42.243.115.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Yunnan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Honeypot attack, port: 23, PTR: PTR record not found	2019-06-30 17:32:33

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.243.115.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34616
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.243.115.2.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019063000 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 30 17:32:22 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 2.115.243.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 2.115.243.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
91.134.173.100	attackspam	Invalid user daniela from 91.134.173.100 port 59782	2020-09-22 20:48:33
75.112.68.166	attackbotsspam	Invalid user ss from 75.112.68.166 port 2191	2020-09-22 20:35:36
5.189.180.230	attackbots	Invalid user www from 5.189.180.230 port 33528	2020-09-22 21:09:42
170.78.21.249	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-22 20:34:46
104.131.106.203	attack	fail2ban/Sep 22 12:32:49 h1962932 sshd[22769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.106.203 user=root Sep 22 12:32:51 h1962932 sshd[22769]: Failed password for root from 104.131.106.203 port 56742 ssh2 Sep 22 12:38:52 h1962932 sshd[23428]: Invalid user support from 104.131.106.203 port 38902 Sep 22 12:38:52 h1962932 sshd[23428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.106.203 Sep 22 12:38:52 h1962932 sshd[23428]: Invalid user support from 104.131.106.203 port 38902 Sep 22 12:38:54 h1962932 sshd[23428]: Failed password for invalid user support from 104.131.106.203 port 38902 ssh2	2020-09-22 20:55:58
180.124.76.196	attack	Automatic report - Port Scan Attack	2020-09-22 20:54:24
182.116.110.190	attack	Hit honeypot r.	2020-09-22 20:33:37
91.121.81.12	attackspam	Sep 22 04:23:33 host sshd[2929]: Invalid user user from 91.121.81.12 port 53974 ...	2020-09-22 21:02:22
222.186.190.2	attack	Sep 22 09:36:21 vps46666688 sshd[31728]: Failed password for root from 222.186.190.2 port 65380 ssh2 Sep 22 09:36:35 vps46666688 sshd[31728]: error: maximum authentication attempts exceeded for root from 222.186.190.2 port 65380 ssh2 [preauth] ...	2020-09-22 20:44:53
134.122.113.222	attackspambots	Time: Tue Sep 22 11:59:44 2020 +0000 IP: 134.122.113.222 (US/United States/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 22 11:43:54 29-1 sshd[31034]: Invalid user afa from 134.122.113.222 port 60450 Sep 22 11:43:57 29-1 sshd[31034]: Failed password for invalid user afa from 134.122.113.222 port 60450 ssh2 Sep 22 11:56:00 29-1 sshd[32559]: Invalid user orange from 134.122.113.222 port 50120 Sep 22 11:56:02 29-1 sshd[32559]: Failed password for invalid user orange from 134.122.113.222 port 50120 ssh2 Sep 22 11:59:40 29-1 sshd[541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.113.222 user=root	2020-09-22 21:06:54
125.64.94.136	attack	TCP (SYN) 125.64.94.136:44297 -> port 50050, len 44	2020-09-22 20:55:43
164.132.46.197	attackbots	Sep 22 04:35:13 web8 sshd\[3866\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.46.197 user=root Sep 22 04:35:14 web8 sshd\[3866\]: Failed password for root from 164.132.46.197 port 35634 ssh2 Sep 22 04:37:49 web8 sshd\[5192\]: Invalid user jeus from 164.132.46.197 Sep 22 04:37:49 web8 sshd\[5192\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.46.197 Sep 22 04:37:51 web8 sshd\[5192\]: Failed password for invalid user jeus from 164.132.46.197 port 43694 ssh2	2020-09-22 20:50:51
51.178.50.20	attack	Brute%20Force%20SSH	2020-09-22 20:42:40
5.3.6.82	attackbots	Invalid user postgresql from 5.3.6.82 port 43186	2020-09-22 21:10:12
51.83.134.233	attack	"fail2ban match"	2020-09-22 20:36:07

Recently Reported IPs

95.32.239.85	189.69.3.45	175.175.169.177	111.75.126.226
58.45.31.54	177.40.19.153	175.175.253.116	187.114.252.36
83.110.207.202	42.232.218.228	177.21.202.101	119.123.72.231
212.200.165.6	186.216.153.187	149.129.233.78	80.24.104.216
35.245.140.200	176.116.137.200	104.40.0.120	60.113.85.41