42.2.156.124 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port probing on unauthorized port 5555	2020-02-08 01:29:12

Comments on same subnet:

IP	Type	Details	Datetime
42.2.156.28	attackbots	Unauthorized connection attempt detected from IP address 42.2.156.28 to port 5555 [J]	2020-01-22 23:11:50
42.2.156.6	attack	Unauthorized connection attempt detected from IP address 42.2.156.6 to port 5555 [J]	2020-01-13 20:08:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.2.156.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50332
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.2.156.124.			IN	A

;; AUTHORITY SECTION:
.			549	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020700 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 08 01:29:07 CST 2020
;; MSG SIZE  rcvd: 116

Host info

124.156.2.42.in-addr.arpa domain name pointer 42-2-156-124.static.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
124.156.2.42.in-addr.arpa	name = 42-2-156-124.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
217.218.83.23	attack	$f2bV_matches	2019-12-15 07:06:12
27.17.36.254	attackbotsspam	Dec 15 00:02:14 mail sshd[14584]: Invalid user vincents from 27.17.36.254 Dec 15 00:02:14 mail sshd[14584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.17.36.254 Dec 15 00:02:14 mail sshd[14584]: Invalid user vincents from 27.17.36.254 Dec 15 00:02:17 mail sshd[14584]: Failed password for invalid user vincents from 27.17.36.254 port 62211 ssh2 ...	2019-12-15 07:07:45
148.70.223.115	attack	Dec 14 12:46:03 sachi sshd\[32062\]: Invalid user pozzi from 148.70.223.115 Dec 14 12:46:03 sachi sshd\[32062\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.223.115 Dec 14 12:46:05 sachi sshd\[32062\]: Failed password for invalid user pozzi from 148.70.223.115 port 51672 ssh2 Dec 14 12:52:12 sachi sshd\[32608\]: Invalid user skrkekfd from 148.70.223.115 Dec 14 12:52:12 sachi sshd\[32608\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.223.115	2019-12-15 07:02:15
210.245.26.142	attackbots	Dec 14 23:31:24 mc1 kernel: \[521513.040004\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=210.245.26.142 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=9503 PROTO=TCP SPT=56123 DPT=6306 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 14 23:34:40 mc1 kernel: \[521708.949823\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=210.245.26.142 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=8682 PROTO=TCP SPT=56123 DPT=6336 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 14 23:34:54 mc1 kernel: \[521722.540288\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=210.245.26.142 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=52757 PROTO=TCP SPT=56123 DPT=6897 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-12-15 06:35:30
118.25.79.17	attackspambots	Automatic report - XMLRPC Attack	2019-12-15 06:53:51
47.75.128.216	attack	Automatic report - XMLRPC Attack	2019-12-15 06:40:16
106.13.121.8	attack	Dec 14 23:45:28 meumeu sshd[12450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.121.8 Dec 14 23:45:30 meumeu sshd[12450]: Failed password for invalid user webadmin from 106.13.121.8 port 50246 ssh2 Dec 14 23:52:12 meumeu sshd[13791]: Failed password for root from 106.13.121.8 port 53494 ssh2 ...	2019-12-15 07:04:22
200.70.56.204	attack	Dec 14 20:38:25 legacy sshd[18361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.70.56.204 Dec 14 20:38:27 legacy sshd[18361]: Failed password for invalid user galois from 200.70.56.204 port 39220 ssh2 Dec 14 20:46:35 legacy sshd[18738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.70.56.204 ...	2019-12-15 06:44:32
178.128.59.245	attack	Dec 15 01:36:26 server sshd\[14304\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.59.245 user=root Dec 15 01:36:28 server sshd\[14304\]: Failed password for root from 178.128.59.245 port 51298 ssh2 Dec 15 01:46:24 server sshd\[17305\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.59.245 user=root Dec 15 01:46:26 server sshd\[17305\]: Failed password for root from 178.128.59.245 port 49598 ssh2 Dec 15 01:52:11 server sshd\[18887\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.59.245 user=root ...	2019-12-15 07:03:32
178.62.95.122	attackspam	Dec 14 21:00:13 server sshd\[29604\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.95.122 user=vcsa Dec 14 21:00:14 server sshd\[29604\]: Failed password for vcsa from 178.62.95.122 port 35307 ssh2 Dec 14 21:07:31 server sshd\[31599\]: Invalid user tester from 178.62.95.122 Dec 14 21:07:31 server sshd\[31599\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.95.122 Dec 14 21:07:33 server sshd\[31599\]: Failed password for invalid user tester from 178.62.95.122 port 54258 ssh2 ...	2019-12-15 06:47:14
71.72.12.0	attackspambots	Dec 14 12:47:02 sachi sshd\[32140\]: Invalid user hurst from 71.72.12.0 Dec 14 12:47:02 sachi sshd\[32140\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-71-72-12-0.neo.res.rr.com Dec 14 12:47:05 sachi sshd\[32140\]: Failed password for invalid user hurst from 71.72.12.0 port 35408 ssh2 Dec 14 12:52:18 sachi sshd\[32637\]: Invalid user samira from 71.72.12.0 Dec 14 12:52:18 sachi sshd\[32637\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-71-72-12-0.neo.res.rr.com	2019-12-15 06:55:51
212.253.117.139	attackspam	Honeypot attack, port: 23, PTR: host-212-253-117-139.reverse.superonline.net.	2019-12-15 07:01:42
81.193.21.176	attack	Dec 14 23:52:17 MK-Soft-Root2 sshd[1413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.193.21.176 Dec 14 23:52:19 MK-Soft-Root2 sshd[1413]: Failed password for invalid user ke from 81.193.21.176 port 49458 ssh2 ...	2019-12-15 06:55:01
81.33.42.86	attackbotsspam	Automatic report - Port Scan Attack	2019-12-15 06:40:04
138.197.21.218	attackbotsspam	Dec 14 22:46:59 game-panel sshd[17104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.21.218 Dec 14 22:47:01 game-panel sshd[17104]: Failed password for invalid user banan from 138.197.21.218 port 38964 ssh2 Dec 14 22:52:10 game-panel sshd[17412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.21.218	2019-12-15 07:07:13

Recently Reported IPs

156.236.119.159	195.2.38.226	103.129.223.101	31.176.180.114
45.230.68.179	20.48.223.10	199.27.180.187	148.146.61.75
94.23.199.52	110.210.102.69	83.152.116.199	43.13.169.159
183.213.228.127	121.129.204.158	63.59.151.164	171.228.179.206
192.194.123.27	58.236.156.35	60.134.168.210	31.122.1.103