124.78.252.242

Basic Info

City: Shanghai

Region: Shanghai

Country: China

Internet Service Provider: ChinaNet Shanghai Province Network

Hostname: unknown

Organization: China Telecom (Group)

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	" "	2019-07-18 20:17:49
attack	¯\_(ツ)_/¯	2019-06-21 23:27:33

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.78.252.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43449
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.78.252.242.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062100 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jun 21 23:26:43 CST 2019
;; MSG SIZE  rcvd: 118

Host info

242.252.78.124.in-addr.arpa domain name pointer 242.252.78.124.broad.xw.sh.dynamic.163data.com.cn.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
242.252.78.124.in-addr.arpa	name = 242.252.78.124.broad.xw.sh.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.28.184.187	attack	Unauthorized connection attempt from IP address 77.28.184.187 on Port 445(SMB)	2020-08-08 03:06:51
103.242.56.183	attack	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-08 03:29:37
178.234.147.29	attackbots	Unauthorized connection attempt from IP address 178.234.147.29 on Port 445(SMB)	2020-08-08 03:26:01
193.227.248.248	attack	Unauthorized connection attempt from IP address 193.227.248.248 on Port 3389(RDP)	2020-08-08 02:56:13
202.175.46.170	attack	Aug 7 16:25:52 hosting sshd[13592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=z46l170.static.ctm.net user=root Aug 7 16:25:54 hosting sshd[13592]: Failed password for root from 202.175.46.170 port 49514 ssh2 ...	2020-08-08 02:55:19
111.119.178.167	attackbots	Wordpress attack	2020-08-08 03:04:17
103.233.5.24	attackspambots	2020-08-07T19:28:37.349697amanda2.illicoweb.com sshd\[49086\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.233.5.24 user=root 2020-08-07T19:28:39.198473amanda2.illicoweb.com sshd\[49086\]: Failed password for root from 103.233.5.24 port 20132 ssh2 2020-08-07T19:31:11.496391amanda2.illicoweb.com sshd\[615\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.233.5.24 user=root 2020-08-07T19:31:13.817386amanda2.illicoweb.com sshd\[615\]: Failed password for root from 103.233.5.24 port 48516 ssh2 2020-08-07T19:33:35.647245amanda2.illicoweb.com sshd\[1099\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.233.5.24 user=root ...	2020-08-08 03:24:10
122.180.80.202	attack	Unauthorized connection attempt from IP address 122.180.80.202 on Port 445(SMB)	2020-08-08 03:08:13
73.36.232.192	attackbots	(imapd) Failed IMAP login from 73.36.232.192 (US/United States/c-73-36-232-192.hsd1.mi.comcast.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 7 16:31:05 ir1 dovecot[3110802]: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=73.36.232.192, lip=5.63.12.44, TLS, session=	2020-08-08 03:10:54
106.75.35.150	attackbots	Aug 7 12:54:14 Tower sshd[30869]: Connection from 106.75.35.150 port 56630 on 192.168.10.220 port 22 rdomain "" Aug 7 12:54:18 Tower sshd[30869]: Failed password for root from 106.75.35.150 port 56630 ssh2 Aug 7 12:54:18 Tower sshd[30869]: Received disconnect from 106.75.35.150 port 56630:11: Bye Bye [preauth] Aug 7 12:54:18 Tower sshd[30869]: Disconnected from authenticating user root 106.75.35.150 port 56630 [preauth]	2020-08-08 03:33:15
178.134.96.130	attackspam	Unauthorized connection attempt from IP address 178.134.96.130 on Port 445(SMB)	2020-08-08 02:55:51
122.168.197.14	attack	firewall-block, port(s): 445/tcp	2020-08-08 03:16:24
123.19.196.167	attackspam	Unauthorized connection attempt from IP address 123.19.196.167 on Port 445(SMB)	2020-08-08 03:14:49
105.242.17.59	attackspam	Unauthorized connection attempt from IP address 105.242.17.59 on Port 445(SMB)	2020-08-08 03:07:40
111.229.116.118	attackspambots	Aug 3 19:02:32 pl3server sshd[16871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.116.118 user=r.r Aug 3 19:02:34 pl3server sshd[16871]: Failed password for r.r from 111.229.116.118 port 39082 ssh2 Aug 3 19:02:34 pl3server sshd[16871]: Received disconnect from 111.229.116.118 port 39082:11: Bye Bye [preauth] Aug 3 19:02:34 pl3server sshd[16871]: Disconnected from 111.229.116.118 port 39082 [preauth] Aug 3 19:17:29 pl3server sshd[8607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.116.118 user=r.r Aug 3 19:17:31 pl3server sshd[8607]: Failed password for r.r from 111.229.116.118 port 34066 ssh2 Aug 3 19:17:32 pl3server sshd[8607]: Received disconnect from 111.229.116.118 port 34066:11: Bye Bye [preauth] Aug 3 19:17:32 pl3server sshd[8607]: Disconnected from 111.229.116.118 port 34066 [preauth] Aug 3 19:21:33 pl3server sshd[16148]: pam_unix(sshd:auth): authenti........ -------------------------------	2020-08-08 03:02:51

Recently Reported IPs

85.96.199.31	109.99.33.249	133.26.159.196	184.242.248.59
137.42.161.239	219.175.192.20	168.61.23.169	178.164.241.51
61.134.133.159	203.22.41.82	40.2.225.219	222.35.118.217
175.151.201.69	45.75.61.155	219.51.239.188	204.255.224.61
102.62.245.168	157.51.252.127	36.78.248.84	158.36.249.54