorised access (Sep 7) SRC=202.107.188.11 LEN=60 TTL=54 ID=36576 DF TCP DPT=1433 WINDOW=14600 SYN Unauthorised access (Sep 7) SRC=202.107.188.11 LEN=60 TTL=54 ID=56959 DF TCP DPT=1433 WINDOW=14600 SYN	2020-09-07 17:52:34
164.52.24.177	attackbots	Port scan: Attack repeated for 24 hours	2020-09-07 18:20:43

Recently Reported IPs

204.106.249.87	2.62.249.79	123.142.128.153	166.253.41.230
149.155.5.27	99.25.126.76	178.43.81.19	107.175.89.157
221.159.243.134	107.135.232.235	90.10.45.108	189.121.100.217
60.111.74.198	84.48.255.17	103.185.73.166	27.74.115.247
92.56.97.174	99.112.227.52	114.184.2.178	85.1.51.104