42.2.6.141 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.2.62.85	attackspam	Sep 22 17:01:52 ssh2 sshd[20557]: Invalid user admin from 42.2.62.85 port 56347 Sep 22 17:01:52 ssh2 sshd[20557]: Failed password for invalid user admin from 42.2.62.85 port 56347 ssh2 Sep 22 17:01:52 ssh2 sshd[20557]: Connection closed by invalid user admin 42.2.62.85 port 56347 [preauth] ...	2020-09-24 01:10:50
42.2.62.85	attack	Sep 22 17:01:52 ssh2 sshd[20557]: Invalid user admin from 42.2.62.85 port 56347 Sep 22 17:01:52 ssh2 sshd[20557]: Failed password for invalid user admin from 42.2.62.85 port 56347 ssh2 Sep 22 17:01:52 ssh2 sshd[20557]: Connection closed by invalid user admin 42.2.62.85 port 56347 [preauth] ...	2020-09-23 17:14:31
42.2.66.79	attack	scan z	2020-03-07 07:31:35
42.2.65.41	attack	Unauthorized connection attempt detected from IP address 42.2.65.41 to port 5555 [J]	2020-01-30 23:26:08
42.2.65.25	attackspambots	5555/tcp [2019-06-28]1pkt	2019-06-29 02:15:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.2.6.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55885
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.2.6.141.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2024121200 1800 900 604800 86400

;; Query time: 10 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 22:40:10 CST 2024
;; MSG SIZE  rcvd: 103

Host info

141.6.2.42.in-addr.arpa domain name pointer 42-2-6-141.static.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
141.6.2.42.in-addr.arpa	name = 42-2-6-141.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.12.242.130	attackspambots	SSH Invalid Login	2020-08-30 06:37:09
178.128.217.135	attackbotsspam	$f2bV_matches	2020-08-30 06:28:07
89.144.47.28	attackbots	invalid user	2020-08-30 06:13:34
47.105.188.17	attack	Auto reported by IDS	2020-08-30 06:17:29
14.152.95.91	attackbots	Aug 29 23:57:53 h2779839 sshd[31819]: Invalid user newuser from 14.152.95.91 port 50492 Aug 29 23:57:53 h2779839 sshd[31819]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.152.95.91 Aug 29 23:57:53 h2779839 sshd[31819]: Invalid user newuser from 14.152.95.91 port 50492 Aug 29 23:57:55 h2779839 sshd[31819]: Failed password for invalid user newuser from 14.152.95.91 port 50492 ssh2 Aug 30 00:00:21 h2779839 sshd[32166]: Invalid user testuser from 14.152.95.91 port 45118 Aug 30 00:00:21 h2779839 sshd[32166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.152.95.91 Aug 30 00:00:21 h2779839 sshd[32166]: Invalid user testuser from 14.152.95.91 port 45118 Aug 30 00:00:23 h2779839 sshd[32166]: Failed password for invalid user testuser from 14.152.95.91 port 45118 ssh2 Aug 30 00:02:50 h2779839 sshd[3746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.152.95.91 us ...	2020-08-30 06:43:35
51.77.66.35	attack	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-08-29T19:55:46Z and 2020-08-29T20:25:18Z	2020-08-30 06:30:52
45.129.33.154	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 36284 proto: tcp cat: Misc Attackbytes: 60	2020-08-30 06:31:56
223.111.157.138	attack	Fail2Ban Ban Triggered	2020-08-30 06:49:22
212.83.186.26	attack	2020-08-29T22:05:13.744904shield sshd\[29377\]: Invalid user enter from 212.83.186.26 port 43036 2020-08-29T22:05:13.757841shield sshd\[29377\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.83.186.26 2020-08-29T22:05:16.014562shield sshd\[29377\]: Failed password for invalid user enter from 212.83.186.26 port 43036 ssh2 2020-08-29T22:08:53.930850shield sshd\[29678\]: Invalid user nrpe from 212.83.186.26 port 38433 2020-08-29T22:08:53.956147shield sshd\[29678\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.83.186.26	2020-08-30 06:17:00
181.112.221.150	attack	srvr2: (mod_security) mod_security (id:920350) triggered by 181.112.221.150 (EC/-/-): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/29 22:25:42 [error] 27711#0: 135177 [client 181.112.221.150] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159873274249.481133"] [ref "o0,15v21,15"], client: 181.112.221.150, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-08-30 06:21:21
41.193.218.26	attackbots	Port probing on unauthorized port 445	2020-08-30 06:46:23
222.186.3.249	attackbotsspam	Aug 30 00:10:57 rotator sshd\[24451\]: Failed password for root from 222.186.3.249 port 29144 ssh2Aug 30 00:10:59 rotator sshd\[24451\]: Failed password for root from 222.186.3.249 port 29144 ssh2Aug 30 00:11:02 rotator sshd\[24451\]: Failed password for root from 222.186.3.249 port 29144 ssh2Aug 30 00:12:09 rotator sshd\[24470\]: Failed password for root from 222.186.3.249 port 60850 ssh2Aug 30 00:12:11 rotator sshd\[24470\]: Failed password for root from 222.186.3.249 port 60850 ssh2Aug 30 00:12:14 rotator sshd\[24470\]: Failed password for root from 222.186.3.249 port 60850 ssh2 ...	2020-08-30 06:31:20
68.183.96.194	attackspam	2020-08-30T01:27:52.493759mail.standpoint.com.ua sshd[30880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.96.194 2020-08-30T01:27:52.490057mail.standpoint.com.ua sshd[30880]: Invalid user demo from 68.183.96.194 port 51114 2020-08-30T01:27:53.982700mail.standpoint.com.ua sshd[30880]: Failed password for invalid user demo from 68.183.96.194 port 51114 ssh2 2020-08-30T01:29:26.878719mail.standpoint.com.ua sshd[31086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.96.194 user=root 2020-08-30T01:29:28.603875mail.standpoint.com.ua sshd[31086]: Failed password for root from 68.183.96.194 port 45918 ssh2 ...	2020-08-30 06:49:56
62.210.172.8	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 54 - port: 5070 proto: udp cat: Misc Attackbytes: 454	2020-08-30 06:33:46
109.93.195.148	attackbots	Port Scan detected! ...	2020-08-30 06:14:58

Recently Reported IPs

23.138.203.114	188.117.48.220	37.219.253.4	57.66.218.51
172.175.24.123	37.219.250.88	6.164.31.103	104.203.163.78
204.207.248.195	128.214.48.191	237.84.116.185	117.14.251.53
70.110.2.252	172.2.120.139	7.22.245.17	51.45.3.9
156.36.189.65	249.65.244.9	231.3.218.206	166.53.18.30