42.2.158.161 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Honeypot attack, port: 5555, PTR: 42-2-158-161.static.netvigator.com.	2020-03-09 04:05:46

Comments on same subnet:

IP	Type	Details	Datetime
42.2.158.177	attackspambots	Sep 2 18:50:58 vpn01 sshd[21513]: Failed password for root from 42.2.158.177 port 45052 ssh2 ...	2020-09-03 22:22:05
42.2.158.177	attack	Sep 2 18:50:58 vpn01 sshd[21513]: Failed password for root from 42.2.158.177 port 45052 ssh2 ...	2020-09-03 14:02:37
42.2.158.177	attackspam	Sep 2 18:50:58 vpn01 sshd[21513]: Failed password for root from 42.2.158.177 port 45052 ssh2 ...	2020-09-03 06:15:43
42.2.158.241	attackspam	Unauthorized connection attempt detected from IP address 42.2.158.241 to port 5555	2020-07-25 22:43:08

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.2.158.161
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48177
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.2.158.161.			IN	A

;; AUTHORITY SECTION:
.			305	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030801 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 09 04:05:43 CST 2020
;; MSG SIZE  rcvd: 116

Host info

161.158.2.42.in-addr.arpa domain name pointer 42-2-158-161.static.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
161.158.2.42.in-addr.arpa	name = 42-2-158-161.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.175	attackbots	Nov 25 16:54:26 wh01 sshd[4609]: Failed password for root from 218.92.0.175 port 57997 ssh2 Nov 25 16:54:27 wh01 sshd[4609]: Failed password for root from 218.92.0.175 port 57997 ssh2 Nov 25 16:54:28 wh01 sshd[4609]: Failed password for root from 218.92.0.175 port 57997 ssh2 Nov 26 05:31:37 wh01 sshd[15278]: Failed password for root from 218.92.0.175 port 36003 ssh2 Nov 26 05:31:38 wh01 sshd[15278]: Failed password for root from 218.92.0.175 port 36003 ssh2 Nov 26 05:31:40 wh01 sshd[15278]: Failed password for root from 218.92.0.175 port 36003 ssh2 Nov 26 13:18:42 wh01 sshd[17914]: Failed password for root from 218.92.0.175 port 4395 ssh2 Nov 26 13:18:44 wh01 sshd[17914]: Failed password for root from 218.92.0.175 port 4395 ssh2 Nov 26 13:18:45 wh01 sshd[17914]: Failed password for root from 218.92.0.175 port 4395 ssh2 Nov 30 10:34:41 wh01 sshd[9199]: Failed password for root from 218.92.0.175 port 47902 ssh2 Nov 30 10:34:42 wh01 sshd[9199]: Failed password for root from 218.92.0.175 p	2019-11-30 17:39:10
213.149.135.29	attackbots	Invalid user admin from 213.149.135.29 port 8388	2019-11-30 18:03:40
182.61.36.38	attackspambots	Nov 30 13:07:07 vibhu-HP-Z238-Microtower-Workstation sshd\[10664\]: Invalid user river from 182.61.36.38 Nov 30 13:07:07 vibhu-HP-Z238-Microtower-Workstation sshd\[10664\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.36.38 Nov 30 13:07:10 vibhu-HP-Z238-Microtower-Workstation sshd\[10664\]: Failed password for invalid user river from 182.61.36.38 port 41052 ssh2 Nov 30 13:11:23 vibhu-HP-Z238-Microtower-Workstation sshd\[11828\]: Invalid user password321 from 182.61.36.38 Nov 30 13:11:23 vibhu-HP-Z238-Microtower-Workstation sshd\[11828\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.36.38 ...	2019-11-30 17:37:28
111.230.53.144	attackspam	ssh failed login	2019-11-30 17:54:16
