202.142.159.234

Basic Info

City: unknown

Region: unknown

Country: Pakistan

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
202.142.159.204	attackspambots	Dovecot Invalid User Login Attempt.	2020-10-07 05:22:44
202.142.159.204	attackspambots	Dovecot Invalid User Login Attempt.	2020-10-06 21:32:18
202.142.159.204	attackbotsspam	IP: 202.142.159.204 Ports affected Simple Mail Transfer (25) Abuse Confidence rating 60% Found in DNSBL('s) ASN Details AS23750 GERRYS INFORMATION TECHNOLOGY PVT LTD. Pakistan (PK) CIDR 202.142.158.0/23 Log Date: 17/08/2020 8:07:21 AM UTC	2020-08-17 18:34:32
202.142.159.51	attackspambots	Lines containing failures of 202.142.159.51 Apr 12 22:29:42 kmh-vmh-001-fsn05 sshd[31231]: Invalid user apache2 from 202.142.159.51 port 35320 Apr 12 22:29:42 kmh-vmh-001-fsn05 sshd[31231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.142.159.51 Apr 12 22:29:44 kmh-vmh-001-fsn05 sshd[31231]: Failed password for invalid user apache2 from 202.142.159.51 port 35320 ssh2 Apr 12 22:29:44 kmh-vmh-001-fsn05 sshd[31231]: Received disconnect from 202.142.159.51 port 35320:11: Bye Bye [preauth] Apr 12 22:29:44 kmh-vmh-001-fsn05 sshd[31231]: Disconnected from invalid user apache2 202.142.159.51 port 35320 [preauth] Apr 12 22:35:52 kmh-vmh-001-fsn05 sshd[32331]: Invalid user mysql from 202.142.159.51 port 39572 Apr 12 22:35:52 kmh-vmh-001-fsn05 sshd[32331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.142.159.51 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=202.142.159.51	2020-04-13 05:25:56
202.142.159.54	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2020-02-27 09:54:26
202.142.159.204	attack	email spam	2019-12-19 21:19:54
202.142.159.204	attackbotsspam	Absender hat Spam-Falle ausgel?st	2019-11-27 22:52:16
202.142.159.204	attackspambots	Brute force attempt	2019-10-04 08:30:57

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.142.159.234
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5910
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;202.142.159.234.		IN	A

