42.112.166.22 - IPInfo

Basic Info

City: Hanoi

Region: Hanoi

Country: Vietnam

Internet Service Provider: FPT Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 42.112.166.22 to port 23	2019-12-31 03:17:11

Comments on same subnet:

IP	Type	Details	Datetime
42.112.166.157	attack	Jan 3 14:05:16 debian-2gb-nbg1-2 kernel: \[316043.135600\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=42.112.166.157 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=1409 PROTO=TCP SPT=43185 DPT=23 WINDOW=17985 RES=0x00 SYN URGP=0	2020-01-03 23:46:34

Type

Details

Datetime

42.112.166.157

attack

Jan  3 14:05:16 debian-2gb-nbg1-2 kernel: \[316043.135600\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=42.112.166.157 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=1409 PROTO=TCP SPT=43185 DPT=23 WINDOW=17985 RES=0x00 SYN URGP=0

2020-01-03 23:46:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.112.166.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25465
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.112.166.22.			IN	A

;; AUTHORITY SECTION:
.			484	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019123001 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 31 03:17:07 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 22.166.112.42.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 22.166.112.42.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.147.165.128	attackbotsspam	Invalid user cdf from 190.147.165.128 port 57110	2020-05-23 17:28:44
114.5.249.24	attackbotsspam	Invalid user admin from 114.5.249.24 port 56502	2020-05-23 17:51:18
95.57.115.65	attackspambots	Port probing on unauthorized port 23	2020-05-23 17:57:30
159.192.184.59	attack	Invalid user r00t from 159.192.184.59 port 62053	2020-05-23 17:40:48
94.102.51.29	attackspambots	Port scanning [16 denied]	2020-05-23 17:58:25
163.172.50.34	attackspam	Invalid user rii from 163.172.50.34 port 35994	2020-05-23 17:39:53
92.119.160.145	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 89 - port: 5989 proto: TCP cat: Misc Attack	2020-05-23 18:00:31
213.166.150.98	attackspam	Invalid user admin from 213.166.150.98 port 59015	2020-05-23 17:23:48
188.173.80.134	attackbots	Wordpress malicious attack:[sshd]	2020-05-23 17:30:04
112.197.0.91	attackspam	Invalid user pi from 112.197.0.91 port 21971	2020-05-23 17:52:10
202.102.79.232	attackspam	2020-05-23T03:08:37.844652morrigan.ad5gb.com sshd[3524]: Invalid user ouy from 202.102.79.232 port 20818 2020-05-23T03:08:39.979252morrigan.ad5gb.com sshd[3524]: Failed password for invalid user ouy from 202.102.79.232 port 20818 ssh2 2020-05-23T03:08:41.970784morrigan.ad5gb.com sshd[3524]: Disconnected from invalid user ouy 202.102.79.232 port 20818 [preauth]	2020-05-23 17:25:06
122.51.154.136	attack	May 23 11:13:33 abendstille sshd\[25980\]: Invalid user sfe from 122.51.154.136 May 23 11:13:33 abendstille sshd\[25980\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.154.136 May 23 11:13:35 abendstille sshd\[25980\]: Failed password for invalid user sfe from 122.51.154.136 port 58760 ssh2 May 23 11:14:54 abendstille sshd\[27282\]: Invalid user los from 122.51.154.136 May 23 11:14:54 abendstille sshd\[27282\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.154.136 ...	2020-05-23 17:49:19
122.51.108.68	attackspam	May 23 09:28:13 mail sshd[11008]: Invalid user bku from 122.51.108.68 May 23 09:28:13 mail sshd[11008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.108.68 May 23 09:28:13 mail sshd[11008]: Invalid user bku from 122.51.108.68 May 23 09:28:15 mail sshd[11008]: Failed password for invalid user bku from 122.51.108.68 port 58050 ssh2 ...	2020-05-23 17:49:31
188.191.18.129	attackspambots	Invalid user gmh from 188.191.18.129 port 52272	2020-05-23 17:29:33
176.236.199.72	attackspam	Invalid user r00t from 176.236.199.72 port 33960	2020-05-23 17:37:53

Recently Reported IPs

1.55.174.141	157.41.194.249	35.77.156.23	88.71.44.67
16.141.131.190	83.251.157.249	1.52.143.208	183.69.142.5
223.132.234.164	93.181.26.158	218.74.129.145	100.136.49.192
56.238.210.124	218.77.52.54	66.124.228.59	218.43.215.19
123.90.163.125	64.47.104.66	218.15.43.109	119.11.84.218