42.159.121.111

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shanghai Blue Cloud Technology Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Nov 2 05:31:47 v22018076622670303 sshd\[17368\]: Invalid user paula from 42.159.121.111 port 36582 Nov 2 05:31:47 v22018076622670303 sshd\[17368\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.111 Nov 2 05:31:50 v22018076622670303 sshd\[17368\]: Failed password for invalid user paula from 42.159.121.111 port 36582 ssh2 ...	2019-11-02 14:32:27
attackbots	Invalid user psimiyu from 42.159.121.111 port 3466	2019-11-01 08:13:55
attackbotsspam	2019-10-28T06:36:08.536121abusebot-7.cloudsearch.cf sshd\[2721\]: Invalid user jboss from 42.159.121.111 port 7602	2019-10-28 16:00:47
attack	Oct 12 09:34:28 home sshd[31667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.111 user=root Oct 12 09:34:31 home sshd[31667]: Failed password for root from 42.159.121.111 port 45560 ssh2 Oct 12 09:45:10 home sshd[31732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.111 user=root Oct 12 09:45:13 home sshd[31732]: Failed password for root from 42.159.121.111 port 11786 ssh2 Oct 12 09:50:09 home sshd[31785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.111 user=root Oct 12 09:50:10 home sshd[31785]: Failed password for root from 42.159.121.111 port 48678 ssh2 Oct 12 09:55:01 home sshd[31845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.111 user=root Oct 12 09:55:02 home sshd[31845]: Failed password for root from 42.159.121.111 port 21572 ssh2 Oct 12 09:59:39 home sshd[31914]: pam_unix(sshd:auth	2019-10-13 06:03:51
attackbotsspam	Sep 15 07:10:14 www sshd\[49306\]: Invalid user ethernet from 42.159.121.111Sep 15 07:10:17 www sshd\[49306\]: Failed password for invalid user ethernet from 42.159.121.111 port 31546 ssh2Sep 15 07:12:43 www sshd\[49356\]: Invalid user sklopaket from 42.159.121.111 ...	2019-09-15 12:37:36
attackbots	Aug 30 20:21:54 kapalua sshd\[28056\]: Invalid user franklin from 42.159.121.111 Aug 30 20:21:54 kapalua sshd\[28056\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.111 Aug 30 20:21:55 kapalua sshd\[28056\]: Failed password for invalid user franklin from 42.159.121.111 port 11304 ssh2 Aug 30 20:25:06 kapalua sshd\[28344\]: Invalid user colton from 42.159.121.111 Aug 30 20:25:06 kapalua sshd\[28344\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.111	2019-08-31 18:46:37
attackspambots	Aug 13 09:32:00 ubuntu-2gb-nbg1-dc3-1 sshd[24535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.111 Aug 13 09:32:02 ubuntu-2gb-nbg1-dc3-1 sshd[24535]: Failed password for invalid user usuario from 42.159.121.111 port 49952 ssh2 ...	2019-08-13 19:36:19
attackspambots	Jul 29 06:54:30 xb0 sshd[11063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.111 user=r.r Jul 29 06:54:32 xb0 sshd[11063]: Failed password for r.r from 42.159.121.111 port 63912 ssh2 Jul 29 06:54:32 xb0 sshd[11063]: Received disconnect from 42.159.121.111: 11: Bye Bye [preauth] Jul 29 06:57:36 xb0 sshd[4224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.111 user=r.r Jul 29 06:57:38 xb0 sshd[4224]: Failed password for r.r from 42.159.121.111 port 30618 ssh2 Jul 29 06:57:38 xb0 sshd[4224]: Received disconnect from 42.159.121.111: 11: Bye Bye [preauth] Jul 29 07:00:47 xb0 sshd[32319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.111 user=r.r Jul 29 07:00:49 xb0 sshd[32319]: Failed password for r.r from 42.159.121.111 port 61330 ssh2 Jul 29 07:00:49 xb0 sshd[32319]: Received disconnect from 42.159.121.111: 11: ........ -------------------------------	2019-07-29 22:54:21

Comments on same subnet:

IP	Type	Details	Datetime
42.159.121.246	attackbots	Aug 15 08:56:32 gw1 sshd[27897]: Failed password for root from 42.159.121.246 port 58060 ssh2 ...	2020-08-15 13:09:43
42.159.121.246	attack	Aug 10 14:07:46 vm0 sshd[9356]: Failed password for root from 42.159.121.246 port 49760 ssh2 ...	2020-08-10 21:59:53
