202.47.80.92 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: Departemen Perindustrian Republik Indonesia

Hostname: unknown

Organization: unknown

Usage Type: Government

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	PostgreSQL port 5432	2019-11-02 20:49:53

Comments on same subnet:

IP	Type	Details	Datetime
202.47.80.65	attack	Jun 27 01:03:40 MK-Soft-Root1 sshd\[31779\]: Invalid user support from 202.47.80.65 port 40588 Jun 27 01:03:40 MK-Soft-Root1 sshd\[31779\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.47.80.65 Jun 27 01:03:43 MK-Soft-Root1 sshd\[31779\]: Failed password for invalid user support from 202.47.80.65 port 40588 ssh2 ...	2019-06-27 07:16:23

Type

Details

Datetime

202.47.80.65

attack

Jun 27 01:03:40 MK-Soft-Root1 sshd\[31779\]: Invalid user support from 202.47.80.65 port 40588
Jun 27 01:03:40 MK-Soft-Root1 sshd\[31779\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.47.80.65
Jun 27 01:03:43 MK-Soft-Root1 sshd\[31779\]: Failed password for invalid user support from 202.47.80.65 port 40588 ssh2
...

2019-06-27 07:16:23

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.47.80.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48835
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.47.80.92.			IN	A

;; AUTHORITY SECTION:
.			574	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110200 1800 900 604800 86400

;; Query time: 288 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 02 20:49:47 CST 2019
;; MSG SIZE  rcvd: 116

Host info

92.80.47.202.in-addr.arpa domain name pointer siki.kemenperin.go.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
92.80.47.202.in-addr.arpa	name = siki.kemenperin.go.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
42.236.10.123	attackbotsspam	Automatic report - Banned IP Access	2020-05-04 19:05:41
218.92.0.179	attackbotsspam	(sshd) Failed SSH login from 218.92.0.179 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 4 09:54:34 amsweb01 sshd[21632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.179 user=root May 4 09:54:36 amsweb01 sshd[21632]: Failed password for root from 218.92.0.179 port 57601 ssh2 May 4 09:54:37 amsweb01 sshd[21625]: Did not receive identification string from 218.92.0.179 port 35490 May 4 09:54:39 amsweb01 sshd[21632]: Failed password for root from 218.92.0.179 port 57601 ssh2 May 4 09:54:42 amsweb01 sshd[21632]: Failed password for root from 218.92.0.179 port 57601 ssh2	2020-05-04 18:38:08
2a03:b0c0:1:d0::109c:1	attackbots	xmlrpc attack	2020-05-04 18:40:01
157.230.249.90	attackbots	2020-05-03 UTC: (34x) - cmsftp,faiz,firenze,grq,hamid,hanshow,jerry,lth,nproc(7x),push,roman,root(7x),root2,sa,server2,sysadmin,taiga,testwww,ts3,ubuntu(2x),user2	2020-05-04 19:03:50
185.175.93.104	attackspambots	05/04/2020-12:43:13.543817 185.175.93.104 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-05-04 19:06:46
86.105.53.132	attack	May 3 21:12:08 mockhub sshd[15200]: Failed password for root from 86.105.53.132 port 56550 ssh2 May 3 21:19:11 mockhub sshd[15546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.105.53.132 ...	2020-05-04 18:46:17
87.0.37.58	attackspam	Automatic report - Port Scan	2020-05-04 18:43:49
182.140.235.149	attackspambots	CN_APNIC-HM_<177>1588564234 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2]: {TCP} 182.140.235.149:51156	2020-05-04 18:48:24
203.150.113.215	attackbots	May 4 10:45:14 vps58358 sshd\[6925\]: Invalid user blanco from 203.150.113.215May 4 10:45:16 vps58358 sshd\[6925\]: Failed password for invalid user blanco from 203.150.113.215 port 53974 ssh2May 4 10:46:43 vps58358 sshd\[6947\]: Invalid user emms from 203.150.113.215May 4 10:46:45 vps58358 sshd\[6947\]: Failed password for invalid user emms from 203.150.113.215 port 47896 ssh2May 4 10:48:14 vps58358 sshd\[6970\]: Invalid user o from 203.150.113.215May 4 10:48:15 vps58358 sshd\[6970\]: Failed password for invalid user o from 203.150.113.215 port 41808 ssh2 ...	2020-05-04 18:36:05
51.195.5.233	attackbotsspam	[2020-05-04 07:06:24] NOTICE[1170] chan_sip.c: Registration from '' failed for '51.195.5.233:60076' - Wrong password [2020-05-04 07:06:24] SECURITY[1184] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-04T07:06:24.532-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1547",SessionID="0x7f6c080b1a48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/51.195.5.233/60076",Challenge="1ae4f45e",ReceivedChallenge="1ae4f45e",ReceivedHash="446dc107b5ed5f5ef3035d711cb58308" [2020-05-04 07:06:25] NOTICE[1170] chan_sip.c: Registration from '' failed for '51.195.5.233:60542' - Wrong password [2020-05-04 07:06:25] SECURITY[1184] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-04T07:06:25.026-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="508",SessionID="0x7f6c0803b798",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/51.195.5.233/60542 ...	2020-05-04 19:10:24
188.162.199.73	attackbots	failed_logins	2020-05-04 18:58:32
51.75.121.252	attackbotsspam	May 4 09:02:53 XXX sshd[38845]: Invalid user iot from 51.75.121.252 port 36302	2020-05-04 18:42:57
139.59.7.177	attackbots	2020-05-04T09:43:09.790187abusebot-3.cloudsearch.cf sshd[8246]: Invalid user cti from 139.59.7.177 port 55182 2020-05-04T09:43:09.796791abusebot-3.cloudsearch.cf sshd[8246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.7.177 2020-05-04T09:43:09.790187abusebot-3.cloudsearch.cf sshd[8246]: Invalid user cti from 139.59.7.177 port 55182 2020-05-04T09:43:11.837593abusebot-3.cloudsearch.cf sshd[8246]: Failed password for invalid user cti from 139.59.7.177 port 55182 ssh2 2020-05-04T09:50:45.791665abusebot-3.cloudsearch.cf sshd[8669]: Invalid user water from 139.59.7.177 port 48184 2020-05-04T09:50:45.806699abusebot-3.cloudsearch.cf sshd[8669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.7.177 2020-05-04T09:50:45.791665abusebot-3.cloudsearch.cf sshd[8669]: Invalid user water from 139.59.7.177 port 48184 2020-05-04T09:50:47.782145abusebot-3.cloudsearch.cf sshd[8669]: Failed password for invalid ...	2020-05-04 18:41:53
116.110.127.127	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 04/05/2020 04:50:29.	2020-05-04 18:54:49
187.10.18.181	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 04/05/2020 04:50:31.	2020-05-04 18:52:49

Recently Reported IPs

98.147.144.224	254.63.156.193	225.171.161.249	133.149.10.126
8.17.52.210	177.189.252.143	53.86.196.66	84.11.102.196
36.214.198.186	30.35.208.232	56.101.250.150	137.5.180.245
216.2.139.131	100.107.170.179	245.96.51.18	40.75.38.251
86.47.248.114	6.212.153.57	86.121.48.125	173.22.89.35