103.91.9.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
103.91.90.103	attackbotsspam	[portscan] tcp/1433 [MsSQL] *(RWIN=1024)(10061547)	2020-10-08 01:51:51
103.91.90.103	attackspam	[portscan] tcp/1433 [MsSQL] *(RWIN=1024)(10061547)	2020-10-07 18:00:36
103.91.90.103	attackbotsspam	TCP (SYN) 103.91.90.103:56230 -> port 1433, len 44	2020-09-04 21:11:06
103.91.90.103	attack	Port probing on unauthorized port 445	2020-09-04 05:21:03
103.91.91.195	attackbotsspam	1592798125 - 06/22/2020 05:55:25 Host: 103.91.91.195/103.91.91.195 Port: 445 TCP Blocked	2020-06-22 12:25:47
103.91.94.25	attackbots	unauthorized connection attempt	2020-02-07 14:14:47
103.91.92.82	attackspambots	Oct 27 08:25:10 ovpn sshd[19118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.91.92.82 user=r.r Oct 27 08:25:12 ovpn sshd[19118]: Failed password for r.r from 103.91.92.82 port 54838 ssh2 Oct 27 08:25:12 ovpn sshd[19118]: Received disconnect from 103.91.92.82 port 54838:11: Bye Bye [preauth] Oct 27 08:25:12 ovpn sshd[19118]: Disconnected from 103.91.92.82 port 54838 [preauth] Oct 27 08:33:30 ovpn sshd[20692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.91.92.82 user=r.r Oct 27 08:33:32 ovpn sshd[20692]: Failed password for r.r from 103.91.92.82 port 55235 ssh2 Oct 27 08:33:32 ovpn sshd[20692]: Received disconnect from 103.91.92.82 port 55235:11: Bye Bye [preauth] Oct 27 08:33:32 ovpn sshd[20692]: Disconnected from 103.91.92.82 port 55235 [preauth] Oct 27 08:38:29 ovpn sshd[21617]: Invalid user jw from 103.91.92.82 Oct 27 08:38:29 ovpn sshd[21617]: pam_unix(sshd:auth): authen........ ------------------------------	2019-10-28 06:42:09
103.91.91.194	attackbotsspam	Unauthorized connection attempt from IP address 103.91.91.194 on Port 445(SMB)	2019-09-01 05:15:26
103.91.94.254	attack	Port scan and direct access per IP instead of hostname	2019-08-09 18:56:49
103.91.90.98	attackspambots	SMB Server BruteForce Attack	2019-08-09 14:13:50
103.91.90.98	attack	SMB Server BruteForce Attack	2019-07-29 14:28:54
103.91.94.237	attack	Automatic report - Port Scan Attack	2019-07-23 23:47:53
103.91.94.237	attack	Automatic report - Web App Attack	2019-07-05 23:22:01

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.91.9.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28274
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;103.91.9.42.			IN	A

;; AUTHORITY SECTION:
.			220	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030501 1800 900 604800 86400

