203.128.249.42

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Smart Telecom

Hostname: unknown

Organization: unknown

Usage Type: Mobile ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	TCP (SYN) 203.128.249.42:55562 -> port 445, len 52	2020-06-24 19:46:17
attack	Unauthorized connection attempt from IP address 203.128.249.42 on Port 445(SMB)	2019-08-08 07:57:13

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 203.128.249.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57790
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;203.128.249.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080702 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 08 07:57:06 CST 2019
;; MSG SIZE  rcvd: 118

Host info

42.249.128.203.in-addr.arpa has no PTR record

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 42.249.128.203.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
162.243.132.159	attackspambots	Honeypot hit.	2020-02-27 01:54:33
85.192.131.149	attack	1582724167 - 02/26/2020 14:36:07 Host: 85.192.131.149/85.192.131.149 Port: 445 TCP Blocked	2020-02-27 02:12:25
122.154.241.147	attackspambots	Feb 26 08:05:28 web1 sshd\[13442\]: Invalid user rhino from 122.154.241.147 Feb 26 08:05:28 web1 sshd\[13442\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.154.241.147 Feb 26 08:05:30 web1 sshd\[13442\]: Failed password for invalid user rhino from 122.154.241.147 port 59260 ssh2 Feb 26 08:10:40 web1 sshd\[13919\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.154.241.147 user=games Feb 26 08:10:42 web1 sshd\[13919\]: Failed password for games from 122.154.241.147 port 53368 ssh2	2020-02-27 02:14:22
185.176.27.30	attack	02/26/2020-18:37:45.946672 185.176.27.30 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-27 01:45:56
184.105.247.203	attackspambots	Port 27372 scan denied	2020-02-27 01:47:29
211.219.114.39	attackspambots	$f2bV_matches	2020-02-27 02:07:30
162.243.131.223	attack	firewall-block, port(s): 445/tcp	2020-02-27 01:55:23
222.186.30.35	attackbots	Feb 26 19:03:18 MK-Soft-Root1 sshd[26728]: Failed password for root from 222.186.30.35 port 61596 ssh2 Feb 26 19:03:22 MK-Soft-Root1 sshd[26728]: Failed password for root from 222.186.30.35 port 61596 ssh2 ...	2020-02-27 02:05:47
162.243.136.136	attackspambots	scans 1 times in preceeding hours on the ports (in chronological order) 1400 resulting in total of 22 scans from 162.243.0.0/16 block.	2020-02-27 01:48:38
185.176.27.94	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 8333 proto: TCP cat: Misc Attack	2020-02-27 01:43:50
213.217.0.6	attackbots	scans 19 times in preceeding hours on the ports (in chronological order) 38401 38407 38313 38482 38287 38433 38491 38206 38473 38154 38172 38163 38487 38429 38354 38263 38179 38322 38428 resulting in total of 31 scans from 213.217.0.0/23 block.	2020-02-27 01:36:33
222.186.180.142	attack	Feb 26 13:04:50 plusreed sshd[14327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.142 user=root Feb 26 13:04:51 plusreed sshd[14327]: Failed password for root from 222.186.180.142 port 24136 ssh2 Feb 26 13:04:53 plusreed sshd[14327]: Failed password for root from 222.186.180.142 port 24136 ssh2 Feb 26 13:04:50 plusreed sshd[14327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.142 user=root Feb 26 13:04:51 plusreed sshd[14327]: Failed password for root from 222.186.180.142 port 24136 ssh2 Feb 26 13:04:53 plusreed sshd[14327]: Failed password for root from 222.186.180.142 port 24136 ssh2 ...	2020-02-27 02:05:27
184.105.139.77	attackbots	scans 1 times in preceeding hours on the ports (in chronological order) 1900 resulting in total of 4 scans from 184.105.0.0/16 block.	2020-02-27 01:48:19
66.198.240.61	attackbots	Automatic report - XMLRPC Attack	2020-02-27 02:07:49
185.176.27.14	attackspambots	02/26/2020-17:51:01.928132 185.176.27.14 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-27 01:46:49

Recently Reported IPs

91.206.15.28	132.232.17.23	77.132.18.33	124.158.164.42
129.42.208.179	113.65.189.56	168.235.103.143	202.79.174.122
134.73.161.214	27.74.245.84	217.61.98.201	175.138.91.175
78.142.211.173	222.141.112.28	242.33.79.236	221.202.11.89
219.241.212.2	203.205.29.13	83.221.205.203	54.36.149.27