111.42.66.5 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Mobile Communications Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	web Attack on Wordpress site at 2020-01-02.	2020-01-03 03:15:09

Comments on same subnet:

IP	Type	Details	Datetime
111.42.66.27	attack	Unauthorized connection attempt detected from IP address 111.42.66.27 to port 8080	2020-05-31 03:43:33
111.42.66.150	attackbotsspam	Honeypot attack, port: 5555, PTR: PTR record not found	2020-05-21 03:30:06
111.42.66.48	attackbots	Unauthorized connection attempt detected from IP address 111.42.66.48 to port 8080 [T]	2020-05-09 18:54:19
111.42.66.143	attackbots	WEB Remote Command Execution via Shell Script -1.a	2020-05-09 07:20:47
111.42.66.43	attackbots	Automatic report - Port Scan Attack	2020-05-08 07:03:12
111.42.66.48	attackspam	Unauthorised access (May 6) SRC=111.42.66.48 LEN=60 TOS=0x04 TTL=52 ID=27433 DF TCP DPT=8080 WINDOW=5840 SYN	2020-05-07 01:18:13
111.42.66.162	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-04-12 21:54:06
111.42.66.151	attackspam	111.42.66.151 - - \[21/Feb/2020:05:56:51 +0100\] "POST /HNAP1/ HTTP/1.0" 301 551 "-" "-"	2020-02-21 14:49:02
111.42.66.45	attackspambots	unauthorized connection attempt	2020-02-16 19:18:24
111.42.66.31	attackspambots	Automatic report - Port Scan Attack	2020-01-30 21:38:03
111.42.66.36	attackspambots	Unauthorized connection attempt detected from IP address 111.42.66.36 to port 23 [J]	2020-01-29 03:41:57
111.42.66.178	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-15 02:36:42
111.42.66.16	attack	unauthorized connection attempt	2020-01-12 20:07:08
111.42.66.4	attack	Unauthorized connection attempt detected from IP address 111.42.66.4 to port 2323 [T]	2020-01-09 04:19:51
111.42.66.52	attack	Unauthorized connection attempt detected from IP address 111.42.66.52 to port 8080 [T]	2020-01-07 01:22:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.42.66.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53344
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.42.66.5.			IN	A

;; AUTHORITY SECTION:
.			218	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010200 1800 900 604800 86400

;; Query time: 190 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 03 03:15:04 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 5.66.42.111.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 100.100.2.138, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 5.66.42.111.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.94.56.152	attack	Automatic report - Port Scan Attack	2019-12-12 22:13:55
111.231.87.204	attack	Dec 12 15:42:43 server sshd\[11662\]: Invalid user cncp from 111.231.87.204 Dec 12 15:42:43 server sshd\[11662\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.87.204 Dec 12 15:42:44 server sshd\[11662\]: Failed password for invalid user cncp from 111.231.87.204 port 60944 ssh2 Dec 12 15:55:08 server sshd\[15387\]: Invalid user admin from 111.231.87.204 Dec 12 15:55:08 server sshd\[15387\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.87.204 ...	2019-12-12 22:30:26
202.72.243.198	attackbots	2019-12-12T14:14:23.370775vps751288.ovh.net sshd\[6142\]: Invalid user eliseu from 202.72.243.198 port 34936 2019-12-12T14:14:23.379829vps751288.ovh.net sshd\[6142\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.72.243.198 2019-12-12T14:14:25.684493vps751288.ovh.net sshd\[6142\]: Failed password for invalid user eliseu from 202.72.243.198 port 34936 ssh2 2019-12-12T14:20:37.304937vps751288.ovh.net sshd\[6207\]: Invalid user oro from 202.72.243.198 port 47784 2019-12-12T14:20:37.316975vps751288.ovh.net sshd\[6207\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.72.243.198	2019-12-12 22:25:08
80.38.165.87	attackspambots	Dec 12 11:10:14 localhost sshd\[6653\]: Invalid user tellnes from 80.38.165.87 port 43649 Dec 12 11:10:14 localhost sshd\[6653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.38.165.87 Dec 12 11:10:15 localhost sshd\[6653\]: Failed password for invalid user tellnes from 80.38.165.87 port 43649 ssh2	2019-12-12 22:14:53
79.177.31.129	attackbotsspam	Honeypot attack, port: 23, PTR: bzq-79-177-31-129.red.bezeqint.net.	2019-12-12 22:23:52
5.249.149.12	attackspambots	Dec 12 15:40:20 andromeda sshd\[57109\]: Invalid user test from 5.249.149.12 port 45779 Dec 12 15:40:20 andromeda sshd\[57109\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.149.12 Dec 12 15:40:22 andromeda sshd\[57109\]: Failed password for invalid user test from 5.249.149.12 port 45779 ssh2	2019-12-12 22:47:45
197.51.163.133	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-12 22:25:30
213.14.112.92	attackspambots	Dec 12 15:14:20 vps647732 sshd[3785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.14.112.92 Dec 12 15:14:22 vps647732 sshd[3785]: Failed password for invalid user pei from 213.14.112.92 port 57235 ssh2 ...	2019-12-12 22:29:56
101.108.76.0	attackbotsspam	Honeypot attack, port: 445, PTR: node-f0g.pool-101-108.dynamic.totinternet.net.	2019-12-12 22:16:02
47.92.231.109	attackbots	PHI,WP GET /wp-login.php	2019-12-12 22:04:52
180.76.233.148	attackbotsspam	Dec 12 08:03:29 TORMINT sshd\[28848\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.233.148 user=root Dec 12 08:03:30 TORMINT sshd\[28848\]: Failed password for root from 180.76.233.148 port 36516 ssh2 Dec 12 08:11:28 TORMINT sshd\[29439\]: Invalid user guest from 180.76.233.148 Dec 12 08:11:28 TORMINT sshd\[29439\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.233.148 ...	2019-12-12 22:07:25
218.253.193.235	attack	Invalid user smmsp from 218.253.193.235 port 44454 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.253.193.235 Failed password for invalid user smmsp from 218.253.193.235 port 44454 ssh2 Invalid user mysql from 218.253.193.235 port 53316 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.253.193.235	2019-12-12 22:23:03
23.244.43.2	attackspambots	1433/tcp 445/tcp... [2019-10-12/12-12]5pkt,2pt.(tcp)	2019-12-12 22:43:31
103.21.228.3	attackspam	Invalid user nourry from 103.21.228.3 port 45873	2019-12-12 22:31:46
67.224.128.50	attack	Autoban 67.224.128.50 AUTH/CONNECT	2019-12-12 22:49:33

Recently Reported IPs

124.61.47.4	197.126.41.239	109.116.245.2	217.16.106.86
70.23.175.147	12.181.174.133	111.157.63.238	64.106.131.25
114.41.78.149	35.40.148.6	74.255.163.43	117.70.237.55
31.36.160.143	109.111.139.2	93.83.101.41	68.3.117.49
106.83.246.162	56.243.235.138	107.189.10.4	114.212.188.49