103.91.2.242 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
103.91.210.9	attackspam	Sep 21 14:12:29 ns382633 sshd\[22043\]: Invalid user deploy from 103.91.210.9 port 54478 Sep 21 14:12:29 ns382633 sshd\[22043\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.91.210.9 Sep 21 14:12:31 ns382633 sshd\[22043\]: Failed password for invalid user deploy from 103.91.210.9 port 54478 ssh2 Sep 21 14:29:43 ns382633 sshd\[25259\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.91.210.9 user=root Sep 21 14:29:45 ns382633 sshd\[25259\]: Failed password for root from 103.91.210.9 port 47286 ssh2	2020-09-21 20:56:50
103.91.210.9	attack	2020-09-20T17:58:53.173493morrigan.ad5gb.com sshd[1042569]: Disconnected from invalid user sftp 103.91.210.9 port 34436 [preauth]	2020-09-21 12:46:27
103.91.210.9	attackbotsspam	103.91.210.9 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 20 12:51:01 server sshd[16744]: Failed password for root from 211.95.84.146 port 43668 ssh2 Sep 20 12:58:31 server sshd[18467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.245.218.48 user=root Sep 20 13:03:22 server sshd[19648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.91.210.9 user=root Sep 20 12:53:09 server sshd[17299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.56.140.62 user=root Sep 20 12:53:11 server sshd[17299]: Failed password for root from 58.56.140.62 port 26818 ssh2 IP Addresses Blocked: 211.95.84.146 (CN/China/-) 162.245.218.48 (US/United States/-)	2020-09-21 04:37:52
103.91.210.208	attackbots	Unwanted checking 80 or 443 port ...	2020-09-20 20:32:03
103.91.210.208	attack	Unwanted checking 80 or 443 port ...	2020-09-20 12:27:54
103.91.210.208	attackspambots	Unwanted checking 80 or 443 port ...	2020-09-20 04:26:31
103.91.210.9	attackspam	(sshd) Failed SSH login from 103.91.210.9 (CN/China/Beijing/Beijing/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 10 14:11:42 atlas sshd[27489]: Invalid user user from 103.91.210.9 port 46646 Sep 10 14:11:44 atlas sshd[27489]: Failed password for invalid user user from 103.91.210.9 port 46646 ssh2 Sep 10 14:36:39 atlas sshd[815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.91.210.9 user=root Sep 10 14:36:41 atlas sshd[815]: Failed password for root from 103.91.210.9 port 49034 ssh2 Sep 10 14:43:41 atlas sshd[2417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.91.210.9 user=root	2020-09-11 03:14:09
103.91.210.9	attackbots	$f2bV_matches	2020-09-10 18:42:40
103.91.209.222	attack	Unauthorised login to NAS	2020-09-08 01:46:43
103.91.209.222	attackspam	Unauthorised login to NAS	2020-09-07 17:12:03
103.91.206.77	attackspambots	Aug 21 22:21:55 web1 pure-ftpd: $\?@103.91.206.77$ \[WARNING\] Authentication failed for user \[user\] Aug 21 22:22:00 web1 pure-ftpd: $\?@103.91.206.77$ \[WARNING\] Authentication failed for user \[user\] Aug 21 22:22:05 web1 pure-ftpd: $\?@103.91.206.77$ \[WARNING\] Authentication failed for user \[user\]	2020-08-22 07:35:47
103.91.208.233	attack	Attack to wordpress xmlrpc	2020-08-17 08:08:26
103.91.208.151	attackbots	Automatic report - Banned IP Access	2020-07-10 18:06:04
103.91.219.232	attackbotsspam	Jun 18 02:17:16 firewall sshd[4241]: Failed password for invalid user adam from 103.91.219.232 port 34248 ssh2 Jun 18 02:25:09 firewall sshd[4442]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.91.219.232 user=root Jun 18 02:25:11 firewall sshd[4442]: Failed password for root from 103.91.219.232 port 54276 ssh2 ...	2020-06-18 13:42:52
103.91.232.18	attack	Unauthorized connection attempt detected from IP address 103.91.232.18 to port 445	2020-05-13 04:05:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.91.2.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24168
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;103.91.2.242.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025012501 1800 900 604800 86400

;; Query time: 35 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 26 12:43:52 CST 2025
;; MSG SIZE  rcvd: 105

