202.138.242.6 - IPInfo

Basic Info

City: Bandung

Region: West Java

Country: Indonesia

Internet Service Provider: PT Melvar Lintasnusa

Hostname: unknown

Organization: Melsa-i-net AS

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Mail sent to address hacked/leaked from atari.st	2019-09-16 01:53:53
attack	Unauthorized connection attempt from IP address 202.138.242.6 on Port 25(SMTP)	2019-08-12 10:43:30

Comments on same subnet:

IP	Type	Details	Datetime
202.138.242.111	attack	Telnetd brute force attack detected by fail2ban	2020-06-01 07:18:38
202.138.242.37	attack	1588363984 - 05/01/2020 22:13:04 Host: 202.138.242.37/202.138.242.37 Port: 445 TCP Blocked	2020-05-02 06:50:18
202.138.242.21	attack	2020-04-05T02:01:49.009163struts4.enskede.local sshd\[27803\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.21 user=root 2020-04-05T02:01:51.378143struts4.enskede.local sshd\[27803\]: Failed password for root from 202.138.242.21 port 39604 ssh2 2020-04-05T02:04:48.606620struts4.enskede.local sshd\[27872\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.21 user=root 2020-04-05T02:04:51.540384struts4.enskede.local sshd\[27872\]: Failed password for root from 202.138.242.21 port 51584 ssh2 2020-04-05T02:06:27.282474struts4.enskede.local sshd\[27914\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.21 user=root ...	2020-04-05 08:23:26
202.138.242.47	attack	Unauthorized SSH connection attempt	2019-11-08 21:20:11
202.138.242.22	attackbots	IP: 202.138.242.22 ASN: AS9657 Melsa-i-net AS Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 12/10/2019 6:06:23 AM UTC	2019-10-12 19:27:31
202.138.242.22	attackspam	proto=tcp . spt=55919 . dpt=25 . (Found on Blocklist de Oct 03) (497)	2019-10-05 02:03:34
202.138.242.101	attack	postfix (unknown user, SPF fail or relay access denied)	2019-10-02 07:18:29
202.138.242.121	attackbots	Aug 22 22:27:14 dedicated sshd[10267]: Invalid user rso from 202.138.242.121 port 44700	2019-08-23 09:45:45
202.138.242.121	attack	Aug 18 14:14:56 XXX sshd[12187]: Invalid user testphp from 202.138.242.121 port 35348	2019-08-19 02:23:21
202.138.242.121	attackspambots	Aug 15 02:09:59 web9 sshd\[26350\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121 user=mysql Aug 15 02:10:00 web9 sshd\[26350\]: Failed password for mysql from 202.138.242.121 port 43046 ssh2 Aug 15 02:15:44 web9 sshd\[27399\]: Invalid user omsagent from 202.138.242.121 Aug 15 02:15:44 web9 sshd\[27399\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121 Aug 15 02:15:46 web9 sshd\[27399\]: Failed password for invalid user omsagent from 202.138.242.121 port 36398 ssh2	2019-08-15 20:22:52
202.138.242.121	attackspam	$f2bV_matches	2019-08-14 18:07:42
202.138.242.121	attackbots	2019-07-15T08:23:28.942435lon01.zurich-datacenter.net sshd\[22264\]: Invalid user odbc from 202.138.242.121 port 46070 2019-07-15T08:23:28.946718lon01.zurich-datacenter.net sshd\[22264\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121 2019-07-15T08:23:30.935706lon01.zurich-datacenter.net sshd\[22264\]: Failed password for invalid user odbc from 202.138.242.121 port 46070 ssh2 2019-07-15T08:29:17.459106lon01.zurich-datacenter.net sshd\[22360\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.242.121 user=root 2019-07-15T08:29:19.693844lon01.zurich-datacenter.net sshd\[22360\]: Failed password for root from 202.138.242.121 port 45104 ssh2 ...	2019-07-15 15:06:34
202.138.242.121	attackspam	2019-07-13T16:49:51.179215abusebot-4.cloudsearch.cf sshd\[9858\]: Invalid user oracle from 202.138.242.121 port 44994	2019-07-14 01:06:26

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.138.242.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35314
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.138.242.6.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 07 12:48:05 +08 2019
;; MSG SIZE  rcvd: 117

Host info

Host 6.242.138.202.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 6.242.138.202.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
95.168.171.154	attackspam	Port 2220 scan denied	2020-04-17 06:24:49
104.140.188.26	attack	GPL SNMP public access udp - port: 161 proto: UDP cat: Attempted Information Leak	2020-04-17 06:22:53
61.221.167.145	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 49 - port: 23 proto: TCP cat: Misc Attack	2020-04-17 06:40:57
80.82.70.239	attackspambots	Apr 17 00:34:14 debian-2gb-nbg1-2 kernel: \[9335432.979742\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.70.239 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=41608 PROTO=TCP SPT=40785 DPT=3061 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-17 06:34:26
36.153.205.142	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-04-17 06:49:48
104.140.188.30	attackspambots	ET SCAN Suspicious inbound to mySQL port 3306 - port: 3306 proto: TCP cat: Potentially Bad Traffic	2020-04-17 06:22:36
51.83.78.82	attack	" "	2020-04-17 06:45:33
37.49.226.3	attackbotsspam	Port 5038 scan denied	2020-04-17 06:49:00
58.236.230.35	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 39 - port: 23 proto: TCP cat: Misc Attack	2020-04-17 06:42:04
94.102.56.215	attackbotsspam	Port 36748 scan denied	2020-04-17 06:25:04
5.135.253.172	attack	Apr 17 00:46:50 debian-2gb-nbg1-2 kernel: \[9336188.832235\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=5.135.253.172 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=26708 PROTO=TCP SPT=58131 DPT=587 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-17 06:50:14
45.56.91.156	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 26 - port: 23475 proto: TCP cat: Misc Attack	2020-04-17 06:48:00
89.144.47.246	attack	Port 3389 (MS RDP) access denied	2020-04-17 06:30:14
80.82.64.219	attackspam	Port 3389 (MS RDP) access denied	2020-04-17 06:35:19
46.36.132.23	attackspambots	Port 10671 scan denied	2020-04-17 06:47:01

Recently Reported IPs

93.114.77.11	36.250.234.33	177.139.176.122	37.59.34.66
31.185.10.239	139.255.92.26	212.20.49.243	202.150.131.50
117.132.169.23	218.92.0.173	117.50.34.74	62.76.5.112
222.240.6.150	51.255.173.222	85.67.189.157	180.243.103.125
164.138.236.226	177.62.60.68	182.247.238.225	41.207.251.174