42.159.121.246	attackbotsspam	Jul 22 04:24:55 game-panel sshd[15295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246 Jul 22 04:24:58 game-panel sshd[15295]: Failed password for invalid user joana from 42.159.121.246 port 56758 ssh2 Jul 22 04:27:44 game-panel sshd[15471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246	2020-07-22 12:52:37
42.159.121.246	attackspam	Jul 19 21:30:07 ns382633 sshd\[25140\]: Invalid user splunk from 42.159.121.246 port 40870 Jul 19 21:30:07 ns382633 sshd\[25140\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246 Jul 19 21:30:09 ns382633 sshd\[25140\]: Failed password for invalid user splunk from 42.159.121.246 port 40870 ssh2 Jul 19 21:38:45 ns382633 sshd\[26657\]: Invalid user qsc from 42.159.121.246 port 57186 Jul 19 21:38:45 ns382633 sshd\[26657\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246	2020-07-20 05:38:15
42.159.121.246	attackbots	Jul 6 06:18:33 h2779839 sshd[25054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246 user=root Jul 6 06:18:34 h2779839 sshd[25054]: Failed password for root from 42.159.121.246 port 38500 ssh2 Jul 6 06:19:56 h2779839 sshd[25060]: Invalid user somnath from 42.159.121.246 port 55454 Jul 6 06:19:56 h2779839 sshd[25060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246 Jul 6 06:19:56 h2779839 sshd[25060]: Invalid user somnath from 42.159.121.246 port 55454 Jul 6 06:19:59 h2779839 sshd[25060]: Failed password for invalid user somnath from 42.159.121.246 port 55454 ssh2 Jul 6 06:21:22 h2779839 sshd[25082]: Invalid user ubuntu from 42.159.121.246 port 44176 Jul 6 06:21:22 h2779839 sshd[25082]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246 Jul 6 06:21:22 h2779839 sshd[25082]: Invalid user ubuntu from 42.159.121.246 port ...	2020-07-06 13:06:38
42.159.121.246	attackspam	Jun 25 02:02:54 ny01 sshd[2682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246 Jun 25 02:02:56 ny01 sshd[2682]: Failed password for invalid user william from 42.159.121.246 port 49128 ssh2 Jun 25 02:06:42 ny01 sshd[3186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246	2020-06-25 18:09:07
42.159.121.246	attackbotsspam	DATE:2020-06-20 14:15:13, IP:42.159.121.246, PORT:ssh SSH brute force auth (docker-dc)	2020-06-21 01:39:15
42.159.121.246	attackspam	SSH Honeypot -> SSH Bruteforce / Login	2020-06-17 22:50:12
42.159.121.246	attackbots	Jun 17 11:35:11 ns3164893 sshd[10938]: Failed password for root from 42.159.121.246 port 42140 ssh2 Jun 17 11:48:03 ns3164893 sshd[11091]: Invalid user lizhen from 42.159.121.246 port 60040 ...	2020-06-17 18:38:42
42.159.121.246	attackspam	2020-06-16T20:02:38.448865sd-86998 sshd[5578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246 user=root 2020-06-16T20:02:40.632831sd-86998 sshd[5578]: Failed password for root from 42.159.121.246 port 34806 ssh2 2020-06-16T20:06:31.277342sd-86998 sshd[6010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246 user=root 2020-06-16T20:06:32.778963sd-86998 sshd[6010]: Failed password for root from 42.159.121.246 port 58490 ssh2 2020-06-16T20:10:10.908032sd-86998 sshd[6356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246 user=root 2020-06-16T20:10:13.142238sd-86998 sshd[6356]: Failed password for root from 42.159.121.246 port 53944 ssh2 ...	2020-06-17 04:06:13
42.159.121.246	attackspam	2020-05-28T12:10:13.076954abusebot-2.cloudsearch.cf sshd[31555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246 user=root 2020-05-28T12:10:14.997988abusebot-2.cloudsearch.cf sshd[31555]: Failed password for root from 42.159.121.246 port 44880 ssh2 2020-05-28T12:12:39.689459abusebot-2.cloudsearch.cf sshd[31566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246 user=root 2020-05-28T12:12:41.319504abusebot-2.cloudsearch.cf sshd[31566]: Failed password for root from 42.159.121.246 port 50182 ssh2 2020-05-28T12:15:08.091492abusebot-2.cloudsearch.cf sshd[31580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246 user=root 2020-05-28T12:15:09.842122abusebot-2.cloudsearch.cf sshd[31580]: Failed password for root from 42.159.121.246 port 55472 ssh2 2020-05-28T12:17:49.015473abusebot-2.cloudsearch.cf sshd[31629]: Invalid user devonsh ...	2020-05-29 00:30:43
