42.240.130.103

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shanghai UCloud Information Technology Company Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Jul 30 00:27:37 ahost sshd[10953]: Invalid user devstaff from 42.240.130.103 Jul 30 00:27:37 ahost sshd[10953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.240.130.103 Jul 30 00:27:39 ahost sshd[10953]: Failed password for invalid user devstaff from 42.240.130.103 port 52746 ssh2 Jul 30 00:27:39 ahost sshd[10953]: Received disconnect from 42.240.130.103: 11: Bye Bye [preauth] Jul 30 00:37:57 ahost sshd[11139]: Invalid user xfhou from 42.240.130.103 Jul 30 00:37:57 ahost sshd[11139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.240.130.103 Jul 30 00:38:00 ahost sshd[11139]: Failed password for invalid user xfhou from 42.240.130.103 port 56808 ssh2 Jul 30 00:38:00 ahost sshd[11139]: Received disconnect from 42.240.130.103: 11: Bye Bye [preauth] Jul 30 00:44:15 ahost sshd[12013]: Invalid user honghaiyan from 42.240.130.103 Jul 30 00:44:15 ahost sshd[12013]: pam_unix(sshd:auth): au........ ------------------------------	2020-07-31 04:31:43

Type

Details

Datetime

attackspam

Jul 30 00:27:37 ahost sshd[10953]: Invalid user devstaff from 42.240.130.103
Jul 30 00:27:37 ahost sshd[10953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.240.130.103 
Jul 30 00:27:39 ahost sshd[10953]: Failed password for invalid user devstaff from 42.240.130.103 port 52746 ssh2
Jul 30 00:27:39 ahost sshd[10953]: Received disconnect from 42.240.130.103: 11: Bye Bye [preauth]
Jul 30 00:37:57 ahost sshd[11139]: Invalid user xfhou from 42.240.130.103
Jul 30 00:37:57 ahost sshd[11139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.240.130.103 
Jul 30 00:38:00 ahost sshd[11139]: Failed password for invalid user xfhou from 42.240.130.103 port 56808 ssh2
Jul 30 00:38:00 ahost sshd[11139]: Received disconnect from 42.240.130.103: 11: Bye Bye [preauth]
Jul 30 00:44:15 ahost sshd[12013]: Invalid user honghaiyan from 42.240.130.103
Jul 30 00:44:15 ahost sshd[12013]: pam_unix(sshd:auth): au........
------------------------------

2020-07-31 04:31:43

Comments on same subnet:

IP	Type	Details	Datetime
42.240.130.165	attack	May 29 06:07:46 vps687878 sshd\[1365\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.240.130.165 user=root May 29 06:07:48 vps687878 sshd\[1365\]: Failed password for root from 42.240.130.165 port 46000 ssh2 May 29 06:11:57 vps687878 sshd\[1931\]: Invalid user richard from 42.240.130.165 port 36430 May 29 06:11:57 vps687878 sshd\[1931\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.240.130.165 May 29 06:11:59 vps687878 sshd\[1931\]: Failed password for invalid user richard from 42.240.130.165 port 36430 ssh2 ...	2020-05-29 12:58:52
42.240.130.165	attackspambots	May 10 06:30:53 sshgateway sshd\[21436\]: Invalid user tacpro from 42.240.130.165 May 10 06:30:53 sshgateway sshd\[21436\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.240.130.165 May 10 06:30:54 sshgateway sshd\[21436\]: Failed password for invalid user tacpro from 42.240.130.165 port 36054 ssh2	2020-05-10 17:35:29
42.240.130.165	attackbotsspam	Invalid user support from 42.240.130.165 port 58016	2020-05-01 17:32:20
42.240.130.165	attack	Invalid user postgres from 42.240.130.165 port 48684	2020-04-21 22:47:02
42.240.130.165	attack	Apr 19 13:19:39 *** sshd[26217]: Invalid user sd from 42.240.130.165	2020-04-19 23:43:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.240.130.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37352
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.240.130.103.			IN	A

