103.94.5.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: CV. Tunas Dua Serangkai

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Automatic report - Banned IP Access	2020-01-03 19:48:49
attack	Dec 24 10:54:41 vibhu-HP-Z238-Microtower-Workstation sshd\[6355\]: Invalid user schatz from 103.94.5.42 Dec 24 10:54:41 vibhu-HP-Z238-Microtower-Workstation sshd\[6355\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 Dec 24 10:54:43 vibhu-HP-Z238-Microtower-Workstation sshd\[6355\]: Failed password for invalid user schatz from 103.94.5.42 port 48688 ssh2 Dec 24 10:57:59 vibhu-HP-Z238-Microtower-Workstation sshd\[6519\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 user=root Dec 24 10:58:02 vibhu-HP-Z238-Microtower-Workstation sshd\[6519\]: Failed password for root from 103.94.5.42 port 47844 ssh2 ...	2019-12-24 13:33:51
attack	Dec 17 18:05:04 loxhost sshd\[12817\]: Invalid user truche from 103.94.5.42 port 37134 Dec 17 18:05:04 loxhost sshd\[12817\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 Dec 17 18:05:06 loxhost sshd\[12817\]: Failed password for invalid user truche from 103.94.5.42 port 37134 ssh2 Dec 17 18:11:19 loxhost sshd\[13070\]: Invalid user shynique from 103.94.5.42 port 45938 Dec 17 18:11:19 loxhost sshd\[13070\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 ...	2019-12-18 01:30:35
attack	Dec 14 17:22:43 eventyay sshd[7307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 Dec 14 17:22:45 eventyay sshd[7307]: Failed password for invalid user lisa from 103.94.5.42 port 32808 ssh2 Dec 14 17:29:36 eventyay sshd[7571]: Failed password for backup from 103.94.5.42 port 43002 ssh2 ...	2019-12-15 00:38:39
attackspambots	Dec 7 00:49:26 ny01 sshd[26791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 Dec 7 00:49:28 ny01 sshd[26791]: Failed password for invalid user mosse from 103.94.5.42 port 51398 ssh2 Dec 7 00:56:16 ny01 sshd[27950]: Failed password for root from 103.94.5.42 port 60226 ssh2	2019-12-07 14:08:13
attackbotsspam	$f2bV_matches	2019-12-07 07:27:00
attackspambots	Dec 6 17:24:33 OPSO sshd\[30818\]: Invalid user blough from 103.94.5.42 port 34434 Dec 6 17:24:33 OPSO sshd\[30818\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 Dec 6 17:24:36 OPSO sshd\[30818\]: Failed password for invalid user blough from 103.94.5.42 port 34434 ssh2 Dec 6 17:31:22 OPSO sshd\[32153\]: Invalid user mpiuser from 103.94.5.42 port 44378 Dec 6 17:31:22 OPSO sshd\[32153\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42	2019-12-07 00:31:52
attackspam	$f2bV_matches	2019-12-02 17:17:18
attackspambots	Nov 30 09:37:09 vps647732 sshd[27655]: Failed password for root from 103.94.5.42 port 44832 ssh2 ...	2019-11-30 16:52:51
attackbots	Nov 30 11:25:20 areeb-Workstation sshd[16322]: Failed password for root from 103.94.5.42 port 55286 ssh2 ...	2019-11-30 14:12:09
attackspambots	SSH invalid-user multiple login try	2019-11-26 21:29:41
attack	2019-11-11T23:16:17.406222abusebot-6.cloudsearch.cf sshd\[19832\]: Invalid user guest from 103.94.5.42 port 51732	2019-11-12 07:46:15
attackspam	$f2bV_matches	2019-11-09 01:19:56
attackbots	$f2bV_matches	2019-11-07 21:56:38
attackbotsspam	$f2bV_matches	2019-11-05 02:09:41
attackbots	Automatic report - Banned IP Access	2019-11-02 07:50:33
attackspambots	Oct 28 17:27:15 server sshd\[26955\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 user=root Oct 28 17:27:17 server sshd\[26955\]: Failed password for root from 103.94.5.42 port 35570 ssh2 Oct 28 17:32:17 server sshd\[28096\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 user=root Oct 28 17:32:19 server sshd\[28096\]: Failed password for root from 103.94.5.42 port 50272 ssh2 Oct 28 17:36:51 server sshd\[29162\]: Invalid user rosaleen from 103.94.5.42 Oct 28 17:36:51 server sshd\[29162\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 ...	2019-10-29 00:23:37
attackbots	(sshd) Failed SSH login from 103.94.5.42 (ID/Indonesia/West Java/Sukabumi/-/[AS9341 PT INDONESIA COMNETS PLUS]): 1 in the last 3600 secs	2019-09-23 07:03:14
attackspambots	Aug 25 15:10:17 web9 sshd\[8571\]: Invalid user db2fenc1 from 103.94.5.42 Aug 25 15:10:17 web9 sshd\[8571\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 Aug 25 15:10:19 web9 sshd\[8571\]: Failed password for invalid user db2fenc1 from 103.94.5.42 port 54166 ssh2 Aug 25 15:15:40 web9 sshd\[10134\]: Invalid user sip from 103.94.5.42 Aug 25 15:15:40 web9 sshd\[10134\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42	2019-08-26 09:29:29
attackbots	$f2bV_matches	2019-08-22 19:31:17
attack	Aug 15 15:45:04 web9 sshd\[3399\]: Invalid user teamspeak from 103.94.5.42 Aug 15 15:45:04 web9 sshd\[3399\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42 Aug 15 15:45:07 web9 sshd\[3399\]: Failed password for invalid user teamspeak from 103.94.5.42 port 42852 ssh2 Aug 15 15:51:41 web9 sshd\[4888\]: Invalid user serv_fun from 103.94.5.42 Aug 15 15:51:41 web9 sshd\[4888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.94.5.42	2019-08-16 09:57:55

