202.137.142.40

Basic Info

City: unknown

Region: unknown

Country: Lao People's Democratic Republic

Internet Service Provider: Telecommunication Service

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	1600362075 - 09/17/2020 19:01:15 Host: 202.137.142.40/202.137.142.40 Port: 445 TCP Blocked	2020-09-18 21:22:36
attackspambots	1600362075 - 09/17/2020 19:01:15 Host: 202.137.142.40/202.137.142.40 Port: 445 TCP Blocked	2020-09-18 13:41:19
attackspambots	1600362075 - 09/17/2020 19:01:15 Host: 202.137.142.40/202.137.142.40 Port: 445 TCP Blocked	2020-09-18 03:56:41

Type

Details

Datetime

attackbots

1600362075 - 09/17/2020 19:01:15 Host: 202.137.142.40/202.137.142.40 Port: 445 TCP Blocked

2020-09-18 21:22:36

attackspambots

1600362075 - 09/17/2020 19:01:15 Host: 202.137.142.40/202.137.142.40 Port: 445 TCP Blocked

2020-09-18 13:41:19

attackspambots

1600362075 - 09/17/2020 19:01:15 Host: 202.137.142.40/202.137.142.40 Port: 445 TCP Blocked

2020-09-18 03:56:41

Comments on same subnet:

IP	Type	Details	Datetime
202.137.142.159	attackspambots	52869/tcp 52869/tcp 52869/tcp [2020-10-02/03]3pkt	2020-10-06 05:05:45
202.137.142.159	attack	52869/tcp 52869/tcp 52869/tcp [2020-10-02/03]3pkt	2020-10-05 21:09:08
202.137.142.159	attackspambots	52869/tcp 52869/tcp 52869/tcp [2020-10-02/03]3pkt	2020-10-05 12:59:32
202.137.142.159	attack	" "	2020-10-04 08:18:10
202.137.142.159	attackbotsspam	" "	2020-10-04 00:44:44
202.137.142.159	attackspam	Port probing on unauthorized port 2323	2020-10-03 16:33:24
202.137.142.28	attack	Dovecot Invalid User Login Attempt.	2020-07-31 08:19:58
202.137.142.28	attackspam	(imapd) Failed IMAP login from 202.137.142.28 (LA/Laos/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jul 27 16:21:51 ir1 dovecot[3110802]: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=202.137.142.28, lip=5.63.12.44, TLS, session=	2020-07-28 00:32:56
202.137.142.102	attackspambots	Dovecot Invalid User Login Attempt.	2020-07-20 02:16:10
202.137.142.28	attack	202.137.142.28 - - \[17/Jul/2020:12:29:56 +0200\] "POST /wp-login.php HTTP/1.0" 200 6709 "http://die-netzialisten.de/wp-login.php" "Mozilla/5.0 \(Windows NT 6.1\; rv:60.0\) Gecko/20100101 Firefox/60.0" 202.137.142.28 - - \[17/Jul/2020:12:29:57 +0200\] "POST /wp-login.php HTTP/1.0" 200 6709 "http://die-netzialisten.de/wp-login.php" "Mozilla/5.0 \(Windows NT 6.1\; rv:60.0\) Gecko/20100101 Firefox/60.0" 202.137.142.28 - - \[17/Jul/2020:12:29:58 +0200\] "POST /wp-login.php HTTP/1.0" 200 6709 "http://die-netzialisten.de/wp-login.php" "Mozilla/5.0 \(Windows NT 6.1\; rv:60.0\) Gecko/20100101 Firefox/60.0"	2020-07-17 19:04:49
202.137.142.181	attackbotsspam	Dovecot Invalid User Login Attempt.	2020-07-07 15:24:25
202.137.142.28	attack	(imapd) Failed IMAP login from 202.137.142.28 (LA/Laos/-): 1 in the last 3600 secs	2020-06-27 23:08:23
202.137.142.28	attack	'IP reached maximum auth failures for a one day block'	2020-06-20 16:12:30
202.137.142.181	attack	Dovecot Invalid User Login Attempt.	2020-06-18 19:49:23
202.137.142.97	attack	Dovecot Invalid User Login Attempt.	2020-06-17 19:58:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.137.142.40
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23321
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.137.142.40.			IN	A

;; AUTHORITY SECTION:
.			259	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091701 1800 900 604800 86400

