202.138.242.111

Basic Info

City: Bandung

Region: West Java

Country: Indonesia

Internet Service Provider: PT Melvar Lintasnusa

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Telnetd brute force attack detected by fail2ban	2020-06-01 07:18:38

Comments on same subnet:

IP	Type	Details	Datetime
202.138.242.37	attack	1588363984 - 05/01/2020 22:13:04 Host: 202.138.242.37/202.138.242.37 Port: 445 TCP Blocked	2020-05-02 06:50:18
202.138.242.21	attack	2020-04-05T02:01:49.009163struts4.enskede.local sshd\[27803\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.21 user=root 2020-04-05T02:01:51.378143struts4.enskede.local sshd\[27803\]: Failed password for root from 202.138.242.21 port 39604 ssh2 2020-04-05T02:04:48.606620struts4.enskede.local sshd\[27872\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.21 user=root 2020-04-05T02:04:51.540384struts4.enskede.local sshd\[27872\]: Failed password for root from 202.138.242.21 port 51584 ssh2 2020-04-05T02:06:27.282474struts4.enskede.local sshd\[27914\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.21 user=root ...	2020-04-05 08:23:26
202.138.242.47	attack	Unauthorized SSH connection attempt	2019-11-08 21:20:11
202.138.242.22	attackbots	IP: 202.138.242.22 ASN: AS9657 Melsa-i-net AS Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 12/10/2019 6:06:23 AM UTC	2019-10-12 19:27:31
202.138.242.22	attackspam	proto=tcp . spt=55919 . dpt=25 . (Found on Blocklist de Oct 03) (497)	2019-10-05 02:03:34
202.138.242.101	attack	postfix (unknown user, SPF fail or relay access denied)	2019-10-02 07:18:29
202.138.242.6	attackspambots	Mail sent to address hacked/leaked from atari.st	2019-09-16 01:53:53
202.138.242.121	attackbots	Aug 22 22:27:14 dedicated sshd[10267]: Invalid user rso from 202.138.242.121 port 44700	2019-08-23 09:45:45
202.138.242.121	attack	Aug 18 14:14:56 XXX sshd[12187]: Invalid user testphp from 202.138.242.121 port 35348	2019-08-19 02:23:21
202.138.242.121	attackspambots	Aug 15 02:09:59 web9 sshd\[26350\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121 user=mysql Aug 15 02:10:00 web9 sshd\[26350\]: Failed password for mysql from 202.138.242.121 port 43046 ssh2 Aug 15 02:15:44 web9 sshd\[27399\]: Invalid user omsagent from 202.138.242.121 Aug 15 02:15:44 web9 sshd\[27399\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121 Aug 15 02:15:46 web9 sshd\[27399\]: Failed password for invalid user omsagent from 202.138.242.121 port 36398 ssh2	2019-08-15 20:22:52
202.138.242.121	attackspam	$f2bV_matches	2019-08-14 18:07:42
202.138.242.6	attack	Unauthorized connection attempt from IP address 202.138.242.6 on Port 25(SMTP)	2019-08-12 10:43:30
202.138.242.121	attackbots	2019-07-15T08:23:28.942435lon01.zurich-datacenter.net sshd\[22264\]: Invalid user odbc from 202.138.242.121 port 46070 2019-07-15T08:23:28.946718lon01.zurich-datacenter.net sshd\[22264\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121 2019-07-15T08:23:30.935706lon01.zurich-datacenter.net sshd\[22264\]: Failed password for invalid user odbc from 202.138.242.121 port 46070 ssh2 2019-07-15T08:29:17.459106lon01.zurich-datacenter.net sshd\[22360\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121 user=root 2019-07-15T08:29:19.693844lon01.zurich-datacenter.net sshd\[22360\]: Failed password for root from 202.138.242.121 port 45104 ssh2 ...	2019-07-15 15:06:34
202.138.242.121	attackspam	2019-07-13T16:49:51.179215abusebot-4.cloudsearch.cf sshd\[9858\]: Invalid user oracle from 202.138.242.121 port 44994	2019-07-14 01:06:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.138.242.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63477
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.138.242.111.		IN	A

;; AUTHORITY SECTION:
.			581	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020053101 1800 900 604800 86400

;; Query time: 99 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 01 07:18:34 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 111.242.138.202.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 111.242.138.202.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
100.37.20.196	attackspam	Unauthorized connection attempt detected from IP address 100.37.20.196 to port 9001	2019-12-30 04:55:33
89.20.36.1	attack	Unauthorized connection attempt detected from IP address 89.20.36.1 to port 1433	2019-12-30 04:56:18
102.186.246.234	attackbots	Unauthorized connection attempt detected from IP address 102.186.246.234 to port 2222	2019-12-30 04:55:08
78.186.118.98	attack	Unauthorized connection attempt detected from IP address 78.186.118.98 to port 9000	2019-12-30 04:31:44
82.221.105.6	attackspambots	Unauthorized connection attempt detected from IP address 82.221.105.6 to port 1025	2019-12-30 04:59:01
54.193.35.147	attackspam	Unauthorized connection attempt detected from IP address 54.193.35.147 to port 8181	2019-12-30 04:34:51
88.135.38.250	attack	Unauthorized connection attempt detected from IP address 88.135.38.250 to port 1433	2019-12-30 04:57:01
189.163.198.39	attackspambots	19/12/29@13:04:33: FAIL: Alarm-Telnet address from=189.163.198.39 19/12/29@13:04:33: FAIL: Alarm-Telnet address from=189.163.198.39 19/12/29@13:04:33: FAIL: Alarm-Telnet address from=189.163.198.39 ...	2019-12-30 04:44:58
186.56.230.25	attackspam	Unauthorized connection attempt detected from IP address 186.56.230.25 to port 8080	2019-12-30 04:47:23
78.137.72.9	attackbots	Unauthorized connection attempt detected from IP address 78.137.72.9 to port 445	2019-12-30 04:32:12
189.125.151.228	attackbotsspam	Unauthorized connection attempt detected from IP address 189.125.151.228 to port 445	2019-12-30 04:45:58
90.85.156.113	attack	Unauthorized connection attempt detected from IP address 90.85.156.113 to port 8080	2019-12-30 04:28:49
185.244.39.209	attackbotsspam	Unauthorized connection attempt detected from IP address 185.244.39.209 to port 23	2019-12-30 04:48:09
66.42.111.69	attackspam	Unauthorized connection attempt detected from IP address 66.42.111.69 to port 445	2019-12-30 04:33:42
72.90.69.47	attackbotsspam	Unauthorized connection attempt detected from IP address 72.90.69.47 to port 1433	2019-12-30 04:32:44

Recently Reported IPs

71.31.239.191	190.247.141.151	153.201.177.123	204.22.92.246
84.22.119.225	111.131.99.174	66.148.35.197	105.0.1.68
126.58.16.51	165.29.108.224	182.226.51.245	222.224.109.76
88.195.104.59	200.126.215.188	120.53.20.111	85.157.140.205
202.180.65.33	156.186.80.181	61.255.192.106	100.16.125.68