103.54.225.10 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Kereta Api Indonesia

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH Brute Force	2020-04-29 13:44:30
attackspambots	SSH Brute Force	2019-11-01 12:12:05
attack	Aug 28 15:04:11 hiderm sshd\[16639\]: Invalid user telma from 103.54.225.10 Aug 28 15:04:11 hiderm sshd\[16639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=asav1.kereta-api.co.id Aug 28 15:04:13 hiderm sshd\[16639\]: Failed password for invalid user telma from 103.54.225.10 port 10400 ssh2 Aug 28 15:09:06 hiderm sshd\[17233\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=asav1.kereta-api.co.id user=root Aug 28 15:09:08 hiderm sshd\[17233\]: Failed password for root from 103.54.225.10 port 10400 ssh2	2019-08-29 09:28:06
attack	Aug 27 19:24:01 srv-4 sshd\[25076\]: Invalid user kdh from 103.54.225.10 Aug 27 19:24:01 srv-4 sshd\[25076\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.54.225.10 Aug 27 19:24:03 srv-4 sshd\[25076\]: Failed password for invalid user kdh from 103.54.225.10 port 10400 ssh2 ...	2019-08-28 01:09:02
attack	Aug 27 02:08:53 hb sshd\[4047\]: Invalid user ter from 103.54.225.10 Aug 27 02:08:53 hb sshd\[4047\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=asav1.kereta-api.co.id Aug 27 02:08:55 hb sshd\[4047\]: Failed password for invalid user ter from 103.54.225.10 port 10400 ssh2 Aug 27 02:13:54 hb sshd\[4481\]: Invalid user nan from 103.54.225.10 Aug 27 02:13:54 hb sshd\[4481\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=asav1.kereta-api.co.id	2019-08-27 10:26:06
attackbotsspam	Jun 26 14:49:42 db sshd\[6115\]: Invalid user csgoserver from 103.54.225.10 Jun 26 14:49:43 db sshd\[6115\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=asav1.kereta-api.co.id Jun 26 14:49:44 db sshd\[6115\]: Failed password for invalid user csgoserver from 103.54.225.10 port 10400 ssh2 Jun 26 14:52:30 db sshd\[6146\]: Invalid user testuser from 103.54.225.10 Jun 26 14:52:30 db sshd\[6146\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=asav1.kereta-api.co.id ...	2019-06-26 23:11:04

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.54.225.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38930
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.54.225.10.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 26 23:10:56 CST 2019
;; MSG SIZE  rcvd: 117

