202.143.111.242

Basic Info

City: unknown

Region: unknown

Country: Vietnam

Internet Service Provider: Digital World Data Online Company

Hostname: unknown

Organization: Digital world data online company

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	2019-07-13T06:07:15.664404 sshd[9520]: Invalid user testuser from 202.143.111.242 port 39020 2019-07-13T06:07:15.678293 sshd[9520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.143.111.242 2019-07-13T06:07:15.664404 sshd[9520]: Invalid user testuser from 202.143.111.242 port 39020 2019-07-13T06:07:17.895461 sshd[9520]: Failed password for invalid user testuser from 202.143.111.242 port 39020 ssh2 2019-07-13T06:13:49.473082 sshd[9595]: Invalid user qm from 202.143.111.242 port 41534 ...	2019-07-13 12:30:52
attackbotsspam	Jul 8 17:27:48 lvps92-51-164-246 sshd[13445]: reveeclipse mapping checking getaddrinfo for ip.viettelidchcm.com [202.143.111.242] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 8 17:27:48 lvps92-51-164-246 sshd[13445]: User r.r from 202.143.111.242 not allowed because not listed in AllowUsers Jul 8 17:27:48 lvps92-51-164-246 sshd[13445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.143.111.242 user=r.r Jul 8 17:27:50 lvps92-51-164-246 sshd[13445]: Failed password for invalid user r.r from 202.143.111.242 port 43284 ssh2 Jul 8 17:27:50 lvps92-51-164-246 sshd[13445]: Received disconnect from 202.143.111.242: 11: Bye Bye [preauth] Jul 8 17:31:56 lvps92-51-164-246 sshd[13458]: reveeclipse mapping checking getaddrinfo for ip.viettelidchcm.com [202.143.111.242] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 8 17:31:56 lvps92-51-164-246 sshd[13458]: Invalid user musikbot from 202.143.111.242 Jul 8 17:31:56 lvps92-51-164-246 sshd[13458]........ -------------------------------	2019-07-09 03:16:35

Type

Details

Datetime

attackspam

2019-07-13T06:07:15.664404  sshd[9520]: Invalid user testuser from 202.143.111.242 port 39020
2019-07-13T06:07:15.678293  sshd[9520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.143.111.242
2019-07-13T06:07:15.664404  sshd[9520]: Invalid user testuser from 202.143.111.242 port 39020
2019-07-13T06:07:17.895461  sshd[9520]: Failed password for invalid user testuser from 202.143.111.242 port 39020 ssh2
2019-07-13T06:13:49.473082  sshd[9595]: Invalid user qm from 202.143.111.242 port 41534
...

2019-07-13 12:30:52

attackbotsspam

Jul  8 17:27:48 lvps92-51-164-246 sshd[13445]: reveeclipse mapping checking getaddrinfo for ip.viettelidchcm.com [202.143.111.242] failed - POSSIBLE BREAK-IN ATTEMPT!
Jul  8 17:27:48 lvps92-51-164-246 sshd[13445]: User r.r from 202.143.111.242 not allowed because not listed in AllowUsers
Jul  8 17:27:48 lvps92-51-164-246 sshd[13445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.143.111.242  user=r.r
Jul  8 17:27:50 lvps92-51-164-246 sshd[13445]: Failed password for invalid user r.r from 202.143.111.242 port 43284 ssh2
Jul  8 17:27:50 lvps92-51-164-246 sshd[13445]: Received disconnect from 202.143.111.242: 11: Bye Bye [preauth]
Jul  8 17:31:56 lvps92-51-164-246 sshd[13458]: reveeclipse mapping checking getaddrinfo for ip.viettelidchcm.com [202.143.111.242] failed - POSSIBLE BREAK-IN ATTEMPT!
Jul  8 17:31:56 lvps92-51-164-246 sshd[13458]: Invalid user musikbot from 202.143.111.242
Jul  8 17:31:56 lvps92-51-164-246 sshd[13458]........
-------------------------------

2019-07-09 03:16:35

Comments on same subnet:

