202.138.243.122

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Melvar Lintasnusa

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt from IP address 202.138.243.122 on Port 445(SMB)	2020-09-01 19:24:19
attackbotsspam	Unauthorized connection attempt detected from IP address 202.138.243.122 to port 445	2020-07-22 19:11:38

Comments on same subnet:

IP	Type	Details	Datetime
202.138.243.115	attackspambots	Feb 14 05:56:07 * sshd[9001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.243.115 Feb 14 05:56:09 * sshd[9001]: Failed password for invalid user ubnt from 202.138.243.115 port 50112 ssh2	2020-02-14 15:43:27
202.138.243.101	attack	Unauthorized connection attempt detected from IP address 202.138.243.101 to port 23 [J]	2020-01-22 23:43:03
202.138.243.108	attack	smtp probe/invalid login attempt	2020-01-11 21:03:46

Type

Details

Datetime

202.138.243.115

attackspambots

Feb 14 05:56:07 * sshd[9001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.138.243.115
Feb 14 05:56:09 * sshd[9001]: Failed password for invalid user ubnt from 202.138.243.115 port 50112 ssh2

2020-02-14 15:43:27

202.138.243.101

attack

Unauthorized connection attempt detected from IP address 202.138.243.101 to port 23 [J]

2020-01-22 23:43:03

202.138.243.108

attack

smtp probe/invalid login attempt

2020-01-11 21:03:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.138.243.122
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8882
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.138.243.122.		IN	A

;; AUTHORITY SECTION:
.			532	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072200 1800 900 604800 86400

;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 22 19:11:33 CST 2020
;; MSG SIZE  rcvd: 119

