202.137.142.68

Basic Info

City: unknown

Region: unknown

Country: Laos

Internet Service Provider: Telecommunication Service

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	$f2bV_matches	2020-05-25 14:34:22
attackspam	2020-04-2613:58:451jSfvo-0008EB-Kj\<=info@whatsup2013.chH=\(localhost\)[64.119.197.115]:51481P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3095id=02f94f1c173c161e8287319d7a8ea4b8166433@whatsup2013.chT="Ihavetofeelyou"forrubiorodel84@gmail.comluvpoison9@gmail.com2020-04-2613:56:131jSftL-00081c-DF\<=info@whatsup2013.chH=\(localhost\)[14.177.171.37]:44543P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3128id=2457878f84af7a89aa54a2f1fa2e173b18f2974e18@whatsup2013.chT="RecentlikefromBernetta"forkevinjamesellison@gmall.comterrence_tisby@yahoo.com2020-04-2613:57:021jSfu4-00084Z-GZ\<=info@whatsup2013.chH=\(localhost\)[202.137.142.68]:50563P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3099id=0466c2464d66b340639d6b3833e7def2d13b60bba9@whatsup2013.chT="Haveyoueverbeeninlove\?"fornatedogg44@gmail.comgmckinley23@gmail.com2020-04-2613:59:301jSfwX-0008Gm-Ri\<=info@whatsup2013.chH=\(local	2020-04-27 02:06:54
attack	Nov 11 16:31:32 our-server-hostname postfix/smtpd[27863]: connect from unknown[202.137.142.68] Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=202.137.142.68	2019-11-11 19:46:58

Type

Details

Datetime

attack

$f2bV_matches

2020-05-25 14:34:22

attackspam

2020-04-2613:58:451jSfvo-0008EB-Kj\<=info@whatsup2013.chH=\(localhost\)[64.119.197.115]:51481P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3095id=02f94f1c173c161e8287319d7a8ea4b8166433@whatsup2013.chT="Ihavetofeelyou"forrubiorodel84@gmail.comluvpoison9@gmail.com2020-04-2613:56:131jSftL-00081c-DF\<=info@whatsup2013.chH=\(localhost\)[14.177.171.37]:44543P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3128id=2457878f84af7a89aa54a2f1fa2e173b18f2974e18@whatsup2013.chT="RecentlikefromBernetta"forkevinjamesellison@gmall.comterrence_tisby@yahoo.com2020-04-2613:57:021jSfu4-00084Z-GZ\<=info@whatsup2013.chH=\(localhost\)[202.137.142.68]:50563P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3099id=0466c2464d66b340639d6b3833e7def2d13b60bba9@whatsup2013.chT="Haveyoueverbeeninlove\?"fornatedogg44@gmail.comgmckinley23@gmail.com2020-04-2613:59:301jSfwX-0008Gm-Ri\<=info@whatsup2013.chH=\(local

2020-04-27 02:06:54

attack

Nov 11 16:31:32 our-server-hostname postfix/smtpd[27863]: connect from unknown[202.137.142.68]
Nov x@x
Nov x@x
Nov x@x
Nov x@x
Nov x@x
Nov x@x
Nov x@x
Nov x@x
Nov x@x
Nov x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=202.137.142.68

2019-11-11 19:46:58

Comments on same subnet:

IP	Type	Details	Datetime
202.137.142.159	attackspambots	52869/tcp 52869/tcp 52869/tcp [2020-10-02/03]3pkt	2020-10-06 05:05:45
202.137.142.159	attack	52869/tcp 52869/tcp 52869/tcp [2020-10-02/03]3pkt	2020-10-05 21:09:08
202.137.142.159	attackspambots	52869/tcp 52869/tcp 52869/tcp [2020-10-02/03]3pkt	2020-10-05 12:59:32
202.137.142.159	attack	" "	2020-10-04 08:18:10
202.137.142.159	attackbotsspam	" "	2020-10-04 00:44:44
202.137.142.159	attackspam	Port probing on unauthorized port 2323	2020-10-03 16:33:24
202.137.142.40	attackbots	1600362075 - 09/17/2020 19:01:15 Host: 202.137.142.40/202.137.142.40 Port: 445 TCP Blocked	2020-09-18 21:22:36
202.137.142.40	attackspambots	1600362075 - 09/17/2020 19:01:15 Host: 202.137.142.40/202.137.142.40 Port: 445 TCP Blocked	2020-09-18 13:41:19
202.137.142.40	attackspambots	1600362075 - 09/17/2020 19:01:15 Host: 202.137.142.40/202.137.142.40 Port: 445 TCP Blocked	2020-09-18 03:56:41
202.137.142.28	attack	Dovecot Invalid User Login Attempt.	2020-07-31 08:19:58
202.137.142.28	attackspam	(imapd) Failed IMAP login from 202.137.142.28 (LA/Laos/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jul 27 16:21:51 ir1 dovecot[3110802]: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=202.137.142.28, lip=5.63.12.44, TLS, session=	2020-07-28 00:32:56
202.137.142.102	attackspambots	Dovecot Invalid User Login Attempt.	2020-07-20 02:16:10
202.137.142.28	attack	202.137.142.28 - - \[17/Jul/2020:12:29:56 +0200\] "POST /wp-login.php HTTP/1.0" 200 6709 "http://die-netzialisten.de/wp-login.php" "Mozilla/5.0 $Windows NT 6.1\; rv:60.0$ Gecko/20100101 Firefox/60.0" 202.137.142.28 - - \[17/Jul/2020:12:29:57 +0200\] "POST /wp-login.php HTTP/1.0" 200 6709 "http://die-netzialisten.de/wp-login.php" "Mozilla/5.0 $Windows NT 6.1\; rv:60.0$ Gecko/20100101 Firefox/60.0" 202.137.142.28 - - \[17/Jul/2020:12:29:58 +0200\] "POST /wp-login.php HTTP/1.0" 200 6709 "http://die-netzialisten.de/wp-login.php" "Mozilla/5.0 $Windows NT 6.1\; rv:60.0$ Gecko/20100101 Firefox/60.0"	2020-07-17 19:04:49
202.137.142.181	attackbotsspam	Dovecot Invalid User Login Attempt.	2020-07-07 15:24:25
202.137.142.28	attack	(imapd) Failed IMAP login from 202.137.142.28 (LA/Laos/-): 1 in the last 3600 secs	2020-06-27 23:08:23