IP	Type	Details	Datetime
202.143.111.42	attackbots	Oct 5 19:14:25 roki-contabo sshd\[2204\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.143.111.42 user=root Oct 5 19:14:27 roki-contabo sshd\[2204\]: Failed password for root from 202.143.111.42 port 53584 ssh2 Oct 5 19:33:00 roki-contabo sshd\[2811\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.143.111.42 user=root Oct 5 19:33:01 roki-contabo sshd\[2811\]: Failed password for root from 202.143.111.42 port 53740 ssh2 Oct 5 19:37:21 roki-contabo sshd\[3053\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.143.111.42 user=root ...	2020-10-06 02:09:28
202.143.111.42	attackbots	2020-10-05T03:37:47.666732dreamphreak.com sshd[533992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.143.111.42 user=root 2020-10-05T03:37:49.091458dreamphreak.com sshd[533992]: Failed password for root from 202.143.111.42 port 56228 ssh2 ...	2020-10-05 17:57:09
202.143.111.42	attackbotsspam	Invalid user testftp from 202.143.111.42 port 49274	2020-09-23 19:47:45
202.143.111.42	attackbots	$f2bV_matches	2020-09-23 12:07:27
202.143.111.42	attackspambots	Sep 22 21:04:03 vpn01 sshd[20478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.143.111.42 Sep 22 21:04:05 vpn01 sshd[20478]: Failed password for invalid user admin from 202.143.111.42 port 50540 ssh2 ...	2020-09-23 03:52:32
202.143.111.42	attackspambots	sshd: Failed password for .... from 202.143.111.42 port 44806 ssh2 (7 attempts)	2020-09-14 21:56:42
202.143.111.42	attackspambots	$f2bV_matches	2020-09-14 13:50:20
202.143.111.42	attackspam	Sep 13 21:12:30 mail sshd[14491]: Failed password for root from 202.143.111.42 port 42762 ssh2	2020-09-14 05:48:23
202.143.111.42	attack	Aug 24 20:32:42 sip sshd[1411771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.143.111.42 Aug 24 20:32:42 sip sshd[1411771]: Invalid user pi from 202.143.111.42 port 59106 Aug 24 20:32:44 sip sshd[1411771]: Failed password for invalid user pi from 202.143.111.42 port 59106 ssh2 ...	2020-08-25 02:50:55
202.143.111.220	attack	202.143.111.220 - - [23/Aug/2020:05:52:29 +0200] "GET /wp-login.php HTTP/1.1" 200 8775 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.143.111.220 - - [23/Aug/2020:05:52:31 +0200] "POST /wp-login.php HTTP/1.1" 200 9026 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.143.111.220 - - [23/Aug/2020:05:52:34 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-23 14:42:54
202.143.111.42	attackspam	Aug 20 21:00:57 cho sshd[1183659]: Invalid user maz from 202.143.111.42 port 36220 Aug 20 21:00:57 cho sshd[1183659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.143.111.42 Aug 20 21:00:57 cho sshd[1183659]: Invalid user maz from 202.143.111.42 port 36220 Aug 20 21:00:59 cho sshd[1183659]: Failed password for invalid user maz from 202.143.111.42 port 36220 ssh2 Aug 20 21:04:58 cho sshd[1184013]: Invalid user teamspeak3 from 202.143.111.42 port 36680 ...	2020-08-21 04:28:29
202.143.111.42	attack	Aug 17 14:55:11 scw-focused-cartwright sshd[22560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.143.111.42 Aug 17 14:55:13 scw-focused-cartwright sshd[22560]: Failed password for invalid user bitrix from 202.143.111.42 port 50178 ssh2	2020-08-18 04:08:53
202.143.111.220	attackspam	Automatic report - Banned IP Access	2020-08-06 19:25:49
202.143.111.42	attackspambots	Aug 2 05:50:21 eventyay sshd[20799]: Failed password for root from 202.143.111.42 port 33088 ssh2 Aug 2 05:53:12 eventyay sshd[20949]: Failed password for root from 202.143.111.42 port 45580 ssh2 ...	2020-08-02 12:12:02
202.143.111.42	attack	$f2bV_matches	2020-08-01 19:53:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.143.111.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10214
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.143.111.242.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 09 03:16:30 CST 2019
;; MSG SIZE  rcvd: 119