42.159.121.246	attackspam	May 25 20:22:25 Ubuntu-1404-trusty-64-minimal sshd\[26183\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246 user=root May 25 20:22:27 Ubuntu-1404-trusty-64-minimal sshd\[26183\]: Failed password for root from 42.159.121.246 port 36428 ssh2 May 25 20:39:01 Ubuntu-1404-trusty-64-minimal sshd\[11161\]: Invalid user windowserver from 42.159.121.246 May 25 20:39:01 Ubuntu-1404-trusty-64-minimal sshd\[11161\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246 May 25 20:39:03 Ubuntu-1404-trusty-64-minimal sshd\[11161\]: Failed password for invalid user windowserver from 42.159.121.246 port 60910 ssh2	2020-05-26 02:54:21
42.159.121.246	attackbots	May 8 22:25:12 melroy-server sshd[11916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246 May 8 22:25:14 melroy-server sshd[11916]: Failed password for invalid user web1 from 42.159.121.246 port 47810 ssh2 ...	2020-05-09 21:42:34
42.159.121.246	attackspambots	Apr 29 00:50:43 minden010 sshd[6612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246 Apr 29 00:50:45 minden010 sshd[6612]: Failed password for invalid user audi from 42.159.121.246 port 42538 ssh2 Apr 29 00:53:46 minden010 sshd[7543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.121.246 ...	2020-04-29 07:00:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.159.121.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18292
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.159.121.111.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 29 22:53:58 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 111.121.159.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 111.121.159.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.38.238.22	attackbots	SSH Brute-Force attacks	2019-11-04 17:52:13
66.115.173.18	attack	xmlrpc attack	2019-11-04 18:07:08
91.207.40.43	attack	Nov 3 23:10:20 tdfoods sshd\[18929\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.207.40.43 user=root Nov 3 23:10:21 tdfoods sshd\[18929\]: Failed password for root from 91.207.40.43 port 55598 ssh2 Nov 3 23:14:41 tdfoods sshd\[19295\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.207.40.43 user=root Nov 3 23:14:43 tdfoods sshd\[19295\]: Failed password for root from 91.207.40.43 port 37626 ssh2 Nov 3 23:19:03 tdfoods sshd\[19654\]: Invalid user test from 91.207.40.43	2019-11-04 17:42:00
178.62.76.138	attack	178.62.76.138 - - \[04/Nov/2019:06:27:04 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 178.62.76.138 - - \[04/Nov/2019:06:27:05 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-11-04 17:57:48
89.22.251.224	attackspambots	postfix (unknown user, SPF fail or relay access denied)	2019-11-04 17:43:29
58.240.110.174	attack	Nov 4 06:14:31 lvps87-230-18-107 sshd[32549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.240.110.174 user=r.r Nov 4 06:14:33 lvps87-230-18-107 sshd[32549]: Failed password for r.r from 58.240.110.174 port 36066 ssh2 Nov 4 06:14:33 lvps87-230-18-107 sshd[32549]: Received disconnect from 58.240.110.174: 11: Bye Bye [preauth] Nov 4 06:46:38 lvps87-230-18-107 sshd[487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.240.110.174 user=r.r Nov 4 06:46:40 lvps87-230-18-107 sshd[487]: Failed password for r.r from 58.240.110.174 port 53550 ssh2 Nov 4 06:46:40 lvps87-230-18-107 sshd[487]: Received disconnect from 58.240.110.174: 11: Bye Bye [preauth] Nov 4 06:48:34 lvps87-230-18-107 sshd[499]: Invalid user amoswon from 58.240.110.174 Nov 4 06:48:34 lvps87-230-18-107 sshd[499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.240.110.174 N........ -------------------------------	2019-11-04 17:48:23