;; Query time: 97 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 18 03:56:38 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 40.142.137.202.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 40.142.137.202.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
181.174.83.226	attackbots	Unauthorized connection attempt from IP address 181.174.83.226 on Port 445(SMB)	2019-12-14 21:04:26
192.169.215.114	attackspam	Cluster member 192.168.0.31 (-) said, DENY 192.169.215.114, Reason:[(imapd) Failed IMAP login from 192.169.215.114 (US/United States/ip-192-169-215-114.ip.secureserver.net): 1 in the last 3600 secs]	2019-12-14 20:36:30
35.227.30.123	attackbots	35.227.30.123 - - [14/Dec/2019:13:31:33 +0100] "POST /wp-login.php HTTP/1.1" 200 3128 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.227.30.123 - - [14/Dec/2019:13:36:27 +0100] "POST /wp-login.php HTTP/1.1" 200 3125 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-12-14 21:03:09
106.12.87.250	attackbotsspam	Dec 14 13:48:44 lnxmail61 sshd[28793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.87.250 Dec 14 13:48:44 lnxmail61 sshd[28793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.87.250	2019-12-14 21:09:08
198.108.67.100	attack	" "	2019-12-14 20:48:59
196.192.110.67	attack	Dec 14 12:38:07 wh01 sshd[4218]: Invalid user cactiuser from 196.192.110.67 port 48152 Dec 14 12:38:07 wh01 sshd[4218]: Failed password for invalid user cactiuser from 196.192.110.67 port 48152 ssh2 Dec 14 12:38:07 wh01 sshd[4218]: Received disconnect from 196.192.110.67 port 48152:11: Bye Bye [preauth] Dec 14 12:38:07 wh01 sshd[4218]: Disconnected from 196.192.110.67 port 48152 [preauth] Dec 14 12:46:54 wh01 sshd[5040]: Failed password for root from 196.192.110.67 port 47250 ssh2 Dec 14 12:46:54 wh01 sshd[5040]: Received disconnect from 196.192.110.67 port 47250:11: Bye Bye [preauth] Dec 14 12:46:54 wh01 sshd[5040]: Disconnected from 196.192.110.67 port 47250 [preauth]	2019-12-14 20:34:00
106.12.137.55	attackbotsspam	Dec 14 07:58:33 [host] sshd[7069]: Invalid user viriya from 106.12.137.55 Dec 14 07:58:33 [host] sshd[7069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.137.55 Dec 14 07:58:36 [host] sshd[7069]: Failed password for invalid user viriya from 106.12.137.55 port 37250 ssh2	2019-12-14 20:54:00
182.61.46.191	attackspambots	Dec 14 09:39:10 hell sshd[23842]: Failed password for root from 182.61.46.191 port 51472 ssh2 Dec 14 09:51:02 hell sshd[26322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.46.191 ...	2019-12-14 20:53:32
23.129.64.214	attack	/backup/wallet.dat	2019-12-14 20:54:28
78.139.216.117	attackspam	Lines containing failures of 78.139.216.117 Dec 11 13:12:34 shared07 sshd[28927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.139.216.117 user=mysql Dec 11 13:12:36 shared07 sshd[28927]: Failed password for mysql from 78.139.216.117 port 60170 ssh2 Dec 11 13:12:36 shared07 sshd[28927]: Received disconnect from 78.139.216.117 port 60170:11: Bye Bye [preauth] Dec 11 13:12:36 shared07 sshd[28927]: Disconnected from authenticating user mysql 78.139.216.117 port 60170 [preauth] Dec 11 13:24:10 shared07 sshd[617]: Invalid user guest from 78.139.216.117 port 45942 Dec 11 13:24:10 shared07 sshd[617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.139.216.117 Dec 11 13:24:12 shared07 sshd[617]: Failed password for invalid user guest from 78.139.216.117 port 45942 ssh2 Dec 11 13:24:12 shared07 sshd[617]: Received disconnect from 78.139.216.117 port 45942:11: Bye Bye [preauth] Dec 11 13:24:1........ ------------------------------	2019-12-14 20:33:43
109.201.27.107	attackspambots	Unauthorised access (Dec 14) SRC=109.201.27.107 LEN=52 TOS=0x10 PREC=0x40 TTL=112 ID=24422 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Dec 14) SRC=109.201.27.107 LEN=52 TOS=0x10 PREC=0x40 TTL=112 ID=31039 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-14 20:47:38
186.67.181.60	attackspambots	SMB Server BruteForce Attack	2019-12-14 20:56:29
182.61.31.79	attackbots	2019-12-14T06:17:51.321110shield sshd\[15177\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.31.79 user=root 2019-12-14T06:17:53.422061shield sshd\[15177\]: Failed password for root from 182.61.31.79 port 38338 ssh2 2019-12-14T06:23:47.186818shield sshd\[17241\]: Invalid user yuanjisong from 182.61.31.79 port 57666 2019-12-14T06:23:47.191026shield sshd\[17241\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.31.79 2019-12-14T06:23:49.497650shield sshd\[17241\]: Failed password for invalid user yuanjisong from 182.61.31.79 port 57666 ssh2	2019-12-14 20:33:24
77.42.93.15	attackbots	port scan and connect, tcp 23 (telnet)	2019-12-14 21:08:07
216.99.159.227	attackspambots	Host Scan	2019-12-14 20:47:16

Recently Reported IPs

85.74.21.162	45.144.64.226	37.228.211.141	156.131.165.103
139.47.91.63	134.73.30.66	119.123.29.81	113.161.47.144
95.221.98.121	30.111.225.151	178.206.134.24	26.239.163.121
122.248.108.171	2a02:587:2117:cf00:9016:cb:d210:f7d8	189.217.50.51	36.233.88.3
5.55.254.88	198.4.140.230	45.129.33.121	207.38.60.67