193.112.42.1 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH login attempts with user root at 2020-01-02.	2020-01-03 01:40:39

Comments on same subnet:

IP	Type	Details	Datetime
193.112.42.13	attack	" "	2020-08-10 01:12:42
193.112.42.13	attackbotsspam	2020-07-27T14:13:36.779186linuxbox-skyline sshd[56512]: Invalid user monero from 193.112.42.13 port 56764 ...	2020-07-28 04:43:29
193.112.42.13	attackbots	Jul 27 03:39:58 s30-ffm-r02 sshd[24582]: Invalid user noc from 193.112.42.13 Jul 27 03:39:58 s30-ffm-r02 sshd[24582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.42.13 Jul 27 03:39:59 s30-ffm-r02 sshd[24582]: Failed password for invalid user noc from 193.112.42.13 port 35952 ssh2 Jul 27 03:44:49 s30-ffm-r02 sshd[24721]: Invalid user cct from 193.112.42.13 Jul 27 03:44:49 s30-ffm-r02 sshd[24721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.42.13 Jul 27 03:44:51 s30-ffm-r02 sshd[24721]: Failed password for invalid user cct from 193.112.42.13 port 42144 ssh2 Jul 27 03:47:59 s30-ffm-r02 sshd[24800]: Did not receive identification string from 193.112.42.13 Jul 27 03:54:33 s30-ffm-r02 sshd[24981]: Invalid user bpoint from 193.112.42.13 Jul 27 03:54:33 s30-ffm-r02 sshd[24981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.4........ -------------------------------	2020-07-27 19:11:27
193.112.42.13	attackspam	2020-07-04T01:56:05.023961galaxy.wi.uni-potsdam.de sshd[32477]: Failed password for invalid user update from 193.112.42.13 port 58216 ssh2 2020-07-04T01:58:04.287491galaxy.wi.uni-potsdam.de sshd[32742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.42.13 user=root 2020-07-04T01:58:05.816972galaxy.wi.uni-potsdam.de sshd[32742]: Failed password for root from 193.112.42.13 port 44920 ssh2 2020-07-04T02:00:00.860738galaxy.wi.uni-potsdam.de sshd[572]: Invalid user st2 from 193.112.42.13 port 59856 2020-07-04T02:00:00.870659galaxy.wi.uni-potsdam.de sshd[572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.42.13 2020-07-04T02:00:00.860738galaxy.wi.uni-potsdam.de sshd[572]: Invalid user st2 from 193.112.42.13 port 59856 2020-07-04T02:00:02.991325galaxy.wi.uni-potsdam.de sshd[572]: Failed password for invalid user st2 from 193.112.42.13 port 59856 ssh2 2020-07-04T02:02:00.345033galaxy.wi.uni-pots ...	2020-07-04 09:10:52
193.112.42.13	attackbots	Jun 27 23:39:55 gestao sshd[27275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.42.13 Jun 27 23:39:56 gestao sshd[27275]: Failed password for invalid user sftp from 193.112.42.13 port 49432 ssh2 Jun 27 23:42:11 gestao sshd[27353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.42.13 ...	2020-06-28 08:27:09
193.112.42.13	attackbots	2020-06-18T15:20:13.532023randservbullet-proofcloud-66.localdomain sshd[31806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.42.13 user=root 2020-06-18T15:20:14.993401randservbullet-proofcloud-66.localdomain sshd[31806]: Failed password for root from 193.112.42.13 port 49142 ssh2 2020-06-18T15:35:53.917896randservbullet-proofcloud-66.localdomain sshd[31840]: Invalid user t from 193.112.42.13 port 38540 ...	2020-06-19 01:47:43
193.112.42.13	attack	Failed password for invalid user taz from 193.112.42.13 port 35532 ssh2	2020-06-17 17:15:53
193.112.42.13	attack	Invalid user newsletter from 193.112.42.13 port 34028	2020-05-02 02:42:23
193.112.42.13	attack	Apr 25 14:07:49 Ubuntu-1404-trusty-64-minimal sshd\[23877\]: Invalid user johnh from 193.112.42.13 Apr 25 14:07:49 Ubuntu-1404-trusty-64-minimal sshd\[23877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.42.13 Apr 25 14:07:52 Ubuntu-1404-trusty-64-minimal sshd\[23877\]: Failed password for invalid user johnh from 193.112.42.13 port 52790 ssh2 Apr 25 14:12:27 Ubuntu-1404-trusty-64-minimal sshd\[27176\]: Invalid user password from 193.112.42.13 Apr 25 14:12:27 Ubuntu-1404-trusty-64-minimal sshd\[27176\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.42.13	2020-04-26 02:27:14
193.112.42.13	attackspambots	Mar 26 17:15:31 pkdns2 sshd\[4118\]: Invalid user dana from 193.112.42.13Mar 26 17:15:33 pkdns2 sshd\[4118\]: Failed password for invalid user dana from 193.112.42.13 port 58666 ssh2Mar 26 17:19:32 pkdns2 sshd\[4276\]: Invalid user golf from 193.112.42.13Mar 26 17:19:34 pkdns2 sshd\[4276\]: Failed password for invalid user golf from 193.112.42.13 port 51040 ssh2Mar 26 17:23:37 pkdns2 sshd\[4488\]: Invalid user vernemq from 193.112.42.13Mar 26 17:23:39 pkdns2 sshd\[4488\]: Failed password for invalid user vernemq from 193.112.42.13 port 43410 ssh2 ...	2020-03-26 23:32:09
193.112.42.13	attackspambots	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-03-22 22:29:42
193.112.42.13	attackspam	Mar 1 15:15:59 dedicated sshd[15300]: Invalid user liangmm from 193.112.42.13 port 58516	2020-03-01 22:16:58
193.112.42.13	attackspambots	Feb 26 19:17:15 vps691689 sshd[14129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.42.13 Feb 26 19:17:17 vps691689 sshd[14129]: Failed password for invalid user joyoudata from 193.112.42.13 port 54740 ssh2 ...	2020-02-27 04:38:41
193.112.42.13	attackspam	Feb 23 16:40:21 server sshd[430203]: Failed password for invalid user odoo from 193.112.42.13 port 59146 ssh2 Feb 23 16:43:17 server sshd[431844]: Failed password for invalid user wordpress from 193.112.42.13 port 47724 ssh2 Feb 23 16:46:11 server sshd[433481]: Failed password for invalid user justinbiberx from 193.112.42.13 port 36310 ssh2	2020-02-24 03:42:54
193.112.42.13	attackbots	Unauthorized connection attempt detected from IP address 193.112.42.13 to port 2220 [J]	2020-02-03 05:49:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 193.112.42.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57957
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;193.112.42.1.			IN	A

