202.158.41.6 - IPInfo

Basic Info

City: Jakarta

Region: Jakarta

Country: Indonesia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.158.41.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52042
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.158.41.6.			IN	A

;; AUTHORITY SECTION:
.			585	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019113002 1800 900 604800 86400

;; Query time: 130 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 01 03:52:07 CST 2019
;; MSG SIZE  rcvd: 116

Host info

6.41.158.202.in-addr.arpa domain name pointer www.ptcpi-online.com.
6.41.158.202.in-addr.arpa domain name pointer www.aspacmart.com.
6.41.158.202.in-addr.arpa domain name pointer www.indoprom.net.
6.41.158.202.in-addr.arpa domain name pointer ftp.ird.or.id.
6.41.158.202.in-addr.arpa domain name pointer www.kadinbogor.com.
6.41.158.202.in-addr.arpa domain name pointer commercea.cbn.net.id.
6.41.158.202.in-addr.arpa domain name pointer ftp.commercea.cbn.net.id.
6.41.158.202.in-addr.arpa domain name pointer www.hildco.co.id.
6.41.158.202.in-addr.arpa domain name pointer ftp.kadinbogor.com.
6.41.158.202.in-addr.arpa domain name pointer ftp.three-ss.com.
6.41.158.202.in-addr.arpa domain name pointer ftp.skyrinkjakarta.com.
6.41.158.202.in-addr.arpa domain name pointer ftp.astrido-finance.co.id.
6.41.158.202.in-addr.arpa domain name pointer www.studyline.co.id.
6.41.158.202.in-addr.arpa domain name pointer ftp.riauprovince.com.
6.41.158.202.in-addr.arpa domain name pointer www.cgprtstat.org.
6.41.158.202.in-addr.ar

Nslookup info:

;; Truncated, retrying in TCP mode.
Server:		100.100.2.136
Address:	100.100.2.136#53

Non-authoritative answer:
6.41.158.202.in-addr.arpa	name = ftp.netwave.co.id.
6.41.158.202.in-addr.arpa	name = www.three-ss.com.
6.41.158.202.in-addr.arpa	name = www.studyline.co.id.
6.41.158.202.in-addr.arpa	name = www.ptcpi-online.com.
6.41.158.202.in-addr.arpa	name = www.caltex-pacific-indonesia.com.
6.41.158.202.in-addr.arpa	name = commercea.cbn.net.id.
6.41.158.202.in-addr.arpa	name = ftp.bigg.or.id.
6.41.158.202.in-addr.arpa	name = ftp.three-ss.com.
6.41.158.202.in-addr.arpa	name = www.indoprom.net.
6.41.158.202.in-addr.arpa	name = ftp.sandrafine.co.id.
6.41.158.202.in-addr.arpa	name = www.e-propertybiz.com.
6.41.158.202.in-addr.arpa	name = ftp.shangbao.co.id.
6.41.158.202.in-addr.arpa	name = www.astrido-finance.co.id.
6.41.158.202.in-addr.arpa	name = www.icma.or.id.
6.41.158.202.in-addr.arpa	name = ftp.aspacmart.com.
6.41.158.202.in-addr.arpa	name = www.bigg.or.id.
6.41.158.202.in-addr.arpa	name = www.ird.or.id.
6.41.158.202.in-addr.arpa	name = www.pikhospital.co.id.
6.41.158.202.in-addr.arpa	name = www.ikutlah-aku.org.
6.41.158.202.in-addr.arpa	name = www.riauprovince.com.
6.41.158.202.in-addr.arpa	name = ftp.indorattanwood.com.
6.41.158.202.in-addr.arpa	name = www.shangbao.co.id.
6.41.158.202.in-addr.arpa	name = ftp.icma.or.id.
6.41.158.202.in-addr.arpa	name = ftp.scl3pl.com.
6.41.158.202.in-addr.arpa	name = ftp.enerkon.co.id.
6.41.158.202.in-addr.arpa	name = ftp.skyrinkjakarta.com.
6.41.158.202.in-addr.arpa	name = www.cgprtstat.org.
6.41.158.202.in-addr.arpa	name = www.scl3pl.com.
6.41.158.202.in-addr.arpa	name = ftp.ird.or.id.
6.41.158.202.in-addr.arpa	name = ftp.ptcpi-online.com.
6.41.158.202.in-addr.arpa	name = ftp.kadinbogor.com.
6.41.158.202.in-addr.arpa	name = ftp.hildco.co.id.
6.41.158.202.in-addr.arpa	name = ftp.pnmi.co.id.
6.41.158.202.in-addr.arpa	name = www.enerkon.co.id.
6.41.158.202.in-addr.arpa	name = www.pnmi.co.id.
6.41.158.202.in-addr.arpa	name = ftp.e-propertybiz.com.
6.41.158.202.in-addr.arpa	name =

