42.247.5.71 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Education and Research Network

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	unauthorized connection attempt	2020-02-26 18:08:12
attackspam	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2019-10-28 08:06:29

Comments on same subnet:

IP	Type	Details	Datetime
42.247.5.86	attack	Unauthorised access (Sep 10) SRC=42.247.5.86 LEN=40 TOS=0x08 PREC=0x20 TTL=223 ID=35781 TCP DPT=1433 WINDOW=1024 SYN	2020-09-11 22:47:08
42.247.5.86	attackspam	Unauthorised access (Sep 10) SRC=42.247.5.86 LEN=40 TOS=0x08 PREC=0x20 TTL=223 ID=35781 TCP DPT=1433 WINDOW=1024 SYN	2020-09-11 14:53:29
42.247.5.86	attack	Unauthorised access (Sep 10) SRC=42.247.5.86 LEN=40 TOS=0x08 PREC=0x20 TTL=223 ID=35781 TCP DPT=1433 WINDOW=1024 SYN	2020-09-11 07:04:41
42.247.5.70	attackspam	Unauthorized connection attempt detected from IP address 42.247.5.70 to port 1433 [T]	2020-08-14 01:51:20
42.247.5.92	attack	Unauthorised access (Jul 30) SRC=42.247.5.92 LEN=40 TOS=0x08 PREC=0x20 TTL=223 ID=46808 TCP DPT=1433 WINDOW=1024 SYN	2020-07-30 21:58:24
42.247.5.88	attack	07/16/2020-23:54:27.251909 42.247.5.88 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-07-17 16:14:33
42.247.5.82	attack	unauthorized connection attempt	2020-07-01 16:59:27
42.247.5.78	attackspambots	Icarus honeypot on github	2020-06-08 07:02:29
42.247.5.77	attack	Unauthorized connection attempt detected from IP address 42.247.5.77 to port 1433	2020-05-20 05:32:27
42.247.5.70	attack	TCP (RST) 42.247.5.70:46859 -> port 1433, len 40	2020-05-17 03:01:54
42.247.5.84	attackbotsspam	1433/tcp 1433/tcp [2020-03-05/04-10]2pkt	2020-04-11 06:35:58
42.247.5.78	attackspam	Icarus honeypot on github	2020-04-10 23:56:54
42.247.5.95	attackbots	Unauthorized connection attempt detected from IP address 42.247.5.95 to port 1433 [J]	2020-03-03 00:21:13
42.247.5.95	attackbots	Feb 26 06:31:38 debian-2gb-nbg1-2 kernel: \[4954295.571976\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=42.247.5.95 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=230 ID=22462 PROTO=TCP SPT=49139 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-26 16:49:04
42.247.5.68	attackspam	unauthorized connection attempt	2020-02-19 19:41:29

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.247.5.71
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65077
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.247.5.71.			IN	A

;; AUTHORITY SECTION:
.			402	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102701 1800 900 604800 86400

