42.202.146.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Liaoning Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Port Scan: TCP/445	2019-08-24 12:39:18

Comments on same subnet:

IP	Type	Details	Datetime
42.202.146.40	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/42.202.146.40/ CN - 1H : (1859) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN134762 IP : 42.202.146.40 CIDR : 42.202.128.0/19 PREFIX COUNT : 51 UNIQUE IP COUNT : 213248 ATTACKS DETECTED ASN134762 : 1H - 1 3H - 2 6H - 7 12H - 13 24H - 13 DateTime : 2019-10-25 05:46:26 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-10-25 19:18:47

Type

Details

Datetime

42.202.146.40

attackspambots

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/42.202.146.40/ 
 
 CN - 1H : (1859)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : CN 
 NAME ASN : ASN134762 
 
 IP : 42.202.146.40 
 
 CIDR : 42.202.128.0/19 
 
 PREFIX COUNT : 51 
 
 UNIQUE IP COUNT : 213248 
 
 
 ATTACKS DETECTED ASN134762 :  
  1H - 1 
  3H - 2 
  6H - 7 
 12H - 13 
 24H - 13 
 
 DateTime : 2019-10-25 05:46:26 
 
 INFO :  HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN  - data recovery

2019-10-25 19:18:47

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.202.146.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10934
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.202.146.42.			IN	A

;; AUTHORITY SECTION:
.			367	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019052202 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu May 23 14:19:31 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 42.146.202.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 42.146.202.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
202.230.143.53	attackspam	Sep 15 15:16:00 aat-srv002 sshd[22176]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.230.143.53 Sep 15 15:16:02 aat-srv002 sshd[22176]: Failed password for invalid user datacenter from 202.230.143.53 port 49772 ssh2 Sep 15 15:20:45 aat-srv002 sshd[22371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.230.143.53 Sep 15 15:20:47 aat-srv002 sshd[22371]: Failed password for invalid user spout from 202.230.143.53 port 43894 ssh2 ...	2019-09-16 04:35:54
35.201.243.170	attackbots	2019-09-15T19:44:47.691904hub.schaetter.us sshd\[5099\]: Invalid user new from 35.201.243.170 2019-09-15T19:44:47.720870hub.schaetter.us sshd\[5099\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.243.201.35.bc.googleusercontent.com 2019-09-15T19:44:49.826953hub.schaetter.us sshd\[5099\]: Failed password for invalid user new from 35.201.243.170 port 58910 ssh2 2019-09-15T19:48:40.782060hub.schaetter.us sshd\[5111\]: Invalid user ri from 35.201.243.170 2019-09-15T19:48:40.817736hub.schaetter.us sshd\[5111\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.243.201.35.bc.googleusercontent.com ...	2019-09-16 05:03:06
178.33.45.156	attack	Sep 15 22:26:34 MK-Soft-Root2 sshd\[26573\]: Invalid user mysql from 178.33.45.156 port 46764 Sep 15 22:26:34 MK-Soft-Root2 sshd\[26573\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.33.45.156 Sep 15 22:26:36 MK-Soft-Root2 sshd\[26573\]: Failed password for invalid user mysql from 178.33.45.156 port 46764 ssh2 ...	2019-09-16 04:39:06
93.41.193.212	attack	proto=tcp . spt=40612 . dpt=25 . (listed on Dark List de Sep 15) (761)	2019-09-16 04:28:43
104.225.223.8	attack	Lines containing failures of 104.225.223.8 Sep 15 14:27:07 siirappi sshd[19897]: Invalid user admin from 104.225.223.8 port 41834 Sep 15 14:27:07 siirappi sshd[19897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.225.223.8 Sep 15 14:27:09 siirappi sshd[19897]: Failed password for invalid user admin from 104.225.223.8 port 41834 ssh2 Sep 15 14:27:09 siirappi sshd[19897]: Received disconnect from 104.225.223.8 port 41834:11: Bye Bye [preauth] Sep 15 14:27:09 siirappi sshd[19897]: Disconnected from 104.225.223.8 port 41834 [preauth] Sep 15 14:37:41 siirappi sshd[19967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.225.223.8 user=r.r Sep 15 14:37:44 siirappi sshd[19967]: Failed password for r.r from 104.225.223.8 port 56620 ssh2 Sep 15 14:37:44 siirappi sshd[19967]: Received disconnect from 104.225.223.8 port 56620:11: Bye Bye [preauth] Sep 15 14:37:44 siirappi sshd[19967]: Disconn........ ------------------------------	2019-09-16 04:58:19
62.234.154.56	attack	Sep 15 22:21:39 vps691689 sshd[15785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.154.56 Sep 15 22:21:41 vps691689 sshd[15785]: Failed password for invalid user ubnt from 62.234.154.56 port 45663 ssh2 ...	2019-09-16 04:39:53
42.104.97.228	attack	SSH brute-force: detected 40 distinct usernames within a 24-hour window.	2019-09-16 04:30:35
222.140.6.8	attackbots	Sep 15 22:12:23 herz-der-gamer sshd[31226]: Invalid user admin from 222.140.6.8 port 58720 Sep 15 22:12:24 herz-der-gamer sshd[31226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.140.6.8 Sep 15 22:12:23 herz-der-gamer sshd[31226]: Invalid user admin from 222.140.6.8 port 58720 Sep 15 22:12:25 herz-der-gamer sshd[31226]: Failed password for invalid user admin from 222.140.6.8 port 58720 ssh2 ...	2019-09-16 04:43:22
149.56.22.122	attackbotsspam	Sep 15 16:28:07 plex sshd[24428]: Invalid user jaiken from 149.56.22.122 port 34876	2019-09-16 05:00:47
92.222.136.169	attackbotsspam	detected by Fail2Ban	2019-09-16 04:36:38
49.51.46.69	attackspambots	Sep 15 21:03:56 cp sshd[4505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.51.46.69	2019-09-16 04:59:42
45.221.88.146	attackspam	Automatic report - Port Scan Attack	2019-09-16 04:53:42
54.39.44.47	attack	Sep 15 22:32:01 www sshd\[54840\]: Invalid user kinrys from 54.39.44.47 Sep 15 22:32:01 www sshd\[54840\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.44.47 Sep 15 22:32:04 www sshd\[54840\]: Failed password for invalid user kinrys from 54.39.44.47 port 47112 ssh2 ...	2019-09-16 04:55:49
179.162.74.20	attack	Automatic report - Port Scan Attack	2019-09-16 04:46:21
112.66.59.154	attack	Automatic report - Port Scan Attack	2019-09-16 04:26:06

Recently Reported IPs

69.96.216.117	191.156.214.175	235.12.44.150	30.153.127.166
40.164.29.178	208.190.203.225	153.60.196.159	223.112.126.91
5.2.130.147	199.243.155.99	217.6.148.176	123.25.116.124
84.242.132.134	223.255.127.84	193.218.140.93	213.6.116.222
177.19.131.82	103.77.10.196	178.238.232.63	58.56.145.94