JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 202.145.0.18

202.145.0.18 was found in our database!

This IP was reported 2,913 times. Confidence of Abuse is 100%: ?

100%

ISP	PT UNINET Media Sakti
Usage Type	Fixed Line ISP
ASN	AS17884
Domain Name	uninet.net.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 202.145.0.18

Whois 202.145.0.18

IP Abuse Reports for 202.145.0.18:

This IP address has been reported a total of 2,913 times from 942 distinct sources. 202.145.0.18 was first reported on April 21st 2026, and the most recent report was 15 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 vereinshosting	2026-04-24 01:20:57 (1 month ago)	Invalid user git from 202.145.0.18 port 42596	Brute-Force SSH
🇨🇦 hpg	2026-04-24 01:07:58 (1 month ago)	21 invalid SSH login attempts from 202.145.0.18 in the last 0.8 hours	Brute-Force SSH
🇨🇳 Indexyz	2026-04-24 00:53:45 (1 month ago)	2026-04-24T08:50:50.132623+08:00 hostname sshd-session[1820405]: Invalid user ftpuser1 from 202.14 ... show more 2026-04-24T08:50:50.132623+08:00 hostname sshd-session[1820405]: Invalid user ftpuser1 from 202.145.0.18 port 59410 2026-04-24T08:52:43.694925+08:00 hostname sshd-session[1820484]: Connection from 202.145.0.18 port 53904 on 10.89.160.7 port 22 rdomain "" 2026-04-24T08:52:45.722207+08:00 hostname sshd-session[1820484]: Invalid user claude from 202.145.0.18 port 53904 2026-04-24T08:53:42.507723+08:00 hostname sshd-session[1820505]: Connection from 202.145.0.18 port 56912 on 10.89.160.7 port 22 rdomain "" 2026-04-24T08:53:43.775445+08:00 hostname sshd-session[1820505]: Invalid user steam from 202.145.0.18 port 56912 show less	Brute-Force SSH
🇩🇪 Kotiacat_one	2026-04-24 00:51:07 (1 month ago)	2026-04-24T03:48:59.389791+03:00 kotia sshd-session[30777]: Invalid user ubuntu from 202.145.0.18 po ... show more 2026-04-24T03:48:59.389791+03:00 kotia sshd-session[30777]: Invalid user ubuntu from 202.145.0.18 port 32882 2026-04-24T03:50:02.426403+03:00 kotia sshd-session[30781]: Invalid user test from 202.145.0.18 port 55996 2026-04-24T03:51:06.464912+03:00 kotia sshd-session[30787]: Invalid user ftpuser1 from 202.145.0.18 port 45598 ... show less	Brute-Force SSH
🇮🇹 alph44	2026-04-24 00:50:21 (1 month ago)	SSH brute force attack detected: 5 failed attempts	Brute-Force
🇺🇸 bigscoots.com	2026-04-23 23:34:32 (1 month ago)	(sshd) Failed SSH login from 202.145.0.18 (ID/Indonesia/-): 5 in the last 3600 secs; Ports: ; Direc ... show more (sshd) Failed SSH login from 202.145.0.18 (ID/Indonesia/-): 5 in the last 3600 secs; Ports: ; Direction: 1; Trigger: LF_SSHD; Logs: Apr 23 17:54:38 17636 sshd[4739]: Invalid user git from 202.145.0.18 port 41428 Apr 23 17:54:40 17636 sshd[4739]: Failed password for invalid user git from 202.145.0.18 port 41428 ssh2 Apr 23 18:33:14 17636 sshd[9842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.145.0.18 user=root Apr 23 18:33:16 17636 sshd[9842]: Failed password for root from 202.145.0.18 port 58176 ssh2 Apr 23 18:34:17 17636 sshd[9968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.145.0.18 user=root show less	Brute-Force SSH
🇺🇸 psh-ack	2026-04-23 23:16:22 (1 month ago)	Brute-force SSH access using three credential pairs across libssh 0.12.0 client. Attacker successful ... show more Brute-force SSH access using three credential pairs across libssh 0.12.0 client. Attacker successfully authenticated and executed persistence mechanism: removed existing SSH directory, recreated it, and injected RSA public key into authorized_keys for backdoor access. Second command attempted to modify file attributes (chattr -ia) to prevent deletion, indicating intent to lock down persistence. Command execution shows standard post-compromise hardening pattern: SSH key injection combined with inode attribute manipulation. The lockr command appears malformed or non-standard, likely attempting attribute changes on .ssh directory. Attack chain demonstrates credential stuffing followed by immediate SSH key persistence establishment, enabling long-term unauthorized access regardless of password changes. This is automated, iterative compromise activity typical of botnet-driven infrastructure scanning and persistence deployment operations. show less	Brute-Force SSH
🇩🇪 Viveronese	2026-04-23 22:50:33 (1 month ago)	SSH brute force attacks	Brute-Force SSH
