42.247.30.156 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Education and Research Network

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	May 12 01:55:59 vps46666688 sshd[15477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.156 May 12 01:56:01 vps46666688 sshd[15477]: Failed password for invalid user z from 42.247.30.156 port 47058 ssh2 ...	2020-05-12 14:23:25

Type

Details

Datetime

attackbotsspam

May 12 01:55:59 vps46666688 sshd[15477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.156
May 12 01:56:01 vps46666688 sshd[15477]: Failed password for invalid user z from 42.247.30.156 port 47058 ssh2
...

2020-05-12 14:23:25

Comments on same subnet:

IP	Type	Details	Datetime
42.247.30.180	attackbots	2020-01-20T04:50:50.955298shield sshd\[28027\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.180 user=root 2020-01-20T04:50:53.265873shield sshd\[28027\]: Failed password for root from 42.247.30.180 port 49020 ssh2 2020-01-20T04:57:00.261511shield sshd\[29942\]: Invalid user nexus from 42.247.30.180 port 53014 2020-01-20T04:57:00.265559shield sshd\[29942\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.180 2020-01-20T04:57:01.704123shield sshd\[29942\]: Failed password for invalid user nexus from 42.247.30.180 port 53014 ssh2	2020-01-20 14:57:51
42.247.30.150	attack	Jan 20 05:51:50 srv01 sshd[27145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.150 user=root Jan 20 05:51:53 srv01 sshd[27145]: Failed password for root from 42.247.30.150 port 34760 ssh2 Jan 20 05:57:08 srv01 sshd[27553]: Invalid user nexus from 42.247.30.150 port 34620 Jan 20 05:57:08 srv01 sshd[27553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.150 Jan 20 05:57:08 srv01 sshd[27553]: Invalid user nexus from 42.247.30.150 port 34620 Jan 20 05:57:10 srv01 sshd[27553]: Failed password for invalid user nexus from 42.247.30.150 port 34620 ssh2 ...	2020-01-20 14:52:51
42.247.30.135	attackbots	Jan 14 15:07:00 srv-ubuntu-dev3 sshd[33231]: Invalid user local from 42.247.30.135 Jan 14 15:07:00 srv-ubuntu-dev3 sshd[33231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.135 Jan 14 15:07:00 srv-ubuntu-dev3 sshd[33231]: Invalid user local from 42.247.30.135 Jan 14 15:07:02 srv-ubuntu-dev3 sshd[33231]: Failed password for invalid user local from 42.247.30.135 port 51732 ssh2 Jan 14 15:10:12 srv-ubuntu-dev3 sshd[33663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.135 user=root Jan 14 15:10:14 srv-ubuntu-dev3 sshd[33663]: Failed password for root from 42.247.30.135 port 47460 ssh2 Jan 14 15:13:29 srv-ubuntu-dev3 sshd[33897]: Invalid user log from 42.247.30.135 Jan 14 15:13:29 srv-ubuntu-dev3 sshd[33897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.135 Jan 14 15:13:29 srv-ubuntu-dev3 sshd[33897]: Invalid user log from 42.247.30. ...	2020-01-15 02:31:42
42.247.30.132	attackspam	Oct 9 18:11:19 plesk sshd[11921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.132 user=r.r Oct 9 18:11:22 plesk sshd[11921]: Failed password for r.r from 42.247.30.132 port 57098 ssh2 Oct 9 18:11:22 plesk sshd[11921]: Received disconnect from 42.247.30.132: 11: Bye Bye [preauth] Oct 9 18:24:18 plesk sshd[12354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.132 user=r.r Oct 9 18:24:21 plesk sshd[12354]: Failed password for r.r from 42.247.30.132 port 37578 ssh2 Oct 9 18:24:21 plesk sshd[12354]: Received disconnect from 42.247.30.132: 11: Bye Bye [preauth] Oct 9 18:29:15 plesk sshd[12549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.132 user=r.r Oct 9 18:29:18 plesk sshd[12549]: Failed password for r.r from 42.247.30.132 port 48206 ssh2 Oct 9 18:29:18 plesk sshd[12549]: Received disconnect from 42.247......... -------------------------------	2019-10-10 04:43:54
