42.225.144.254

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.225.144.116	attack	Aug 26 10:53:41 NPSTNNYC01T sshd[5330]: Failed password for root from 42.225.144.116 port 42862 ssh2 Aug 26 10:58:12 NPSTNNYC01T sshd[5713]: Failed password for root from 42.225.144.116 port 31540 ssh2 Aug 26 11:02:38 NPSTNNYC01T sshd[6153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.225.144.116 ...	2020-08-26 23:08:36

Type

Details

Datetime

42.225.144.116

attack

Aug 26 10:53:41 NPSTNNYC01T sshd[5330]: Failed password for root from 42.225.144.116 port 42862 ssh2
Aug 26 10:58:12 NPSTNNYC01T sshd[5713]: Failed password for root from 42.225.144.116 port 31540 ssh2
Aug 26 11:02:38 NPSTNNYC01T sshd[6153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.225.144.116
...

2020-08-26 23:08:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.225.144.254
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31017
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.225.144.254.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 06:35:28 CST 2022
;; MSG SIZE  rcvd: 107

Host info

254.144.225.42.in-addr.arpa domain name pointer hn.kd.ny.adsl.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
254.144.225.42.in-addr.arpa	name = hn.kd.ny.adsl.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
180.167.126.126	attack	Bruteforce detected by fail2ban	2020-05-16 15:00:43
134.209.63.140	attack	firewall-block, port(s): 8647/tcp	2020-05-16 15:02:24
223.71.73.254	attackspam	Invalid user michael from 223.71.73.254 port 14107	2020-05-16 15:03:06
149.202.55.18	attackspam	May 16 02:43:40 Invalid user bj from 149.202.55.18 port 37072	2020-05-16 15:29:13
134.17.94.158	attackbotsspam	k+ssh-bruteforce	2020-05-16 15:24:12
200.236.123.176	attackspam	Unauthorized connection attempt detected from IP address 200.236.123.176 to port 23	2020-05-16 14:56:09
66.131.216.79	attack	May 13 20:22:17 : SSH login attempts with invalid user	2020-05-16 15:20:26
104.248.61.192	attackbotsspam	Auto Fail2Ban report, multiple SSH login attempts.	2020-05-16 15:03:22
192.163.207.200	attackbotsspam	192.163.207.200 - - [16/May/2020:04:55:33 +0200] "GET /wp-login.php HTTP/1.1" 301 178 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.163.207.200 - - [16/May/2020:04:55:34 +0200] "GET /wp-login.php HTTP/1.1" 302 335 "http://wiki.univ-lyon3.fr/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.163.207.200 - - [16/May/2020:04:55:38 +0200] "GET /wp-login.php HTTP/1.1" 302 335 "https://cas.univ-lyon3.fr/cas/login?service=https%3A%2F%2Fwiki.univ-lyon3.fr%2Fwp-login.php&gateway=true" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.163.207.200 - - [16/May/2020:04:55:40 +0200] "GET /wp-login.php HTTP/1.1" 302 335 "https://cas.univ-lyon3.fr/cas/login?service=https%3A%2F%2Fwiki.univ-lyon3.fr%2Fwp-login.php&gateway=true" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.163.207.200 - - [16/May/2020:04:55:43 +0200] "GET /wp-login.php HTTP/1.1" 302 ...	2020-05-16 14:58:00
222.186.30.76	attackbotsspam	SSH bruteforce	2020-05-16 15:33:17
222.186.180.41	attackbots	$f2bV_matches	2020-05-16 15:38:26
103.206.191.5	attackspambots	(smtpauth) Failed SMTP AUTH login from 103.206.191.5 (HK/Hong Kong/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-05-15 16:44:11 login authenticator failed for (ADMIN) [103.206.191.5]: 535 Incorrect authentication data (set_id=newsletter@sinayar.ir)	2020-05-16 15:15:50
89.248.172.85	attackspam	Port scan on 10 port(s): 2234 3029 4360 4527 9630 13145 22222 23000 23489 53214	2020-05-16 15:12:30
78.26.185.152	attack	May 16 04:48:00 OPSO sshd\[3378\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.26.185.152 user=admin May 16 04:48:02 OPSO sshd\[3378\]: Failed password for admin from 78.26.185.152 port 33910 ssh2 May 16 04:51:31 OPSO sshd\[4339\]: Invalid user jounetsu from 78.26.185.152 port 33806 May 16 04:51:31 OPSO sshd\[4339\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.26.185.152 May 16 04:51:33 OPSO sshd\[4339\]: Failed password for invalid user jounetsu from 78.26.185.152 port 33806 ssh2	2020-05-16 15:21:41
117.33.128.218	attackspam	(sshd) Failed SSH login from 117.33.128.218 (CN/China/-): 5 in the last 3600 secs	2020-05-16 15:22:29

Recently Reported IPs

27.215.82.14	187.44.1.248	110.83.155.228	111.33.203.167
54.174.151.43	177.139.195.149	92.126.202.180	105.58.195.128
58.16.214.204	42.119.114.55	36.79.183.179	136.169.211.144
185.88.103.248	14.21.8.174	103.245.50.41	197.61.178.85
31.57.44.16	123.180.105.214	47.104.61.17	186.33.72.219