City: Surabaya
Region: Jawa Timur
Country: Indonesia
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 43.252.159.78 | attackbotsspam | Automatic report - Port Scan Attack |
2019-11-21 01:26:39 |
| 43.252.159.78 | attackspambots | Unauthorized connection attempt from IP address 43.252.159.78 on Port 445(SMB) |
2019-10-30 15:37:11 |
| 43.252.159.78 | attackspam | Unauthorized connection attempt from IP address 43.252.159.78 on Port 445(SMB) |
2019-09-09 22:49:53 |
| 43.252.159.80 | attackbotsspam | Unauthorized connection attempt from IP address 43.252.159.80 on Port 445(SMB) |
2019-08-30 20:56:27 |
| 43.252.159.11 | attack | Unauthorized connection attempt from IP address 43.252.159.11 on Port 445(SMB) |
2019-07-31 12:33:52 |
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '43.252.159.0 - 43.252.159.255'
% Abuse contact for '43.252.159.0 - 43.252.159.255' is 'abuse@gmedia.net.id'
inetnum: 43.252.159.0 - 43.252.159.255
netname: GMEDIA-ID-BALI
descr: PT Media Sarana Data
descr: Internet Service Provider
descr: Jl. Daradasih No. 11A
descr: Patangpuluhan, Yogyakarta
descr: DIY Yogyakarta, 55251
country: ID
admin-c: GH788-AP
tech-c: GH788-AP
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-ID-GMEDIA
mnt-irt: IRT-GMEDIA-ID
last-modified: 2021-04-22T09:29:19Z
source: APNIC
irt: IRT-GMEDIA-ID
address: Jl. Daradasih No. 11A
address: Patangpuluhan, Yogyakarta
address: DIY Yogyakarta, 55251
e-mail: hostmaster@gmedia.net.id
abuse-mailbox: abuse@gmedia.net.id
admin-c: GH788-AP
tech-c: GH788-AP
auth: # Filtered
mnt-by: MAINT-ID-GMEDIA
last-modified: 2026-03-09T15:38:33Z
source: APNIC
person: GMEDIA HOSTMASTER
address: Jl. Daradasih No. 11A
address: Patangpuluhan, Yogyakarta
address: DIY Yogyakarta, 55251
country: ID
phone: +62-274-380345
fax-no: +62-274-379593
e-mail: hostmaster@gmedia.net.id
nic-hdl: GH788-AP
notify: agusr@gmedia.co.id
mnt-by: MAINT-ID-GMEDIA
last-modified: 2011-02-28T19:00:02Z
source: APNIC
% Information related to '43.252.159.0/24AS55666'
route: 43.252.159.0/24
descr: PT Media Sarana Data
descr: YOGYAKARTA
country: ID
origin: AS55666
mnt-by: MAINT-ID-GMEDIA
last-modified: 2015-11-20T04:30:01Z
source: APNIC
% Information related to '43.252.159.0 - 43.252.159.255'
inetnum: 43.252.159.0 - 43.252.159.255
netname: BLIP-ID
descr: PT Blip Integrator Provider
descr: Internet Service Provider
descr: Unit Komersial Blok Broadway 2 No. 11 Istana Kuta Galeria
descr: Jl. Patih Jelantik Desa Legian
descr: Kec. Kuta, Kab. Badung, Bali 80361
country: ID
admin-c: PBIP1-AP
tech-c: PBIP1-AP
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-ID-GMEDIA
mnt-irt: IRT-GMEDIA-ID
remarks: Send Spam& Abuse report to: abuse@gmedia.net.id
last-modified: 2023-02-22T05:22:16Z
source: IDNIC
irt: IRT-GMEDIA-ID
address: Jl. Daradasih No. 11A
address: Patangpuluhan, Yogyakarta
address: DIY Yogyakarta, 55251
e-mail: hostmaster@gmedia.net.id
abuse-mailbox: abuse@gmedia.net.id
admin-c: GH788-AP
tech-c: GH788-AP
auth: # Filtered
mnt-by: MAINT-ID-GMEDIA
last-modified: 2011-02-25T10:06:50Z
source: IDNIC
person: PT BLIP INTEGRATOR PROVIDER
address: Unit Komersial Blok Broadway 2 No. 11 Istana Kuta Galeria
address: Jl. Patih Jelantik Desa Legian, Kec. Kuta, Kab. Badung, Bali
country: ID
phone: +62-361-6205157
e-mail: info@blip.co.id
nic-hdl: PBIP1-AP
mnt-by: MAINT-ID-BLIP
last-modified: 2022-07-13T07:08:38Z
source: IDNIC
% Information related to '43.252.159.0/24AS55666'
route: 43.252.159.0/24
descr: PT Media Sarana Data
descr: YOGYAKARTA
country: ID
origin: AS55666
mnt-by: MAINT-ID-GMEDIA
last-modified: 2015-11-20T04:30:01Z
source: IDNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU4); <<>> DiG 9.10.3-P4-Ubuntu <<>> 43.252.159.41
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62555
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;43.252.159.41. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026052400 1800 900 604800 86400
;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 24 16:01:00 CST 2026
;; MSG SIZE rcvd: 10641.159.252.43.in-addr.arpa domain name pointer ipv4-41-159-252.as55666.net.b'41.159.252.43.in-addr.arpa name = ipv4-41-159-252.as55666.net.
