156.208.160.42

Basic Info

City: unknown

Region: unknown

Country: Egypt

Internet Service Provider: TE Data

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	scan r	2019-07-09 08:00:14

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 156.208.160.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29307
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;156.208.160.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070802 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 09 08:00:09 CST 2019
;; MSG SIZE  rcvd: 118

Host info

42.160.208.156.in-addr.arpa domain name pointer host-156.208.42.160-static.tedata.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
42.160.208.156.in-addr.arpa	name = host-156.208.42.160-static.tedata.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
113.164.94.36	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-07 09:02:54,534 INFO [shellcode_manager] (113.164.94.36) no match, writing hexdump (ca536c7d56faf1ec65ad55f44c12b9f7 :34028) - SMB (Unknown)	2019-08-07 21:21:39
40.112.176.70	attackbotsspam	2019-08-07T12:58:49.577842abusebot-6.cloudsearch.cf sshd\[20070\]: Invalid user emerson from 40.112.176.70 port 42896	2019-08-07 20:59:01
181.229.132.110	attackspambots	Automatic report - Port Scan Attack	2019-08-07 21:26:07
111.93.200.50	attackspam	Aug 7 09:04:47 eventyay sshd[4592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.200.50 Aug 7 09:04:49 eventyay sshd[4592]: Failed password for invalid user informatica from 111.93.200.50 port 35114 ssh2 Aug 7 09:10:30 eventyay sshd[6095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.200.50 ...	2019-08-07 21:26:45
54.38.177.170	attack	Aug 7 11:52:40 OPSO sshd\[31333\]: Invalid user 123456 from 54.38.177.170 port 46552 Aug 7 11:52:40 OPSO sshd\[31333\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.177.170 Aug 7 11:52:42 OPSO sshd\[31333\]: Failed password for invalid user 123456 from 54.38.177.170 port 46552 ssh2 Aug 7 11:56:35 OPSO sshd\[31730\]: Invalid user asdf1234 from 54.38.177.170 port 60830 Aug 7 11:56:35 OPSO sshd\[31730\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.177.170	2019-08-07 21:08:49
120.132.109.215	attack	web-1 [ssh] SSH Attack	2019-08-07 21:37:05
208.70.253.166	attack	445/tcp 445/tcp 445/tcp... [2019-07-23/08-07]4pkt,1pt.(tcp)	2019-08-07 21:03:52
159.203.111.100	attackspambots	SSH bruteforce (Triggered fail2ban)	2019-08-07 21:07:49
134.209.145.110	attackspam	Aug 7 09:10:26 xtremcommunity sshd\[25957\]: Invalid user theo from 134.209.145.110 port 37274 Aug 7 09:10:26 xtremcommunity sshd\[25957\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.145.110 Aug 7 09:10:27 xtremcommunity sshd\[25957\]: Failed password for invalid user theo from 134.209.145.110 port 37274 ssh2 Aug 7 09:15:26 xtremcommunity sshd\[26138\]: Invalid user monero from 134.209.145.110 port 59706 Aug 7 09:15:26 xtremcommunity sshd\[26138\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.145.110 ...	2019-08-07 21:27:18
82.102.27.10	attackbotsspam	localhost 82.102.27.10 - - [07/Aug/2019:14:52:53 +0800] "GET /login.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36" VLOG=- localhost 82.102.27.10 - - [07/Aug/2019:14:52:54 +0800] "GET /android/admin.php HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36" VLOG=- localhost 82.102.27.10 - - [07/Aug/2019:14:52:56 +0800] "GET /index.php?99=1 HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36" VLOG=- localhost 82.102.27.10 - - [07/Aug/2019:14:52:57 +0800] "GET /auth.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36" VLOG=- localhost 82.102.27.10 - - [07/Aug/2019:14:53:00 +0800] "GET /config.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/ ...	2019-08-07 21:48:55
183.131.157.36	attack	Unauthorised access (Aug 7) SRC=183.131.157.36 LEN=40 TTL=239 ID=37083 TCP DPT=445 WINDOW=1024 SYN	2019-08-07 21:47:04
103.206.70.245	attackbotsspam	Aug 7 08:53:54 mail postfix/smtpd\[17069\]: NOQUEUE: reject: RCPT from qzcp.ahsqasasa.com\[103.206.70.245\]: 554 5.7.1 Service unavailable\; Client host \[103.206.70.245\] blocked using zen.spamhaus.org\; https://www.spamhaus.org/sbl/query/SBL304334 / https://www.spamhaus.org/sbl/query/SBLCSS\; from=\ to=\ proto=ESMTP helo=\\	2019-08-07 21:16:44
34.76.36.242	attackspam	WordPress wp-login brute force :: 34.76.36.242 0.124 BYPASS [07/Aug/2019:22:40:48 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-08-07 21:06:11
192.159.104.244	attackspambots	Aug 7 15:38:45 www sshd\[31171\]: Invalid user loyal from 192.159.104.244Aug 7 15:38:47 www sshd\[31171\]: Failed password for invalid user loyal from 192.159.104.244 port 46896 ssh2Aug 7 15:42:58 www sshd\[31205\]: Invalid user puppet from 192.159.104.244 ...	2019-08-07 21:12:33
203.125.14.194	attack	Aug 7 02:19:55 localhost kernel: [16402989.043768] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=203.125.14.194 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=22739 DF PROTO=TCP SPT=57845 DPT=445 SEQ=2102870671 ACK=0 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405B40103030801010402) Aug 7 02:53:58 localhost kernel: [16405031.753314] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=203.125.14.194 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=22298 DF PROTO=TCP SPT=52346 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 Aug 7 02:53:58 localhost kernel: [16405031.753324] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=203.125.14.194 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=22298 DF PROTO=TCP SPT=52346 DPT=445 SEQ=1782373162 ACK=0 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405B40103030801010402)	2019-08-07 21:09:27

Recently Reported IPs

62.248.94.236	3.38.169.239	60.227.171.68	6.84.105.203
247.19.163.34	185.163.200.34	72.201.207.100	135.32.237.182
9.28.111.221	206.232.7.209	187.87.38.170	5.101.168.233
189.110.87.169	175.210.232.75	77.154.197.95	51.83.70.149
73.205.153.222	88.198.212.190	145.78.237.61	238.250.196.196