42.2.156.6 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 42.2.156.6 to port 5555 [J]	2020-01-13 20:08:18

Comments on same subnet:

IP	Type	Details	Datetime
42.2.156.124	attack	Port probing on unauthorized port 5555	2020-02-08 01:29:12
42.2.156.28	attackbots	Unauthorized connection attempt detected from IP address 42.2.156.28 to port 5555 [J]	2020-01-22 23:11:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.2.156.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46711
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.2.156.6.			IN	A

;; AUTHORITY SECTION:
.			554	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011300 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 13 20:08:15 CST 2020
;; MSG SIZE  rcvd: 114

Host info

6.156.2.42.in-addr.arpa domain name pointer 42-2-156-006.static.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
6.156.2.42.in-addr.arpa	name = 42-2-156-006.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.68.218.135	attackbotsspam	Port scan attempt detected by AWS-CCS, CTS, India	2019-09-22 18:16:47
200.95.175.48	attackspam	Sep 22 13:42:35 tuotantolaitos sshd[18298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.95.175.48 Sep 22 13:42:37 tuotantolaitos sshd[18298]: Failed password for invalid user qazwsx123 from 200.95.175.48 port 45552 ssh2 ...	2019-09-22 18:56:38
117.73.2.103	attackbotsspam	Sep 22 11:15:59 vps647732 sshd[2486]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.73.2.103 Sep 22 11:16:02 vps647732 sshd[2486]: Failed password for invalid user paulette from 117.73.2.103 port 53538 ssh2 ...	2019-09-22 17:34:37
36.84.49.57	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-22 02:22:12,607 INFO [shellcode_manager] (36.84.49.57) no match, writing hexdump (5693a7ab1bb47f620f862fc3bf72bfc1 :2162084) - MS17010 (EternalBlue)	2019-09-22 18:34:54
34.67.85.218	attack	Sep 20 22:09:07 plesk sshd[9085]: Invalid user anurag from 34.67.85.218 Sep 20 22:09:09 plesk sshd[9085]: Failed password for invalid user anurag from 34.67.85.218 port 60100 ssh2 Sep 20 22:09:09 plesk sshd[9085]: Received disconnect from 34.67.85.218: 11: Bye Bye [preauth] Sep 20 22:17:23 plesk sshd[9878]: Invalid user 35 from 34.67.85.218 Sep 20 22:17:24 plesk sshd[9878]: Failed password for invalid user 35 from 34.67.85.218 port 44212 ssh2 Sep 20 22:17:25 plesk sshd[9878]: Received disconnect from 34.67.85.218: 11: Bye Bye [preauth] Sep 20 22:21:11 plesk sshd[10290]: Invalid user test from 34.67.85.218 Sep 20 22:21:13 plesk sshd[10290]: Failed password for invalid user test from 34.67.85.218 port 59306 ssh2 Sep 20 22:21:13 plesk sshd[10290]: Received disconnect from 34.67.85.218: 11: Bye Bye [preauth] Sep 20 22:25:04 plesk sshd[10635]: Invalid user azureadmin from 34.67.85.218 Sep 20 22:25:06 plesk sshd[10635]: Failed password for invalid user azureadmin from 34.67.8........ -------------------------------	2019-09-22 18:25:04
103.197.92.193	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-22 02:53:56,618 INFO [shellcode_manager] (103.197.92.193) no match, writing hexdump (1e2f0e8c209cc3e94db0a305d728ea6b :1854997) - MS17010 (EternalBlue)	2019-09-22 17:35:16
119.226.66.66	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-22 02:42:13,089 INFO [amun_request_handler] PortScan Detected on Port: 445 (119.226.66.66)	2019-09-22 17:59:43
2.111.91.225	attackspam	Invalid user oracle from 2.111.91.225 port 47821	2019-09-22 18:57:31
92.3.69.231	attack	Invalid user pi from 92.3.69.231 port 59524	2019-09-22 17:46:10
176.79.135.185	attackspam	Sep 21 20:49:36 hiderm sshd\[29216\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dsl-135-185.bl27.telepac.pt user=root Sep 21 20:49:39 hiderm sshd\[29216\]: Failed password for root from 176.79.135.185 port 51335 ssh2 Sep 21 20:54:58 hiderm sshd\[29706\]: Invalid user murai2 from 176.79.135.185 Sep 21 20:54:58 hiderm sshd\[29706\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dsl-135-185.bl27.telepac.pt Sep 21 20:54:59 hiderm sshd\[29706\]: Failed password for invalid user murai2 from 176.79.135.185 port 49498 ssh2	2019-09-22 17:48:37
195.154.48.30	attack	\[2019-09-22 06:03:54\] NOTICE\[2270\] chan_sip.c: Registration from '\' failed for '195.154.48.30:65432' - Wrong password \[2019-09-22 06:03:54\] SECURITY\[2283\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-22T06:03:54.352-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="8025",SessionID="0x7fcd8c57a408",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/195.154.48.30/65432",Challenge="733d2214",ReceivedChallenge="733d2214",ReceivedHash="a6e066a166588c91f9448ec2ae52e16a" \[2019-09-22 06:07:34\] NOTICE\[2270\] chan_sip.c: Registration from '\' failed for '195.154.48.30:56877' - Wrong password \[2019-09-22 06:07:34\] SECURITY\[2283\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-22T06:07:34.787-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="123",SessionID="0x7fcd8c57a408",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/195.154.48.	2019-09-22 18:18:26
188.162.236.159	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-22 02:44:46,862 INFO [amun_request_handler] PortScan Detected on Port: 445 (188.162.236.159)	2019-09-22 17:54:13
85.43.255.1	attackbotsspam	php WP PHPmyadamin ABUSE blocked for 12h	2019-09-22 18:38:14
107.174.170.159	attackbotsspam	$f2bV_matches	2019-09-22 19:05:38
148.70.4.242	attack	Sep 22 00:15:06 php1 sshd\[26790\]: Invalid user nagios from 148.70.4.242 Sep 22 00:15:06 php1 sshd\[26790\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242 Sep 22 00:15:08 php1 sshd\[26790\]: Failed password for invalid user nagios from 148.70.4.242 port 35306 ssh2 Sep 22 00:20:42 php1 sshd\[27238\]: Invalid user jboss from 148.70.4.242 Sep 22 00:20:42 php1 sshd\[27238\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242	2019-09-22 18:40:30

Recently Reported IPs

113.162.81.154	91.237.84.161	103.131.16.42	36.77.27.58
116.108.250.230	24.89.229.195	181.199.122.16	49.145.237.122
42.112.108.253	159.192.232.136	114.36.165.47	112.158.118.159
60.248.160.1	1.10.198.176	180.218.26.155	120.133.131.62
195.54.210.203	82.63.213.128	113.104.242.34	171.37.105.174