Authoritative answers can be found from:
'| IP | Type | Details | Datetime |
|---|---|---|---|
| 178.154.200.96 | attackbots | [Thu Apr 09 10:52:52.970854 2020] [:error] [pid 27383:tid 140306497861376] [client 178.154.200.96:45134] [client 178.154.200.96] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "Xo6cFOQ9Qq04NInh6KfNMwAAAh4"] ... |
2020-04-09 16:09:17 |
| 107.160.240.229 | attackspam | firewall-block, port(s): 11211/tcp |
2020-04-09 15:52:21 |
| 103.13.133.70 | attackspam | Apr 9 08:28:18 srv01 sshd[6472]: Invalid user user from 103.13.133.70 port 61829 Apr 9 08:28:18 srv01 sshd[6472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.13.133.70 Apr 9 08:28:18 srv01 sshd[6472]: Invalid user user from 103.13.133.70 port 61829 Apr 9 08:28:19 srv01 sshd[6472]: Failed password for invalid user user from 103.13.133.70 port 61829 ssh2 Apr 9 08:28:18 srv01 sshd[6472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.13.133.70 Apr 9 08:28:18 srv01 sshd[6472]: Invalid user user from 103.13.133.70 port 61829 Apr 9 08:28:19 srv01 sshd[6472]: Failed password for invalid user user from 103.13.133.70 port 61829 ssh2 ... |
2020-04-09 16:29:04 |
| 39.154.10.87 | attackbots | 04/08/2020-23:53:18.851624 39.154.10.87 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433 |
2020-04-09 15:43:56 |
| 45.133.99.14 | attackspam | Apr 9 09:48:27 relay postfix/smtpd\[2921\]: warning: unknown\[45.133.99.14\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 9 09:48:45 relay postfix/smtpd\[8882\]: warning: unknown\[45.133.99.14\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 9 09:51:34 relay postfix/smtpd\[8882\]: warning: unknown\[45.133.99.14\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 9 09:51:52 relay postfix/smtpd\[31822\]: warning: unknown\[45.133.99.14\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 9 09:53:31 relay postfix/smtpd\[5616\]: warning: unknown\[45.133.99.14\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-04-09 15:54:11 |
| 49.234.24.108 | attackspam | bruteforce detected |
2020-04-09 15:43:25 |
| 67.205.153.16 | attackbotsspam | Apr 9 09:53:06 server sshd\[21781\]: Invalid user ubuntu from 67.205.153.16 Apr 9 09:53:06 server sshd\[21781\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=imap.vtigermail.com Apr 9 09:53:08 server sshd\[21781\]: Failed password for invalid user ubuntu from 67.205.153.16 port 35476 ssh2 Apr 9 10:04:02 server sshd\[24288\]: Invalid user testtest from 67.205.153.16 Apr 9 10:04:02 server sshd\[24288\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=imap.vtigermail.com ... |
2020-04-09 16:13:53 |
| 119.10.114.92 | attackbotsspam | CMS (WordPress or Joomla) login attempt. |
2020-04-09 16:03:38 |
| 152.32.240.76 | attackbotsspam | 2020-04-08T22:24:52.682351suse-nuc sshd[28629]: Invalid user kiosk from 152.32.240.76 port 49996 ... |
2020-04-09 16:28:19 |
| 222.186.15.158 | attack | Found by fail2ban |
2020-04-09 16:08:08 |
| 67.205.178.229 | attackspam | Apr 9 02:43:56 firewall sshd[23050]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.178.229 Apr 9 02:43:56 firewall sshd[23050]: Invalid user git from 67.205.178.229 Apr 9 02:43:58 firewall sshd[23050]: Failed password for invalid user git from 67.205.178.229 port 56166 ssh2 ... |
2020-04-09 16:02:10 |
| 201.249.169.210 | attack | $lgm |
2020-04-09 16:05:08 |
| 200.187.182.227 | attack | Apr 9 06:40:20 ArkNodeAT sshd\[25652\]: Invalid user user from 200.187.182.227 Apr 9 06:40:20 ArkNodeAT sshd\[25652\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.187.182.227 Apr 9 06:40:22 ArkNodeAT sshd\[25652\]: Failed password for invalid user user from 200.187.182.227 port 9179 ssh2 |
2020-04-09 16:10:09 |
| 106.12.191.160 | attack | Apr 9 05:29:27 h2646465 sshd[1140]: Invalid user sonos from 106.12.191.160 Apr 9 05:29:27 h2646465 sshd[1140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.191.160 Apr 9 05:29:27 h2646465 sshd[1140]: Invalid user sonos from 106.12.191.160 Apr 9 05:29:29 h2646465 sshd[1140]: Failed password for invalid user sonos from 106.12.191.160 port 37534 ssh2 Apr 9 05:48:51 h2646465 sshd[3831]: Invalid user test1 from 106.12.191.160 Apr 9 05:48:51 h2646465 sshd[3831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.191.160 Apr 9 05:48:51 h2646465 sshd[3831]: Invalid user test1 from 106.12.191.160 Apr 9 05:48:53 h2646465 sshd[3831]: Failed password for invalid user test1 from 106.12.191.160 port 49642 ssh2 Apr 9 05:52:40 h2646465 sshd[4440]: Invalid user webmaster from 106.12.191.160 ... |
2020-04-09 16:20:09 |
| 114.112.72.130 | attack | Telnet Server BruteForce Attack |
2020-04-09 15:50:08 |