103.42.255.104

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT. Gomeds Network

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	SPF Fail sender not permitted to send mail for @2lmn.com / Sent mail to target address hacked/leaked from abandonia in 2016	2019-09-27 20:12:03
attackbots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 07:52:55

Comments on same subnet:

IP	Type	Details	Datetime
103.42.255.245	attackspambots	Automatic report - Port Scan Attack	2020-10-13 03:50:52
103.42.255.245	attack	Automatic report - Port Scan Attack	2020-10-12 19:25:19
103.42.255.152	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-11-01 17:00:37
103.42.255.99	attack	postfix	2019-10-11 02:21:32
103.42.255.99	attack	email spam	2019-10-03 17:30:00
103.42.255.99	attackspam	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 07:53:13
103.42.255.81	attack	Jul 8 10:54:05 our-server-hostname postfix/smtpd[16166]: connect from unknown[103.42.255.81] Jul 8 10:55:43 our-server-hostname postfix/smtpd[16166]: lost connection after MAIL from unknown[103.42.255.81] Jul 8 10:55:43 our-server-hostname postfix/smtpd[16166]: disconnect from unknown[103.42.255.81] Jul 8 12:00:27 our-server-hostname postfix/smtpd[12782]: connect from unknown[103.42.255.81] Jul x@x Jul x@x Jul x@x Jul 8 12:00:33 our-server-hostname postfix/smtpd[12782]: lost connection after RCPT from unknown[103.42.255.81] Jul 8 12:00:33 our-server-hostname postfix/smtpd[12782]: disconnect from unknown[103.42.255.81] Jul 8 15:44:25 our-server-hostname postfix/smtpd[15940]: connect from unknown[103.42.255.81] Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul 8 15:44:45 our-server-hostname postfix/smtpd[15940]: lost connection after RCPT from unknown[103.42.255.81] Jul 8 15........ -------------------------------	2019-07-08 17:57:11

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.42.255.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11415
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.42.255.104.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080503 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 06 07:52:51 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 104.255.42.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 104.255.42.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
83.239.80.118	attackspam	'IP reached maximum auth failures for a one day block'	2020-03-03 03:57:06
43.249.54.162	attackbots	Unauthorized connection attempt from IP address 43.249.54.162 on Port 445(SMB)	2020-03-03 04:19:56
185.175.93.104	attackbots	03/02/2020-14:36:49.442458 185.175.93.104 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-03-03 04:03:23
218.92.0.173	attackbotsspam	Mar 2 20:51:00 minden010 sshd[6453]: Failed password for root from 218.92.0.173 port 24490 ssh2 Mar 2 20:51:03 minden010 sshd[6453]: Failed password for root from 218.92.0.173 port 24490 ssh2 Mar 2 20:51:06 minden010 sshd[6453]: Failed password for root from 218.92.0.173 port 24490 ssh2 Mar 2 20:51:10 minden010 sshd[6453]: Failed password for root from 218.92.0.173 port 24490 ssh2 ...	2020-03-03 04:05:17
82.80.176.84	attackspambots	Unauthorized connection attempt detected from IP address 82.80.176.84 to port 23 [J]	2020-03-03 03:58:49
222.186.30.167	attackspambots	2020-03-02T20:55:59.347148scmdmz1 sshd[10567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root 2020-03-02T20:56:00.710649scmdmz1 sshd[10567]: Failed password for root from 222.186.30.167 port 38947 ssh2 2020-03-02T20:56:03.432287scmdmz1 sshd[10567]: Failed password for root from 222.186.30.167 port 38947 ssh2 2020-03-02T20:55:59.347148scmdmz1 sshd[10567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root 2020-03-02T20:56:00.710649scmdmz1 sshd[10567]: Failed password for root from 222.186.30.167 port 38947 ssh2 2020-03-02T20:56:03.432287scmdmz1 sshd[10567]: Failed password for root from 222.186.30.167 port 38947 ssh2 2020-03-02T20:55:59.347148scmdmz1 sshd[10567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root 2020-03-02T20:56:00.710649scmdmz1 sshd[10567]: Failed password for root from 222.186.30.167 port 38947 ssh2 2	2020-03-03 03:56:29
222.186.3.249	attackbots	Mar 2 20:36:59 vps691689 sshd[18401]: Failed password for root from 222.186.3.249 port 47827 ssh2 Mar 2 20:39:07 vps691689 sshd[18492]: Failed password for root from 222.186.3.249 port 60545 ssh2 ...	2020-03-03 03:54:40
49.213.192.173	attackbots	Unauthorized connection attempt detected from IP address 49.213.192.173 to port 23 [J]	2020-03-03 03:59:46
113.193.226.66	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-03 04:25:00
14.171.255.236	attack	Unauthorized connection attempt from IP address 14.171.255.236 on Port 445(SMB)	2020-03-03 04:10:08
54.37.67.144	attackbots	Mar 2 16:17:44 server sshd\[22717\]: Failed password for invalid user ts4 from 54.37.67.144 port 44916 ssh2 Mar 2 22:18:31 server sshd\[23451\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.ip-54-37-67.eu user=root Mar 2 22:18:32 server sshd\[23451\]: Failed password for root from 54.37.67.144 port 58210 ssh2 Mar 2 22:26:23 server sshd\[25020\]: Invalid user mella from 54.37.67.144 Mar 2 22:26:23 server sshd\[25020\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.ip-54-37-67.eu ...	2020-03-03 04:17:25
51.77.147.95	attackbotsspam	SSH login attempts.	2020-03-03 04:30:32
201.49.227.242	attackbots	Honeypot Attack, Port 23	2020-03-03 04:02:27
189.87.101.154	attackbotsspam	Unauthorized connection attempt from IP address 189.87.101.154 on Port 445(SMB)	2020-03-03 04:23:36
45.224.105.80	attackbots	Unauthorized connection attempt from IP address 45.224.105.80 on Port 143(IMAP)	2020-03-03 04:01:37

Recently Reported IPs

103.232.66.162	103.232.66.107	103.232.65.66	103.232.65.58
103.232.64.226	103.231.137.62	110.186.169.90	103.229.86.180
103.229.46.61	103.229.46.10	103.228.119.69	1.122.9.61
164.15.236.254	103.228.118.181	29.254.211.57	103.228.117.81
103.226.143.6	103.220.6.254	103.219.187.55	103.217.244.177