103.94.5.18 - IPInfo

Basic Info

City: Jakarta

Region: Jakarta

Country: Indonesia

Internet Service Provider: CV. Tunas Dua Serangkai

Hostname: unknown

Organization: PT INDONESIA COMNETS PLUS

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 06:56:42

Comments on same subnet:

IP	Type	Details	Datetime
103.94.5.250	attack	Unauthorized connection attempt from IP address 103.94.5.250 on Port 445(SMB)	2020-01-14 05:12:19
103.94.5.42	attackspam	Automatic report - Banned IP Access	2020-01-03 19:48:49
103.94.5.42	attack	Dec 24 10:54:41 vibhu-HP-Z238-Microtower-Workstation sshd\[6355\]: Invalid user schatz from 103.94.5.42 Dec 24 10:54:41 vibhu-HP-Z238-Microtower-Workstation sshd\[6355\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 Dec 24 10:54:43 vibhu-HP-Z238-Microtower-Workstation sshd\[6355\]: Failed password for invalid user schatz from 103.94.5.42 port 48688 ssh2 Dec 24 10:57:59 vibhu-HP-Z238-Microtower-Workstation sshd\[6519\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 user=root Dec 24 10:58:02 vibhu-HP-Z238-Microtower-Workstation sshd\[6519\]: Failed password for root from 103.94.5.42 port 47844 ssh2 ...	2019-12-24 13:33:51
103.94.5.42	attack	Dec 17 18:05:04 loxhost sshd\[12817\]: Invalid user truche from 103.94.5.42 port 37134 Dec 17 18:05:04 loxhost sshd\[12817\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 Dec 17 18:05:06 loxhost sshd\[12817\]: Failed password for invalid user truche from 103.94.5.42 port 37134 ssh2 Dec 17 18:11:19 loxhost sshd\[13070\]: Invalid user shynique from 103.94.5.42 port 45938 Dec 17 18:11:19 loxhost sshd\[13070\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 ...	2019-12-18 01:30:35
103.94.5.42	attack	Dec 14 17:22:43 eventyay sshd[7307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 Dec 14 17:22:45 eventyay sshd[7307]: Failed password for invalid user lisa from 103.94.5.42 port 32808 ssh2 Dec 14 17:29:36 eventyay sshd[7571]: Failed password for backup from 103.94.5.42 port 43002 ssh2 ...	2019-12-15 00:38:39
103.94.56.152	attack	Automatic report - Port Scan Attack	2019-12-12 22:13:55
103.94.5.42	attackspambots	Dec 7 00:49:26 ny01 sshd[26791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 Dec 7 00:49:28 ny01 sshd[26791]: Failed password for invalid user mosse from 103.94.5.42 port 51398 ssh2 Dec 7 00:56:16 ny01 sshd[27950]: Failed password for root from 103.94.5.42 port 60226 ssh2	2019-12-07 14:08:13
103.94.5.42	attackbotsspam	$f2bV_matches	2019-12-07 07:27:00
103.94.5.42	attackspambots	Dec 6 17:24:33 OPSO sshd\[30818\]: Invalid user blough from 103.94.5.42 port 34434 Dec 6 17:24:33 OPSO sshd\[30818\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 Dec 6 17:24:36 OPSO sshd\[30818\]: Failed password for invalid user blough from 103.94.5.42 port 34434 ssh2 Dec 6 17:31:22 OPSO sshd\[32153\]: Invalid user mpiuser from 103.94.5.42 port 44378 Dec 6 17:31:22 OPSO sshd\[32153\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42	2019-12-07 00:31:52
103.94.5.42	attackspam	$f2bV_matches	2019-12-02 17:17:18
103.94.5.42	attackspambots	Nov 30 09:37:09 vps647732 sshd[27655]: Failed password for root from 103.94.5.42 port 44832 ssh2 ...	2019-11-30 16:52:51
103.94.5.42	attackbots	Nov 30 11:25:20 areeb-Workstation sshd[16322]: Failed password for root from 103.94.5.42 port 55286 ssh2 ...	2019-11-30 14:12:09
103.94.5.42	attackspambots	SSH invalid-user multiple login try	2019-11-26 21:29:41
103.94.5.42	attack	2019-11-11T23:16:17.406222abusebot-6.cloudsearch.cf sshd\[19832\]: Invalid user guest from 103.94.5.42 port 51732	2019-11-12 07:46:15
103.94.5.42	attackspam	$f2bV_matches	2019-11-09 01:19:56

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.94.5.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63441
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.94.5.18.			IN	A

;; AUTHORITY SECTION:
.			2206	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040402 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 05 07:43:35 +08 2019
;; MSG SIZE  rcvd: 115

