42.2.90.72 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.2.90.73	attackspambots	Port Scan: TCP/5555	2019-09-03 01:48:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.2.90.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46334
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.2.90.72.			IN	A

;; AUTHORITY SECTION:
.			220	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 23:58:53 CST 2022
;; MSG SIZE  rcvd: 103

Host info

72.90.2.42.in-addr.arpa domain name pointer 42-2-90-072.static.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
72.90.2.42.in-addr.arpa	name = 42-2-90-072.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
124.158.160.34	attack	Unauthorised access (Oct 22) SRC=124.158.160.34 LEN=52 TOS=0x10 PREC=0x40 TTL=110 ID=20718 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Oct 14) SRC=124.158.160.34 LEN=52 PREC=0x20 TTL=107 ID=7200 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-22 12:49:40
139.162.65.55	attack	UTC: 2019-10-21 port: 53/tcp	2019-10-22 12:34:40
156.96.112.235	attack	UTC: 2019-10-21 port: 443/tcp	2019-10-22 12:32:27
141.98.80.201	attack	10/21/2019-23:57:19.065022 141.98.80.201 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-22 13:04:06
190.236.32.28	attackbots	Oct 22 06:57:11 server sshd\[13688\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.236.32.28 user=root Oct 22 06:57:14 server sshd\[13688\]: Failed password for root from 190.236.32.28 port 56406 ssh2 Oct 22 06:57:16 server sshd\[13688\]: Failed password for root from 190.236.32.28 port 56406 ssh2 Oct 22 06:57:19 server sshd\[13688\]: Failed password for root from 190.236.32.28 port 56406 ssh2 Oct 22 06:57:21 server sshd\[13688\]: Failed password for root from 190.236.32.28 port 56406 ssh2 ...	2019-10-22 12:59:52
106.13.52.234	attack	Oct 22 07:29:23 microserver sshd[15101]: Invalid user victor from 106.13.52.234 port 39828 Oct 22 07:29:23 microserver sshd[15101]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Oct 22 07:29:25 microserver sshd[15101]: Failed password for invalid user victor from 106.13.52.234 port 39828 ssh2 Oct 22 07:38:08 microserver sshd[16401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 user=root Oct 22 07:38:11 microserver sshd[16401]: Failed password for root from 106.13.52.234 port 55408 ssh2 Oct 22 07:50:03 microserver sshd[17984]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 user=root Oct 22 07:50:06 microserver sshd[17984]: Failed password for root from 106.13.52.234 port 50444 ssh2 Oct 22 07:53:55 microserver sshd[18593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 user=root Oct 22 07:	2019-10-22 12:33:37
211.219.80.99	attackbots	Invalid user nagios from 211.219.80.99 port 37998	2019-10-22 13:06:41
198.108.67.128	attackspambots	UTC: 2019-10-21 port: 102/tcp	2019-10-22 12:49:06
221.225.40.107	attack	Oct 21 22:57:32 mailman postfix/smtpd[18314]: NOQUEUE: reject: RCPT from unknown[221.225.40.107]: 554 5.7.1 Service unavailable; Client host [221.225.40.107] blocked using rbl.rbldns.ru; RBLDNS Server v1.1.0. Author VDV [ Site: WWW.RBLDNS.RU ]; from= to=<[munged][at][munged]> proto=ESMTP helo= Oct 21 22:57:33 mailman postfix/smtpd[18314]: NOQUEUE: reject: RCPT from unknown[221.225.40.107]: 554 5.7.1 Service unavailable; Client host [221.225.40.107] blocked using rbl.rbldns.ru; RBLDNS Server v1.1.0. Author VDV [ Site: WWW.RBLDNS.RU ]; from= to=<[munged][at][munged]> proto=ESMTP helo=	2019-10-22 12:47:13
183.99.242.252	attackspambots	Brute force attempt	2019-10-22 12:33:22
45.73.12.219	attackbots	Oct 22 05:53:58 SilenceServices sshd[8506]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.73.12.219 Oct 22 05:54:00 SilenceServices sshd[8506]: Failed password for invalid user p@55word1234567 from 45.73.12.219 port 59902 ssh2 Oct 22 05:57:56 SilenceServices sshd[9539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.73.12.219	2019-10-22 12:30:28
222.186.42.4	attack	$f2bV_matches	2019-10-22 13:10:04
83.27.244.45	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/83.27.244.45/ PL - 1H : (97) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : PL NAME ASN : ASN5617 IP : 83.27.244.45 CIDR : 83.24.0.0/13 PREFIX COUNT : 183 UNIQUE IP COUNT : 5363456 ATTACKS DETECTED ASN5617 : 1H - 4 3H - 7 6H - 10 12H - 19 24H - 34 DateTime : 2019-10-22 06:14:41 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-22 13:08:24
220.247.224.8	attackbots	raheem.a@americanwater.lk Spam	2019-10-22 12:42:03
106.13.125.248	attack	2019-10-22T04:30:08.253828abusebot-2.cloudsearch.cf sshd\[3601\]: Invalid user shanzae from 106.13.125.248 port 53264	2019-10-22 13:00:40

Recently Reported IPs

121.233.140.230	125.164.17.184	183.82.56.229	37.235.142.238
156.204.218.232	218.63.105.78	196.202.95.23	117.242.62.170
45.71.86.187	95.192.102.197	120.86.254.84	207.38.177.72
123.22.16.210	197.26.36.153	104.152.52.160	103.253.145.219
41.47.91.95	209.141.54.8	37.114.219.164	171.89.7.179