42.242.161.111

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Yunnan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port Scan	2019-10-28 01:57:41

Comments on same subnet:

IP	Type	Details	Datetime
42.242.161.113	attackspam	port scan and connect, tcp 23 (telnet)	2019-10-23 14:37:20
42.242.161.35	attackspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-06-29 08:24:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.242.161.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64073
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.242.161.111.			IN	A

;; AUTHORITY SECTION:
.			364	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102701 1800 900 604800 86400

;; Query time: 73 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 28 01:57:39 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 111.161.242.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 111.161.242.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.65.144.36	attack	Invalid user admin from 159.65.144.36 port 60948	2020-04-30 20:03:05
125.45.12.133	attackspam	Apr 29 13:25:04 roadrisk sshd[31127]: reveeclipse mapping checking getaddrinfo for hn.kd.ny.adsl [125.45.12.133] failed - POSSIBLE BREAK-IN ATTEMPT! Apr 29 13:25:06 roadrisk sshd[31127]: Failed password for invalid user ftpuser from 125.45.12.133 port 33242 ssh2 Apr 29 13:25:06 roadrisk sshd[31127]: Received disconnect from 125.45.12.133: 11: Bye Bye [preauth] Apr 29 13:39:49 roadrisk sshd[31478]: Connection closed by 125.45.12.133 [preauth] Apr 29 13:43:38 roadrisk sshd[31633]: reveeclipse mapping checking getaddrinfo for hn.kd.ny.adsl [125.45.12.133] failed - POSSIBLE BREAK-IN ATTEMPT! Apr 29 13:43:39 roadrisk sshd[31633]: Failed password for invalid user milka from 125.45.12.133 port 53490 ssh2 Apr 29 13:43:40 roadrisk sshd[31633]: Received disconnect from 125.45.12.133: 11: Bye Bye [preauth] Apr 29 13:48:53 roadrisk sshd[31748]: Connection closed by 125.45.12.133 [preauth] Apr 29 13:53:14 roadrisk sshd[31884]: Connection closed by 125.45.12.133 [preauth] Apr 29 13:5........ -------------------------------	2020-04-30 19:34:24
106.75.4.215	attack	prod6 ...	2020-04-30 19:48:15
218.92.0.145	attackspambots	Apr 30 13:34:34 minden010 sshd[22894]: Failed password for root from 218.92.0.145 port 26186 ssh2 Apr 30 13:34:37 minden010 sshd[22894]: Failed password for root from 218.92.0.145 port 26186 ssh2 Apr 30 13:34:41 minden010 sshd[22894]: Failed password for root from 218.92.0.145 port 26186 ssh2 Apr 30 13:34:44 minden010 sshd[22894]: Failed password for root from 218.92.0.145 port 26186 ssh2 ...	2020-04-30 19:43:26
37.228.116.129	spam	Spammail mit unerwünschtem Sexangeboten. Passt auch überhaupt nicht zu meinem Profil. Da ich über Freenet schon gehackt wurde über russische Server, könnte meine E-Mailadresse aus diesen alten Vorfällen stammen. Ich habe vor kurzem eine Warnung von Apple über unerwünschte Aktionen auf meinen Internetaktionen bekommen, die ich zu entfernen versucht habe. Das ist mir wohl auch auf dem E-Mail Postfach von Apple gelungen. Aber auf dem Original Freenet Kanal ist mir das wohl nicht gelungen.	2020-04-30 19:54:16
103.16.228.63	attackspam	RDP Brute-Force (honeypot 3)	2020-04-30 19:37:34
221.195.162.75	attack	Brute force blocker - service: proftpd1, proftpd2 - aantal: 109 - Fri Jun 1 14:45:18 2018	2020-04-30 19:35:55
86.84.41.217	attack	RDP Brute-Force (honeypot 6)	2020-04-30 19:44:12
188.166.251.87	attackbots	Unauthorised connection attempt detected at AUO NODE 1. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-30 19:36:51
123.206.217.32	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-30 19:39:03
171.109.46.199	attackspam	Brute force blocker - service: proftpd1, proftpd2 - aantal: 87 - Wed May 30 06:45:21 2018	2020-04-30 19:55:12
88.98.254.131	attackspam	Brute-Force,SSH	2020-04-30 19:50:27
185.189.112.246	attack	lfd: (smtpauth) Failed SMTP AUTH login from 185.189.112.246 (-): 5 in the last 3600 secs - Fri Jun 1 10:34:20 2018	2020-04-30 19:37:16
157.230.61.132	attack	Apr 30 13:29:45 server sshd[57958]: Failed password for invalid user mythtv from 157.230.61.132 port 36328 ssh2 Apr 30 13:33:26 server sshd[61037]: Failed password for invalid user zjw from 157.230.61.132 port 47078 ssh2 Apr 30 13:37:01 server sshd[63978]: Failed password for invalid user redmine from 157.230.61.132 port 57820 ssh2	2020-04-30 19:52:10
129.213.32.32	attackspam	Brute-force attempt banned	2020-04-30 19:52:37

Recently Reported IPs

217.68.218.47	217.68.218.32	118.179.212.22	113.172.124.198
217.68.218.248	217.68.218.245	217.68.218.25	217.68.218.23
216.10.249.73	217.68.218.216	190.47.207.55	58.17.241.81
217.68.218.197	80.225.227.17	85.253.27.235	217.68.218.195
136.186.177.164	73.77.240.27	217.68.218.194	63.55.226.186