Host info

Host 18.5.94.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 18.5.94.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.207.197	attackspambots	May 3 19:08:20 vlre-nyc-1 sshd\[26548\]: Invalid user punch from 106.12.207.197 May 3 19:08:20 vlre-nyc-1 sshd\[26548\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.207.197 May 3 19:08:22 vlre-nyc-1 sshd\[26548\]: Failed password for invalid user punch from 106.12.207.197 port 59526 ssh2 May 3 19:12:42 vlre-nyc-1 sshd\[26672\]: Invalid user gmodserver from 106.12.207.197 May 3 19:12:42 vlre-nyc-1 sshd\[26672\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.207.197 ...	2020-05-04 04:27:18
20.185.239.81	attack	scanning for potential vulnerable apps (wordpress etc.) and database accesses. Requested URI: /administrator/help/en-GB/toc.json	2020-05-04 04:42:30
141.98.81.84	attackbotsspam	2020-05-03T20:01:18.310678abusebot-7.cloudsearch.cf sshd[8741]: Invalid user admin from 141.98.81.84 port 42567 2020-05-03T20:01:18.318208abusebot-7.cloudsearch.cf sshd[8741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.84 2020-05-03T20:01:18.310678abusebot-7.cloudsearch.cf sshd[8741]: Invalid user admin from 141.98.81.84 port 42567 2020-05-03T20:01:20.485324abusebot-7.cloudsearch.cf sshd[8741]: Failed password for invalid user admin from 141.98.81.84 port 42567 ssh2 2020-05-03T20:01:43.496141abusebot-7.cloudsearch.cf sshd[8774]: Invalid user Admin from 141.98.81.84 port 36399 2020-05-03T20:01:43.511250abusebot-7.cloudsearch.cf sshd[8774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.84 2020-05-03T20:01:43.496141abusebot-7.cloudsearch.cf sshd[8774]: Invalid user Admin from 141.98.81.84 port 36399 2020-05-03T20:01:45.441072abusebot-7.cloudsearch.cf sshd[8774]: Failed password for i ...	2020-05-04 04:19:05
103.100.208.33	attack	Brute-force attempt banned	2020-05-04 04:27:36
223.70.253.11	attackbotsspam	SSH invalid-user multiple login attempts	2020-05-04 04:14:28
35.230.162.59	attack	Probing Wordpress /wp-login.php	2020-05-04 04:26:51
192.3.255.139	attackbotsspam	(sshd) Failed SSH login from 192.3.255.139 (US/United States/192-3-255-139-host.colocrossing.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 3 21:14:04 s1 sshd[11037]: Invalid user duran from 192.3.255.139 port 39910 May 3 21:14:06 s1 sshd[11037]: Failed password for invalid user duran from 192.3.255.139 port 39910 ssh2 May 3 21:22:56 s1 sshd[11411]: Invalid user ita from 192.3.255.139 port 43572 May 3 21:22:59 s1 sshd[11411]: Failed password for invalid user ita from 192.3.255.139 port 43572 ssh2 May 3 21:28:12 s1 sshd[11657]: Invalid user ftpuser from 192.3.255.139 port 54284	2020-05-04 04:38:43
104.236.224.69	attack	Port Scan detected from 104.236.224.69 (US/United States/New Jersey/Clifton/-). 4 hits in the last 165 seconds	2020-05-04 04:20:27
14.18.58.226	attack	May 3 12:55:52 vps58358 sshd\[16893\]: Invalid user liuziyuan from 14.18.58.226May 3 12:55:54 vps58358 sshd\[16893\]: Failed password for invalid user liuziyuan from 14.18.58.226 port 37946 ssh2May 3 12:58:57 vps58358 sshd\[16930\]: Invalid user git from 14.18.58.226May 3 12:59:00 vps58358 sshd\[16930\]: Failed password for invalid user git from 14.18.58.226 port 46686 ssh2May 3 13:02:08 vps58358 sshd\[16963\]: Failed password for root from 14.18.58.226 port 55426 ssh2May 3 13:05:15 vps58358 sshd\[16997\]: Invalid user eric from 14.18.58.226 ...	2020-05-04 04:08:00
202.149.86.27	attackbotsspam	Brute-force attempt banned	2020-05-04 04:43:49
51.255.173.222	attackbots	SSH Brute-Force. Ports scanning.	2020-05-04 04:20:43
140.207.81.233	attackspam	May 3 14:02:17 v22018086721571380 sshd[4411]: Failed password for invalid user mysql from 140.207.81.233 port 9722 ssh2 May 3 14:04:56 v22018086721571380 sshd[8069]: Failed password for invalid user talita from 140.207.81.233 port 27705 ssh2	2020-05-04 04:23:52
41.207.184.182	attackspam	May 3 14:05:02 nextcloud sshd\[32658\]: Invalid user soi from 41.207.184.182 May 3 14:05:02 nextcloud sshd\[32658\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.207.184.182 May 3 14:05:04 nextcloud sshd\[32658\]: Failed password for invalid user soi from 41.207.184.182 port 59406 ssh2	2020-05-04 04:15:40
46.99.139.71	attackspambots	03.05.2020 14:04:40 - Wordpress fail Detected by ELinOX-ALM	2020-05-04 04:36:14
185.22.142.197	attackspam	May 3 22:22:35 relay dovecot: imap-login: Disconnected: Inactivity $auth failed, 1 attempts in 180 secs$: user=\, method=PLAIN, rip=185.22.142.197, lip=176.9.177.164, session=\ May 3 22:22:37 relay dovecot: imap-login: Disconnected: Inactivity $auth failed, 1 attempts in 180 secs$: user=\, method=PLAIN, rip=185.22.142.197, lip=176.9.177.164, session=\ May 3 22:22:59 relay dovecot: imap-login: Disconnected: Inactivity $auth failed, 1 attempts in 180 secs$: user=\, method=PLAIN, rip=185.22.142.197, lip=176.9.177.164, session=\ May 3 22:28:09 relay dovecot: imap-login: Disconnected: Inactivity $auth failed, 1 attempts in 180 secs$: user=\, method=PLAIN, rip=185.22.142.197, lip=176.9.177.164, session=\ May 3 22:28:11 relay dovecot: imap-login: Disconnected: Inactivity \(auth failed, 1 attempts in 180 ...	2020-05-04 04:35:12

Recently Reported IPs

185.49.99.216	195.70.44.11	186.93.121.173	197.45.155.10
219.68.62.85	213.82.190.238	72.89.17.122	170.233.47.242
103.16.62.66	196.52.43.99	109.116.220.186	152.170.108.110
52.250.104.214	36.72.219.214	62.12.115.116	59.48.153.231
193.32.161.12	185.237.99.248	139.199.14.186	194.63.140.52