42.2.156.124 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port probing on unauthorized port 5555	2020-02-08 01:29:12

Comments on same subnet:

IP	Type	Details	Datetime
42.2.156.28	attackbots	Unauthorized connection attempt detected from IP address 42.2.156.28 to port 5555 [J]	2020-01-22 23:11:50
42.2.156.6	attack	Unauthorized connection attempt detected from IP address 42.2.156.6 to port 5555 [J]	2020-01-13 20:08:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.2.156.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50332
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.2.156.124.			IN	A

;; AUTHORITY SECTION:
.			549	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020700 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 08 01:29:07 CST 2020
;; MSG SIZE  rcvd: 116

Host info

124.156.2.42.in-addr.arpa domain name pointer 42-2-156-124.static.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
124.156.2.42.in-addr.arpa	name = 42-2-156-124.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
184.103.163.15	attack	Telnetd brute force attack detected by fail2ban	2019-10-04 19:08:34
185.176.27.86	attack	10/04/2019-13:19:18.509663 185.176.27.86 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-04 19:43:59
185.142.236.129	attackbots	Oct 4 05:45:36 km20725 sshd\[17684\]: Invalid user 123 from 185.142.236.129Oct 4 05:45:39 km20725 sshd\[17684\]: Failed password for invalid user 123 from 185.142.236.129 port 41416 ssh2Oct 4 05:49:47 km20725 sshd\[17857\]: Invalid user H0st@2017 from 185.142.236.129Oct 4 05:49:50 km20725 sshd\[17857\]: Failed password for invalid user H0st@2017 from 185.142.236.129 port 56250 ssh2 ...	2019-10-04 19:04:42
111.231.72.231	attack	Oct 4 10:11:57 dedicated sshd[9385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.72.231 user=root Oct 4 10:11:59 dedicated sshd[9385]: Failed password for root from 111.231.72.231 port 60446 ssh2	2019-10-04 19:09:33
76.24.160.205	attackspam	fail2ban	2019-10-04 19:32:03
81.22.45.116	attackbots	Port scan on 3 port(s): 59950 60247 60275	2019-10-04 19:13:53
128.199.129.68	attackspambots	Invalid user sigmund from 128.199.129.68 port 48148	2019-10-04 19:08:52
184.168.192.128	attackbotsspam	xmlrpc attack	2019-10-04 19:18:37
50.64.152.76	attackbots	Oct 4 12:47:25 MK-Soft-VM5 sshd[32311]: Failed password for root from 50.64.152.76 port 58484 ssh2 ...	2019-10-04 19:08:15
111.231.71.157	attack	Oct 4 09:50:15 mail sshd\[30759\]: Invalid user 1234ABCD from 111.231.71.157 port 55786 Oct 4 09:50:15 mail sshd\[30759\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.71.157 Oct 4 09:50:17 mail sshd\[30759\]: Failed password for invalid user 1234ABCD from 111.231.71.157 port 55786 ssh2 Oct 4 09:54:34 mail sshd\[31394\]: Invalid user Relationen from 111.231.71.157 port 40326 Oct 4 09:54:34 mail sshd\[31394\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.71.157	2019-10-04 19:43:36
70.71.148.228	attackbots	Oct 4 12:15:59 microserver sshd[8091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.71.148.228 user=root Oct 4 12:16:02 microserver sshd[8091]: Failed password for root from 70.71.148.228 port 54273 ssh2 Oct 4 12:19:58 microserver sshd[8288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.71.148.228 user=root Oct 4 12:20:00 microserver sshd[8288]: Failed password for root from 70.71.148.228 port 46363 ssh2 Oct 4 12:23:58 microserver sshd[8896]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.71.148.228 user=root Oct 4 12:35:37 microserver sshd[10678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.71.148.228 user=root Oct 4 12:35:39 microserver sshd[10678]: Failed password for root from 70.71.148.228 port 42943 ssh2 Oct 4 12:39:36 microserver sshd[10901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tt	2019-10-04 19:14:28
181.174.164.161	attackbotsspam	Oct 3 14:41:33 localhost kernel: [3865912.288424] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=181.174.164.161 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=68 ID=62208 DF PROTO=TCP SPT=54179 DPT=22 SEQ=3858059240 ACK=0 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 3 17:07:21 localhost kernel: [3874660.022760] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=181.174.164.161 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=81 ID=52759 DF PROTO=TCP SPT=63702 DPT=22 SEQ=921582379 ACK=0 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 3 23:49:19 localhost kernel: [3898778.062676] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=181.174.164.161 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=69 ID=21998 DF PROTO=TCP SPT=56860 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 3 23:49:19 localhost kernel: [3898778.062705] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=181.174.164.161 DST=[	2019-10-04 19:22:24
134.73.76.124	attackbots	Spam mails sent to address hacked/leaked from Nexus Mods in July 2013	2019-10-04 19:06:10
50.239.143.100	attackspambots	Oct 4 00:59:07 tdfoods sshd\[10266\]: Invalid user Qwert@1234 from 50.239.143.100 Oct 4 00:59:07 tdfoods sshd\[10266\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.239.143.100 Oct 4 00:59:09 tdfoods sshd\[10266\]: Failed password for invalid user Qwert@1234 from 50.239.143.100 port 45974 ssh2 Oct 4 01:03:34 tdfoods sshd\[10632\]: Invalid user Qwert@1234 from 50.239.143.100 Oct 4 01:03:34 tdfoods sshd\[10632\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.239.143.100	2019-10-04 19:32:29
113.173.76.74	attackspambots	Chat Spam	2019-10-04 19:19:08

Recently Reported IPs

156.236.119.159	195.2.38.226	103.129.223.101	31.176.180.114
45.230.68.179	20.48.223.10	199.27.180.187	148.146.61.75
94.23.199.52	110.210.102.69	83.152.116.199	43.13.169.159
183.213.228.127	121.129.204.158	63.59.151.164	171.228.179.206
192.194.123.27	58.236.156.35	60.134.168.210	31.122.1.103