42.247.30.180	attack	Oct 4 00:41:04 ny01 sshd[23824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.180 Oct 4 00:41:07 ny01 sshd[23824]: Failed password for invalid user 123May from 42.247.30.180 port 59736 ssh2 Oct 4 00:50:35 ny01 sshd[25377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.180	2019-10-04 12:59:49
42.247.30.174	attackspam	Sep 17 04:44:30 vtv3 sshd\[16335\]: Invalid user carpe from 42.247.30.174 port 40058 Sep 17 04:44:30 vtv3 sshd\[16335\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.174 Sep 17 04:44:32 vtv3 sshd\[16335\]: Failed password for invalid user carpe from 42.247.30.174 port 40058 ssh2 Sep 17 04:50:52 vtv3 sshd\[19753\]: Invalid user qc from 42.247.30.174 port 37788 Sep 17 04:50:52 vtv3 sshd\[19753\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.174 Sep 17 05:04:21 vtv3 sshd\[26109\]: Invalid user mongo from 42.247.30.174 port 47894 Sep 17 05:04:21 vtv3 sshd\[26109\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.174 Sep 17 05:04:24 vtv3 sshd\[26109\]: Failed password for invalid user mongo from 42.247.30.174 port 47894 ssh2 Sep 17 05:09:03 vtv3 sshd\[28638\]: Invalid user temp from 42.247.30.174 port 32792 Sep 17 05:09:03 vtv3 sshd\[28638\]: pam_unix\	2019-09-17 13:48:20
42.247.30.153	attack	Sep 16 01:58:21 ovpn sshd[32566]: Invalid user bu from 42.247.30.153 Sep 16 01:58:21 ovpn sshd[32566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.153 Sep 16 01:58:23 ovpn sshd[32566]: Failed password for invalid user bu from 42.247.30.153 port 47150 ssh2 Sep 16 01:58:23 ovpn sshd[32566]: Received disconnect from 42.247.30.153 port 47150:11: Bye Bye [preauth] Sep 16 01:58:23 ovpn sshd[32566]: Disconnected from 42.247.30.153 port 47150 [preauth] Sep 16 02:09:23 ovpn sshd[2199]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.153 user=r.r Sep 16 02:09:25 ovpn sshd[2199]: Failed password for r.r from 42.247.30.153 port 51304 ssh2 Sep 16 02:09:25 ovpn sshd[2199]: Received disconnect from 42.247.30.153 port 51304:11: Bye Bye [preauth] Sep 16 02:09:25 ovpn sshd[2199]: Disconnected from 42.247.30.153 port 51304 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.ht	2019-09-17 06:56:54
42.247.30.188	attack	Sep 16 08:26:02 localhost sshd\[9892\]: Invalid user felipe from 42.247.30.188 port 34346 Sep 16 08:26:02 localhost sshd\[9892\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.188 Sep 16 08:26:04 localhost sshd\[9892\]: Failed password for invalid user felipe from 42.247.30.188 port 34346 ssh2 ...	2019-09-16 19:56:11
42.247.30.176	attack	Sep 15 19:30:05 xtremcommunity sshd\[124643\]: Invalid user webalizer from 42.247.30.176 port 41632 Sep 15 19:30:05 xtremcommunity sshd\[124643\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.176 Sep 15 19:30:07 xtremcommunity sshd\[124643\]: Failed password for invalid user webalizer from 42.247.30.176 port 41632 ssh2 Sep 15 19:34:47 xtremcommunity sshd\[124740\]: Invalid user bpadmin from 42.247.30.176 port 53968 Sep 15 19:34:47 xtremcommunity sshd\[124740\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.176 ...	2019-09-16 11:51:01
42.247.30.164	attackspam	Sep 15 17:42:04 www sshd\[78802\]: Invalid user boomi from 42.247.30.164 Sep 15 17:42:04 www sshd\[78802\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.247.30.164 Sep 15 17:42:05 www sshd\[78802\]: Failed password for invalid user boomi from 42.247.30.164 port 32768 ssh2 ...	2019-09-15 22:51:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.247.30.156
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34081
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.247.30.156.			IN	A