Host info

242.111.143.202.in-addr.arpa domain name pointer ip.viettelidchcm.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
242.111.143.202.in-addr.arpa	name = ip.viettelidchcm.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.107.75.42	attackspam	Brute-force attempt banned	2020-08-03 22:20:20
142.93.173.214	attackbotsspam	Aug 3 14:22:52 marvibiene sshd[8394]: Failed password for root from 142.93.173.214 port 49054 ssh2	2020-08-03 21:48:17
45.129.33.6	attack	TCP (SYN) 45.129.33.6:54067 -> port 3389, len 44	2020-08-03 22:09:13
103.140.83.20	attackbots	SSH invalid-user multiple login try	2020-08-03 22:01:39
35.240.133.86	attackspambots	Aug 3 12:39:18 rush sshd[16356]: Failed password for root from 35.240.133.86 port 46742 ssh2 Aug 3 12:43:23 rush sshd[16401]: Failed password for root from 35.240.133.86 port 48132 ssh2 ...	2020-08-03 21:47:05
61.227.48.53	attackspambots	SMB Server BruteForce Attack	2020-08-03 22:06:31
165.22.243.42	attackbots	Aug 3 15:09:15 melroy-server sshd[394]: Failed password for root from 165.22.243.42 port 56666 ssh2 ...	2020-08-03 22:30:19
122.225.230.10	attack	2020-08-03T13:52:11+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-08-03 21:56:30
60.167.180.216	attackspam	Aug 3 15:15:43 ns382633 sshd\[31485\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.167.180.216 user=root Aug 3 15:15:46 ns382633 sshd\[31485\]: Failed password for root from 60.167.180.216 port 59360 ssh2 Aug 3 15:45:26 ns382633 sshd\[4670\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.167.180.216 user=root Aug 3 15:45:28 ns382633 sshd\[4670\]: Failed password for root from 60.167.180.216 port 54662 ssh2 Aug 3 15:47:45 ns382633 sshd\[4913\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.167.180.216 user=root	2020-08-03 22:15:22
188.222.5.212	attackbotsspam	Automatic report - XMLRPC Attack	2020-08-03 22:20:43
192.241.237.160	attack	1596457595 - 08/03/2020 14:26:35 Host: 192.241.237.160/192.241.237.160 Port: 115 TCP Blocked ...	2020-08-03 22:17:17
162.250.159.58	attackbotsspam	Aug 3 14:29:55 datentool sshd[17883]: Invalid user admin from 162.250.159.58 Aug 3 14:29:55 datentool sshd[17883]: Failed none for invalid user admin from 162.250.159.58 port 47874 ssh2 Aug 3 14:29:55 datentool sshd[17883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.250.159.58 Aug 3 14:29:57 datentool sshd[17883]: Failed password for invalid user admin from 162.250.159.58 port 47874 ssh2 Aug 3 14:29:59 datentool sshd[17885]: Invalid user admin from 162.250.159.58 Aug 3 14:29:59 datentool sshd[17885]: Failed none for invalid user admin from 162.250.159.58 port 47980 ssh2 Aug 3 14:29:59 datentool sshd[17885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.250.159.58 Aug 3 14:30:01 datentool sshd[17885]: Failed password for invalid user admin from 162.250.159.58 port 47980 ssh2 Aug 3 14:30:02 datentool sshd[17887]: Invalid user admin from 162.250.159.58 Aug 3 14:30:02 ........ -------------------------------	2020-08-03 21:51:30
188.226.131.171	attackspambots	Aug 3 14:26:36 kh-dev-server sshd[14531]: Failed password for root from 188.226.131.171 port 50714 ssh2 ...	2020-08-03 22:15:46
185.204.2.153	attackspam	Aug 3 13:59:41 ajax sshd[2977]: Failed password for root from 185.204.2.153 port 46982 ssh2	2020-08-03 21:59:34
165.227.86.14	attackspambots	165.227.86.14 - - [03/Aug/2020:14:51:12 +0200] "POST /wp-login.php HTTP/1.1" 200 3434 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-03 21:51:11

Recently Reported IPs

190.176.17.5	54.254.4.252	43.237.205.86	124.128.190.143
111.24.170.189	93.93.113.8	40.65.188.188	168.18.111.76
117.118.226.136	5.63.8.237	164.67.230.113	220.123.216.72
194.25.202.66	212.237.38.14	160.33.21.218	200.150.85.48
124.164.116.5	39.209.40.228	114.171.44.55	110.240.29.43