51.91.139.32	attackspam	11/30/2019-03:49:24.082484 51.91.139.32 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-30 17:37:45
113.3.189.69	attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2019-11-30 17:25:02
103.249.52.5	attack	5x Failed Password	2019-11-30 17:46:39
74.141.89.35	attackspambots	SSH Bruteforce attack	2019-11-30 17:32:56
49.88.112.118	attackspam	(sshd) Failed SSH login from 49.88.112.118 (CN/China/-): 5 in the last 3600 secs	2019-11-30 17:33:46
59.144.137.134	attackbotsspam	Nov 30 07:20:47 [host] sshd[7371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.144.137.134 user=root Nov 30 07:20:49 [host] sshd[7371]: Failed password for root from 59.144.137.134 port 27454 ssh2 Nov 30 07:26:33 [host] sshd[7547]: Invalid user benzina from 59.144.137.134 Nov 30 07:26:33 [host] sshd[7547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.144.137.134	2019-11-30 17:32:31
193.188.22.188	attack	Nov 30 10:30:55 OPSO sshd\[2441\]: Invalid user deluge from 193.188.22.188 port 49018 Nov 30 10:30:55 OPSO sshd\[2441\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.188.22.188 Nov 30 10:30:58 OPSO sshd\[2441\]: Failed password for invalid user deluge from 193.188.22.188 port 49018 ssh2 Nov 30 10:30:58 OPSO sshd\[2446\]: Invalid user www-data from 193.188.22.188 port 55314 Nov 30 10:30:58 OPSO sshd\[2446\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.188.22.188	2019-11-30 17:54:50
42.104.97.242	attackspam	$f2bV_matches	2019-11-30 17:49:47
49.88.112.60	attackspambots	Nov 30 11:31:26 pkdns2 sshd\[19723\]: Failed password for root from 49.88.112.60 port 14741 ssh2Nov 30 11:31:29 pkdns2 sshd\[19723\]: Failed password for root from 49.88.112.60 port 14741 ssh2Nov 30 11:31:32 pkdns2 sshd\[19723\]: Failed password for root from 49.88.112.60 port 14741 ssh2Nov 30 11:36:41 pkdns2 sshd\[19936\]: Failed password for root from 49.88.112.60 port 48911 ssh2Nov 30 11:37:27 pkdns2 sshd\[19965\]: Failed password for root from 49.88.112.60 port 22380 ssh2Nov 30 11:37:29 pkdns2 sshd\[19965\]: Failed password for root from 49.88.112.60 port 22380 ssh2 ...	2019-11-30 18:00:27
91.121.101.159	attackbotsspam	Nov 30 09:54:11 lnxweb61 sshd[25605]: Failed password for root from 91.121.101.159 port 34732 ssh2 Nov 30 09:54:11 lnxweb61 sshd[25605]: Failed password for root from 91.121.101.159 port 34732 ssh2	2019-11-30 17:25:26
218.92.0.184	attackspambots	Nov3009:56:33server2sshd[19440]:refusedconnectfrom218.92.0.184$218.92.0.184$Nov3009:56:33server2sshd[19442]:refusedconnectfrom218.92.0.184$218.92.0.184$Nov3009:56:33server2sshd[19443]:refusedconnectfrom218.92.0.184$218.92.0.184$Nov3009:56:33server2sshd[19444]:refusedconnectfrom218.92.0.184$218.92.0.184$Nov3010:26:46server2sshd[27409]:refusedconnectfrom218.92.0.184$218.92.0.184$Nov3010:26:46server2sshd[27410]:refusedconnectfrom218.92.0.184$218.92.0.184$Nov3010:26:46server2sshd[27411]:refusedconnectfrom218.92.0.184$218.92.0.184$Nov3010:26:47server2sshd[27414]:refusedconnectfrom218.92.0.184$218.92.0.184$	2019-11-30 17:28:38

Recently Reported IPs

183.63.155.146	109.252.81.61	60.178.183.97	42.101.241.74
2.60.110.164	223.199.175.81	182.64.104.227	125.111.81.63
118.112.91.163	84.83.172.201	112.115.135.17	93.176.143.1
42.115.207.100	221.232.177.84	176.111.214.124	139.189.183.184
115.207.140.235	51.254.36.55	217.170.248.193	119.39.103.81