103.42.255.70 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
103.42.255.245	attackspambots	Automatic report - Port Scan Attack	2020-10-13 03:50:52
103.42.255.245	attack	Automatic report - Port Scan Attack	2020-10-12 19:25:19
103.42.255.152	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-11-01 17:00:37
103.42.255.99	attack	postfix	2019-10-11 02:21:32
103.42.255.99	attack	email spam	2019-10-03 17:30:00
103.42.255.104	attackspam	SPF Fail sender not permitted to send mail for @2lmn.com / Sent mail to target address hacked/leaked from abandonia in 2016	2019-09-27 20:12:03
103.42.255.99	attackspam	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 07:53:13
103.42.255.104	attackbots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 07:52:55
103.42.255.81	attack	Jul 8 10:54:05 our-server-hostname postfix/smtpd[16166]: connect from unknown[103.42.255.81] Jul 8 10:55:43 our-server-hostname postfix/smtpd[16166]: lost connection after MAIL from unknown[103.42.255.81] Jul 8 10:55:43 our-server-hostname postfix/smtpd[16166]: disconnect from unknown[103.42.255.81] Jul 8 12:00:27 our-server-hostname postfix/smtpd[12782]: connect from unknown[103.42.255.81] Jul x@x Jul x@x Jul x@x Jul 8 12:00:33 our-server-hostname postfix/smtpd[12782]: lost connection after RCPT from unknown[103.42.255.81] Jul 8 12:00:33 our-server-hostname postfix/smtpd[12782]: disconnect from unknown[103.42.255.81] Jul 8 15:44:25 our-server-hostname postfix/smtpd[15940]: connect from unknown[103.42.255.81] Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul 8 15:44:45 our-server-hostname postfix/smtpd[15940]: lost connection after RCPT from unknown[103.42.255.81] Jul 8 15........ -------------------------------	2019-07-08 17:57:11

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.42.255.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35592
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;103.42.255.70.			IN	A

;; AUTHORITY SECTION:
.			361	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 18:08:00 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 70.255.42.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 70.255.42.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.125.242.150	attackbotsspam	1576227293 - 12/13/2019 09:54:53 Host: 94.125.242.150/94.125.242.150 Port: 445 TCP Blocked	2019-12-13 16:56:14
192.241.183.220	attackspambots	Dec 12 22:12:29 php1 sshd\[14688\]: Invalid user babbles from 192.241.183.220 Dec 12 22:12:29 php1 sshd\[14688\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.183.220 Dec 12 22:12:31 php1 sshd\[14688\]: Failed password for invalid user babbles from 192.241.183.220 port 38074 ssh2 Dec 12 22:17:30 php1 sshd\[15199\]: Invalid user operator from 192.241.183.220 Dec 12 22:17:30 php1 sshd\[15199\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.183.220	2019-12-13 17:18:16
92.50.142.178	attackspambots	1576223227 - 12/13/2019 08:47:07 Host: 92.50.142.178/92.50.142.178 Port: 445 TCP Blocked	2019-12-13 17:06:08
52.12.212.60	attackspambots	Unauthorized connection attempt detected from IP address 52.12.212.60 to port 445	2019-12-13 17:19:18
36.255.53.1	attack	Unauthorized connection attempt from IP address 36.255.53.1 on Port 445(SMB)	2019-12-13 17:01:47
167.99.163.76	attackbotsspam	Triggered: repeated knocking on closed ports.	2019-12-13 17:26:16
103.3.46.97	attackbotsspam	Automatic report - XMLRPC Attack	2019-12-13 17:20:45
180.246.149.149	attackbots	445/tcp [2019-12-13]1pkt	2019-12-13 17:09:20
180.250.248.170	attack	Dec 13 09:48:12 legacy sshd[26521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.248.170 Dec 13 09:48:15 legacy sshd[26521]: Failed password for invalid user root123root from 180.250.248.170 port 48406 ssh2 Dec 13 09:55:57 legacy sshd[26989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.248.170 ...	2019-12-13 17:16:14
104.131.224.81	attackbots	Dec 13 10:01:47 sd-53420 sshd\[31227\]: Invalid user guennec from 104.131.224.81 Dec 13 10:01:47 sd-53420 sshd\[31227\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.224.81 Dec 13 10:01:49 sd-53420 sshd\[31227\]: Failed password for invalid user guennec from 104.131.224.81 port 40771 ssh2 Dec 13 10:07:03 sd-53420 sshd\[31586\]: Invalid user P455w0rd1 from 104.131.224.81 Dec 13 10:07:03 sd-53420 sshd\[31586\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.224.81 ...	2019-12-13 17:20:27
58.247.244.1	attackspam	Dec 13 08:47:14 vps339862 kernel: \[896008.460105\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:22:9b:64:31:28:de:08:00 SRC=58.247.244.1 DST=51.254.206.43 LEN=48 TOS=0x00 PREC=0x00 TTL=40 ID=0 DF PROTO=TCP SPT=80 DPT=60339 SEQ=3756440296 ACK=3848148240 WINDOW=29200 RES=0x00 ACK SYN URGP=0 OPT \(020405B401010402\) Dec 13 08:47:15 vps339862 kernel: \[896009.465816\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:22:9b:64:31:28:de:08:00 SRC=58.247.244.1 DST=51.254.206.43 LEN=48 TOS=0x00 PREC=0x00 TTL=40 ID=0 DF PROTO=TCP SPT=80 DPT=60339 SEQ=3756440296 ACK=3848148240 WINDOW=29200 RES=0x00 ACK SYN URGP=0 OPT \(020405B401010402\) Dec 13 08:47:15 vps339862 kernel: \[896009.489066\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:22:9b:64:31:28:de:08:00 SRC=58.247.244.1 DST=51.254.206.43 LEN=48 TOS=0x00 PREC=0x00 TTL=40 ID=0 DF PROTO=TCP SPT=80 DPT=60339 SEQ=3756440296 ACK=3848148240 WINDOW=29200 RES=0x00 ACK SYN URGP=0 OPT \(020405B401010402\) D ...	2019-12-13 16:53:10
200.54.255.253	attack	Dec 13 09:42:49 markkoudstaal sshd[17353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.54.255.253 Dec 13 09:42:51 markkoudstaal sshd[17353]: Failed password for invalid user dovecot from 200.54.255.253 port 60748 ssh2 Dec 13 09:49:41 markkoudstaal sshd[18038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.54.255.253	2019-12-13 17:03:47
134.175.154.93	attackspam	Dec 13 13:31:20 gw1 sshd[21336]: Failed password for news from 134.175.154.93 port 56434 ssh2 Dec 13 13:38:05 gw1 sshd[21537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.154.93 ...	2019-12-13 16:57:48
115.75.161.229	attack	1576223231 - 12/13/2019 08:47:11 Host: 115.75.161.229/115.75.161.229 Port: 445 TCP Blocked	2019-12-13 16:59:37
113.125.58.0	attack	Invalid user guest from 113.125.58.0 port 44678	2019-12-13 16:51:50

Recently Reported IPs

103.42.255.72	101.108.191.142	103.42.255.74	103.42.255.78
103.42.255.86	103.42.255.85	103.42.42.41	103.42.40.98
103.42.40.10	103.42.42.53	103.42.68.38	103.42.58.148
103.42.42.49	103.42.85.33	103.42.74.170	103.42.72.234
103.42.85.46	101.108.191.144	103.42.85.85	103.42.92.18