;; AUTHORITY SECTION:
.			203	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 68 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 16:42:25 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 234.159.142.202.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 234.159.142.202.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.52.179.227	attackspambots	106.52.179.227 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 9 05:49:39 server4 sshd[30043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.144.207 user=root Oct 9 05:48:18 server4 sshd[29020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.79.71.194 user=root Oct 9 05:48:20 server4 sshd[29020]: Failed password for root from 189.79.71.194 port 43721 ssh2 Oct 9 05:43:11 server4 sshd[26183]: Failed password for root from 65.191.76.227 port 43780 ssh2 Oct 9 05:44:58 server4 sshd[27151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.179.227 user=root Oct 9 05:44:59 server4 sshd[27151]: Failed password for root from 106.52.179.227 port 48082 ssh2 IP Addresses Blocked: 188.166.144.207 (GB/United Kingdom/-) 189.79.71.194 (BR/Brazil/-) 65.191.76.227 (US/United States/-)	2020-10-09 18:21:41
193.112.108.135	attack	SSH / Telnet Brute Force Attempts on Honeypot	2020-10-09 18:39:03
37.147.29.86	attack	Brute forcing email accounts	2020-10-09 18:23:44
139.198.122.19	attackbotsspam	(sshd) Failed SSH login from 139.198.122.19 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 9 03:23:05 optimus sshd[9790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.19 user=daemon Oct 9 03:23:08 optimus sshd[9790]: Failed password for daemon from 139.198.122.19 port 54786 ssh2 Oct 9 03:25:06 optimus sshd[10569]: Invalid user knoppix from 139.198.122.19 Oct 9 03:25:06 optimus sshd[10569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.19 Oct 9 03:25:08 optimus sshd[10569]: Failed password for invalid user knoppix from 139.198.122.19 port 52194 ssh2	2020-10-09 18:32:09
128.199.251.10	attackbotsspam	Oct 8 13:11:50 foo sshd[10620]: Did not receive identification string from 128.199.251.10 Oct 8 13:14:32 foo sshd[10662]: Invalid user Boss321 from 128.199.251.10 Oct 8 13:14:32 foo sshd[10662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.251.10 Oct 8 13:14:34 foo sshd[10662]: Failed password for invalid user Boss321 from 128.199.251.10 port 47264 ssh2 Oct 8 13:14:34 foo sshd[10662]: Received disconnect from 128.199.251.10: 11: Normal Shutdown, Thank you for playing [preauth] Oct 8 13:15:06 foo sshd[10690]: Invalid user RiiRii from 128.199.251.10 Oct 8 13:15:06 foo sshd[10690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.251.10 Oct 8 13:15:08 foo sshd[10690]: Failed password for invalid user RiiRii from 128.199.251.10 port 39708 ssh2 Oct 8 13:15:08 foo sshd[10690]: Received disconnect from 128.199.251.10: 11: Normal Shutdown, Thank you for playing [preauth]........ -------------------------------	2020-10-09 18:21:15
119.45.21.98	attack	Oct 9 11:50:58 minden010 sshd[20863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.21.98 Oct 9 11:51:00 minden010 sshd[20863]: Failed password for invalid user game from 119.45.21.98 port 47856 ssh2 Oct 9 11:54:45 minden010 sshd[22119]: Failed password for root from 119.45.21.98 port 60118 ssh2 ...	2020-10-09 18:30:05
89.64.29.119	attackspambots	Brute Force attack - banned by Fail2Ban	2020-10-09 18:28:29
167.114.114.107	attackspambots	DATE:2020-10-09 08:36:17, IP:167.114.114.107, PORT:ssh SSH brute force auth (docker-dc)	2020-10-09 18:13:41
183.146.185.57	attackbots	Oct 9 00:19:15 srv01 postfix/smtpd\[18184\]: warning: unknown\[183.146.185.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 9 00:19:27 srv01 postfix/smtpd\[18184\]: warning: unknown\[183.146.185.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 9 00:19:43 srv01 postfix/smtpd\[18184\]: warning: unknown\[183.146.185.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 9 00:20:02 srv01 postfix/smtpd\[18184\]: warning: unknown\[183.146.185.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 9 00:20:15 srv01 postfix/smtpd\[18184\]: warning: unknown\[183.146.185.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-09 18:24:54
89.97.218.142	attackspam	Oct 9 11:18:51 hidden sshd[25008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.97.218.142 Oct 9 11:18:54 hidden sshd[25008]: Failed password for invalid user allan from 89.97.218.142 port 33712 ssh2 Oct 9 11:22:32 hidden sshd[28488]: Invalid user deployer from 89.97.218.142 port 40064	2020-10-09 18:18:21
37.152.181.57	attackbots	2020-10-09 03:27:16.480132-0500 localhost sshd[58947]: Failed password for root from 37.152.181.57 port 34208 ssh2	2020-10-09 18:34:50
51.79.82.137	attack	hzb4 51.79.82.137 [09/Oct/2020:12:44:49 "-" "POST /wp-login.php 200 2119 51.79.82.137 [09/Oct/2020:14:31:32 "-" "GET /wp-login.php 200 1592 51.79.82.137 [09/Oct/2020:14:31:33 "-" "POST /wp-login.php 200 1977	2020-10-09 18:28:50
148.101.124.111	attack	Oct 8 23:57:56 v11 sshd[3616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.101.124.111 user=r.r Oct 8 23:57:58 v11 sshd[3616]: Failed password for r.r from 148.101.124.111 port 42584 ssh2 Oct 8 23:57:58 v11 sshd[3616]: Received disconnect from 148.101.124.111 port 42584:11: Bye Bye [preauth] Oct 8 23:57:58 v11 sshd[3616]: Disconnected from 148.101.124.111 port 42584 [preauth] Oct 9 00:03:07 v11 sshd[4107]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.101.124.111 user=r.r Oct 9 00:03:09 v11 sshd[4107]: Failed password for r.r from 148.101.124.111 port 48633 ssh2 Oct 9 00:03:09 v11 sshd[4107]: Received disconnect from 148.101.124.111 port 48633:11: Bye Bye [preauth] Oct 9 00:03:09 v11 sshd[4107]: Disconnected from 148.101.124.111 port 48633 [preauth] Oct 9 00:07:27 v11 sshd[4560]: Invalid user admin from 148.101.124.111 port 48614 Oct 9 00:07:27 v11 sshd[4560]: pam_u........ -------------------------------	2020-10-09 18:16:07
204.12.204.106	attackbotsspam	[portscan] Port scan	2020-10-09 18:23:59
54.198.253.45	attackspambots	SSH Brute-Force reported by Fail2Ban	2020-10-09 18:40:06

Recently Reported IPs

191.240.115.7	185.53.196.74	46.28.105.110	82.49.228.207
1.4.155.68	117.150.133.36	146.66.202.71	34.78.233.20
178.72.71.205	222.244.166.209	112.197.34.24	79.116.25.99
190.6.26.166	115.55.154.207	59.126.45.26	185.250.45.19
70.49.57.24	125.41.139.125	171.4.183.35	223.177.182.40