222.252.42.126

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: Hanoi Post and Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	445/tcp 445/tcp [2019-06-26/27]2pkt	2019-06-28 16:23:06

Comments on same subnet:

IP	Type	Details	Datetime
222.252.42.147	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 01-04-2020 13:30:20.	2020-04-02 02:39:17
222.252.42.66	attackspam	Jul 26 11:53:00 srv-4 sshd\[20770\]: Invalid user admin from 222.252.42.66 Jul 26 11:53:00 srv-4 sshd\[20770\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.42.66 Jul 26 11:53:02 srv-4 sshd\[20770\]: Failed password for invalid user admin from 222.252.42.66 port 60148 ssh2 ...	2019-07-27 03:19:40

Type

Details

Datetime

222.252.42.147

attackbots

Attempt to attack host OS, exploiting network vulnerabilities, on 01-04-2020 13:30:20.

2020-04-02 02:39:17

222.252.42.66

attackspam

Jul 26 11:53:00 srv-4 sshd\[20770\]: Invalid user admin from 222.252.42.66
Jul 26 11:53:00 srv-4 sshd\[20770\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.42.66
Jul 26 11:53:02 srv-4 sshd\[20770\]: Failed password for invalid user admin from 222.252.42.66 port 60148 ssh2
...

2019-07-27 03:19:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 222.252.42.126
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34170
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;222.252.42.126.			IN	A

;; AUTHORITY SECTION:
.			2308	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062800 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jun 28 16:22:59 CST 2019
;; MSG SIZE  rcvd: 118

Host info

126.42.252.222.in-addr.arpa domain name pointer static.vnpt.vn.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
126.42.252.222.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
209.17.96.210	attack	Port Scan: Events[9] countPorts[8]: 8443 8888 8081 8080 3000 4567 443 9000 ..	2020-04-18 05:32:06
183.250.159.23	attackspam	Port Scan: Events[1] countPorts[1]: 22 ..	2020-04-18 05:53:39
104.206.128.6	attackbots	GPL SNMP public access udp - port: 161 proto: UDP cat: Attempted Information Leak	2020-04-18 05:41:29
179.238.204.184	attackspam	Apr 17 20:53:15 h1946882 sshd[1063]: pam_unix(sshd:auth): authenticatio= n failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D179-2= 38-204-184.user.veloxzone.com.br=20 Apr 17 20:53:17 h1946882 sshd[1063]: Failed password for invalid user a= dmin from 179.238.204.184 port 59917 ssh2 Apr 17 20:53:56 h1946882 sshd[1063]: Received disconnect from 179.238.2= 04.184: 11: Bye Bye [preauth] Apr 17 21:01:28 h1946882 sshd[1136]: pam_unix(sshd:auth): authenticatio= n failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D179-2= 38-204-184.user.veloxzone.com.br=20 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=179.238.204.184	2020-04-18 05:51:21
68.183.137.173	attack	web-1 [ssh] SSH Attack	2020-04-18 05:33:41
51.91.140.218	attackbotsspam	Apr 17 23:18:55 ucs sshd\[28504\]: Invalid user butter from 51.91.140.218 port 35330 Apr 17 23:19:31 ucs sshd\[28688\]: Invalid user ansible from 51.91.140.218 port 40524 Apr 17 23:20:41 ucs sshd\[29109\]: Invalid user git from 51.91.140.218 port 50706 ...	2020-04-18 05:31:06
162.243.133.226	attackbots	Port Scan: Events[1] countPorts[1]: 1604 ..	2020-04-18 05:44:34
180.113.27.109	attackbots	Apr 17 21:22:15 host proftpd[19904]: 0.0.0.0 (180.113.27.109[180.113.27.109]) - USER anonymous: no such user found from 180.113.27.109 [180.113.27.109] to 163.172.107.87:21 ...	2020-04-18 05:35:43
81.28.100.155	attackbots	Apr 17 21:21:14 exim[25521]: [1\47] 1jPWY5-0006dd-Gn H=(command.atalizinq.com) [81.28.100.155] F= rejected after DATA: This message scored 104.4 spam points.	2020-04-18 05:51:42
196.52.43.84	attackspam	Port Scan: Events[1] countPorts[1]: 8531 ..	2020-04-18 05:29:25
186.101.233.134	attackbots	Apr 17 22:54:30 server sshd[10883]: Failed password for root from 186.101.233.134 port 46714 ssh2 Apr 17 23:07:15 server sshd[13024]: Failed password for invalid user ki from 186.101.233.134 port 39376 ssh2 Apr 17 23:11:18 server sshd[13814]: Failed password for root from 186.101.233.134 port 46754 ssh2	2020-04-18 05:44:10
192.241.238.14	attack	Port Scan: Events[1] countPorts[1]: 50070 ..	2020-04-18 05:49:16
106.12.140.168	attackbotsspam	Port Scan: Events[1] countPorts[1]: 1145 ..	2020-04-18 05:33:17
182.43.215.50	attackbots	Unauthorized SSH login attempts	2020-04-18 06:07:03
138.197.175.236	attack	2020-04-17T21:47:11.775066shield sshd\[13251\]: Invalid user git from 138.197.175.236 port 59716 2020-04-17T21:47:11.780179shield sshd\[13251\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.175.236 2020-04-17T21:47:14.326675shield sshd\[13251\]: Failed password for invalid user git from 138.197.175.236 port 59716 ssh2 2020-04-17T21:50:17.418757shield sshd\[13521\]: Invalid user admin from 138.197.175.236 port 60412 2020-04-17T21:50:17.422376shield sshd\[13521\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.175.236	2020-04-18 05:56:37

Recently Reported IPs

91.226.152.116	88.85.94.227	197.237.118.204	140.121.199.228
201.204.136.32	115.85.17.158	220.130.34.69	145.184.52.227
28.132.131.30	162.243.145.137	250.214.234.1	54.36.148.95
199.127.60.228	125.227.255.81	30.175.146.168	219.105.32.172
41.218.192.247	201.87.233.60	91.246.1.9	68.183.67.223