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.47.89.157	attack	Port Scan ...	2020-07-26 22:10:22
54.39.151.64	attackspambots	Jul 26 07:04:33 dignus sshd[20453]: Failed password for invalid user maurice from 54.39.151.64 port 52300 ssh2 Jul 26 07:08:55 dignus sshd[21123]: Invalid user ngdc from 54.39.151.64 port 59691 Jul 26 07:08:55 dignus sshd[21123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.151.64 Jul 26 07:08:58 dignus sshd[21123]: Failed password for invalid user ngdc from 54.39.151.64 port 59691 ssh2 Jul 26 07:13:15 dignus sshd[21741]: Invalid user postmaster from 54.39.151.64 port 38847 ...	2020-07-26 22:31:22
134.122.103.0	attackbotsspam	134.122.103.0 - - \[26/Jul/2020:14:58:41 +0200\] "POST /wp-login.php HTTP/1.0" 200 4128 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 134.122.103.0 - - \[26/Jul/2020:14:58:48 +0200\] "POST /wp-login.php HTTP/1.0" 200 3955 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 134.122.103.0 - - \[26/Jul/2020:14:58:58 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-07-26 22:16:35
51.254.36.178	attackbotsspam	$f2bV_matches	2020-07-26 22:05:19
111.67.200.161	attackbotsspam	Jul 26 13:48:05 roki sshd[29344]: Invalid user gala from 111.67.200.161 Jul 26 13:48:05 roki sshd[29344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.67.200.161 Jul 26 13:48:07 roki sshd[29344]: Failed password for invalid user gala from 111.67.200.161 port 58590 ssh2 Jul 26 14:06:04 roki sshd[30514]: Invalid user dockeruser from 111.67.200.161 Jul 26 14:06:04 roki sshd[30514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.67.200.161 ...	2020-07-26 22:12:16
201.218.138.146	attack	Jul 26 13:54:55 mail.srvfarm.net postfix/smtps/smtpd[1209176]: warning: unknown[201.218.138.146]: SASL PLAIN authentication failed: Jul 26 13:54:55 mail.srvfarm.net postfix/smtps/smtpd[1209176]: lost connection after AUTH from unknown[201.218.138.146] Jul 26 13:58:44 mail.srvfarm.net postfix/smtpd[1208997]: warning: unknown[201.218.138.146]: SASL PLAIN authentication failed: Jul 26 13:58:45 mail.srvfarm.net postfix/smtpd[1208997]: lost connection after AUTH from unknown[201.218.138.146] Jul 26 14:00:25 mail.srvfarm.net postfix/smtpd[1208539]: warning: unknown[201.218.138.146]: SASL PLAIN authentication failed:	2020-07-26 22:42:37
186.59.241.242	attack	Jul 26 10:28:50 firewall sshd[6543]: Invalid user apache from 186.59.241.242 Jul 26 10:28:52 firewall sshd[6543]: Failed password for invalid user apache from 186.59.241.242 port 41633 ssh2 Jul 26 10:33:54 firewall sshd[6641]: Invalid user 123 from 186.59.241.242 ...	2020-07-26 22:10:56
59.41.39.82	attack	2020-07-26T14:08:47.367299shield sshd\[9050\]: Invalid user amsftp from 59.41.39.82 port 31258 2020-07-26T14:08:47.374299shield sshd\[9050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.41.39.82 2020-07-26T14:08:48.951243shield sshd\[9050\]: Failed password for invalid user amsftp from 59.41.39.82 port 31258 ssh2 2020-07-26T14:10:57.910611shield sshd\[9514\]: Invalid user carlos from 59.41.39.82 port 41593 2020-07-26T14:10:57.916474shield sshd\[9514\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.41.39.82	2020-07-26 22:15:43
177.23.58.22	attackspambots	(smtpauth) Failed SMTP AUTH login from 177.23.58.22 (BR/Brazil/acesso-177.23.58.22.voxxtelecom.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-26 16:35:44 plain authenticator failed for ([177.23.58.22]) [177.23.58.22]: 535 Incorrect authentication data (set_id=info@akmasanat.com)	2020-07-26 22:34:00
142.93.58.2	attackbotsspam	Forbidden directory scan :: 2020/07/26 13:50:01 [error] 3005#3005: 97002 access forbidden by rule, client: 142.93.58.2, server: [censored_1], request: "GET /.env HTTP/1.1", host: "www.[censored_1]" 2020/07/26 13:50:01 [error] 3005#3005: 97003 access forbidden by rule, client: 142.93.58.2, server: [censored_1], request: "GET /.env HTTP/1.1", host: "www.[censored_1]"	2020-07-26 22:19:35
51.77.212.179	attackbots	$f2bV_matches	2020-07-26 22:07:48
168.181.213.181	attackspam	Automatic report - Port Scan Attack	2020-07-26 22:39:26
221.156.126.1	attackspam	Failed password for invalid user devor from 221.156.126.1 port 35678 ssh2	2020-07-26 22:20:02
171.245.255.252	attack	Automatic report - Port Scan Attack	2020-07-26 22:06:06
206.189.88.253	attackbotsspam	Jul 26 14:44:29 rancher-0 sshd[588431]: Invalid user ubuntu from 206.189.88.253 port 53956 ...	2020-07-26 22:14:41

Recently Reported IPs

73.56.204.2	171.118.98.8	195.19.254.157	203.189.70.230
65.69.93.218	92.46.239.114	163.214.19.31	180.78.224.116
89.131.103.9	192.72.7.170	59.21.230.248	90.229.210.63
88.155.21.52	80.166.178.2	196.62.221.181	183.171.67.31
54.161.193.7	221.234.226.38	126.102.206.77	96.69.249.179