167.172.242.40

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Tool over my email	2020-05-07 12:17:24
attack	Tool over my email	2020-05-07 12:17:16
attack	scan	2020-01-10 13:58:01

Comments on same subnet:

IP	Type	Details	Datetime
167.172.242.160	attack	24.11.2019 15:03:18 SSH access blocked by firewall	2019-11-24 23:27:43
167.172.242.160	attackbotsspam	DATE:2019-11-22 23:56:31, IP:167.172.242.160, PORT:ssh SSH brute force auth on honeypot server (honey-neo-dc)	2019-11-23 07:01:31
167.172.242.90	attackspambots	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-11-15 21:00:18
167.172.242.239	attack	Port Scan: TCP/8088	2019-11-15 18:36:57

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 167.172.242.40
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13846
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;167.172.242.40.			IN	A

;; AUTHORITY SECTION:
.			170	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010901 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 10 13:57:53 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 40.242.172.167.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 40.242.172.167.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.59.59.90	attack	Jul 11 21:53:07 core01 sshd\[3284\]: Invalid user setup from 139.59.59.90 port 15452 Jul 11 21:53:07 core01 sshd\[3284\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.59.90 ...	2019-07-12 05:35:47
142.4.207.155	attackspam	Jun 2 19:36:08 server sshd\[62009\]: Invalid user conflux from 142.4.207.155 Jun 2 19:36:08 server sshd\[62009\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.4.207.155 Jun 2 19:36:10 server sshd\[62009\]: Failed password for invalid user conflux from 142.4.207.155 port 40914 ssh2 ...	2019-07-12 05:24:21
142.11.242.20	attack	Jul 1 00:56:27 server sshd\[98554\]: Invalid user stas from 142.11.242.20 Jul 1 00:56:27 server sshd\[98554\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.11.242.20 Jul 1 00:56:29 server sshd\[98554\]: Failed password for invalid user stas from 142.11.242.20 port 36344 ssh2 ...	2019-07-12 05:25:54
139.99.144.191	attackspambots	Jul 11 23:18:51 MK-Soft-Root1 sshd\[31655\]: Invalid user zanni from 139.99.144.191 port 44008 Jul 11 23:18:51 MK-Soft-Root1 sshd\[31655\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.144.191 Jul 11 23:18:54 MK-Soft-Root1 sshd\[31655\]: Failed password for invalid user zanni from 139.99.144.191 port 44008 ssh2 ...	2019-07-12 05:40:41
118.25.48.248	attackspam	Brute force attempt	2019-07-12 05:45:51
142.4.6.175	attackspam	May 30 12:29:07 server sshd\[169512\]: Invalid user admin from 142.4.6.175 May 30 12:29:07 server sshd\[169512\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.4.6.175 May 30 12:29:09 server sshd\[169512\]: Failed password for invalid user admin from 142.4.6.175 port 45010 ssh2 ...	2019-07-12 05:20:54
140.143.222.95	attackspambots	$f2bV_matches	2019-07-12 05:51:55
141.85.13.4	attackbots	Jun 27 05:50:01 server sshd\[59601\]: Invalid user alfred from 141.85.13.4 Jun 27 05:50:01 server sshd\[59601\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.85.13.4 Jun 27 05:50:03 server sshd\[59601\]: Failed password for invalid user alfred from 141.85.13.4 port 60148 ssh2 ...	2019-07-12 05:29:25
140.143.249.134	attack	Jul 11 20:52:45 host sshd\[12685\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.249.134 user=root Jul 11 20:52:47 host sshd\[12685\]: Failed password for root from 140.143.249.134 port 59778 ssh2 ...	2019-07-12 05:42:36
107.170.238.152	attackbots	Port scan attempt detected by AWS-CCS, CTS, India	2019-07-12 05:26:16
46.167.213.114	attackspam	Jul 11 10:08:08 web1 postfix/smtpd[31851]: warning: ip46-167-213-114.twistnet.eu[46.167.213.114]: SASL PLAIN authentication failed: authentication failure ...	2019-07-12 05:27:56
140.143.235.12	attackspam	Jun 29 08:50:21 server sshd\[183572\]: Invalid user ts3bot from 140.143.235.12 Jun 29 08:50:21 server sshd\[183572\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.235.12 Jun 29 08:50:23 server sshd\[183572\]: Failed password for invalid user ts3bot from 140.143.235.12 port 59910 ssh2 ...	2019-07-12 05:46:14
142.4.215.150	attack	Jul 11 23:16:22 nextcloud sshd\[5724\]: Invalid user sylvain from 142.4.215.150 Jul 11 23:16:22 nextcloud sshd\[5724\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.4.215.150 Jul 11 23:16:24 nextcloud sshd\[5724\]: Failed password for invalid user sylvain from 142.4.215.150 port 60916 ssh2 ...	2019-07-12 05:21:20
142.44.247.87	attackspambots	Jul 7 01:41:03 server sshd\[28911\]: Invalid user aa from 142.44.247.87 Jul 7 01:41:03 server sshd\[28911\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.247.87 Jul 7 01:41:05 server sshd\[28911\]: Failed password for invalid user aa from 142.44.247.87 port 40020 ssh2 ...	2019-07-12 05:15:34
140.143.25.35	attackbotsspam	May 16 08:01:19 server sshd\[57093\]: Invalid user test1 from 140.143.25.35 May 16 08:01:19 server sshd\[57093\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.25.35 May 16 08:01:21 server sshd\[57093\]: Failed password for invalid user test1 from 140.143.25.35 port 49252 ssh2 ...	2019-07-12 05:41:42

Recently Reported IPs

136.243.174.67	46.38.144.64	68.113.154.83	187.210.103.2
113.163.216.144	88.232.119.183	14.186.205.248	36.237.101.217
54.36.210.14	129.211.62.194	183.131.110.115	181.130.115.77
116.228.37.90	49.68.208.239	88.252.32.188	125.160.66.115
36.73.218.196	58.186.107.169	98.246.206.24	36.77.93.117