Host info

122.243.138.202.in-addr.arpa domain name pointer dsl-243-122.melsa.net.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
122.243.138.202.in-addr.arpa	name = dsl-243-122.melsa.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.15.214.221	attackbots	$f2bV_matches	2020-06-07 07:56:42
106.12.126.114	attack	Jun 5 19:42:06 UTC__SANYALnet-Labs__cac14 sshd[12601]: Connection from 106.12.126.114 port 48810 on 64.137.176.112 port 22 Jun 5 19:42:08 UTC__SANYALnet-Labs__cac14 sshd[12601]: User r.r from 106.12.126.114 not allowed because not listed in AllowUsers Jun 5 19:42:08 UTC__SANYALnet-Labs__cac14 sshd[12601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.126.114 user=r.r Jun 5 19:42:11 UTC__SANYALnet-Labs__cac14 sshd[12601]: Failed password for invalid user r.r from 106.12.126.114 port 48810 ssh2 Jun 5 19:42:11 UTC__SANYALnet-Labs__cac14 sshd[12601]: Received disconnect from 106.12.126.114: 11: Bye Bye [preauth] Jun 5 19:52:19 UTC__SANYALnet-Labs__cac14 sshd[10556]: Connection from 106.12.126.114 port 42532 on 64.137.176.112 port 22 Jun 5 19:52:22 UTC__SANYALnet-Labs__cac14 sshd[10556]: User r.r from 106.12.126.114 not allowed because not listed in AllowUsers Jun 5 19:52:22 UTC__SANYALnet-Labs__cac14 sshd[10556]: pam........ -------------------------------	2020-06-07 07:35:11
187.162.247.136	attackspambots	port	2020-06-07 07:51:54
36.74.220.136	attack	1591476207 - 06/06/2020 22:43:27 Host: 36.74.220.136/36.74.220.136 Port: 445 TCP Blocked	2020-06-07 07:31:35
222.186.180.130	attackbotsspam	Jun 7 02:01:18 ovpn sshd\[6441\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.130 user=root Jun 7 02:01:19 ovpn sshd\[6441\]: Failed password for root from 222.186.180.130 port 55654 ssh2 Jun 7 02:01:27 ovpn sshd\[6487\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.130 user=root Jun 7 02:01:29 ovpn sshd\[6487\]: Failed password for root from 222.186.180.130 port 48486 ssh2 Jun 7 02:01:31 ovpn sshd\[6487\]: Failed password for root from 222.186.180.130 port 48486 ssh2	2020-06-07 08:01:53
164.132.41.67	attackbotsspam	Jun 6 23:44:41 vpn01 sshd[28248]: Failed password for root from 164.132.41.67 port 42819 ssh2 ...	2020-06-07 07:32:42
176.119.231.62	attack	Jun 5 23:07:57 carla sshd[18743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.119.231.62 user=r.r Jun 5 23:07:59 carla sshd[18743]: Failed password for r.r from 176.119.231.62 port 33734 ssh2 Jun 5 23:07:59 carla sshd[18744]: Received disconnect from 176.119.231.62: 11: Bye Bye Jun 5 23:11:58 carla sshd[18761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.119.231.62 user=r.r Jun 5 23:12:00 carla sshd[18761]: Failed password for r.r from 176.119.231.62 port 49508 ssh2 Jun 5 23:12:00 carla sshd[18762]: Received disconnect from 176.119.231.62: 11: Bye Bye Jun 5 23:14:25 carla sshd[18786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.119.231.62 user=r.r Jun 5 23:14:27 carla sshd[18786]: Failed password for r.r from 176.119.231.62 port 48170 ssh2 Jun 5 23:14:27 carla sshd[18787]: Received disconnect from 176.119.231.62: 11:........ -------------------------------	2020-06-07 07:38:54
209.216.90.211	attack	Jun 6 12:19:22 v11 sshd[30212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.216.90.211 user=r.r Jun 6 12:19:24 v11 sshd[30212]: Failed password for r.r from 209.216.90.211 port 50172 ssh2 Jun 6 12:19:25 v11 sshd[30212]: Received disconnect from 209.216.90.211 port 50172:11: Bye Bye [preauth] Jun 6 12:19:25 v11 sshd[30212]: Disconnected from 209.216.90.211 port 50172 [preauth] Jun 6 12:27:22 v11 sshd[5245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.216.90.211 user=r.r Jun 6 12:27:25 v11 sshd[5245]: Failed password for r.r from 209.216.90.211 port 40636 ssh2 Jun 6 12:27:25 v11 sshd[5245]: Received disconnect from 209.216.90.211 port 40636:11: Bye Bye [preauth] Jun 6 12:27:25 v11 sshd[5245]: Disconnected from 209.216.90.211 port 40636 [preauth] Jun 6 12:29:41 v11 sshd[6723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209......... -------------------------------	2020-06-07 08:08:11
178.128.114.194	attackbots	Lines containing failures of 178.128.114.194 Jun 6 08:37:47 shared06 sshd[29523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.114.194 user=r.r Jun 6 08:37:49 shared06 sshd[29523]: Failed password for r.r from 178.128.114.194 port 41060 ssh2 Jun 6 08:37:49 shared06 sshd[29523]: Received disconnect from 178.128.114.194 port 41060:11: Bye Bye [preauth] Jun 6 08:37:49 shared06 sshd[29523]: Disconnected from authenticating user r.r 178.128.114.194 port 41060 [preauth] Jun 6 08:40:28 shared06 sshd[30106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.114.194 user=r.r Jun 6 08:40:30 shared06 sshd[30106]: Failed password for r.r from 178.128.114.194 port 43464 ssh2 Jun 6 08:40:30 shared06 sshd[30106]: Received disconnect from 178.128.114.194 port 43464:11: Bye Bye [preauth] Jun 6 08:40:30 shared06 sshd[30106]: Disconnected from authenticating user r.r 178.128.114.194 p........ ------------------------------	2020-06-07 08:05:13
172.68.11.107	attackbots	SQL injection:/newsites/free/pierre/search/search-1-prj.php?idPrj=-6940%27%29%20OR%204972%3DCAST%28%28CHR%28113%29%7C%7CCHR%28107%29%7C%7CCHR%28113%29%7C%7CCHR%28120%29%7C%7CCHR%28113%29%29%7C%7C%28SELECT%20%28CASE%20WHEN%20%284972%3D4972%29%20THEN%201%20ELSE%200%20END%29%29%3A%3Atext%7C%7C%28CHR%28113%29%7C%7CCHR%28120%29%7C%7CCHR%28112%29%7C%7CCHR%28120%29%7C%7CCHR%28113%29%29%20AS%20NUMERIC%29%20AND%20%28%27ysxZ%27%3D%27ysxZ	2020-06-07 08:07:09
69.94.235.219	attack	fail2ban -- 69.94.235.219 ...	2020-06-07 07:57:30
123.207.249.145	attackspambots	2020-06-06 01:12:00 server sshd[63908]: Failed password for invalid user root from 123.207.249.145 port 54678 ssh2	2020-06-07 07:50:13
111.231.63.14	attack	odoo8 ...	2020-06-07 08:05:53
103.81.85.9	attackbots	103.81.85.9 - - \[06/Jun/2020:22:43:07 +0200\] "POST /wp-login.php HTTP/1.1" 200 10017 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 103.81.85.9 - - \[06/Jun/2020:22:43:09 +0200\] "POST /wp-login.php HTTP/1.1" 200 9852 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2020-06-07 07:42:47
95.167.39.12	attack	2020-06-06T17:36:46.7704251495-001 sshd[49258]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.167.39.12 user=root 2020-06-06T17:36:48.6072501495-001 sshd[49258]: Failed password for root from 95.167.39.12 port 41174 ssh2 2020-06-06T17:40:00.6171321495-001 sshd[49427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.167.39.12 user=root 2020-06-06T17:40:03.0907201495-001 sshd[49427]: Failed password for root from 95.167.39.12 port 42570 ssh2 2020-06-06T17:43:14.4756711495-001 sshd[49573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.167.39.12 user=root 2020-06-06T17:43:16.2469691495-001 sshd[49573]: Failed password for root from 95.167.39.12 port 43966 ssh2 ...	2020-06-07 07:56:58

Recently Reported IPs

198.189.183.215	49.235.152.2	110.43.183.147	7.1.87.204
53.3.68.25	14.156.192.70	14.33.59.147	121.250.75.74
2.184.134.90	202.63.241.80	200.94.125.243	198.162.202.251
195.160.227.2	190.231.65.81	190.95.117.205	188.127.163.146
185.175.79.88	185.80.102.11	190.181.112.254	183.213.26.135