;; AUTHORITY SECTION:
.			513	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010200 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 03 01:40:35 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 1.42.112.193.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 1.42.112.193.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.180.41	attackspam	Nov 23 12:00:12 vibhu-HP-Z238-Microtower-Workstation sshd\[14918\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.41 user=root Nov 23 12:00:14 vibhu-HP-Z238-Microtower-Workstation sshd\[14918\]: Failed password for root from 222.186.180.41 port 61694 ssh2 Nov 23 12:00:17 vibhu-HP-Z238-Microtower-Workstation sshd\[14918\]: Failed password for root from 222.186.180.41 port 61694 ssh2 Nov 23 12:00:20 vibhu-HP-Z238-Microtower-Workstation sshd\[14918\]: Failed password for root from 222.186.180.41 port 61694 ssh2 Nov 23 12:00:35 vibhu-HP-Z238-Microtower-Workstation sshd\[14932\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.41 user=root ...	2019-11-23 14:40:16
5.189.141.4	attackbots	Nov 23 06:46:51 mc1 kernel: \[5774253.598728\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=5.189.141.4 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=56152 PROTO=TCP SPT=61000 DPT=80 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 23 06:46:54 mc1 kernel: \[5774256.724308\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=5.189.141.4 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=56152 PROTO=TCP SPT=61000 DPT=80 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 23 06:46:57 mc1 kernel: \[5774259.696669\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=5.189.141.4 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=56152 PROTO=TCP SPT=61000 DPT=80 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-23 14:22:22
140.143.72.21	attack	Nov 23 11:35:20 vibhu-HP-Z238-Microtower-Workstation sshd\[13934\]: Invalid user webmaster from 140.143.72.21 Nov 23 11:35:20 vibhu-HP-Z238-Microtower-Workstation sshd\[13934\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.72.21 Nov 23 11:35:22 vibhu-HP-Z238-Microtower-Workstation sshd\[13934\]: Failed password for invalid user webmaster from 140.143.72.21 port 55606 ssh2 Nov 23 11:42:19 vibhu-HP-Z238-Microtower-Workstation sshd\[14267\]: Invalid user guest from 140.143.72.21 Nov 23 11:42:19 vibhu-HP-Z238-Microtower-Workstation sshd\[14267\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.72.21 ...	2019-11-23 14:12:58
185.176.27.6	attack	Nov 23 06:42:20 h2177944 kernel: \[7363114.700912\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.6 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=46129 PROTO=TCP SPT=52970 DPT=5401 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 23 06:46:39 h2177944 kernel: \[7363373.763479\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.6 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=42014 PROTO=TCP SPT=52970 DPT=8620 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 23 06:47:55 h2177944 kernel: \[7363449.209234\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.6 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=28279 PROTO=TCP SPT=52970 DPT=29801 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 23 06:50:27 h2177944 kernel: \[7363601.995171\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.6 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=57726 PROTO=TCP SPT=52970 DPT=26702 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 23 07:00:36 h2177944 kernel: \[7364210.619643\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.6 DST=85.214.117.9 LE	2019-11-23 14:06:12