Comments on same subnet:

IP	Type	Details	Datetime
103.94.5.250	attack	Unauthorized connection attempt from IP address 103.94.5.250 on Port 445(SMB)	2020-01-14 05:12:19
103.94.56.152	attack	Automatic report - Port Scan Attack	2019-12-12 22:13:55
103.94.5.18	attackspambots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 06:56:42
103.94.5.210	attackspambots	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08050931)	2019-08-05 17:08:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.94.5.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65497
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.94.5.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081503 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 16 09:57:50 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 42.5.94.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 42.5.94.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
198.46.222.55	attackbots	(From eric@talkwithwebvisitor.com) Hey there, I just found your site, quick question… My name’s Eric, I found loischiropractic.com after doing a quick search – you showed up near the top of the rankings, so whatever you’re doing for SEO, looks like it’s working well. So here’s my question – what happens AFTER someone lands on your site? Anything? Research tells us at least 70% of the people who find your site, after a quick once-over, they disappear… forever. That means that all the work and effort you put into getting them to show up, goes down the tubes. Why would you want all that good work – and the great site you’ve built – go to waste? Because the odds are they’ll just skip over calling or even grabbing their phone, leaving you high and dry. But here’s a thought… what if you could make it super-simple for someone to raise their hand, say, “okay, let’s talk” without requiring them to even pull their cell phone from their pocket? You can – thanks to revolutionary new software th	2020-06-27 19:22:40
156.96.59.63	attackbotsspam	SIPVicious Scanner Detection , PTR: PTR record not found	2020-06-27 18:59:31
180.167.126.126	attackbotsspam	Invalid user ftpuser from 180.167.126.126 port 60874	2020-06-27 19:05:24
36.226.173.172	attack	unauthorized connection attempt	2020-06-27 19:08:41
106.13.228.21	attack	Invalid user kkc from 106.13.228.21 port 56390	2020-06-27 18:51:33
122.225.230.10	attackbotsspam	2020-06-27T10:06:02.334835dmca.cloudsearch.cf sshd[13310]: Invalid user pi from 122.225.230.10 port 34458 2020-06-27T10:06:02.340560dmca.cloudsearch.cf sshd[13310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.225.230.10 2020-06-27T10:06:02.334835dmca.cloudsearch.cf sshd[13310]: Invalid user pi from 122.225.230.10 port 34458 2020-06-27T10:06:04.160294dmca.cloudsearch.cf sshd[13310]: Failed password for invalid user pi from 122.225.230.10 port 34458 ssh2 2020-06-27T10:09:48.899302dmca.cloudsearch.cf sshd[13521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.225.230.10 user=root 2020-06-27T10:09:50.408304dmca.cloudsearch.cf sshd[13521]: Failed password for root from 122.225.230.10 port 60712 ssh2 2020-06-27T10:13:07.259573dmca.cloudsearch.cf sshd[13589]: Invalid user viet from 122.225.230.10 port 58920 ...	2020-06-27 18:52:30
