42.247.5.70 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Education and Research Network

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 42.247.5.70 to port 1433 [T]	2020-08-14 01:51:20
attack	TCP (RST) 42.247.5.70:46859 -> port 1433, len 40	2020-05-17 03:01:54

Comments on same subnet:

IP	Type	Details	Datetime
42.247.5.86	attack	Unauthorised access (Sep 10) SRC=42.247.5.86 LEN=40 TOS=0x08 PREC=0x20 TTL=223 ID=35781 TCP DPT=1433 WINDOW=1024 SYN	2020-09-11 22:47:08
42.247.5.86	attackspam	Unauthorised access (Sep 10) SRC=42.247.5.86 LEN=40 TOS=0x08 PREC=0x20 TTL=223 ID=35781 TCP DPT=1433 WINDOW=1024 SYN	2020-09-11 14:53:29
42.247.5.86	attack	Unauthorised access (Sep 10) SRC=42.247.5.86 LEN=40 TOS=0x08 PREC=0x20 TTL=223 ID=35781 TCP DPT=1433 WINDOW=1024 SYN	2020-09-11 07:04:41
42.247.5.92	attack	Unauthorised access (Jul 30) SRC=42.247.5.92 LEN=40 TOS=0x08 PREC=0x20 TTL=223 ID=46808 TCP DPT=1433 WINDOW=1024 SYN	2020-07-30 21:58:24
42.247.5.88	attack	07/16/2020-23:54:27.251909 42.247.5.88 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-07-17 16:14:33
42.247.5.82	attack	unauthorized connection attempt	2020-07-01 16:59:27
42.247.5.78	attackspambots	Icarus honeypot on github	2020-06-08 07:02:29
42.247.5.77	attack	Unauthorized connection attempt detected from IP address 42.247.5.77 to port 1433	2020-05-20 05:32:27
42.247.5.84	attackbotsspam	1433/tcp 1433/tcp [2020-03-05/04-10]2pkt	2020-04-11 06:35:58
42.247.5.78	attackspam	Icarus honeypot on github	2020-04-10 23:56:54
42.247.5.95	attackbots	Unauthorized connection attempt detected from IP address 42.247.5.95 to port 1433 [J]	2020-03-03 00:21:13
42.247.5.71	attack	unauthorized connection attempt	2020-02-26 18:08:12
42.247.5.95	attackbots	Feb 26 06:31:38 debian-2gb-nbg1-2 kernel: \[4954295.571976\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=42.247.5.95 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=230 ID=22462 PROTO=TCP SPT=49139 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-26 16:49:04
42.247.5.68	attackspam	unauthorized connection attempt	2020-02-19 19:41:29
42.247.5.78	attackspam	unauthorized connection attempt	2020-02-19 14:11:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.247.5.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55956
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.247.5.70.			IN	A

;; AUTHORITY SECTION:
.			333	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051601 1800 900 604800 86400