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-23 22:47:46 (1 month ago)	Honeypot hit: Brute-force attack detected on 22/SSH • Credential used: git:1qaz@wsx • Number of logi ... show more Honeypot hit: Brute-force attack detected on 22/SSH • Credential used: git:1qaz@wsx • Number of login attempts: 1 • Client: SSH-2.0-libssh_0.12.0 show less	Hacking SSH
Anonymous	2026-04-23 20:16:51 (1 month ago)	2026-04-23T22:16:48.954627 localhost.localdomain sshd[2478391]: Failed password for root from 202.14 ... show more 2026-04-23T22:16:48.954627 localhost.localdomain sshd[2478391]: Failed password for root from 202.145.0.18 port 54540 ssh2 2026-04-23T22:16:50.309463 localhost.localdomain sshd[2478391]: Disconnected from authenticating user root 202.145.0.18 port 54540 [preauth] ... show less	Brute-Force SSH
🇳🇱 VMHeaven.io	2026-04-23 19:55:45 (1 month ago)	Apr 23 19:53:42 proxy-xeon sshd[1041787]: Failed password for root from 202.145.0.18 port 53512 ssh2 ... show more Apr 23 19:53:42 proxy-xeon sshd[1041787]: Failed password for root from 202.145.0.18 port 53512 ssh2 Apr 23 19:54:41 proxy-xeon sshd[1041876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.145.0.18 user=root Apr 23 19:54:43 proxy-xeon sshd[1041876]: Failed password for root from 202.145.0.18 port 50492 ssh2 Apr 23 19:55:41 proxy-xeon sshd[1042164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.145.0.18 user=root Apr 23 19:55:44 proxy-xeon sshd[1042164]: Failed password for root from 202.145.0.18 port 45640 ssh2 ... show less	Brute-Force SSH
🇩🇪 hispasign	2026-04-23 19:55:02 (1 month ago)	SSH Bruteforce Attempt [node 6]	Brute-Force SSH
🇺🇸 bigscoots.com	2026-04-23 17:57:40 (1 month ago)	202.145.0.18 (ID/Indonesia/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; P ... show more 202.145.0.18 (ID/Indonesia/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Apr 23 12:57:29 14179 sshd[21809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.72.128.177 user=root Apr 23 12:52:03 14179 sshd[21461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.72.128.177 user=root Apr 23 12:52:04 14179 sshd[21461]: Failed password for root from 187.72.128.177 port 51038 ssh2 Apr 23 12:48:34 14179 sshd[21175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.145.0.18 user=root Apr 23 12:48:37 14179 sshd[21175]: Failed password for root from 202.145.0.18 port 33078 ssh2 IP Addresses Blocked: 187.72.128.177 (BR/Brazil/187-072-128-177.static.ctbctelecom.com.br) show less	Brute-Force SSH
🇩🇪 Aether	2026-04-23 17:26:43 (1 month ago)	2026-04-23T18:23:25.614114+01:00 v2202511291032405693 sshd-session[2784610]: Invalid user michael fr ... show more 2026-04-23T18:23:25.614114+01:00 v2202511291032405693 sshd-session[2784610]: Invalid user michael from 202.145.0.18 port 41900 2026-04-23T18:24:31.255291+01:00 v2202511291032405693 sshd-session[2788506]: Invalid user vpn from 202.145.0.18 port 60606 2026-04-23T18:26:42.239098+01:00 v2202511291032405693 sshd-session[2795938]: Invalid user deploy from 202.145.0.18 port 34254 ... show less	Brute-Force SSH
🇩🇪 ipcop.net	2026-04-23 17:24:31 (1 month ago)	2026-04-23T19:21:11.288097+02:00 router01.dui.de.mersrv.de sshd[1883810]: Disconnected from authenti ... show more 2026-04-23T19:21:11.288097+02:00 router01.dui.de.mersrv.de sshd[1883810]: Disconnected from authenticating user root 202.145.0.18 port 36056 [preauth] 2026-04-23T19:22:21.820645+02:00 router01.dui.de.mersrv.de sshd[1884104]: Disconnected from authenticating user root 202.145.0.18 port 37350 [preauth] 2026-04-23T19:23:25.101491+02:00 router01.dui.de.mersrv.de sshd[1884362]: Invalid user michael from 202.145.0.18 port 57536 2026-04-23T19:23:25.312248+02:00 router01.dui.de.mersrv.de sshd[1884362]: Disconnected from invalid user michael 202.145.0.18 port 57536 [preauth] 2026-04-23T19:24:30.699400+02:00 router01.dui.de.mersrv.de sshd[1884627]: Invalid user vpn from 202.145.0.18 port 33784 show less	Brute-Force

Showing 2776 to 2790 of 2913 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.151

🇸🇬 107.150.112.233

🇺🇸 2607:f8b0:400e:c05::123

🇺🇸 205.210.31.17

🇭🇰 199.45.155.96

🇳🇱 190.2.149.244

🇫🇷 147.93.93.184

🇻🇳 103.48.82.186

🇳🇱 85.11.167.11

🇺🇸 65.49.1.100

🇳🇱 45.148.10.157

🇩🇪 43.228.157.184

🇮🇳 216.10.245.205

🇳🇱 213.177.179.166

🇬🇧 188.30.79.201

🇨🇳 183.218.213.217

🇺🇸 166.155.116.155

🇮🇳 125.19.179.18

🇮🇳 122.166.49.42

🇰🇷 116.123.150.231