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.137.142.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21670
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.137.142.68.			IN	A

;; AUTHORITY SECTION:
.			556	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111100 1800 900 604800 86400

;; Query time: 86 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 11 19:46:53 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 68.142.137.202.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 68.142.137.202.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.198.17.31	attackbots	$f2bV_matches	2020-10-12 16:46:04
2001:2002:d9d0:d399::22	attackspam	Bruteforce detected by fail2ban	2020-10-12 17:01:01
194.165.99.231	attackbots	[f2b] sshd bruteforce, retries: 1	2020-10-12 17:10:01
129.28.27.25	attackspam	Bruteforce detected by fail2ban	2020-10-12 16:34:40
154.74.130.69	attackspam	2020-10-12T09:05:05.368484ks3355764 sshd[17765]: Invalid user apache from 154.74.130.69 port 42772 2020-10-12T09:05:07.414676ks3355764 sshd[17765]: Failed password for invalid user apache from 154.74.130.69 port 42772 ssh2 ...	2020-10-12 16:41:00
139.59.215.171	attack	2020-10-12T11:11:07.239948mail.standpoint.com.ua sshd[32054]: Invalid user steam from 139.59.215.171 port 60818 2020-10-12T11:11:07.242903mail.standpoint.com.ua sshd[32054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.215.171 2020-10-12T11:11:07.239948mail.standpoint.com.ua sshd[32054]: Invalid user steam from 139.59.215.171 port 60818 2020-10-12T11:11:08.523134mail.standpoint.com.ua sshd[32054]: Failed password for invalid user steam from 139.59.215.171 port 60818 ssh2 2020-10-12T11:11:48.644489mail.standpoint.com.ua sshd[32129]: Invalid user centos from 139.59.215.171 port 56396 ...	2020-10-12 16:34:23
153.156.71.130	attack	prod8 ...	2020-10-12 17:03:10
45.55.52.145	attack	Oct 12 08:11:35 xeon sshd[43682]: Failed password for root from 45.55.52.145 port 43538 ssh2	2020-10-12 17:05:41
49.233.111.193	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 34	2020-10-12 16:57:05
36.37.201.133	attack	Oct 12 09:54:09 ns37 sshd[24016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.37.201.133 Oct 12 09:54:10 ns37 sshd[24016]: Failed password for invalid user Simon from 36.37.201.133 port 50224 ssh2 Oct 12 09:56:59 ns37 sshd[24213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.37.201.133	2020-10-12 17:11:17
206.189.93.218	attackspambots	Invalid user kifumi1 from 206.189.93.218 port 39336	2020-10-12 16:30:16
139.59.34.226	attack	139.59.34.226 - - [11/Oct/2020:23:40:00 +0100] "POST /wp-login.php HTTP/1.1" 200 2426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.34.226 - - [11/Oct/2020:23:40:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2407 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.34.226 - - [11/Oct/2020:23:40:03 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-12 16:54:19
112.85.42.91	attack	Oct 12 11:06:38 santamaria sshd\[13214\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.91 user=root Oct 12 11:06:40 santamaria sshd\[13214\]: Failed password for root from 112.85.42.91 port 18528 ssh2 Oct 12 11:06:56 santamaria sshd\[13218\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.91 user=root ...	2020-10-12 17:09:39
45.40.198.93	attackspambots	$f2bV_matches	2020-10-12 16:47:26
139.59.230.61	attackbotsspam	Oct 12 03:20:19 dhoomketu sshd[3780358]: Invalid user harris from 139.59.230.61 port 63512 Oct 12 03:20:19 dhoomketu sshd[3780358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.230.61 Oct 12 03:20:19 dhoomketu sshd[3780358]: Invalid user harris from 139.59.230.61 port 63512 Oct 12 03:20:21 dhoomketu sshd[3780358]: Failed password for invalid user harris from 139.59.230.61 port 63512 ssh2 Oct 12 03:24:30 dhoomketu sshd[3780491]: Invalid user yonemitsu from 139.59.230.61 port 64553 ...	2020-10-12 16:42:09

Recently Reported IPs

103.43.155.10	131.221.121.128	14.187.129.172	91.92.190.219
218.39.45.93	125.22.76.25	115.164.221.138	131.255.133.218
111.231.50.90	203.109.82.104	94.45.149.101	42.112.180.93
27.105.38.135	195.158.21.148	120.244.110.242	113.225.129.214
151.243.29.200	36.111.150.124	36.90.154.19	41.77.221.161