42.2.40.4 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 42.2.40.4 to port 5555 [J]	2020-01-14 20:33:14

Comments on same subnet:

IP	Type	Details	Datetime
42.2.40.35	attackspambots	Unauthorized connection attempt detected from IP address 42.2.40.35 to port 5555 [J]	2020-01-18 14:59:01

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.2.40.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30788
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.2.40.4.			IN	A

;; AUTHORITY SECTION:
.			503	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011400 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 14 20:33:07 CST 2020
;; MSG SIZE  rcvd: 113

Host info

4.40.2.42.in-addr.arpa domain name pointer 42-2-40-004.static.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
4.40.2.42.in-addr.arpa	name = 42-2-40-004.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.146.150.134	attack	Aug 17 10:50:17 meumeu sshd[12089]: Failed password for invalid user admin from 119.146.150.134 port 38169 ssh2 Aug 17 10:53:11 meumeu sshd[12418]: Failed password for invalid user zy from 119.146.150.134 port 48815 ssh2 ...	2019-08-18 00:28:32
51.68.123.192	attack	Aug 17 17:18:49 ArkNodeAT sshd\[18884\]: Invalid user cynthia123 from 51.68.123.192 Aug 17 17:18:49 ArkNodeAT sshd\[18884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.123.192 Aug 17 17:18:51 ArkNodeAT sshd\[18884\]: Failed password for invalid user cynthia123 from 51.68.123.192 port 54248 ssh2	2019-08-18 00:19:06
107.13.186.21	attackspambots	Reported by AbuseIPDB proxy server.	2019-08-18 00:35:11
23.96.45.221	attack	Aug 17 16:00:27 ip-172-31-1-72 sshd\[7845\]: Invalid user admin from 23.96.45.221 Aug 17 16:00:27 ip-172-31-1-72 sshd\[7845\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.96.45.221 Aug 17 16:00:28 ip-172-31-1-72 sshd\[7845\]: Failed password for invalid user admin from 23.96.45.221 port 38820 ssh2 Aug 17 16:08:21 ip-172-31-1-72 sshd\[7935\]: Invalid user christophe from 23.96.45.221 Aug 17 16:08:21 ip-172-31-1-72 sshd\[7935\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.96.45.221	2019-08-18 00:20:37
62.210.182.82	attackspambots	www.handydirektreparatur.de 62.210.182.82 \[17/Aug/2019:11:34:05 +0200\] "POST /wp-login.php HTTP/1.1" 200 5665 "-" "Mozilla/5.0 \(Windows NT 6.1\; WOW64\; rv:61.0.1\) Gecko/20120101 Firefox/61.0.1" www.handydirektreparatur.de 62.210.182.82 \[17/Aug/2019:11:34:05 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4114 "-" "Mozilla/5.0 \(Windows NT 6.1\; WOW64\; rv:61.0.1\) Gecko/20120101 Firefox/61.0.1"	2019-08-18 00:02:18
139.199.29.155	attackbotsspam	DATE:2019-08-17 13:04:52, IP:139.199.29.155, PORT:ssh SSH brute force auth (thor)	2019-08-17 23:44:06
185.23.24.144	attack	Aug 16 21:45:39 lcdev sshd\[20702\]: Invalid user steam from 185.23.24.144 Aug 16 21:45:39 lcdev sshd\[20702\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.100.customer.cloud.nl Aug 16 21:45:41 lcdev sshd\[20702\]: Failed password for invalid user steam from 185.23.24.144 port 53779 ssh2 Aug 16 21:50:02 lcdev sshd\[21106\]: Invalid user supervisores from 185.23.24.144 Aug 16 21:50:02 lcdev sshd\[21106\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.100.customer.cloud.nl	2019-08-18 00:00:01
106.12.78.199	attack	Aug 17 05:19:27 web9 sshd\[10262\]: Invalid user esadmin from 106.12.78.199 Aug 17 05:19:27 web9 sshd\[10262\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.78.199 Aug 17 05:19:30 web9 sshd\[10262\]: Failed password for invalid user esadmin from 106.12.78.199 port 57162 ssh2 Aug 17 05:25:41 web9 sshd\[11524\]: Invalid user jboss from 106.12.78.199 Aug 17 05:25:41 web9 sshd\[11524\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.78.199	2019-08-17 23:38:25
91.180.125.193	attackbotsspam	Aug 17 09:15:40 tux-35-217 sshd\[15156\]: Invalid user rdp from 91.180.125.193 port 35724 Aug 17 09:15:40 tux-35-217 sshd\[15156\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.180.125.193 Aug 17 09:15:42 tux-35-217 sshd\[15156\]: Failed password for invalid user rdp from 91.180.125.193 port 35724 ssh2 Aug 17 09:16:03 tux-35-217 sshd\[15163\]: Invalid user ubuntu from 91.180.125.193 port 53832 Aug 17 09:16:03 tux-35-217 sshd\[15163\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.180.125.193 ...	2019-08-17 23:45:31
103.44.13.246	attackbots	proto=tcp . spt=48682 . dpt=25 . (listed on Github Combined on 3 lists ) (277)	2019-08-18 00:16:18
117.1.87.232	attack	Unauthorised access (Aug 17) SRC=117.1.87.232 LEN=40 TTL=46 ID=36953 TCP DPT=23 WINDOW=3592 SYN	2019-08-18 00:13:15
115.236.61.205	attack	RPC Portmapper DUMP Request Detected	2019-08-18 00:23:43
80.211.16.26	attackbotsspam	Aug 17 15:23:56 game-panel sshd[10212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.16.26 Aug 17 15:23:59 game-panel sshd[10212]: Failed password for invalid user noc from 80.211.16.26 port 40458 ssh2 Aug 17 15:28:32 game-panel sshd[10384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.16.26	2019-08-17 23:29:48
187.178.238.177	attackbots	NAME : "" "" CIDR : \| STATUS : 403 {Looking for resource vulnerabilities} DDoS Attack - block certain countries :) IP: 187.178.238.177 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-08-18 00:13:51
139.59.68.135	attackspam	Aug 17 03:30:28 php1 sshd\[1417\]: Invalid user www01 from 139.59.68.135 Aug 17 03:30:28 php1 sshd\[1417\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.68.135 Aug 17 03:30:30 php1 sshd\[1417\]: Failed password for invalid user www01 from 139.59.68.135 port 54156 ssh2 Aug 17 03:35:34 php1 sshd\[1941\]: Invalid user ahren from 139.59.68.135 Aug 17 03:35:34 php1 sshd\[1941\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.68.135	2019-08-17 23:41:30

Recently Reported IPs

106.45.1.50	94.21.0.251	81.5.104.126	77.42.94.124
74.64.36.123	59.95.72.76	43.239.220.52	42.247.5.90
38.132.112.247	37.221.207.78	36.107.27.47	5.71.1.88
223.199.2.150	222.82.53.58	186.217.241.64	220.246.107.95
41.151.159.132	252.132.214.153	220.135.237.249	35.234.202.134