;; Query time: 128 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 17 03:01:50 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 70.5.247.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 70.5.247.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.234.31.158	attackspambots	May 9 02:44:19 scw-6657dc sshd[11837]: Failed password for root from 49.234.31.158 port 57766 ssh2 May 9 02:44:19 scw-6657dc sshd[11837]: Failed password for root from 49.234.31.158 port 57766 ssh2 May 9 02:46:25 scw-6657dc sshd[11907]: Invalid user ana from 49.234.31.158 port 53782 ...	2020-05-09 18:52:38
5.172.199.73	attack	0,39-02/02 [bc01/m45] PostRequest-Spammer scoring: essen	2020-05-09 18:44:04
27.50.159.237	attackspambots	Unauthorized SSH login attempts	2020-05-09 18:46:02
89.163.132.37	attackspambots	5x Failed Password	2020-05-09 18:15:00
159.89.88.114	attackspam	2020-05-09T02:45:07.203338shield sshd\[2423\]: Invalid user centos from 159.89.88.114 port 58900 2020-05-09T02:45:07.206970shield sshd\[2423\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=victormwangi.me 2020-05-09T02:45:09.340612shield sshd\[2423\]: Failed password for invalid user centos from 159.89.88.114 port 58900 ssh2 2020-05-09T02:48:48.909160shield sshd\[2837\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=victormwangi.me user=root 2020-05-09T02:48:50.379849shield sshd\[2837\]: Failed password for root from 159.89.88.114 port 39248 ssh2	2020-05-09 18:14:28
139.99.176.54	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-09 18:56:53
183.89.229.114	attackbots	Dovecot Invalid User Login Attempt.	2020-05-09 18:39:59
193.150.248.197	attack	1588927324 - 05/08/2020 15:42:04 Host: c193-150-248-197.bredband.comhem.se/193.150.248.197 Port: 23 TCP Blocked ...	2020-05-09 18:18:37
152.136.155.119	attack	May 9 04:47:07 piServer sshd[7652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.155.119 May 9 04:47:10 piServer sshd[7652]: Failed password for invalid user hines from 152.136.155.119 port 53938 ssh2 May 9 04:53:10 piServer sshd[8148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.155.119 ...	2020-05-09 18:42:15
120.92.91.176	attackbots	May 8 22:26:15 vps647732 sshd[1566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.91.176 May 8 22:26:18 vps647732 sshd[1566]: Failed password for invalid user rony from 120.92.91.176 port 43930 ssh2 ...	2020-05-09 18:27:26
31.184.199.114	attackspambots	SSH-BruteForce	2020-05-09 18:45:31
183.157.172.48	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-09 18:32:50
103.90.190.54	attackbotsspam	SSH Invalid Login	2020-05-09 18:44:59
103.37.150.140	attack	May 8 22:59:48 h2646465 sshd[3819]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.37.150.140 user=root May 8 22:59:50 h2646465 sshd[3819]: Failed password for root from 103.37.150.140 port 50626 ssh2 May 8 23:10:48 h2646465 sshd[6085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.37.150.140 user=root May 8 23:10:50 h2646465 sshd[6085]: Failed password for root from 103.37.150.140 port 49835 ssh2 May 8 23:14:36 h2646465 sshd[6235]: Invalid user notebook from 103.37.150.140 May 8 23:14:36 h2646465 sshd[6235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.37.150.140 May 8 23:14:36 h2646465 sshd[6235]: Invalid user notebook from 103.37.150.140 May 8 23:14:38 h2646465 sshd[6235]: Failed password for invalid user notebook from 103.37.150.140 port 45770 ssh2 May 8 23:18:20 h2646465 sshd[6874]: Invalid user abner from 103.37.150.140 ...	2020-05-09 18:17:14
49.235.158.251	attack	2020-05-09T00:53:20.799098abusebot-6.cloudsearch.cf sshd[12009]: Invalid user admin from 49.235.158.251 port 39886 2020-05-09T00:53:20.807582abusebot-6.cloudsearch.cf sshd[12009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.158.251 2020-05-09T00:53:20.799098abusebot-6.cloudsearch.cf sshd[12009]: Invalid user admin from 49.235.158.251 port 39886 2020-05-09T00:53:23.180959abusebot-6.cloudsearch.cf sshd[12009]: Failed password for invalid user admin from 49.235.158.251 port 39886 ssh2 2020-05-09T00:57:57.575082abusebot-6.cloudsearch.cf sshd[12242]: Invalid user yan from 49.235.158.251 port 57946 2020-05-09T00:57:57.582973abusebot-6.cloudsearch.cf sshd[12242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.158.251 2020-05-09T00:57:57.575082abusebot-6.cloudsearch.cf sshd[12242]: Invalid user yan from 49.235.158.251 port 57946 2020-05-09T00:57:59.985914abusebot-6.cloudsearch.cf sshd[12242]: Fai ...	2020-05-09 18:41:22

Recently Reported IPs

196.18.88.35	81.169.145.95	83.24.174.203	185.158.123.39
89.195.67.152	231.207.63.27	45.167.161.219	49.99.89.150
46.98.128.48	222.107.248.116	99.230.161.106	121.69.79.66
107.189.11.213	66.70.178.3	5.104.79.183	169.94.65.83
51.77.109.55	208.226.63.220	49.51.80.153	113.172.186.42