103.94.125.245

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: CV. Mandiri Pratama

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorised access (Sep 24) SRC=103.94.125.245 LEN=52 TOS=0x10 PREC=0x40 TTL=115 ID=157 DF TCP DPT=445 WINDOW=8192 SYN	2019-09-24 16:06:30

Comments on same subnet:

IP	Type	Details	Datetime
103.94.125.254	attackspambots	Aug 26 04:52:53 shivevps sshd[3849]: Bad protocol version identification '\024' from 103.94.125.254 port 58743 Aug 26 04:52:58 shivevps sshd[4410]: Bad protocol version identification '\024' from 103.94.125.254 port 58766 Aug 26 04:54:46 shivevps sshd[7972]: Bad protocol version identification '\024' from 103.94.125.254 port 59371 ...	2020-08-26 12:54:54

Type

Details

Datetime

103.94.125.254

attackspambots

Aug 26 04:52:53 shivevps sshd[3849]: Bad protocol version identification '\024' from 103.94.125.254 port 58743
Aug 26 04:52:58 shivevps sshd[4410]: Bad protocol version identification '\024' from 103.94.125.254 port 58766
Aug 26 04:54:46 shivevps sshd[7972]: Bad protocol version identification '\024' from 103.94.125.254 port 59371
...

2020-08-26 12:54:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.94.125.245
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59635
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.94.125.245.			IN	A

;; AUTHORITY SECTION:
.			491	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092400 1800 900 604800 86400

;; Query time: 275 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 24 16:06:21 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 245.125.94.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 245.125.94.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
79.133.6.141	attack	SSH invalid-user multiple login attempts	2020-01-12 01:06:35
80.240.28.245	attackbotsspam	Jan 11 14:07:06 ns382633 sshd\[26978\]: Invalid user wbl from 80.240.28.245 port 41464 Jan 11 14:07:06 ns382633 sshd\[26978\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.240.28.245 Jan 11 14:07:08 ns382633 sshd\[26978\]: Failed password for invalid user wbl from 80.240.28.245 port 41464 ssh2 Jan 11 14:16:53 ns382633 sshd\[28691\]: Invalid user xeq from 80.240.28.245 port 44600 Jan 11 14:16:53 ns382633 sshd\[28691\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.240.28.245	2020-01-12 00:46:40
134.209.163.236	attackbotsspam	$f2bV_matches	2020-01-12 01:01:52
134.175.243.183	attackspam	$f2bV_matches	2020-01-12 01:04:41
202.5.37.51	attackbots	MONDIAL RELAY - COLIS	2020-01-12 01:09:21
221.226.58.102	attackspam	Jan 11 03:05:15 server sshd\[1678\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.226.58.102 user=root Jan 11 03:05:17 server sshd\[1678\]: Failed password for root from 221.226.58.102 port 40496 ssh2 Jan 11 18:29:27 server sshd\[11597\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.226.58.102 user=root Jan 11 18:29:29 server sshd\[11597\]: Failed password for root from 221.226.58.102 port 56694 ssh2 Jan 11 19:10:02 server sshd\[21457\]: Invalid user qc from 221.226.58.102 Jan 11 19:10:02 server sshd\[21457\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.226.58.102 ...	2020-01-12 00:49:37
134.17.94.229	attackbots	$f2bV_matches	2020-01-12 01:11:30
222.186.30.209	attack	Jan 11 13:35:05 server sshd\[2491\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.209 user=root Jan 11 13:35:07 server sshd\[2490\]: Failed password for root from 222.186.30.209 port 58454 ssh2 Jan 11 13:35:08 server sshd\[2491\]: Failed password for root from 222.186.30.209 port 51837 ssh2 Jan 11 19:44:10 server sshd\[29920\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.209 user=root Jan 11 19:44:12 server sshd\[29920\]: Failed password for root from 222.186.30.209 port 27852 ssh2 ...	2020-01-12 00:44:51
198.100.146.94	attackbots	Automatic report - XMLRPC Attack	2020-01-12 01:15:17
134.175.192.246	attack	$f2bV_matches	2020-01-12 01:07:45
134.175.46.166	attackbots	Jan 11 09:04:49 Tower sshd[13475]: Connection from 134.175.46.166 port 56170 on 192.168.10.220 port 22 rdomain "" Jan 11 09:04:51 Tower sshd[13475]: Failed password for root from 134.175.46.166 port 56170 ssh2 Jan 11 09:04:51 Tower sshd[13475]: Received disconnect from 134.175.46.166 port 56170:11: Bye Bye [preauth] Jan 11 09:04:51 Tower sshd[13475]: Disconnected from authenticating user root 134.175.46.166 port 56170 [preauth]	2020-01-12 01:04:59
136.228.161.66	attack	Unauthorized connection attempt detected from IP address 136.228.161.66 to port 2220 [J]	2020-01-12 00:58:47
122.58.28.165	attackbotsspam	Unauthorized connection attempt detected from IP address 122.58.28.165 to port 2220 [J]	2020-01-12 00:55:08
189.8.68.56	attackspambots	Unauthorized connection attempt detected from IP address 189.8.68.56 to port 2220 [J]	2020-01-12 00:58:14
138.128.209.35	attackspambots	$f2bV_matches	2020-01-12 00:50:17

Recently Reported IPs

186.212.190.28	112.26.149.232	37.215.120.73	172.96.191.13
177.11.44.10	212.150.112.76	183.239.203.40	177.189.207.177
87.236.20.17	84.15.143.63	134.209.252.119	200.201.217.104
218.247.254.162	81.17.27.141	35.196.238.16	41.34.8.248
116.92.211.233	95.9.139.212	222.190.132.82	7.32.66.188