;; Query time: 233 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 28 08:06:25 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 71.5.247.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 71.5.247.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
117.4.1.233	attackspambots	Unauthorized connection attempt from IP address 117.4.1.233 on Port 445(SMB)	2020-06-05 02:56:03
88.249.43.238	attackbots	Unauthorized connection attempt detected from IP address 88.249.43.238 to port 23	2020-06-05 02:49:40
186.236.20.37	attackspambots	Jun 4 13:49:39 mail.srvfarm.net postfix/smtps/smtpd[2497785]: warning: unknown[186.236.20.37]: SASL PLAIN authentication failed: Jun 4 13:49:40 mail.srvfarm.net postfix/smtps/smtpd[2497785]: lost connection after AUTH from unknown[186.236.20.37] Jun 4 13:58:32 mail.srvfarm.net postfix/smtps/smtpd[2498764]: warning: unknown[186.236.20.37]: SASL PLAIN authentication failed: Jun 4 13:58:33 mail.srvfarm.net postfix/smtps/smtpd[2498764]: lost connection after AUTH from unknown[186.236.20.37] Jun 4 13:59:05 mail.srvfarm.net postfix/smtps/smtpd[2503970]: warning: unknown[186.236.20.37]: SASL PLAIN authentication failed:	2020-06-05 03:12:16
36.85.219.49	attackbots	Unauthorized connection attempt from IP address 36.85.219.49 on Port 445(SMB)	2020-06-05 02:55:00
193.169.212.106	attackspam	SpamScore above: 10.0	2020-06-05 02:58:28
217.112.142.65	attackspambots	Jun 4 13:58:30 mail.srvfarm.net postfix/smtpd[2502820]: NOQUEUE: reject: RCPT from unknown[217.112.142.65]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 4 14:04:00 mail.srvfarm.net postfix/smtpd[2502815]: NOQUEUE: reject: RCPT from unknown[217.112.142.65]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 4 14:04:27 mail.srvfarm.net postfix/smtpd[2502678]: NOQUEUE: reject: RCPT from unknown[217.112.142.65]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 4 14:07:20 mail.srvfarm.net postfix/smtpd[2504225]: NOQUEUE: reject: RCPT from unknown[217.112.142.65]: 450 4.1.8	2020-06-05 03:16:54
195.175.84.174	attack	Unauthorized connection attempt from IP address 195.175.84.174 on Port 445(SMB)	2020-06-05 03:10:50
199.249.230.169	attack	xmlrpc attack	2020-06-05 03:07:07
138.204.74.42	attack	Icarus honeypot on github	2020-06-05 03:02:42
178.239.156.93	attackbotsspam	Brute force attempt	2020-06-05 03:25:05
88.199.41.50	attackbotsspam	Jun 4 13:56:03 mail.srvfarm.net postfix/smtps/smtpd[2499186]: warning: unknown[88.199.41.50]: SASL PLAIN authentication failed: Jun 4 13:56:03 mail.srvfarm.net postfix/smtps/smtpd[2499186]: lost connection after AUTH from unknown[88.199.41.50] Jun 4 13:56:19 mail.srvfarm.net postfix/smtps/smtpd[2499186]: warning: unknown[88.199.41.50]: SASL PLAIN authentication failed: Jun 4 13:56:19 mail.srvfarm.net postfix/smtps/smtpd[2499186]: lost connection after AUTH from unknown[88.199.41.50] Jun 4 13:58:25 mail.srvfarm.net postfix/smtpd[2502231]: warning: unknown[88.199.41.50]: SASL PLAIN authentication failed:	2020-06-05 03:15:55
186.216.70.144	attackspam	Jun 4 13:48:28 mail.srvfarm.net postfix/smtps/smtpd[2498108]: warning: unknown[186.216.70.144]: SASL PLAIN authentication failed: Jun 4 13:48:29 mail.srvfarm.net postfix/smtps/smtpd[2498108]: lost connection after AUTH from unknown[186.216.70.144] Jun 4 13:49:39 mail.srvfarm.net postfix/smtpd[2494902]: warning: unknown[186.216.70.144]: SASL PLAIN authentication failed: Jun 4 13:49:40 mail.srvfarm.net postfix/smtpd[2494902]: lost connection after AUTH from unknown[186.216.70.144] Jun 4 13:52:21 mail.srvfarm.net postfix/smtps/smtpd[2497770]: warning: unknown[186.216.70.144]: SASL PLAIN authentication failed:	2020-06-05 03:21:46
177.11.115.176	attack	Jun 4 13:22:47 mail.srvfarm.net postfix/smtps/smtpd[2492413]: warning: unknown[177.11.115.176]: SASL PLAIN authentication failed: Jun 4 13:22:47 mail.srvfarm.net postfix/smtps/smtpd[2492413]: lost connection after AUTH from unknown[177.11.115.176] Jun 4 13:28:13 mail.srvfarm.net postfix/smtpd[2495364]: warning: unknown[177.11.115.176]: SASL PLAIN authentication failed: Jun 4 13:28:13 mail.srvfarm.net postfix/smtpd[2495364]: lost connection after AUTH from unknown[177.11.115.176] Jun 4 13:31:30 mail.srvfarm.net postfix/smtps/smtpd[2492086]: warning: unknown[177.11.115.176]: SASL PLAIN authentication failed:	2020-06-05 03:26:06
200.189.11.175	attack	Jun 4 13:23:43 mail.srvfarm.net postfix/smtps/smtpd[2492275]: warning: unknown[200.189.11.175]: SASL PLAIN authentication failed: Jun 4 13:23:43 mail.srvfarm.net postfix/smtps/smtpd[2492275]: lost connection after AUTH from unknown[200.189.11.175] Jun 4 13:26:42 mail.srvfarm.net postfix/smtps/smtpd[2492411]: warning: unknown[200.189.11.175]: SASL PLAIN authentication failed: Jun 4 13:26:42 mail.srvfarm.net postfix/smtps/smtpd[2492411]: lost connection after AUTH from unknown[200.189.11.175] Jun 4 13:28:36 mail.srvfarm.net postfix/smtpd[2494759]: warning: unknown[200.189.11.175]: SASL PLAIN authentication failed:	2020-06-05 03:19:25
195.231.3.146	attackspambots	Jun 4 20:41:31 web01.agentur-b-2.de postfix/smtpd[280183]: warning: unknown[195.231.3.146]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 4 20:41:31 web01.agentur-b-2.de postfix/smtpd[280183]: lost connection after AUTH from unknown[195.231.3.146] Jun 4 20:45:19 web01.agentur-b-2.de postfix/smtpd[280183]: warning: unknown[195.231.3.146]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 4 20:45:19 web01.agentur-b-2.de postfix/smtpd[280183]: lost connection after AUTH from unknown[195.231.3.146] Jun 4 20:49:32 web01.agentur-b-2.de postfix/smtpd[280183]: warning: unknown[195.231.3.146]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-06-05 03:19:56

Recently Reported IPs

73.216.172.192	1.111.180.147	112.114.127.28	103.249.148.137
198.233.215.28	201.4.115.231	168.197.29.189	131.244.97.237
117.50.96.239	80.73.89.111	115.238.59.165	122.195.173.151
190.215.93.104	230.30.104.70	68.68.0.207	174.96.199.144
43.241.61.243	61.165.247.87	12.152.234.176	194.158.235.110