City: unknown
Region: unknown
Country: Indonesia
Internet Service Provider: PT Melvar Lintasnusa
Hostname: unknown
Organization: unknown
Usage Type: Fixed Line ISP
| Type | Details | Datetime |
|---|---|---|
| attack | 2020-04-05T02:01:49.009163struts4.enskede.local sshd\[27803\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.21 user=root 2020-04-05T02:01:51.378143struts4.enskede.local sshd\[27803\]: Failed password for root from 202.138.242.21 port 39604 ssh2 2020-04-05T02:04:48.606620struts4.enskede.local sshd\[27872\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.21 user=root 2020-04-05T02:04:51.540384struts4.enskede.local sshd\[27872\]: Failed password for root from 202.138.242.21 port 51584 ssh2 2020-04-05T02:06:27.282474struts4.enskede.local sshd\[27914\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.21 user=root ... |
2020-04-05 08:23:26 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 202.138.242.111 | attack | Telnetd brute force attack detected by fail2ban |
2020-06-01 07:18:38 |
| 202.138.242.37 | attack | 1588363984 - 05/01/2020 22:13:04 Host: 202.138.242.37/202.138.242.37 Port: 445 TCP Blocked |
2020-05-02 06:50:18 |
| 202.138.242.47 | attack | Unauthorized SSH connection attempt |
2019-11-08 21:20:11 |
| 202.138.242.22 | attackbots | IP: 202.138.242.22 ASN: AS9657 Melsa-i-net AS Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 12/10/2019 6:06:23 AM UTC |
2019-10-12 19:27:31 |
| 202.138.242.22 | attackspam | proto=tcp . spt=55919 . dpt=25 . (Found on Blocklist de Oct 03) (497) |
2019-10-05 02:03:34 |
| 202.138.242.101 | attack | postfix (unknown user, SPF fail or relay access denied) |
2019-10-02 07:18:29 |
| 202.138.242.6 | attackspambots | Mail sent to address hacked/leaked from atari.st |
2019-09-16 01:53:53 |
| 202.138.242.121 | attackbots | Aug 22 22:27:14 dedicated sshd[10267]: Invalid user rso from 202.138.242.121 port 44700 |
2019-08-23 09:45:45 |
| 202.138.242.121 | attack | Aug 18 14:14:56 XXX sshd[12187]: Invalid user testphp from 202.138.242.121 port 35348 |
2019-08-19 02:23:21 |
| 202.138.242.121 | attackspambots | Aug 15 02:09:59 web9 sshd\[26350\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121 user=mysql Aug 15 02:10:00 web9 sshd\[26350\]: Failed password for mysql from 202.138.242.121 port 43046 ssh2 Aug 15 02:15:44 web9 sshd\[27399\]: Invalid user omsagent from 202.138.242.121 Aug 15 02:15:44 web9 sshd\[27399\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121 Aug 15 02:15:46 web9 sshd\[27399\]: Failed password for invalid user omsagent from 202.138.242.121 port 36398 ssh2 |
2019-08-15 20:22:52 |
| 202.138.242.121 | attackspam | $f2bV_matches |
2019-08-14 18:07:42 |
| 202.138.242.6 | attack | Unauthorized connection attempt from IP address 202.138.242.6 on Port 25(SMTP) |
2019-08-12 10:43:30 |
| 202.138.242.121 | attackbots | 2019-07-15T08:23:28.942435lon01.zurich-datacenter.net sshd\[22264\]: Invalid user odbc from 202.138.242.121 port 46070 2019-07-15T08:23:28.946718lon01.zurich-datacenter.net sshd\[22264\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121 2019-07-15T08:23:30.935706lon01.zurich-datacenter.net sshd\[22264\]: Failed password for invalid user odbc from 202.138.242.121 port 46070 ssh2 2019-07-15T08:29:17.459106lon01.zurich-datacenter.net sshd\[22360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121 user=root 2019-07-15T08:29:19.693844lon01.zurich-datacenter.net sshd\[22360\]: Failed password for root from 202.138.242.121 port 45104 ssh2 ... |