;; AUTHORITY SECTION:
.			182	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020073001 1800 900 604800 86400

;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 31 04:31:40 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 103.130.240.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 103.130.240.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
155.46.21.78	attack	ICMP MP Probe, Scan -	2019-07-24 02:52:46
154.66.219.20	attackbotsspam	Automatic report - Banned IP Access	2019-07-24 02:46:12
183.109.165.190	attackbots	Port scan on 1 port(s): 9527	2019-07-24 02:45:52
159.65.4.188	attackbots	Web App Attack	2019-07-24 03:09:57
151.80.41.124	attackbots	Jul 23 20:38:33 MainVPS sshd[2375]: Invalid user test1 from 151.80.41.124 port 44662 Jul 23 20:38:33 MainVPS sshd[2375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.41.124 Jul 23 20:38:33 MainVPS sshd[2375]: Invalid user test1 from 151.80.41.124 port 44662 Jul 23 20:38:35 MainVPS sshd[2375]: Failed password for invalid user test1 from 151.80.41.124 port 44662 ssh2 Jul 23 20:42:56 MainVPS sshd[2758]: Invalid user seng from 151.80.41.124 port 40172 ...	2019-07-24 03:23:09
178.150.189.43	attack	3389BruteforceFW21	2019-07-24 03:15:25
146.242.63.78	attackbotsspam	ICMP MP Probe, Scan -	2019-07-24 03:16:26
59.120.189.234	attackspambots	2019-07-23T14:57:01.280863abusebot-6.cloudsearch.cf sshd\[3308\]: Invalid user patrick from 59.120.189.234 port 43822	2019-07-24 03:04:01
81.22.45.165	attack	Splunk® : port scan detected: Jul 23 15:09:09 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:64:c3:d6:0b:ef:f0:08:00 SRC=81.22.45.165 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=39300 PROTO=TCP SPT=47134 DPT=9789 WINDOW=1024 RES=0x00 SYN URGP=0	2019-07-24 03:24:24
155.46.21.65	attackbotsspam	ICMP MP Probe, Scan -	2019-07-24 02:57:56
146.242.63.65	attackbots	ICMP MP Probe, Scan -	2019-07-24 03:21:58
207.46.13.89	attackbots	SQL Injection	2019-07-24 03:17:16
54.37.152.117	attackbots	2019-07-23T12:09:31.332084hz01.yumiweb.com sshd\[5236\]: Invalid user ftpvip123 from 54.37.152.117 port 57182 2019-07-23T12:12:31.714633hz01.yumiweb.com sshd\[5238\]: Invalid user dwei from 54.37.152.117 port 40840 2019-07-23T12:24:33.921555hz01.yumiweb.com sshd\[5252\]: Invalid user zmqi from 54.37.152.117 port 60188 ...	2019-07-24 02:55:45
119.196.83.18	attackbotsspam	Jul 23 06:31:27 debian sshd\[20012\]: Invalid user ranjit from 119.196.83.18 port 57662 Jul 23 06:31:27 debian sshd\[20012\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.196.83.18 Jul 23 06:31:29 debian sshd\[20012\]: Failed password for invalid user ranjit from 119.196.83.18 port 57662 ssh2 ...	2019-07-24 03:14:05
45.55.233.213	attack	Jul 23 21:06:43 eventyay sshd[30564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.233.213 Jul 23 21:06:45 eventyay sshd[30564]: Failed password for invalid user randy from 45.55.233.213 port 40684 ssh2 Jul 23 21:12:52 eventyay sshd[32087]: Failed password for root from 45.55.233.213 port 34192 ssh2 ...	2019-07-24 03:25:37

Recently Reported IPs

122.87.156.88	60.8.5.114	113.89.32.37	85.209.0.183
1.54.139.36	187.178.174.43	107.150.7.128	46.109.111.15
51.158.190.194	45.32.100.102	198.199.77.16	121.239.185.187
27.78.240.170	118.232.21.62	62.171.158.21	125.24.163.36
13.80.179.164	5.55.143.6	103.148.195.14	179.183.245.192