;; Query time: 74 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 06 10:17:20 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 42.9.91.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.9.91.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
203.110.179.26	attackspambots	Dec 14 06:49:44 php1 sshd\[26424\]: Invalid user craghead from 203.110.179.26 Dec 14 06:49:44 php1 sshd\[26424\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.110.179.26 Dec 14 06:49:45 php1 sshd\[26424\]: Failed password for invalid user craghead from 203.110.179.26 port 50632 ssh2 Dec 14 06:56:29 php1 sshd\[27086\]: Invalid user seflova from 203.110.179.26 Dec 14 06:56:29 php1 sshd\[27086\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.110.179.26	2019-12-15 01:02:40
92.55.148.251	attackbots	$f2bV_matches	2019-12-15 01:19:30
217.114.209.240	attackbots	POST /login/ Attempting to login via port 2083. No user agent.	2019-12-15 01:30:18
82.118.242.108	attackbots	82.118.242.108 was recorded 5 times by 5 hosts attempting to connect to the following ports: 27015. Incident counter (4h, 24h, all-time): 5, 20, 39	2019-12-15 00:51:05
183.83.85.51	attack	Unauthorized connection attempt detected from IP address 183.83.85.51 to port 445	2019-12-15 00:59:04
186.71.57.18	attack	Dec 14 06:47:52 hpm sshd\[460\]: Invalid user granheim from 186.71.57.18 Dec 14 06:47:52 hpm sshd\[460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.71.57.18 Dec 14 06:47:54 hpm sshd\[460\]: Failed password for invalid user granheim from 186.71.57.18 port 35630 ssh2 Dec 14 06:54:19 hpm sshd\[1074\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.71.57.18 user=lp Dec 14 06:54:22 hpm sshd\[1074\]: Failed password for lp from 186.71.57.18 port 43312 ssh2	2019-12-15 01:10:52
104.248.65.180	attackbots	Dec 13 10:47:49 ns382633 sshd\[461\]: Invalid user apache from 104.248.65.180 port 60644 Dec 13 10:47:49 ns382633 sshd\[461\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.65.180 Dec 13 10:47:52 ns382633 sshd\[461\]: Failed password for invalid user apache from 104.248.65.180 port 60644 ssh2 Dec 13 10:54:12 ns382633 sshd\[1393\]: Invalid user suo from 104.248.65.180 port 55616 Dec 13 10:54:12 ns382633 sshd\[1393\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.65.180	2019-12-15 00:52:21
46.101.101.66	attack	Dec 14 17:12:01 tuxlinux sshd[50678]: Invalid user student from 46.101.101.66 port 59242 Dec 14 17:12:01 tuxlinux sshd[50678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.101.66 Dec 14 17:12:01 tuxlinux sshd[50678]: Invalid user student from 46.101.101.66 port 59242 Dec 14 17:12:01 tuxlinux sshd[50678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.101.66 Dec 14 17:12:01 tuxlinux sshd[50678]: Invalid user student from 46.101.101.66 port 59242 Dec 14 17:12:01 tuxlinux sshd[50678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.101.66 Dec 14 17:12:02 tuxlinux sshd[50678]: Failed password for invalid user student from 46.101.101.66 port 59242 ssh2 ...	2019-12-15 00:55:01
139.199.174.58	attack	Dec 14 16:25:48 pi sshd\[21545\]: Failed password for invalid user altenhofen from 139.199.174.58 port 35024 ssh2 Dec 14 16:32:18 pi sshd\[21863\]: Invalid user bannon from 139.199.174.58 port 50204 Dec 14 16:32:18 pi sshd\[21863\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.174.58 Dec 14 16:32:20 pi sshd\[21863\]: Failed password for invalid user bannon from 139.199.174.58 port 50204 ssh2 Dec 14 16:38:56 pi sshd\[22142\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.174.58 user=root ...	2019-12-15 01:06:46
62.218.84.53	attackbotsspam	Dec 14 14:37:55 localhost sshd\[68109\]: Invalid user scudiero from 62.218.84.53 port 31992 Dec 14 14:37:55 localhost sshd\[68109\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.218.84.53 Dec 14 14:37:57 localhost sshd\[68109\]: Failed password for invalid user scudiero from 62.218.84.53 port 31992 ssh2 Dec 14 14:44:03 localhost sshd\[68349\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.218.84.53 user=root Dec 14 14:44:05 localhost sshd\[68349\]: Failed password for root from 62.218.84.53 port 13443 ssh2 ...	2019-12-15 01:10:35
45.82.153.83	attackspam	Dec 14 09:05:46 georgia postfix/smtpd[50078]: connect from unknown[45.82.153.83] Dec 14 09:05:46 georgia postfix/smtpd[50078]: connect from unknown[45.82.153.83] Dec 14 09:05:55 georgia postfix/smtpd[50078]: warning: unknown[45.82.153.83]: SASL LOGIN authentication failed: authentication failure Dec 14 09:05:55 georgia postfix/smtpd[50078]: warning: unknown[45.82.153.83]: SASL LOGIN authentication failed: authentication failure Dec 14 09:05:56 georgia postfix/smtpd[50078]: lost connection after AUTH from unknown[45.82.153.83] Dec 14 09:05:56 georgia postfix/smtpd[50078]: lost connection after AUTH from unknown[45.82.153.83] Dec 14 09:05:56 georgia postfix/smtpd[50078]: disconnect from unknown[45.82.153.83] ehlo=1 auth=0/1 commands=1/2 Dec 14 09:05:56 georgia postfix/smtpd[50078]: disconnect from unknown[45.82.153.83] ehlo=1 auth=0/1 commands=1/2 Dec 14 09:05:56 georgia postfix/smtpd[50078]: connect from unknown[45.82.153.83] Dec 14 09:05:56 georgia postfix/smtpd[50078]:........ -------------------------------	2019-12-15 01:27:36
198.27.80.123	attackspam	Time: Sat Dec 14 12:21:23 2019 -0300 IP: 198.27.80.123 (CA/Canada/ns524016.ip-198-27-80.net) Failures: 20 (WordPressBruteForcePOST) Interval: 3600 seconds Blocked: Permanent Block	2019-12-15 01:30:53
188.162.132.11	attack	Unauthorized connection attempt detected from IP address 188.162.132.11 to port 445	2019-12-15 00:54:26
113.173.176.81	attack	$f2bV_matches	2019-12-15 01:12:18
198.245.49.22	attackbots	PHI,WP GET /wp-login.php	2019-12-15 01:30:34

Recently Reported IPs

103.91.84.226	112.250.209.137	103.92.200.13	103.91.94.152
103.91.86.92	103.92.235.39	103.91.72.132	103.92.24.77
103.92.153.28	103.92.235.130	103.92.235.95	103.92.26.26
103.92.25.123	103.92.39.252	103.92.41.216	103.92.43.233
112.250.209.164	103.92.87.17	103.93.100.182	103.93.100.209