;; AUTHORITY SECTION:
.			540	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051200 1800 900 604800 86400

;; Query time: 97 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue May 12 14:23:20 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 156.30.247.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 156.30.247.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.65.229.162	attack	php WP PHPmyadamin ABUSE blocked for 12h	2019-10-20 19:15:24
104.168.248.96	attack	Oct 16 14:01:06 mailserver sshd[5322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.248.96 user=r.r Oct 16 14:01:08 mailserver sshd[5322]: Failed password for r.r from 104.168.248.96 port 39566 ssh2 Oct 16 14:01:08 mailserver sshd[5322]: Received disconnect from 104.168.248.96 port 39566:11: Bye Bye [preauth] Oct 16 14:01:08 mailserver sshd[5322]: Disconnected from 104.168.248.96 port 39566 [preauth] Oct 16 14:20:06 mailserver sshd[7210]: Invalid user 123123 from 104.168.248.96 Oct 16 14:20:06 mailserver sshd[7210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.248.96 Oct 16 14:20:08 mailserver sshd[7210]: Failed password for invalid user 123123 from 104.168.248.96 port 45106 ssh2 Oct 16 14:20:08 mailserver sshd[7210]: Received disconnect from 104.168.248.96 port 45106:11: Bye Bye [preauth] Oct 16 14:20:08 mailserver sshd[7210]: Disconnected from 104.168.248.96 port 451........ -------------------------------	2019-10-20 19:19:46
113.125.26.101	attack	vps1:sshd-InvalidUser	2019-10-20 19:02:49
54.38.241.171	attackbotsspam	Invalid user cynthia from 54.38.241.171 port 52874	2019-10-20 19:32:19
122.175.55.196	attack	Oct 20 10:32:04 server sshd\[22213\]: Invalid user yang from 122.175.55.196 Oct 20 10:32:04 server sshd\[22213\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.175.55.196 Oct 20 10:32:06 server sshd\[22213\]: Failed password for invalid user yang from 122.175.55.196 port 48206 ssh2 Oct 20 10:40:15 server sshd\[24298\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.175.55.196 user=root Oct 20 10:40:16 server sshd\[24298\]: Failed password for root from 122.175.55.196 port 19953 ssh2 ...	2019-10-20 19:39:50
128.199.154.60	attackspam	Automatic report - Banned IP Access	2019-10-20 18:59:10
129.28.169.208	attackbotsspam	Oct 16 22:13:55 ovpn sshd[8297]: Invalid user master from 129.28.169.208 Oct 16 22:13:55 ovpn sshd[8297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.169.208 Oct 16 22:13:56 ovpn sshd[8297]: Failed password for invalid user master from 129.28.169.208 port 54236 ssh2 Oct 16 22:13:56 ovpn sshd[8297]: Received disconnect from 129.28.169.208 port 54236:11: Bye Bye [preauth] Oct 16 22:13:56 ovpn sshd[8297]: Disconnected from 129.28.169.208 port 54236 [preauth] Oct 16 22:23:06 ovpn sshd[10075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.169.208 user=r.r Oct 16 22:23:08 ovpn sshd[10075]: Failed password for r.r from 129.28.169.208 port 58692 ssh2 Oct 16 22:23:09 ovpn sshd[10075]: Received disconnect from 129.28.169.208 port 58692:11: Bye Bye [preauth] Oct 16 22:23:09 ovpn sshd[10075]: Disconnected from 129.28.169.208 port 58692 [preauth] ........ ----------------------------------------------- https://www.blockli	2019-10-20 19:33:35
212.48.93.183	attackspam	Sat, 19 Oct 2019 16:15:58 -0400 Received: from blue3011.server-cp.com ([212.48.93.183]:52227 helo=mail2.universalmedia365.com) From: "Andrew Palmer" Finance Monthly Game Changers Awards 2020 hoax spam	2019-10-20 19:10:56
186.215.234.110	attackspam	Oct 19 19:12:14 php1 sshd\[25366\]: Invalid user resu from 186.215.234.110 Oct 19 19:12:14 php1 sshd\[25366\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.215.234.110 Oct 19 19:12:16 php1 sshd\[25366\]: Failed password for invalid user resu from 186.215.234.110 port 59485 ssh2 Oct 19 19:20:15 php1 sshd\[26041\]: Invalid user !QAZ@WSX\#EDC from 186.215.234.110 Oct 19 19:20:15 php1 sshd\[26041\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.215.234.110	2019-10-20 19:25:30
200.105.183.118	attackspambots	Oct 20 02:20:35 ny01 sshd[5771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.105.183.118 Oct 20 02:20:36 ny01 sshd[5771]: Failed password for invalid user centos1234 from 200.105.183.118 port 13249 ssh2 Oct 20 02:25:20 ny01 sshd[6583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.105.183.118	2019-10-20 19:32:55
212.30.52.243	attackbots	Oct 20 07:18:29 ovpn sshd\[18420\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.30.52.243 user=root Oct 20 07:18:30 ovpn sshd\[18420\]: Failed password for root from 212.30.52.243 port 55377 ssh2 Oct 20 07:23:53 ovpn sshd\[19442\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.30.52.243 user=root Oct 20 07:23:54 ovpn sshd\[19442\]: Failed password for root from 212.30.52.243 port 52234 ssh2 Oct 20 07:27:58 ovpn sshd\[20238\]: Invalid user jair from 212.30.52.243 Oct 20 07:27:58 ovpn sshd\[20238\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.30.52.243	2019-10-20 19:03:40
106.75.109.223	attackbotsspam	port scan and connect, tcp 443 (https)	2019-10-20 19:16:06
106.12.17.43	attack	Invalid user chandru from 106.12.17.43 port 37336	2019-10-20 19:32:37
114.40.151.86	attack	" "	2019-10-20 19:24:43
183.103.61.243	attackspam	Triggered by Fail2Ban at Vostok web server	2019-10-20 19:19:31

Recently Reported IPs

180.253.31.43	27.159.65.115	36.90.56.37	106.12.161.99
45.64.214.86	185.172.87.218	59.159.19.191	114.34.222.222
62.219.23.8	1.20.207.55	132.187.98.9	193.187.119.162
184.222.47.157	91.194.84.123	13.76.228.68	113.131.177.225
93.99.104.201	197.135.61.121	75.127.17.169	113.1.229.202