202.47.80.92 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: Departemen Perindustrian Republik Indonesia

Hostname: unknown

Organization: unknown

Usage Type: Government

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	PostgreSQL port 5432	2019-11-02 20:49:53

Comments on same subnet:

IP	Type	Details	Datetime
202.47.80.65	attack	Jun 27 01:03:40 MK-Soft-Root1 sshd\[31779\]: Invalid user support from 202.47.80.65 port 40588 Jun 27 01:03:40 MK-Soft-Root1 sshd\[31779\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.47.80.65 Jun 27 01:03:43 MK-Soft-Root1 sshd\[31779\]: Failed password for invalid user support from 202.47.80.65 port 40588 ssh2 ...	2019-06-27 07:16:23

Type

Details

Datetime

202.47.80.65

attack

Jun 27 01:03:40 MK-Soft-Root1 sshd\[31779\]: Invalid user support from 202.47.80.65 port 40588
Jun 27 01:03:40 MK-Soft-Root1 sshd\[31779\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.47.80.65
Jun 27 01:03:43 MK-Soft-Root1 sshd\[31779\]: Failed password for invalid user support from 202.47.80.65 port 40588 ssh2
...

2019-06-27 07:16:23

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.47.80.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48835
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.47.80.92.			IN	A

;; AUTHORITY SECTION:
.			574	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110200 1800 900 604800 86400

;; Query time: 288 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 02 20:49:47 CST 2019
;; MSG SIZE  rcvd: 116

Host info

92.80.47.202.in-addr.arpa domain name pointer siki.kemenperin.go.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
92.80.47.202.in-addr.arpa	name = siki.kemenperin.go.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.221.244.165	attack	Feb 5 07:19:43 legacy sshd[22412]: Failed password for root from 103.221.244.165 port 45166 ssh2 Feb 5 07:23:42 legacy sshd[22614]: Failed password for root from 103.221.244.165 port 47422 ssh2 ...	2020-02-05 15:03:16
117.1.149.179	attack	117.1.149.179 - - [05/Feb/2020:05:53:09 +0100] "GET /awstats.pl?lang=en&output=main HTTP/1.0" 404 280 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"	2020-02-05 14:49:05
197.2.154.2	attack	Feb 5 05:52:37 grey postfix/smtpd\[26510\]: NOQUEUE: reject: RCPT from unknown\[197.2.154.2\]: 554 5.7.1 Service unavailable\; Client host \[197.2.154.2\] blocked using ix.dnsbl.manitu.net\; Your e-mail service was detected by junk.over.port25.me \(NiX Spam\) as spamming at Wed, 05 Feb 2020 05:34:47 +0100. Your admin should visit http://www.dnsbl.manitu.net/lookup.php\?value=197.2.154.2\; from=\ to=\ proto=ESMTP helo=\<\[197.2.154.2\]\> ...	2020-02-05 15:10:18
37.59.99.243	attackbotsspam	Feb 5 07:21:29 silence02 sshd[2675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.99.243 Feb 5 07:21:32 silence02 sshd[2675]: Failed password for invalid user admin from 37.59.99.243 port 16043 ssh2 Feb 5 07:24:45 silence02 sshd[2886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.99.243	2020-02-05 14:30:51
117.58.243.202	attackspam	2020-02-05T05:52:36.1529491240 sshd\[5106\]: Invalid user tech from 117.58.243.202 port 63996 2020-02-05T05:52:36.3550211240 sshd\[5106\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.58.243.202 2020-02-05T05:52:38.6629361240 sshd\[5106\]: Failed password for invalid user tech from 117.58.243.202 port 63996 ssh2 ...	2020-02-05 15:09:52
78.31.71.108	attackspam	RDP Brute-Force (honeypot 13)	2020-02-05 14:45:03
118.24.56.143	attack	Feb 5 05:53:31 cp sshd[23251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.56.143	2020-02-05 14:37:04
124.156.62.15	attack	" "	2020-02-05 15:08:35
218.92.0.207	attackbots	2020-02-05T01:19:04.347287vostok sshd\[21358\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.207 user=root \| Triggered by Fail2Ban at Vostok web server	2020-02-05 14:29:38
106.13.187.30	attackbots	Feb 5 07:01:57 legacy sshd[21565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.187.30 Feb 5 07:01:59 legacy sshd[21565]: Failed password for invalid user jiangyan from 106.13.187.30 port 48850 ssh2 Feb 5 07:05:24 legacy sshd[21685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.187.30 ...	2020-02-05 15:07:05
103.248.83.249	attackspam	Feb 5 05:50:10 silence02 sshd[28601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.248.83.249 Feb 5 05:50:13 silence02 sshd[28601]: Failed password for invalid user hayden from 103.248.83.249 port 38262 ssh2 Feb 5 05:53:36 silence02 sshd[28836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.248.83.249	2020-02-05 14:32:15
219.235.94.34	attack	Unauthorized connection attempt detected from IP address 219.235.94.34 to port 1433 [J]	2020-02-05 14:29:20
80.82.77.245	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 75 - port: 1154 proto: UDP cat: Misc Attack	2020-02-05 14:53:26
103.207.129.40	attackspambots	(sshd) Failed SSH login from 103.207.129.40 (IN/India/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 5 06:39:23 elude sshd[29179]: Invalid user kross from 103.207.129.40 port 45272 Feb 5 06:39:26 elude sshd[29179]: Failed password for invalid user kross from 103.207.129.40 port 45272 ssh2 Feb 5 06:56:03 elude sshd[30298]: Invalid user wayne from 103.207.129.40 port 37914 Feb 5 06:56:05 elude sshd[30298]: Failed password for invalid user wayne from 103.207.129.40 port 37914 ssh2 Feb 5 07:06:58 elude sshd[30952]: Invalid user cn from 103.207.129.40 port 44644	2020-02-05 14:52:10
96.46.213.134	attackbots	Feb 5 07:16:22 legacy sshd[22278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.46.213.134 Feb 5 07:16:23 legacy sshd[22278]: Failed password for invalid user neptun from 96.46.213.134 port 34681 ssh2 Feb 5 07:19:15 legacy sshd[22394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.46.213.134 ...	2020-02-05 14:44:36

Recently Reported IPs

98.147.144.224	254.63.156.193	225.171.161.249	133.149.10.126
8.17.52.210	177.189.252.143	53.86.196.66	84.11.102.196
36.214.198.186	30.35.208.232	56.101.250.150	137.5.180.245
216.2.139.131	100.107.170.179	245.96.51.18	40.75.38.251
86.47.248.114	6.212.153.57	86.121.48.125	173.22.89.35