45.142.195.5	attack	Nov 4 10:48:05 vmanager6029 postfix/smtpd\[16176\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 4 10:49:04 vmanager6029 postfix/smtpd\[16176\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-04 17:52:48
159.89.235.61	attack	2019-11-04T08:03:05.724679host3.slimhost.com.ua sshd[1100078]: Invalid user toonami from 159.89.235.61 port 59154 2019-11-04T08:03:05.729370host3.slimhost.com.ua sshd[1100078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.235.61 2019-11-04T08:03:05.724679host3.slimhost.com.ua sshd[1100078]: Invalid user toonami from 159.89.235.61 port 59154 2019-11-04T08:03:08.142609host3.slimhost.com.ua sshd[1100078]: Failed password for invalid user toonami from 159.89.235.61 port 59154 ssh2 2019-11-04T08:07:09.048060host3.slimhost.com.ua sshd[1103603]: Invalid user villain from 159.89.235.61 port 40482 ...	2019-11-04 17:50:37
67.205.135.65	attackbots	Nov 4 07:55:09 legacy sshd[29405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.135.65 Nov 4 07:55:12 legacy sshd[29405]: Failed password for invalid user carole from 67.205.135.65 port 46678 ssh2 Nov 4 07:59:08 legacy sshd[29493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.135.65 ...	2019-11-04 17:32:27
112.85.42.195	attackbotsspam	2019-11-04T09:53:22.950642abusebot-7.cloudsearch.cf sshd\[9056\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root	2019-11-04 18:05:17
112.199.117.139	attackbotsspam	php WP PHPmyadamin ABUSE blocked for 12h	2019-11-04 18:01:29
178.21.164.100	attackbots	Nov 4 08:52:49 ip-172-31-1-72 sshd\[19291\]: Invalid user apache from 178.21.164.100 Nov 4 08:52:49 ip-172-31-1-72 sshd\[19291\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.21.164.100 Nov 4 08:52:51 ip-172-31-1-72 sshd\[19291\]: Failed password for invalid user apache from 178.21.164.100 port 47026 ssh2 Nov 4 08:59:05 ip-172-31-1-72 sshd\[19430\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.21.164.100 user=root Nov 4 08:59:07 ip-172-31-1-72 sshd\[19430\]: Failed password for root from 178.21.164.100 port 52168 ssh2	2019-11-04 17:58:25
95.9.196.227	attack	Automatic report - Port Scan Attack	2019-11-04 17:39:58
148.70.33.136	attack	Nov 4 02:32:44 mailserver sshd[22202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.33.136 user=r.r Nov 4 02:32:46 mailserver sshd[22202]: Failed password for r.r from 148.70.33.136 port 46568 ssh2 Nov 4 02:32:46 mailserver sshd[22202]: Received disconnect from 148.70.33.136 port 46568:11: Bye Bye [preauth] Nov 4 02:32:46 mailserver sshd[22202]: Disconnected from 148.70.33.136 port 46568 [preauth] Nov 4 02:58:05 mailserver sshd[23728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.33.136 user=r.r Nov 4 02:58:07 mailserver sshd[23728]: Failed password for r.r from 148.70.33.136 port 53086 ssh2 Nov 4 02:58:07 mailserver sshd[23728]: Received disconnect from 148.70.33.136 port 53086:11: Bye Bye [preauth] Nov 4 02:58:07 mailserver sshd[23728]: Disconnected from 148.70.33.136 port 53086 [preauth] Nov 4 03:03:18 mailserver sshd[24034]: Invalid user cn from 148.70.33.1........ -------------------------------	2019-11-04 17:41:29
120.36.2.217	attackbotsspam	Nov 4 09:36:40 srv206 sshd[31476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.36.2.217 user=root Nov 4 09:36:42 srv206 sshd[31476]: Failed password for root from 120.36.2.217 port 42668 ssh2 Nov 4 09:43:09 srv206 sshd[31509]: Invalid user hayden from 120.36.2.217 ...	2019-11-04 17:42:30

Recently Reported IPs

186.194.128.6	119.63.83.76	117.93.96.62	13.67.74.251
113.121.71.121	189.134.31.34	192.99.245.235	66.249.73.142
95.38.71.4	94.74.177.116	13.48.6.121	165.22.171.229
13.250.57.112	194.226.88.172	79.215.66.228	190.226.186.75
13.233.218.245	182.46.86.252	138.97.221.45	129.28.180.174