42.2.152.245 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: CSL Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.2.152.184	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-21 00:01:58
42.2.152.184	attack	2020-09-20T05:00:57.899689Z f7e21dc40991 New connection: 42.2.152.184:35809 (172.17.0.5:2222) [session: f7e21dc40991] 2020-09-20T05:01:00.916841Z cdb2f3783fc5 New connection: 42.2.152.184:36955 (172.17.0.5:2222) [session: cdb2f3783fc5]	2020-09-20 15:54:55
42.2.152.184	attackspam	Brute-force attempt banned	2020-09-20 07:44:59

Type

Details

Datetime

42.2.152.184

attack

Connection to SSH Honeypot - Detected by HoneypotDB

2020-09-21 00:01:58

42.2.152.184

attack

2020-09-20T05:00:57.899689Z f7e21dc40991 New connection: 42.2.152.184:35809 (172.17.0.5:2222) [session: f7e21dc40991]
2020-09-20T05:01:00.916841Z cdb2f3783fc5 New connection: 42.2.152.184:36955 (172.17.0.5:2222) [session: cdb2f3783fc5]

2020-09-20 15:54:55

42.2.152.184

attackspam

Brute-force attempt banned

2020-09-20 07:44:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.2.152.245
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5306
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.2.152.245.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025022703 1800 900 604800 86400

;; Query time: 36 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 28 08:02:41 CST 2025
;; MSG SIZE  rcvd: 105

Host info

245.152.2.42.in-addr.arpa domain name pointer 42-2-152-245.static.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
245.152.2.42.in-addr.arpa	name = 42-2-152-245.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
220.121.58.55	attack	SSH brutforce	2019-11-07 02:23:11
106.75.91.43	attackbots	$f2bV_matches	2019-11-07 02:30:29
187.201.144.23	attack	Automatic report - Banned IP Access	2019-11-07 02:17:38
111.198.54.177	attackspam	Nov 6 19:33:27 server sshd\[20412\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.198.54.177 user=root Nov 6 19:33:29 server sshd\[20412\]: Failed password for root from 111.198.54.177 port 59180 ssh2 Nov 6 19:44:10 server sshd\[23258\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.198.54.177 user=root Nov 6 19:44:12 server sshd\[23258\]: Failed password for root from 111.198.54.177 port 39630 ssh2 Nov 6 19:48:37 server sshd\[24508\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.198.54.177 user=root ...	2019-11-07 02:16:51
120.92.138.124	attackbotsspam	Nov 6 15:31:18 tux-35-217 sshd\[30657\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.138.124 user=root Nov 6 15:31:21 tux-35-217 sshd\[30657\]: Failed password for root from 120.92.138.124 port 35866 ssh2 Nov 6 15:36:40 tux-35-217 sshd\[30692\]: Invalid user kathrin from 120.92.138.124 port 7976 Nov 6 15:36:40 tux-35-217 sshd\[30692\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.138.124 ...	2019-11-07 02:27:59
92.119.160.107	attack	Nov 6 19:41:26 mc1 kernel: \[4351984.386287\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.107 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=1231 PROTO=TCP SPT=43393 DPT=52687 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 6 19:42:45 mc1 kernel: \[4352063.948457\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.107 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=41781 PROTO=TCP SPT=43393 DPT=53486 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 6 19:44:32 mc1 kernel: \[4352171.231839\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.107 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=59508 PROTO=TCP SPT=43393 DPT=53141 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-07 02:48:49
117.1.203.48	attackbotsspam	Nov 6 15:36:46 vmd17057 sshd\[21862\]: Invalid user admin from 117.1.203.48 port 51060 Nov 6 15:36:46 vmd17057 sshd\[21862\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.1.203.48 Nov 6 15:36:48 vmd17057 sshd\[21862\]: Failed password for invalid user admin from 117.1.203.48 port 51060 ssh2 ...	2019-11-07 02:55:12
124.255.1.200	attackspam	Automatic report - Banned IP Access	2019-11-07 02:37:28
112.85.42.186	attackspambots	Nov 7 00:00:58 areeb-Workstation sshd[2756]: Failed password for root from 112.85.42.186 port 33866 ssh2 ...	2019-11-07 02:42:56
89.248.174.3	attackbots	Port Scan detected from 89.248.174.3 (NL/Netherlands/security.criminalip.com). 4 hits in the last 290 seconds	2019-11-07 02:56:38
3.92.223.207	attackspam	As always with amazon web services	2019-11-07 02:16:31
37.59.110.165	attack	Nov 6 16:00:24 SilenceServices sshd[11234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.110.165 Nov 6 16:00:26 SilenceServices sshd[11234]: Failed password for invalid user pn from 37.59.110.165 port 57346 ssh2 Nov 6 16:03:56 SilenceServices sshd[13616]: Failed password for root from 37.59.110.165 port 38668 ssh2	2019-11-07 02:21:23
185.74.4.189	attackspambots	Nov 6 07:06:52 eddieflores sshd\[13498\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.74.4.189 user=root Nov 6 07:06:54 eddieflores sshd\[13498\]: Failed password for root from 185.74.4.189 port 36340 ssh2 Nov 6 07:11:12 eddieflores sshd\[13915\]: Invalid user foxi from 185.74.4.189 Nov 6 07:11:12 eddieflores sshd\[13915\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.74.4.189 Nov 6 07:11:14 eddieflores sshd\[13915\]: Failed password for invalid user foxi from 185.74.4.189 port 45068 ssh2	2019-11-07 02:54:59
180.168.70.190	attackspambots	2019-11-06T17:54:58.238566abusebot-8.cloudsearch.cf sshd\[30454\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.70.190 user=root	2019-11-07 02:39:59
218.28.168.4	attack	Nov 6 16:39:02 MK-Soft-VM7 sshd[3711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.28.168.4 Nov 6 16:39:04 MK-Soft-VM7 sshd[3711]: Failed password for invalid user Pass123456789 from 218.28.168.4 port 12930 ssh2 ...	2019-11-07 02:28:40

Recently Reported IPs

47.64.124.214	87.25.144.217	108.231.102.146	71.199.79.178
247.68.188.130	122.134.227.25	180.80.154.42	240.179.125.247
229.77.191.203	245.32.94.169	77.168.237.201	252.168.118.120
132.129.114.61	84.159.86.212	166.40.104.84	107.173.24.93
218.27.194.195	89.73.115.173	240.152.83.20	224.168.125.152