Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
Type Details Datetime
attack
Honeypot attack, port: 5555, PTR: 42-3-104-034.static.netvigator.com.
2020-01-18 21:36:41
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.3.104.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32755
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.3.104.34.			IN	A

;; AUTHORITY SECTION:
.			516	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011800 1800 900 604800 86400

;; Query time: 130 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 18 21:36:38 CST 2020
;; MSG SIZE  rcvd: 115
Host info
34.104.3.42.in-addr.arpa domain name pointer 42-3-104-034.static.netvigator.com.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
34.104.3.42.in-addr.arpa	name = 42-3-104-034.static.netvigator.com.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
95.110.154.101 attack
Dec 15 10:26:54 legacy sshd[22197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.110.154.101
Dec 15 10:26:56 legacy sshd[22197]: Failed password for invalid user alex from 95.110.154.101 port 52192 ssh2
Dec 15 10:32:34 legacy sshd[22394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.110.154.101
...
2019-12-15 17:39:32
186.31.37.203 attackbotsspam
--- report ---
Dec 15 04:23:55 sshd: Connection from 186.31.37.203 port 59048
Dec 15 04:23:56 sshd: Address 186.31.37.203 maps to ingettel.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Dec 15 04:23:56 sshd: Invalid user 12345 from 186.31.37.203
Dec 15 04:23:56 sshd: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.31.37.203
Dec 15 04:23:58 sshd: Failed password for invalid user 12345 from 186.31.37.203 port 59048 ssh2
Dec 15 04:23:58 sshd: Received disconnect from 186.31.37.203: 11: Bye Bye [preauth]
2019-12-15 17:42:18
119.27.167.231 attackspambots
Dec 15 09:45:51 MK-Soft-Root2 sshd[14275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.27.167.231 
Dec 15 09:45:53 MK-Soft-Root2 sshd[14275]: Failed password for invalid user hkfmse from 119.27.167.231 port 51760 ssh2
...
2019-12-15 17:35:08
178.46.210.44 attack
Unauthorised access (Dec 15) SRC=178.46.210.44 LEN=40 PREC=0x20 TTL=51 ID=42472 TCP DPT=23 WINDOW=33604 SYN 
Unauthorised access (Dec 15) SRC=178.46.210.44 LEN=40 PREC=0x20 TTL=51 ID=42472 TCP DPT=23 WINDOW=33604 SYN
2019-12-15 17:32:50
49.72.184.171 attackspambots
Scanning
2019-12-15 17:56:43
137.74.199.180 attack
SSH Brute-Force reported by Fail2Ban
2019-12-15 18:08:53
189.112.228.153 attackspam
Dec 15 10:22:51 meumeu sshd[15725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.112.228.153 
Dec 15 10:22:53 meumeu sshd[15725]: Failed password for invalid user vv from 189.112.228.153 port 43239 ssh2
Dec 15 10:29:31 meumeu sshd[16635]: Failed password for root from 189.112.228.153 port 47220 ssh2
...
2019-12-15 17:32:35
43.252.228.165 attack
Dec 15 04:21:09 Tower sshd[15731]: Connection from 43.252.228.165 port 39122 on 192.168.10.220 port 22
Dec 15 04:21:10 Tower sshd[15731]: Failed password for root from 43.252.228.165 port 39122 ssh2
Dec 15 04:21:11 Tower sshd[15731]: Received disconnect from 43.252.228.165 port 39122:11: Bye Bye [preauth]
Dec 15 04:21:11 Tower sshd[15731]: Disconnected from authenticating user root 43.252.228.165 port 39122 [preauth]
2019-12-15 18:08:36
185.162.235.107 attack
SMTP blocked logins: 216. Dates: 26-11-2019 / 15-12-2019
2019-12-15 18:00:58
173.66.3.252 attackspam
Dec 15 04:04:16 v22018086721571380 sshd[24223]: Failed password for invalid user econtemp from 173.66.3.252 port 53860 ssh2
2019-12-15 17:57:17
167.86.103.240 attack
Unauthorized connection attempt detected from IP address 167.86.103.240 to port 993
2019-12-15 17:34:27
113.135.85.107 attackspambots
FTP Brute Force
2019-12-15 17:31:51
112.85.42.89 attackbots
2019-12-15T10:25:38.846417scmdmz1 sshd\[3005\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.89  user=root
2019-12-15T10:25:40.592205scmdmz1 sshd\[3005\]: Failed password for root from 112.85.42.89 port 62386 ssh2
2019-12-15T10:25:43.131360scmdmz1 sshd\[3005\]: Failed password for root from 112.85.42.89 port 62386 ssh2
...
2019-12-15 17:39:13
182.61.28.191 attackbotsspam
2019-12-15T06:22:08.291471shield sshd\[16601\]: Invalid user kfranco from 182.61.28.191 port 44486
2019-12-15T06:22:08.297759shield sshd\[16601\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.28.191
2019-12-15T06:22:09.896224shield sshd\[16601\]: Failed password for invalid user kfranco from 182.61.28.191 port 44486 ssh2
2019-12-15T06:27:53.230215shield sshd\[18648\]: Invalid user Fortune from 182.61.28.191 port 33992
2019-12-15T06:27:53.235068shield sshd\[18648\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.28.191
2019-12-15 17:30:25
149.56.96.78 attackbots
Dec 15 07:47:29 dedicated sshd[14563]: Invalid user grothe from 149.56.96.78 port 36838
2019-12-15 18:06:21

Recently Reported IPs

211.223.187.132 221.182.207.107 87.97.203.127 197.248.164.62
191.54.216.106 189.76.186.120 183.215.169.2 180.76.183.99
179.178.221.11 173.199.197.129 171.234.246.97 193.112.246.0
167.71.217.146 195.243.51.170 27.210.26.52 104.25.24.174
117.158.185.140 42.156.216.32 117.7.214.43 116.90.234.114