202.149.87.50 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT. Satata Neka Tama

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH Invalid Login	2020-05-09 05:59:47
attackspambots	May 7 17:46:03 IngegnereFirenze sshd[7665]: Failed password for invalid user anna from 202.149.87.50 port 56841 ssh2 ...	2020-05-08 03:47:20
attackspam	May 5 06:09:17 santamaria sshd\[20002\]: Invalid user mekon from 202.149.87.50 May 5 06:09:17 santamaria sshd\[20002\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.149.87.50 May 5 06:09:19 santamaria sshd\[20002\]: Failed password for invalid user mekon from 202.149.87.50 port 8202 ssh2 ...	2020-05-05 12:14:31

Type

Details

Datetime

attack

SSH Invalid Login

2020-05-09 05:59:47

attackspambots

May  7 17:46:03 IngegnereFirenze sshd[7665]: Failed password for invalid user anna from 202.149.87.50 port 56841 ssh2
...

2020-05-08 03:47:20

attackspam

May  5 06:09:17 santamaria sshd\[20002\]: Invalid user mekon from 202.149.87.50
May  5 06:09:17 santamaria sshd\[20002\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.149.87.50
May  5 06:09:19 santamaria sshd\[20002\]: Failed password for invalid user mekon from 202.149.87.50 port 8202 ssh2
...

2020-05-05 12:14:31

Comments on same subnet:

IP	Type	Details	Datetime
202.149.87.55	attackbots	Jun 24 00:34:04 nextcloud sshd\[22652\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.149.87.55 user=root Jun 24 00:34:06 nextcloud sshd\[22652\]: Failed password for root from 202.149.87.55 port 47606 ssh2 Jun 24 00:34:55 nextcloud sshd\[23407\]: Invalid user CHANGED from 202.149.87.55 Jun 24 00:34:55 nextcloud sshd\[23407\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.149.87.55	2020-06-24 06:56:16

Type

Details

Datetime

202.149.87.55

attackbots

Jun 24 00:34:04 nextcloud sshd\[22652\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.149.87.55  user=root
Jun 24 00:34:06 nextcloud sshd\[22652\]: Failed password for root from 202.149.87.55 port 47606 ssh2
Jun 24 00:34:55 nextcloud sshd\[23407\]: Invalid user CHANGED from 202.149.87.55
Jun 24 00:34:55 nextcloud sshd\[23407\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.149.87.55

2020-06-24 06:56:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.149.87.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4295
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.149.87.50.			IN	A