151.225.196.159	attackspam	Automatic report - Port Scan Attack	2019-11-23 14:48:17
134.209.178.109	attack	2019-11-23T05:56:51.875067abusebot.cloudsearch.cf sshd\[19222\]: Invalid user ananyo from 134.209.178.109 port 46350	2019-11-23 14:13:31
91.134.185.86	attackbots	Automatic report - Banned IP Access	2019-11-23 14:13:45
112.85.42.178	attack	Nov 23 04:53:34 game-panel sshd[29039]: Failed password for root from 112.85.42.178 port 61252 ssh2 Nov 23 04:53:48 game-panel sshd[29039]: error: maximum authentication attempts exceeded for root from 112.85.42.178 port 61252 ssh2 [preauth] Nov 23 04:53:55 game-panel sshd[29041]: Failed password for root from 112.85.42.178 port 21126 ssh2	2019-11-23 14:25:51
71.6.146.186	attackbotsspam	Fail2Ban Ban Triggered	2019-11-23 14:18:10
210.177.54.141	attackbots	Nov 22 20:23:56 eddieflores sshd\[3794\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.177.54.141 user=root Nov 22 20:23:57 eddieflores sshd\[3794\]: Failed password for root from 210.177.54.141 port 51734 ssh2 Nov 22 20:30:07 eddieflores sshd\[4282\]: Invalid user toomas from 210.177.54.141 Nov 22 20:30:07 eddieflores sshd\[4282\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.177.54.141 Nov 22 20:30:09 eddieflores sshd\[4282\]: Failed password for invalid user toomas from 210.177.54.141 port 51644 ssh2	2019-11-23 14:53:25
79.135.245.89	attackbots	Nov 23 06:26:42 web8 sshd\[28150\]: Invalid user nacho from 79.135.245.89 Nov 23 06:26:42 web8 sshd\[28150\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.135.245.89 Nov 23 06:26:44 web8 sshd\[28150\]: Failed password for invalid user nacho from 79.135.245.89 port 40420 ssh2 Nov 23 06:30:28 web8 sshd\[29889\]: Invalid user anndristin from 79.135.245.89 Nov 23 06:30:28 web8 sshd\[29889\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.135.245.89	2019-11-23 14:45:48
84.3.50.140	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/84.3.50.140/ HU - 1H : (20) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : HU NAME ASN : ASN5483 IP : 84.3.50.140 CIDR : 84.3.0.0/16 PREFIX COUNT : 275 UNIQUE IP COUNT : 1368320 ATTACKS DETECTED ASN5483 : 1H - 2 3H - 2 6H - 5 12H - 7 24H - 9 DateTime : 2019-11-23 05:53:57 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-23 14:24:32
123.30.236.149	attack	Nov 23 05:49:53 meumeu sshd[21740]: Failed password for root from 123.30.236.149 port 43568 ssh2 Nov 23 05:54:16 meumeu sshd[22333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.30.236.149 Nov 23 05:54:18 meumeu sshd[22333]: Failed password for invalid user 0 from 123.30.236.149 port 14740 ssh2 ...	2019-11-23 14:04:47
113.197.36.67	attackspam	Invalid user vinicius from 113.197.36.67 port 45577	2019-11-23 14:15:12
178.72.74.173	attackbotsspam	Automatic report - Banned IP Access	2019-11-23 14:27:13

Recently Reported IPs

190.187.104.1	190.0.159.8	188.213.175.9	188.166.239.1
188.158.236.1	142.139.54.61	220.201.46.248	187.241.175.1
187.44.113.3	63.42.78.33	187.169.152.150	187.34.253.1
60.123.236.66	210.45.24.169	218.84.196.222	167.61.203.160
14.2.102.186	118.200.244.138	139.44.153.49	187.146.215.1