175.9.142.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Hunan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	135/tcp 1433/tcp [2019-10-03]2pkt	2019-10-03 13:50:53

Comments on same subnet:

IP	Type	Details	Datetime
175.9.142.56	attack	175.9.142.56 was recorded 5 times by 3 hosts attempting to connect to the following ports: 135,1433. Incident counter (4h, 24h, all-time): 5, 7, 7	2019-11-14 16:09:06
175.9.142.109	attackspam	Fail2Ban - FTP Abuse Attempt	2019-08-21 09:53:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 175.9.142.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30767
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;175.9.142.42.			IN	A

;; AUTHORITY SECTION:
.			467	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100300 1800 900 604800 86400

;; Query time: 542 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 03 13:50:50 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 42.142.9.175.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.142.9.175.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
102.165.49.15	attack	Brute Force attack - banned by Fail2Ban	2019-10-11 07:22:26
45.224.105.74	attackspambots	[munged]::443 45.224.105.74 - - [10/Oct/2019:22:06:02 +0200] "POST /[munged]: HTTP/1.1" 200 8165 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 45.224.105.74 - - [10/Oct/2019:22:06:03 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 45.224.105.74 - - [10/Oct/2019:22:06:04 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 45.224.105.74 - - [10/Oct/2019:22:06:05 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 45.224.105.74 - - [10/Oct/2019:22:06:06 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 45.224.105.74 - - [10/Oct/2019:22:06:08	2019-10-11 07:16:58
198.98.52.141	attackspam	...	2019-10-11 07:08:55
142.93.83.218	attackspam	Oct 10 01:13:27 host2 sshd[31453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.83.218 user=r.r Oct 10 01:13:29 host2 sshd[31453]: Failed password for r.r from 142.93.83.218 port 41578 ssh2 Oct 10 01:13:29 host2 sshd[31453]: Received disconnect from 142.93.83.218: 11: Bye Bye [preauth] Oct 10 01:33:01 host2 sshd[13546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.83.218 user=r.r Oct 10 01:33:03 host2 sshd[13546]: Failed password for r.r from 142.93.83.218 port 56574 ssh2 Oct 10 01:33:03 host2 sshd[13546]: Received disconnect from 142.93.83.218: 11: Bye Bye [preauth] Oct 10 01:36:55 host2 sshd[28153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.83.218 user=r.r Oct 10 01:36:57 host2 sshd[28153]: Failed password for r.r from 142.93.83.218 port 42228 ssh2 Oct 10 01:36:57 host2 sshd[28153]: Received disconnect from 142.93......... -------------------------------	2019-10-11 06:46:58
138.197.15.184	attack	Oct 10 18:59:19 nandi sshd[7925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.15.184 user=r.r Oct 10 18:59:21 nandi sshd[7925]: Failed password for r.r from 138.197.15.184 port 51064 ssh2 Oct 10 18:59:21 nandi sshd[7925]: Received disconnect from 138.197.15.184: 11: Bye Bye [preauth] Oct 10 19:21:25 nandi sshd[25473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.15.184 user=r.r Oct 10 19:21:27 nandi sshd[25473]: Failed password for r.r from 138.197.15.184 port 45268 ssh2 Oct 10 19:21:27 nandi sshd[25473]: Received disconnect from 138.197.15.184: 11: Bye Bye [preauth] Oct 10 19:25:05 nandi sshd[28069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.15.184 user=r.r Oct 10 19:25:07 nandi sshd[28069]: Failed password for r.r from 138.197.15.184 port 57864 ssh2 Oct 10 19:25:07 nandi sshd[28069]: Received disconnect from 13........ -------------------------------	2019-10-11 07:09:21
123.31.31.47	attackspam	POST /wp-login.php HTTP/1.1 POST /wp-login.php HTTP/1.1 POST /wp-login.php HTTP/1.1 POST /wp-login.php HTTP/1.1	2019-10-11 07:16:22
125.43.169.47	attack	Portscan detected	2019-10-11 07:13:50
92.53.65.131	attack	firewall-block, port(s): 5571/tcp, 5698/tcp	2019-10-11 07:19:11