;; AUTHORITY SECTION:
.			562	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050403 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue May 05 12:14:28 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 50.87.149.202.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 50.87.149.202.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
180.76.171.132	attackbots	Invalid user jetty from 180.76.171.132 port 43147	2020-03-19 19:09:05
188.213.49.210	attack	wp-login.php	2020-03-19 19:08:32
185.43.8.43	attackspambots	Mar 19 04:37:39 mail.srvfarm.net postfix/smtpd[1938205]: NOQUEUE: reject: RCPT from unknown[185.43.8.43]: 554 5.7.1 Service unavailable; Client host [185.43.8.43] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?185.43.8.43; from= to= proto=ESMTP helo= Mar 19 04:37:39 mail.srvfarm.net postfix/smtpd[1938205]: NOQUEUE: reject: RCPT from unknown[185.43.8.43]: 554 5.7.1 Service unavailable; Client host [185.43.8.43] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?185.43.8.43; from= to= proto=ESMTP helo= Mar 19 04:37:39 mail.srvfarm.net postfix/smtpd[1938205]: NOQUEUE: reject: RCPT from unknown[185.43.8.43]: 554 5.7.1 Service unavailable; Client host [185.43.8.43] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?185.43.8.43; from= to=	2020-03-19 18:39:15
189.112.179.115	attackspam	Mar 19 10:12:47 localhost sshd[57735]: Invalid user Administrator from 189.112.179.115 port 39896 Mar 19 10:12:47 localhost sshd[57735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.112.179.115 Mar 19 10:12:47 localhost sshd[57735]: Invalid user Administrator from 189.112.179.115 port 39896 Mar 19 10:12:48 localhost sshd[57735]: Failed password for invalid user Administrator from 189.112.179.115 port 39896 ssh2 Mar 19 10:19:17 localhost sshd[58424]: Invalid user ics from 189.112.179.115 port 41668 ...	2020-03-19 18:27:30
185.16.37.135	attack	2020-03-19T10:42:36.127882vps751288.ovh.net sshd\[22964\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.16.37.135 user=root 2020-03-19T10:42:38.740920vps751288.ovh.net sshd\[22964\]: Failed password for root from 185.16.37.135 port 47504 ssh2 2020-03-19T10:50:15.297109vps751288.ovh.net sshd\[23022\]: Invalid user dodsserver from 185.16.37.135 port 48834 2020-03-19T10:50:15.307587vps751288.ovh.net sshd\[23022\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.16.37.135 2020-03-19T10:50:17.599527vps751288.ovh.net sshd\[23022\]: Failed password for invalid user dodsserver from 185.16.37.135 port 48834 ssh2	2020-03-19 18:39:31
136.228.161.67	attackspambots	Mar 19 04:47:56 ns382633 sshd\[28565\]: Invalid user 22 from 136.228.161.67 port 36210 Mar 19 04:47:56 ns382633 sshd\[28565\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=136.228.161.67 Mar 19 04:47:58 ns382633 sshd\[28565\]: Failed password for invalid user 22 from 136.228.161.67 port 36210 ssh2 Mar 19 04:53:45 ns382633 sshd\[29631\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=136.228.161.67 user=root Mar 19 04:53:47 ns382633 sshd\[29631\]: Failed password for root from 136.228.161.67 port 48906 ssh2	2020-03-19 18:56:59
200.194.53.67	attackspambots	Automatic report - Port Scan Attack	2020-03-19 19:02:08
183.237.191.186	attack	Mar 19 07:49:02 ArkNodeAT sshd\[29328\]: Invalid user gl from 183.237.191.186 Mar 19 07:49:02 ArkNodeAT sshd\[29328\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.237.191.186 Mar 19 07:49:04 ArkNodeAT sshd\[29328\]: Failed password for invalid user gl from 183.237.191.186 port 18483 ssh2	2020-03-19 19:10:53
190.246.180.170	attack	SSH login attempts.	2020-03-19 19:11:42
197.38.206.176	attack	SSH login attempts.	2020-03-19 19:08:01
195.154.29.107	attackspambots	Automatic report - XMLRPC Attack	2020-03-19 18:48:00
41.90.56.35	attack	Email rejected due to spam filtering	2020-03-19 19:06:42
167.71.72.70	attackbotsspam	2020-03-19T11:42:48.946404scmdmz1 sshd[19671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.72.70 2020-03-19T11:42:48.943034scmdmz1 sshd[19671]: Invalid user at from 167.71.72.70 port 45822 2020-03-19T11:42:51.087610scmdmz1 sshd[19671]: Failed password for invalid user at from 167.71.72.70 port 45822 ssh2 ...	2020-03-19 18:55:09
59.63.200.97	attackbotsspam	Mar 19 06:18:17 Tower sshd[5004]: Connection from 59.63.200.97 port 43735 on 192.168.10.220 port 22 rdomain "" Mar 19 06:18:22 Tower sshd[5004]: Invalid user server from 59.63.200.97 port 43735 Mar 19 06:18:22 Tower sshd[5004]: error: Could not get shadow information for NOUSER Mar 19 06:18:22 Tower sshd[5004]: Failed password for invalid user server from 59.63.200.97 port 43735 ssh2 Mar 19 06:18:22 Tower sshd[5004]: Received disconnect from 59.63.200.97 port 43735:11: Bye Bye [preauth] Mar 19 06:18:22 Tower sshd[5004]: Disconnected from invalid user server 59.63.200.97 port 43735 [preauth]	2020-03-19 18:54:19
223.230.147.134	attack	Email rejected due to spam filtering	2020-03-19 18:52:35

Recently Reported IPs

72.156.19.73	75.169.64.138	139.59.10.17	9.58.21.246
183.238.0.242	169.44.160.228	103.145.12.111	113.160.112.114
50.105.247.25	129.150.207.75	104.198.233.19	202.165.224.68
121.229.15.146	182.127.182.93	180.97.250.182	117.3.102.153
94.25.164.194	93.168.216.153	93.73.199.52	207.154.217.15