42.240.1.105 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.240.129.58	attackspam	TCP (SYN) 42.240.129.58:58914 -> port 8333, len 44	2020-10-05 06:51:13
42.240.129.58	attack	firewall-block, port(s): 8126/tcp	2020-10-04 22:56:07
42.240.129.58	attack	firewall-block, port(s): 8126/tcp	2020-10-04 14:42:12
42.240.129.58	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 8291 proto: tcp cat: Misc Attackbytes: 60	2020-10-01 07:24:31
42.240.129.58	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 8291 proto: tcp cat: Misc Attackbytes: 60	2020-09-30 23:52:11
42.240.129.58	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 23 - port: 8291 proto: tcp cat: Misc Attackbytes: 60	2020-09-30 16:17:35
42.240.129.58	attack	Port scan denied	2020-09-29 06:21:14
42.240.129.58	attackbots	Port scan denied	2020-09-28 14:51:49
42.240.130.103	attackspam	Jul 30 00:27:37 ahost sshd[10953]: Invalid user devstaff from 42.240.130.103 Jul 30 00:27:37 ahost sshd[10953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.240.130.103 Jul 30 00:27:39 ahost sshd[10953]: Failed password for invalid user devstaff from 42.240.130.103 port 52746 ssh2 Jul 30 00:27:39 ahost sshd[10953]: Received disconnect from 42.240.130.103: 11: Bye Bye [preauth] Jul 30 00:37:57 ahost sshd[11139]: Invalid user xfhou from 42.240.130.103 Jul 30 00:37:57 ahost sshd[11139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.240.130.103 Jul 30 00:38:00 ahost sshd[11139]: Failed password for invalid user xfhou from 42.240.130.103 port 56808 ssh2 Jul 30 00:38:00 ahost sshd[11139]: Received disconnect from 42.240.130.103: 11: Bye Bye [preauth] Jul 30 00:44:15 ahost sshd[12013]: Invalid user honghaiyan from 42.240.130.103 Jul 30 00:44:15 ahost sshd[12013]: pam_unix(sshd:auth): au........ ------------------------------	2020-07-31 04:31:43
42.240.130.165	attack	May 29 06:07:46 vps687878 sshd\[1365\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.240.130.165 user=root May 29 06:07:48 vps687878 sshd\[1365\]: Failed password for root from 42.240.130.165 port 46000 ssh2 May 29 06:11:57 vps687878 sshd\[1931\]: Invalid user richard from 42.240.130.165 port 36430 May 29 06:11:57 vps687878 sshd\[1931\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.240.130.165 May 29 06:11:59 vps687878 sshd\[1931\]: Failed password for invalid user richard from 42.240.130.165 port 36430 ssh2 ...	2020-05-29 12:58:52
42.240.129.58	attack	firewall-block, port(s): 5095/udp	2020-05-29 00:28:20
42.240.130.165	attackspambots	May 10 06:30:53 sshgateway sshd\[21436\]: Invalid user tacpro from 42.240.130.165 May 10 06:30:53 sshgateway sshd\[21436\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.240.130.165 May 10 06:30:54 sshgateway sshd\[21436\]: Failed password for invalid user tacpro from 42.240.130.165 port 36054 ssh2	2020-05-10 17:35:29
42.240.130.165	attackbotsspam	Invalid user support from 42.240.130.165 port 58016	2020-05-01 17:32:20
42.240.130.165	attack	Invalid user postgres from 42.240.130.165 port 48684	2020-04-21 22:47:02
42.240.130.165	attack	Apr 19 13:19:39 *** sshd[26217]: Invalid user sd from 42.240.130.165	2020-04-19 23:43:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.240.1.105
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38513
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.240.1.105.			IN	A