37.59.34.100	attackspam	Lines containing failures of 37.59.34.100 Oct 10 21:00:00 usrv sshd[5528]: User r.r from 37.59.34.100 not allowed because not listed in AllowUsers Oct 10 21:00:00 usrv sshd[5528]: Received disconnect from 37.59.34.100 port 56682:11: Normal Shutdown, Thank you for playing [preauth] Oct 10 21:00:00 usrv sshd[5528]: Disconnected from invalid user r.r 37.59.34.100 port 56682 [preauth] Oct 10 21:00:01 usrv sshd[5568]: User r.r from 37.59.34.100 not allowed because not listed in AllowUsers Oct 10 21:00:01 usrv sshd[5568]: Received disconnect from 37.59.34.100 port 33492:11: Normal Shutdown, Thank you for playing [preauth] Oct 10 21:00:01 usrv sshd[5568]: Disconnected from invalid user r.r 37.59.34.100 port 33492 [preauth] Oct 10 21:00:02 usrv sshd[5639]: User r.r from 37.59.34.100 not allowed because not listed in AllowUsers Oct 10 21:00:02 usrv sshd[5639]: Received disconnect from 37.59.34.100 port 37860:11: Normal Shutdown, Thank you for playing [preauth] Oct 10 21:00:02 usr........ ------------------------------	2019-10-11 07:15:51
201.81.148.146	attackspambots	Oct 10 22:01:27 mail sshd\[31215\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.81.148.146 user=root Oct 10 22:01:29 mail sshd\[31215\]: Failed password for root from 201.81.148.146 port 62849 ssh2 Oct 10 22:06:55 mail sshd\[31463\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.81.148.146 user=root	2019-10-11 06:56:17
200.131.242.2	attackbotsspam	Oct 10 12:54:31 wbs sshd\[29529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.131.242.2 user=root Oct 10 12:54:33 wbs sshd\[29529\]: Failed password for root from 200.131.242.2 port 11705 ssh2 Oct 10 12:59:09 wbs sshd\[29931\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.131.242.2 user=root Oct 10 12:59:11 wbs sshd\[29931\]: Failed password for root from 200.131.242.2 port 22641 ssh2 Oct 10 13:03:40 wbs sshd\[30337\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.131.242.2 user=root	2019-10-11 07:12:27
220.117.175.165	attackspambots	Oct 11 00:09:33 meumeu sshd[22404]: Failed password for root from 220.117.175.165 port 57138 ssh2 Oct 11 00:14:25 meumeu sshd[23208]: Failed password for root from 220.117.175.165 port 40522 ssh2 ...	2019-10-11 07:26:57
92.118.38.37	attackbotsspam	Oct 11 00:50:03 relay postfix/smtpd\[1215\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 11 00:50:22 relay postfix/smtpd\[25602\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 11 00:50:36 relay postfix/smtpd\[25603\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 11 00:50:54 relay postfix/smtpd\[24127\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 11 00:51:09 relay postfix/smtpd\[1215\]: warning: unknown\[92.118.38.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-11 06:51:21
92.222.216.81	attackspambots	Oct 10 12:27:53 hpm sshd\[19480\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.ip-92-222-216.eu user=root Oct 10 12:27:55 hpm sshd\[19480\]: Failed password for root from 92.222.216.81 port 37388 ssh2 Oct 10 12:31:46 hpm sshd\[19854\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.ip-92-222-216.eu user=root Oct 10 12:31:48 hpm sshd\[19854\]: Failed password for root from 92.222.216.81 port 57035 ssh2 Oct 10 12:35:39 hpm sshd\[20194\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.ip-92-222-216.eu user=root	2019-10-11 06:50:50
46.105.122.62	attackbotsspam	Oct 11 01:24:07 vps647732 sshd[16544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.122.62 Oct 11 01:24:08 vps647732 sshd[16544]: Failed password for invalid user postgres from 46.105.122.62 port 59186 ssh2 ...	2019-10-11 07:26:33

Recently Reported IPs

71.116.38.23	22.68.171.11	58.183.212.30	216.54.36.135
97.16.128.79	52.17.220.34	91.187.185.21	124.22.245.156
248.93.186.42	175.248.128.86	76.130.10.218	56.84.125.63
55.243.177.172	84.169.154.229	19.47.152.173	233.16.216.152
183.207.132.19	134.55.46.10	129.28.188.115	166.69.19.242