102.40.141.239

Basic Info

City: unknown

Region: unknown

Country: Egypt

Internet Service Provider: TE Data

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Threat Management Alert 1: Attempted Administrator Privilege Gain. Signature ET EXPLOIT MVPower DVR Shell UCE. From: 102.40.141.239:60543, to: 192.168.4.99:80, protocol: TCP	2020-09-12 21:07:27
attackbots	Threat Management Alert 1: Attempted Administrator Privilege Gain. Signature ET EXPLOIT MVPower DVR Shell UCE. From: 102.40.141.239:60543, to: 192.168.4.99:80, protocol: TCP	2020-09-12 13:10:38
attack	Threat Management Alert 1: Attempted Administrator Privilege Gain. Signature ET EXPLOIT MVPower DVR Shell UCE. From: 102.40.141.239:60543, to: 192.168.4.99:80, protocol: TCP	2020-09-12 04:59:22

Type

Details

Datetime

attack

Threat Management Alert 1: Attempted Administrator Privilege Gain. Signature ET EXPLOIT MVPower DVR Shell UCE. From: 102.40.141.239:60543, to: 192.168.4.99:80, protocol: TCP

2020-09-12 21:07:27

attackbots

Threat Management Alert 1: Attempted Administrator Privilege Gain. Signature ET EXPLOIT MVPower DVR Shell UCE. From: 102.40.141.239:60543, to: 192.168.4.99:80, protocol: TCP

2020-09-12 13:10:38

attack

Threat Management Alert 1: Attempted Administrator Privilege Gain. Signature ET EXPLOIT MVPower DVR Shell UCE. From: 102.40.141.239:60543, to: 192.168.4.99:80, protocol: TCP

2020-09-12 04:59:22

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.40.141.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45530
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;102.40.141.239.			IN	A

;; AUTHORITY SECTION:
.			456	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091101 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Sep 12 04:59:19 CST 2020
;; MSG SIZE  rcvd: 118

Host info

239.141.40.102.in-addr.arpa domain name pointer host-102.40.141.239.tedata.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
239.141.40.102.in-addr.arpa	name = host-102.40.141.239.tedata.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.39.0.48	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-16 04:38:13
211.103.154.114	attackspambots	Jan 15 19:54:17 ms-srv sshd[31999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.103.154.114 Jan 15 19:54:19 ms-srv sshd[31999]: Failed password for invalid user hx from 211.103.154.114 port 49513 ssh2	2020-02-16 04:22:49
178.33.45.54	attack	Automatic report - XMLRPC Attack	2020-02-16 04:48:00
218.85.119.92	attackbotsspam	Invalid user nqa from 218.85.119.92 port 65512	2020-02-16 04:22:19
85.209.3.202	attackspam	RDP Bruteforce	2020-02-16 04:02:22
118.39.137.214	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-16 04:33:07
185.12.178.90	attackspambots	Feb 15 17:48:35 cvbnet sshd[22478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.12.178.90 Feb 15 17:48:37 cvbnet sshd[22478]: Failed password for invalid user oracle from 185.12.178.90 port 46340 ssh2 ...	2020-02-16 04:30:32
118.39.142.34	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-16 04:24:11
182.219.172.224	attack	Feb 15 06:45:30 auw2 sshd\[2151\]: Invalid user saman from 182.219.172.224 Feb 15 06:45:30 auw2 sshd\[2151\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.219.172.224 Feb 15 06:45:32 auw2 sshd\[2151\]: Failed password for invalid user saman from 182.219.172.224 port 45440 ssh2 Feb 15 06:49:04 auw2 sshd\[2489\]: Invalid user yovas from 182.219.172.224 Feb 15 06:49:04 auw2 sshd\[2489\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.219.172.224	2020-02-16 04:26:37
162.243.128.57	attackspam	trying to access non-authorized port	2020-02-16 04:33:58
79.137.72.171	attackbots	Automatic report - Banned IP Access	2020-02-16 04:26:56
5.164.244.50	attackspam	" "	2020-02-16 04:09:33
222.186.173.180	attackbots	Feb 15 21:08:33 sso sshd[3643]: Failed password for root from 222.186.173.180 port 42900 ssh2 Feb 15 21:08:35 sso sshd[3643]: Failed password for root from 222.186.173.180 port 42900 ssh2 ...	2020-02-16 04:12:36
183.179.106.48	attackbots	Feb 15 17:55:19 dedicated sshd[32288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.179.106.48 user=root Feb 15 17:55:20 dedicated sshd[32288]: Failed password for root from 183.179.106.48 port 38525 ssh2	2020-02-16 04:21:32
118.39.19.152	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-16 04:07:11

Recently Reported IPs

27.219.67.178	202.168.189.90	116.154.10.197	121.201.119.77
89.151.132.116	154.8.192.65	49.244.160.162	37.77.108.68
44.72.38.228	205.163.63.179	41.45.16.212	82.200.43.49
116.75.203.6	128.199.144.226	200.236.123.138	255.57.146.164
83.209.189.42	85.47.121.145	5.202.107.17	62.55.127.111