Host info

242.2.91.103.in-addr.arpa domain name pointer 242.2.91.103.cni.net.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
242.2.91.103.in-addr.arpa	name = 242.2.91.103.cni.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.176.27.54	attack	05/08/2020-22:10:49.150283 185.176.27.54 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-05-09 16:34:48
36.111.181.204	attack	May 9 03:19:07 hosting sshd[3477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.111.181.204 user=root May 9 03:19:09 hosting sshd[3477]: Failed password for root from 36.111.181.204 port 55596 ssh2 ...	2020-05-09 16:45:29
187.174.219.142	attackspam	May 9 04:33:43 vps639187 sshd\[23663\]: Invalid user cyk from 187.174.219.142 port 44764 May 9 04:33:43 vps639187 sshd\[23663\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.174.219.142 May 9 04:33:46 vps639187 sshd\[23663\]: Failed password for invalid user cyk from 187.174.219.142 port 44764 ssh2 ...	2020-05-09 16:22:26
162.204.50.21	attackbotsspam	May 9 03:15:15 inter-technics sshd[26228]: Invalid user ck from 162.204.50.21 port 25329 May 9 03:15:15 inter-technics sshd[26228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.204.50.21 May 9 03:15:15 inter-technics sshd[26228]: Invalid user ck from 162.204.50.21 port 25329 May 9 03:15:17 inter-technics sshd[26228]: Failed password for invalid user ck from 162.204.50.21 port 25329 ssh2 May 9 03:22:12 inter-technics sshd[27000]: Invalid user rajjat from 162.204.50.21 port 3229 ...	2020-05-09 16:30:23
88.95.191.31	attack	Unauthorized connection attempt detected from IP address 88.95.191.31 to port 23	2020-05-09 16:23:44
195.154.133.163	attackspam	195.154.133.163 - - [09/May/2020:06:48:30 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2" ...	2020-05-09 16:54:14
150.109.150.77	attack	May 9 04:08:52 minden010 sshd[16818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.150.77 May 9 04:08:54 minden010 sshd[16818]: Failed password for invalid user jimmy from 150.109.150.77 port 44722 ssh2 May 9 04:12:39 minden010 sshd[19168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.150.77 ...	2020-05-09 16:24:05
193.228.91.108	attackbots	Unauthorized access on Port 22 [ssh]	2020-05-09 16:54:36
104.248.122.143	attackbots	May 9 04:35:59 buvik sshd[16842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.122.143 May 9 04:36:02 buvik sshd[16842]: Failed password for invalid user cff from 104.248.122.143 port 42880 ssh2 May 9 04:40:15 buvik sshd[17499]: Invalid user jcm from 104.248.122.143 ...	2020-05-09 17:07:20
222.186.180.130	attackbots	May 9 04:54:26 santamaria sshd\[14323\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.130 user=root May 9 04:54:28 santamaria sshd\[14323\]: Failed password for root from 222.186.180.130 port 20656 ssh2 May 9 04:54:30 santamaria sshd\[14323\]: Failed password for root from 222.186.180.130 port 20656 ssh2 ...	2020-05-09 16:37:02
162.243.144.193	attack	20/5/8@20:31:36: FAIL: Alarm-SSH address from=162.243.144.193 ...	2020-05-09 16:56:54
122.166.237.117	attackbotsspam	May 9 04:48:58 sso sshd[25199]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.166.237.117 May 9 04:49:01 sso sshd[25199]: Failed password for invalid user ok from 122.166.237.117 port 33237 ssh2 ...	2020-05-09 16:27:32
45.172.108.67	attackbots	2020-05-09T11:49:28.539911vivaldi2.tree2.info sshd[12413]: Failed password for root from 45.172.108.67 port 40908 ssh2 2020-05-09T11:52:23.156215vivaldi2.tree2.info sshd[12597]: Invalid user isabelle from 45.172.108.67 2020-05-09T11:52:23.170589vivaldi2.tree2.info sshd[12597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.172.108.67 2020-05-09T11:52:23.156215vivaldi2.tree2.info sshd[12597]: Invalid user isabelle from 45.172.108.67 2020-05-09T11:52:25.488452vivaldi2.tree2.info sshd[12597]: Failed password for invalid user isabelle from 45.172.108.67 port 44914 ssh2 ...	2020-05-09 16:49:05
185.176.27.102	attack	05/08/2020-22:59:24.757227 185.176.27.102 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-05-09 17:00:26
64.225.25.59	attackspam	$f2bV_matches	2020-05-09 16:48:01

Recently Reported IPs

209.251.206.81	200.190.69.80	156.124.58.206	216.131.197.227
143.156.143.192	211.142.226.129	43.41.238.118	108.151.143.12
245.252.58.129	239.115.219.96	198.55.29.36	247.82.186.46
81.164.145.138	227.235.122.191	78.40.233.223	136.109.97.187
119.43.127.48	160.185.197.194	174.20.213.244	42.200.155.225