2019-07-15 15:06:34 |
| 202.138.242.121 | attackspam | 2019-07-13T16:49:51.179215abusebot-4.cloudsearch.cf sshd\[9858\]: Invalid user oracle from 202.138.242.121 port 44994 |
2019-07-14 01:06:26 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.138.242.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20125
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.138.242.21. IN A
;; AUTHORITY SECTION:
. 507 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020040402 1800 900 604800 86400
;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 05 08:23:22 CST 2020
;; MSG SIZE rcvd: 118Host 21.242.138.202.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 21.242.138.202.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 155.133.21.129 | attack | Invalid user admin from 155.133.21.129 port 42368 |
2019-07-11 20:41:43 |
| 142.93.240.141 | attackspambots | Automatic report - Web App Attack |
2019-07-11 21:09:39 |
| 14.247.118.34 | attackspam | 445/tcp 445/tcp 445/tcp [2019-07-11]3pkt |
2019-07-11 20:45:34 |
| 134.175.42.162 | attack | Jul 11 13:49:41 mail sshd\[16570\]: Invalid user postgres from 134.175.42.162 port 47708 Jul 11 13:49:41 mail sshd\[16570\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.42.162 ... |
2019-07-11 21:22:50 |
| 89.39.95.147 | attackspambots | Jul 11 05:37:59 rigel postfix/smtpd[25932]: connect from unknown[89.39.95.147] Jul 11 05:38:00 rigel postfix/smtpd[25932]: warning: unknown[89.39.95.147]: SASL CRAM-MD5 authentication failed: authentication failure Jul 11 05:38:00 rigel postfix/smtpd[25932]: warning: unknown[89.39.95.147]: SASL PLAIN authentication failed: authentication failure Jul 11 05:38:00 rigel postfix/smtpd[25932]: warning: unknown[89.39.95.147]: SASL LOGIN authentication failed: authentication failure Jul 11 05:38:01 rigel postfix/smtpd[25932]: disconnect from unknown[89.39.95.147] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=89.39.95.147 |
2019-07-11 21:05:06 |
| 110.138.150.104 | attackspam | Unauthorised access (Jul 11) SRC=110.138.150.104 LEN=48 TTL=248 ID=759 DF TCP DPT=445 WINDOW=8192 SYN |
2019-07-11 21:10:08 |
| 91.121.132.116 | attackspambots | Invalid user gmod from 91.121.132.116 port 46588 |
2019-07-11 21:33:07 |
| 124.158.5.112 | attackspam | Jul 11 13:19:21 unicornsoft sshd\[4658\]: Invalid user navy from 124.158.5.112 Jul 11 13:19:21 unicornsoft sshd\[4658\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.5.112 Jul 11 13:19:23 unicornsoft sshd\[4658\]: Failed password for invalid user navy from 124.158.5.112 port 42912 ssh2 |
2019-07-11 21:19:51 |
| 114.40.111.117 | attackspam | 37215/tcp [2019-07-11]1pkt |
2019-07-11 20:41:11 |
| 61.177.172.128 | attackbotsspam | 11.07.2019 11:51:18 SSH access blocked by firewall |
2019-07-11 21:14:09 |
| 219.248.137.8 | attack | Invalid user ts3 from 219.248.137.8 port 41918 |
2019-07-11 20:46:58 |
| 27.203.218.18 | attack | 23/tcp [2019-07-11]1pkt |
2019-07-11 21:31:07 |
| 218.161.58.163 | attackbotsspam | 445/tcp [2019-07-11]1pkt |
2019-07-11 20:42:40 |
| 1.165.2.8 | attackspam | 37215/tcp [2019-07-11]1pkt |
2019-07-11 21:17:29 |
| 122.195.200.14 | attackbotsspam | Too many connections or unauthorized access detected from Arctic banned ip |
2019-07-11 20:40:16 |