42.2.8.164 - IPInfo

Basic Info

City: Central

Region: Central and Western District

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 42.2.8.164 to port 5555 [J]	2020-01-05 03:38:50

Comments on same subnet:

IP	Type	Details	Datetime
42.2.88.210	attack	Invalid user pi from 42.2.88.210 port 44932	2020-09-11 21:47:27
42.2.88.210	attack	Invalid user pi from 42.2.88.210 port 44932	2020-09-11 13:55:14
42.2.88.210	attackbotsspam	Lines containing failures of 42.2.88.210 Sep 10 19:48:34 shared10 sshd[26616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.2.88.210 user=r.r Sep 10 19:48:36 shared10 sshd[26616]: Failed password for r.r from 42.2.88.210 port 53383 ssh2 Sep 10 19:48:36 shared10 sshd[26616]: Connection closed by authenticating user r.r 42.2.88.210 port 53383 [preauth] Sep 10 19:48:39 shared10 sshd[26719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.2.88.210 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=42.2.88.210	2020-09-11 06:07:36
42.2.88.146	attackspambots	Honeypot attack, port: 5555, PTR: 42-2-88-146.static.netvigator.com.	2020-04-01 01:54:14
42.2.88.146	attackspam	Attempted connection to port 5555.	2020-03-30 20:50:59
42.2.80.196	attackbotsspam	Port probing on unauthorized port 5555	2020-03-29 13:58:04
42.2.88.130	attack	Honeypot attack, port: 5555, PTR: 42-2-88-130.static.netvigator.com.	2020-02-20 20:00:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.2.8.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7861
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.2.8.164.			IN	A

;; AUTHORITY SECTION:
.			154	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010400 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 05 03:38:47 CST 2020
;; MSG SIZE  rcvd: 114

Host info

164.8.2.42.in-addr.arpa domain name pointer 42-2-8-164.static.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
164.8.2.42.in-addr.arpa	name = 42-2-8-164.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
88.249.32.107	attack	23/tcp [2019-07-03]1pkt	2019-07-03 20:37:10
87.216.162.64	attackspam	ssh failed login	2019-07-03 20:28:52
129.213.117.53	attack	Jul 3 06:57:45 aat-srv002 sshd[8780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.117.53 Jul 3 06:57:47 aat-srv002 sshd[8780]: Failed password for invalid user seng from 129.213.117.53 port 44919 ssh2 Jul 3 06:59:52 aat-srv002 sshd[8814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.117.53 Jul 3 06:59:55 aat-srv002 sshd[8814]: Failed password for invalid user mysql from 129.213.117.53 port 57899 ssh2 ...	2019-07-03 20:04:10
198.245.60.56	attackspambots	Tried sshing with brute force.	2019-07-03 19:54:15
2.55.95.36	attackbotsspam	445/tcp [2019-07-03]1pkt	2019-07-03 20:19:50
203.113.66.151	attackbotsspam	Jul 3 03:43:00 localhost sshd\[30331\]: Invalid user jiushop from 203.113.66.151 port 36614 Jul 3 03:43:00 localhost sshd\[30331\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.113.66.151 Jul 3 03:43:02 localhost sshd\[30331\]: Failed password for invalid user jiushop from 203.113.66.151 port 36614 ssh2 ...	2019-07-03 20:06:38
223.205.104.211	attackbots	Jul 3 05:28:02 linuxrulz sshd[6961]: Did not receive identification string from 223.205.104.211 port 52722 Jul 3 05:28:07 linuxrulz sshd[6962]: Invalid user user1 from 223.205.104.211 port 59299 Jul 3 05:28:07 linuxrulz sshd[6962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.205.104.211 Jul 3 05:28:10 linuxrulz sshd[6962]: Failed password for invalid user user1 from 223.205.104.211 port 59299 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=223.205.104.211	2019-07-03 20:14:03
120.35.189.120	attack	2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x 2019-07-03 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=120.35.189.120	2019-07-03 20:34:26
113.160.224.112	attackspambots	445/tcp [2019-07-03]1pkt	2019-07-03 20:21:42
113.160.37.4	attackbots	Invalid user ftpuser from 113.160.37.4 port 56536	2019-07-03 20:32:34
202.88.241.107	attack	Tried sshing with brute force.	2019-07-03 20:01:30
132.232.52.48	attack	$f2bV_matches	2019-07-03 20:01:55
193.32.163.182	attack	CloudCIX Reconnaissance Scan Detected, PTR: hosting-by.cloud-home.me.	2019-07-03 20:41:30
192.99.216.184	attack	Mar 2 06:38:23 vtv3 sshd\[17308\]: Invalid user ev from 192.99.216.184 port 34510 Mar 2 06:38:23 vtv3 sshd\[17308\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.216.184 Mar 2 06:38:25 vtv3 sshd\[17308\]: Failed password for invalid user ev from 192.99.216.184 port 34510 ssh2 Mar 2 06:44:41 vtv3 sshd\[19313\]: Invalid user dr from 192.99.216.184 port 51897 Mar 2 06:44:41 vtv3 sshd\[19313\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.216.184 Mar 10 06:27:55 vtv3 sshd\[5654\]: Invalid user ubuntu from 192.99.216.184 port 34284 Mar 10 06:27:55 vtv3 sshd\[5654\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.216.184 Mar 10 06:27:57 vtv3 sshd\[5654\]: Failed password for invalid user ubuntu from 192.99.216.184 port 34284 ssh2 Mar 10 06:33:41 vtv3 sshd\[7923\]: Invalid user test1 from 192.99.216.184 port 49959 Mar 10 06:33:41 vtv3 sshd\[7923\]: pam_unix	2019-07-03 20:31:44
172.126.62.47	attack	Jul 3 06:44:31 MK-Soft-Root2 sshd\[354\]: Invalid user keng from 172.126.62.47 port 55892 Jul 3 06:44:31 MK-Soft-Root2 sshd\[354\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.126.62.47 Jul 3 06:44:33 MK-Soft-Root2 sshd\[354\]: Failed password for invalid user keng from 172.126.62.47 port 55892 ssh2 ...	2019-07-03 20:28:14

Recently Reported IPs

182.36.33.248	210.216.223.96	210.201.118.103	82.37.129.143
36.12.96.23	180.167.235.57	106.138.237.95	217.213.29.198
161.180.40.181	214.147.161.151	23.216.103.15	71.115.107.143
104.83.215.155	190.239.178.226	109.185.38.40	195.199.67.89
147.157.207.29	45.162.130.18	50.159.115.24	137.175.190.224