103.216.48.245	attackspam	103.216.48.245 - - [27/Jun/2020:11:31:38 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 103.216.48.245 - - [27/Jun/2020:11:31:39 +0100] "POST /wp-login.php HTTP/1.1" 200 5429 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 103.216.48.245 - - [27/Jun/2020:11:51:09 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" ...	2020-06-27 19:03:36
198.245.64.185	attackspambots	(From eric@talkwithwebvisitor.com) Hey there, I just found your site, quick question… My name’s Eric, I found loischiropractic.com after doing a quick search – you showed up near the top of the rankings, so whatever you’re doing for SEO, looks like it’s working well. So here’s my question – what happens AFTER someone lands on your site? Anything? Research tells us at least 70% of the people who find your site, after a quick once-over, they disappear… forever. That means that all the work and effort you put into getting them to show up, goes down the tubes. Why would you want all that good work – and the great site you’ve built – go to waste? Because the odds are they’ll just skip over calling or even grabbing their phone, leaving you high and dry. But here’s a thought… what if you could make it super-simple for someone to raise their hand, say, “okay, let’s talk” without requiring them to even pull their cell phone from their pocket? You can – thanks to revolutionary new software th	2020-06-27 19:24:38
13.75.123.140	attackbotsspam	2020-06-26 UTC: (4x) - root(4x)	2020-06-27 19:20:37
192.241.225.97	attackbots	Hits on port : 2375	2020-06-27 18:57:20
192.241.222.235	attackspambots	firewall-block, port(s): 1962/tcp	2020-06-27 18:58:33
218.92.0.175	attackbots	Jun 27 06:39:51 firewall sshd[23086]: Failed password for root from 218.92.0.175 port 61631 ssh2 Jun 27 06:39:54 firewall sshd[23086]: Failed password for root from 218.92.0.175 port 61631 ssh2 Jun 27 06:39:57 firewall sshd[23086]: Failed password for root from 218.92.0.175 port 61631 ssh2 ...	2020-06-27 18:52:08
159.89.194.103	attackbots	Jun 27 12:03:52 sshd\[1678\]: Invalid user nexus from 159.89.194.103Jun 27 12:03:54 sshd\[1678\]: Failed password for invalid user nexus from 159.89.194.103 port 34494 ssh2 ...	2020-06-27 19:08:12
106.12.220.84	attackspam	Jun 27 10:29:56 vps sshd[98975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.220.84 user=root Jun 27 10:29:58 vps sshd[98975]: Failed password for root from 106.12.220.84 port 33744 ssh2 Jun 27 10:30:45 vps sshd[106055]: Invalid user ts3bot1 from 106.12.220.84 port 42008 Jun 27 10:30:45 vps sshd[106055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.220.84 Jun 27 10:30:47 vps sshd[106055]: Failed password for invalid user ts3bot1 from 106.12.220.84 port 42008 ssh2 ...	2020-06-27 19:20:09
45.141.84.44	attackbots	Jun 27 13:12:32 debian-2gb-nbg1-2 kernel: \[15515004.645899\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.141.84.44 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=16016 PROTO=TCP SPT=44948 DPT=9609 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-27 19:15:48

Recently Reported IPs

190.117.63.132	4.94.208.186	145.15.104.190	100.145.129.117
109.230.73.50	1.7.215.245	249.35.101.127	104.210.43.219
103.188.114.198	139.69.136.144	159.192.96.253	67.159.160.155
50.53.74.35	166.175.92.12	192.207.75.44	46.2.162.36
67.136.191.114	209.126.127.208	186.146.67.15	0.13.136.14