Host info

10.225.54.103.in-addr.arpa domain name pointer asav1.kereta-api.co.id.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
10.225.54.103.in-addr.arpa	name = asav1.kereta-api.co.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
165.16.166.148	attackbots	Port 22 Scan, PTR: PTR record not found	2020-03-21 00:14:14
150.109.203.21	attackbotsspam	Port probing on unauthorized port 3299	2020-03-21 00:07:02
51.255.132.213	attackbots	Mar 20 16:09:52 DAAP sshd[348]: Invalid user maysoft from 51.255.132.213 port 43522 Mar 20 16:09:52 DAAP sshd[348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.132.213 Mar 20 16:09:52 DAAP sshd[348]: Invalid user maysoft from 51.255.132.213 port 43522 Mar 20 16:09:54 DAAP sshd[348]: Failed password for invalid user maysoft from 51.255.132.213 port 43522 ssh2 Mar 20 16:17:01 DAAP sshd[441]: Invalid user dev from 51.255.132.213 port 40366 ...	2020-03-21 00:38:27
59.125.155.119	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 40 - port: 5555 proto: TCP cat: Misc Attack	2020-03-21 00:00:00
80.82.78.100	attack	80.82.78.100 was recorded 18 times by 10 hosts attempting to connect to the following ports: 1023,1027,1030. Incident counter (4h, 24h, all-time): 18, 68, 22097	2020-03-20 23:55:17
112.85.42.178	attackspambots	Mar 20 13:45:21 firewall sshd[767]: Failed password for root from 112.85.42.178 port 3308 ssh2 Mar 20 13:45:24 firewall sshd[767]: Failed password for root from 112.85.42.178 port 3308 ssh2 Mar 20 13:45:28 firewall sshd[767]: Failed password for root from 112.85.42.178 port 3308 ssh2 ...	2020-03-21 00:49:02
78.186.121.146	attackbots	Automatic report - Port Scan Attack	2020-03-21 01:00:47
79.124.62.51	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 63 - port: 4245 proto: TCP cat: Misc Attack	2020-03-20 23:58:59
213.154.16.234	attackspam	TCP src-port=53861 dst-port=25 Listed on dnsbl-sorbs abuseat-org barracuda (Project Honey Pot rated Suspicious) (268)	2020-03-21 01:01:44
164.132.51.91	attack	Automatic report - Banned IP Access	2020-03-21 00:52:58
218.92.0.173	attack	Mar 20 13:08:48 firewall sshd[31266]: Failed password for root from 218.92.0.173 port 10594 ssh2 Mar 20 13:08:48 firewall sshd[31266]: error: maximum authentication attempts exceeded for root from 218.92.0.173 port 10594 ssh2 [preauth] Mar 20 13:08:48 firewall sshd[31266]: Disconnecting: Too many authentication failures [preauth] ...	2020-03-21 00:13:03
121.241.244.92	attack	Mar 20 17:31:28 srv-ubuntu-dev3 sshd[20910]: Invalid user be from 121.241.244.92 Mar 20 17:31:28 srv-ubuntu-dev3 sshd[20910]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.241.244.92 Mar 20 17:31:28 srv-ubuntu-dev3 sshd[20910]: Invalid user be from 121.241.244.92 Mar 20 17:31:30 srv-ubuntu-dev3 sshd[20910]: Failed password for invalid user be from 121.241.244.92 port 60996 ssh2 Mar 20 17:35:21 srv-ubuntu-dev3 sshd[21470]: Invalid user install from 121.241.244.92 Mar 20 17:35:21 srv-ubuntu-dev3 sshd[21470]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.241.244.92 Mar 20 17:35:21 srv-ubuntu-dev3 sshd[21470]: Invalid user install from 121.241.244.92 Mar 20 17:35:23 srv-ubuntu-dev3 sshd[21470]: Failed password for invalid user install from 121.241.244.92 port 49137 ssh2 Mar 20 17:39:10 srv-ubuntu-dev3 sshd[22103]: Invalid user pl from 121.241.244.92 ...	2020-03-21 00:46:25
14.29.250.133	attack	Mar 20 10:06:11 firewall sshd[23384]: Invalid user ma from 14.29.250.133 Mar 20 10:06:13 firewall sshd[23384]: Failed password for invalid user ma from 14.29.250.133 port 51726 ssh2 Mar 20 10:11:52 firewall sshd[23588]: Invalid user sinus from 14.29.250.133 ...	2020-03-21 00:53:47
118.173.181.0	attackbotsspam	1584709918 - 03/20/2020 14:11:58 Host: 118.173.181.0/118.173.181.0 Port: 445 TCP Blocked	2020-03-21 00:49:28
159.65.41.104	attackspambots	Mar 20 16:30:11 hosting180 sshd[29597]: Invalid user ubuntu from 159.65.41.104 port 41314 ...	2020-03-21 00:32:38

Recently Reported IPs

93.74.130.226	152.178.133.199	88.255.138.75	174.104.244.96
162.211.139.118	78.187.228.11	153.30.39.241	126.103.232.61
96.5.182.22	250.137.109.16	162.158.182.164	230.180.64.102
27.193.98.175	70.219.233.152	94.202.108.131	162.158.183.145
117.167.141.179	38.117.219.166	162.158.182.134	93.217.228.111