103.78.39.242 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT. Mora Telematika Indonesia

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Sat, 20 Jul 2019 21:55:12 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-21 11:10:13

Comments on same subnet:

IP	Type	Details	Datetime
103.78.39.90	attackbotsspam	Port probing on unauthorized port 445	2020-06-20 02:24:55
103.78.39.106	attackbotsspam	$f2bV_matches	2020-06-11 17:07:05
103.78.39.106	attackbotsspam	Jun 8 09:18:16 ns381471 sshd[29148]: Failed password for root from 103.78.39.106 port 37902 ssh2	2020-06-08 15:52:49
103.78.39.106	attackbots	May 31 04:52:49 serwer sshd\[2119\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.78.39.106 user=root May 31 04:52:51 serwer sshd\[2119\]: Failed password for root from 103.78.39.106 port 47396 ssh2 May 31 04:56:40 serwer sshd\[2438\]: Invalid user oracle from 103.78.39.106 port 52150 May 31 04:56:40 serwer sshd\[2438\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.78.39.106 May 31 04:56:41 serwer sshd\[2438\]: Failed password for invalid user oracle from 103.78.39.106 port 52150 ssh2 May 31 05:00:35 serwer sshd\[2812\]: Invalid user test from 103.78.39.106 port 56910 May 31 05:00:35 serwer sshd\[2812\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.78.39.106 May 31 05:00:37 serwer sshd\[2812\]: Failed password for invalid user test from 103.78.39.106 port 56910 ssh2 May 31 05:04:26 serwer sshd\[3048\]: Invalid user sysadmin from 103.78.3 ...	2020-06-01 22:49:03
103.78.39.106	attackbotsspam	May 25 00:39:53 ny01 sshd[18658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.78.39.106 May 25 00:39:56 ny01 sshd[18658]: Failed password for invalid user horsfield from 103.78.39.106 port 60352 ssh2 May 25 00:43:58 ny01 sshd[19164]: Failed password for root from 103.78.39.106 port 35116 ssh2	2020-05-25 14:02:35
103.78.39.106	attack	Auto Fail2Ban report, multiple SSH login attempts.	2020-05-21 22:22:57
103.78.39.106	attackspambots	Invalid user cah from 103.78.39.106 port 43758	2020-05-20 02:01:52
103.78.39.106	attack	May 15 04:57:51 ip-172-31-62-245 sshd\[15928\]: Invalid user phpbb from 103.78.39.106\ May 15 04:57:53 ip-172-31-62-245 sshd\[15928\]: Failed password for invalid user phpbb from 103.78.39.106 port 35734 ssh2\ May 15 04:59:46 ip-172-31-62-245 sshd\[15932\]: Invalid user cleo from 103.78.39.106\ May 15 04:59:49 ip-172-31-62-245 sshd\[15932\]: Failed password for invalid user cleo from 103.78.39.106 port 51288 ssh2\ May 15 05:01:06 ip-172-31-62-245 sshd\[15940\]: Invalid user gus from 103.78.39.106\	2020-05-15 13:31:45
103.78.39.106	attackspambots	May 7 07:35:37 pkdns2 sshd\[37124\]: Invalid user od from 103.78.39.106May 7 07:35:38 pkdns2 sshd\[37124\]: Failed password for invalid user od from 103.78.39.106 port 41348 ssh2May 7 07:39:09 pkdns2 sshd\[37269\]: Invalid user dm from 103.78.39.106May 7 07:39:11 pkdns2 sshd\[37269\]: Failed password for invalid user dm from 103.78.39.106 port 37958 ssh2May 7 07:42:45 pkdns2 sshd\[37449\]: Invalid user sam from 103.78.39.106May 7 07:42:47 pkdns2 sshd\[37449\]: Failed password for invalid user sam from 103.78.39.106 port 34566 ssh2 ...	2020-05-07 12:47:52
103.78.39.106	attackbotsspam	May 5 04:42:44 piServer sshd[6420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.78.39.106 May 5 04:42:46 piServer sshd[6420]: Failed password for invalid user dome from 103.78.39.106 port 54314 ssh2 May 5 04:47:07 piServer sshd[8212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.78.39.106 ...	2020-05-05 14:29:37
103.78.39.38	attackbotsspam	Attempted connection to port 445.	2020-03-09 19:01:15
103.78.39.59	attack	Unauthorized connection attempt detected from IP address 103.78.39.59 to port 139 [J]	2020-02-02 10:18:19