;; AUTHORITY SECTION:
.			214	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022060700 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 07 17:07:13 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 105.1.240.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 105.1.240.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.247.109.88	attack	[2020-08-18 04:37:47] NOTICE[1185][C-00003201] chan_sip.c: Call from '' (77.247.109.88:54961) to extension '011442037699492' rejected because extension not found in context 'public'. [2020-08-18 04:37:47] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-18T04:37:47.673-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011442037699492",SessionID="0x7f10c43f67a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.109.88/54961",ACLName="no_extension_match" [2020-08-18 04:38:08] NOTICE[1185][C-00003202] chan_sip.c: Call from '' (77.247.109.88:60315) to extension '011441519470478' rejected because extension not found in context 'public'. [2020-08-18 04:38:08] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-18T04:38:08.395-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011441519470478",SessionID="0x7f10c4481d18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/ ...	2020-08-18 16:52:24
121.120.86.185	attack	Unauthorised access (Aug 18) SRC=121.120.86.185 LEN=52 TOS=0x10 PREC=0x40 TTL=106 ID=9845 DF TCP DPT=445 WINDOW=8192 SYN	2020-08-18 17:00:16
222.244.139.76	attackbots	port scan and connect, tcp 1433 (ms-sql-s)	2020-08-18 17:07:38
104.248.62.182	attackbotsspam	Aug 18 11:13:08 ip106 sshd[15939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.62.182 Aug 18 11:13:09 ip106 sshd[15939]: Failed password for invalid user bugzilla from 104.248.62.182 port 48636 ssh2 ...	2020-08-18 17:17:14
187.189.52.132	attack	2020-08-18T02:36:58.6604041495-001 sshd[14148]: Failed password for invalid user guest from 187.189.52.132 port 46872 ssh2 2020-08-18T02:42:00.4352921495-001 sshd[14431]: Invalid user max from 187.189.52.132 port 55962 2020-08-18T02:42:00.4425051495-001 sshd[14431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=fixed-187-189-52-132.totalplay.net 2020-08-18T02:42:00.4352921495-001 sshd[14431]: Invalid user max from 187.189.52.132 port 55962 2020-08-18T02:42:02.1709311495-001 sshd[14431]: Failed password for invalid user max from 187.189.52.132 port 55962 ssh2 2020-08-18T02:46:59.3285171495-001 sshd[14606]: Invalid user teamspeak from 187.189.52.132 port 36818 ...	2020-08-18 16:51:40
117.214.15.109	attackbots	RDP Bruteforce	2020-08-18 16:50:31
155.94.156.84	attackbots	Port Scan detected from 155.94.156.84 (US/United States/California/Los Angeles (Downtown)/155.94.156.84.static.quadranet.com). 4 hits in the last 30 seconds	2020-08-18 16:54:26
145.239.234.159	attackbots	port 23	2020-08-18 16:58:48
49.88.112.114	attackspambots	Aug 18 08:49:40 django-0 sshd[3091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Aug 18 08:49:42 django-0 sshd[3091]: Failed password for root from 49.88.112.114 port 26699 ssh2 ...	2020-08-18 17:03:01
103.83.36.101	attackbotsspam	103.83.36.101 - - [18/Aug/2020:09:53:32 +0100] "POST /wp-login.php HTTP/1.1" 200 1908 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.83.36.101 - - [18/Aug/2020:09:53:33 +0100] "POST /wp-login.php HTTP/1.1" 200 1839 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.83.36.101 - - [18/Aug/2020:09:53:34 +0100] "POST /wp-login.php HTTP/1.1" 200 1886 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-18 17:17:53
185.190.16.70	attackspam	C1,WP GET /nelson/www/wp-includes/wlwmanifest.xml	2020-08-18 17:24:45
118.27.5.46	attackbotsspam	Aug 18 10:30:54 pkdns2 sshd\[12659\]: Invalid user a from 118.27.5.46Aug 18 10:30:56 pkdns2 sshd\[12659\]: Failed password for invalid user a from 118.27.5.46 port 35918 ssh2Aug 18 10:34:47 pkdns2 sshd\[12774\]: Invalid user admin from 118.27.5.46Aug 18 10:34:50 pkdns2 sshd\[12774\]: Failed password for invalid user admin from 118.27.5.46 port 40370 ssh2Aug 18 10:38:44 pkdns2 sshd\[12946\]: Invalid user orlando from 118.27.5.46Aug 18 10:38:46 pkdns2 sshd\[12946\]: Failed password for invalid user orlando from 118.27.5.46 port 44818 ssh2 ...	2020-08-18 16:53:42
195.178.123.240	attackspam	Icarus honeypot on github	2020-08-18 16:59:37
218.111.88.185	attack	Aug 18 07:42:44 eventyay sshd[26086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.111.88.185 Aug 18 07:42:46 eventyay sshd[26086]: Failed password for invalid user s1 from 218.111.88.185 port 46096 ssh2 Aug 18 07:48:00 eventyay sshd[26232]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.111.88.185 ...	2020-08-18 17:17:27
68.183.89.147	attack	Invalid user 1 from 68.183.89.147 port 55570	2020-08-18 17:27:45

Recently Reported IPs

174.127.195.99	92.55.72.196	143.172.152.26	145.239.91.241
18.201.214.100	159.227.157.29	165.199.132.149	201.57.93.217
101.71.22.52	39.195.215.85	225.17.125.47	33.117.202.58
161.177.112.134	186.217.36.226	86.196.90.0	54.39.81.7
194.31.98.29	47.254.244.239	45.167.241.220	243.56.183.65