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.78.39.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10524
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.78.39.242.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072001 1800 900 604800 86400

;; Query time: 6 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 21 11:10:06 CST 2019
;; MSG SIZE  rcvd: 117

Host info

242.39.78.103.in-addr.arpa domain name pointer ip-103-78-39-242.moratelindo.net.id.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
242.39.78.103.in-addr.arpa	name = ip-103-78-39-242.moratelindo.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
91.134.150.128	attack	Jun 6 01:34:34 debian-2gb-nbg1-2 kernel: \[13658825.209416\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=91.134.150.128 DST=195.201.40.59 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=65398 PROTO=TCP SPT=46379 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0	2020-06-06 07:46:15
51.178.50.98	attackspambots	SSH brute-force attempt	2020-06-06 07:48:57
99.84.112.109	attackspam	ET INFO TLS Handshake Failure - port: 59150 proto: TCP cat: Potentially Bad Traffic	2020-06-06 07:57:23
200.53.21.59	attackspam	Honeypot attack, port: 445, PTR: 200-53-21-59.acessoline.net.br.	2020-06-06 07:34:07
89.248.168.220	attackspam	TCP (SYN) 89.248.168.220:51396 -> port 34959, len 44	2020-06-06 08:02:27
163.44.151.51	attack	$f2bV_matches	2020-06-06 07:40:34
203.6.149.195	attackspam	$f2bV_matches	2020-06-06 07:38:34
178.128.162.10	attack	Jun 6 01:32:29 legacy sshd[12898]: Failed password for root from 178.128.162.10 port 46208 ssh2 Jun 6 01:35:41 legacy sshd[13007]: Failed password for root from 178.128.162.10 port 48272 ssh2 ...	2020-06-06 07:39:59
116.197.133.31	attack	Honeypot attack, port: 445, PTR: rsvania-31-133.fiber.net.id.	2020-06-06 07:32:19
69.245.71.26	attackspambots	SSH Brute Force	2020-06-06 07:47:42
91.207.175.154	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 88 - port: 11211 proto: TCP cat: Misc Attack	2020-06-06 08:01:58
94.232.40.6	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 93 - port: 33389 proto: TCP cat: Misc Attack	2020-06-06 07:58:29
189.190.59.131	attackbotsspam	2020-06-05T18:14:19.306477devel sshd[5513]: Failed password for root from 189.190.59.131 port 37284 ssh2 2020-06-05T18:16:15.982133devel sshd[5804]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.190.59.131 user=root 2020-06-05T18:16:17.494775devel sshd[5804]: Failed password for root from 189.190.59.131 port 43086 ssh2	2020-06-06 07:35:28
91.241.19.135	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 88 - port: 5900 proto: TCP cat: Misc Attack	2020-06-06 08:01:31
68.183.55.223	attackspambots	TCP (SYN) 68.183.55.223:59376 -> port 13354, len 44	2020-06-06 08:05:55

Recently Reported IPs

46.41.121.193	37.249.96.116	36.90.209.208	222.252.30.97
189.145.127.200	61.223.128.131	36.69.184.97	197.61.230.120
180.247.176.155	112.135.250.11	238.183.59.218	49.231.153.147
189.124.82.24	176.108.100.96	64.91.235.8	14.167.77.86
1.10.160.83	190.186.103.150	181.174.102.58	123.201.226.204