42.3.104.34 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Honeypot attack, port: 5555, PTR: 42-3-104-034.static.netvigator.com.	2020-01-18 21:36:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.3.104.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32755
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.3.104.34.			IN	A

;; AUTHORITY SECTION:
.			516	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011800 1800 900 604800 86400

;; Query time: 130 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 18 21:36:38 CST 2020
;; MSG SIZE  rcvd: 115

Host info

34.104.3.42.in-addr.arpa domain name pointer 42-3-104-034.static.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
34.104.3.42.in-addr.arpa	name = 42-3-104-034.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
110.137.24.49	attackspam	1581224001 - 02/09/2020 05:53:21 Host: 110.137.24.49/110.137.24.49 Port: 445 TCP Blocked	2020-02-09 17:03:16
118.193.31.180	attack	unauthorized connection attempt	2020-02-09 17:09:14
139.59.95.2	attack	Feb 8 22:42:15 hpm sshd\[12324\]: Invalid user etx from 139.59.95.2 Feb 8 22:42:15 hpm sshd\[12324\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.95.2 Feb 8 22:42:17 hpm sshd\[12324\]: Failed password for invalid user etx from 139.59.95.2 port 46322 ssh2 Feb 8 22:45:49 hpm sshd\[12692\]: Invalid user ibg from 139.59.95.2 Feb 8 22:45:49 hpm sshd\[12692\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.95.2	2020-02-09 16:48:31
193.56.28.220	attackspam	2020-02-09T05:52:54.335856www postfix/smtpd[1058]: warning: unknown[193.56.28.220]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-02-09T05:53:02.388829www postfix/smtpd[1058]: warning: unknown[193.56.28.220]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-02-09T05:53:06.039860www postfix/smtpd[1071]: warning: unknown[193.56.28.220]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-02-09 17:14:13
222.184.101.98	attack	Feb 9 06:37:26 silence02 sshd[31703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.184.101.98 Feb 9 06:37:28 silence02 sshd[31703]: Failed password for invalid user xl from 222.184.101.98 port 17898 ssh2 Feb 9 06:40:39 silence02 sshd[31849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.184.101.98	2020-02-09 17:14:59
106.13.114.26	attackbots	$f2bV_matches	2020-02-09 16:34:35
5.234.52.124	attackbotsspam	1581224038 - 02/09/2020 05:53:58 Host: 5.234.52.124/5.234.52.124 Port: 445 TCP Blocked	2020-02-09 16:42:19
116.31.124.117	attackspambots	$f2bV_matches	2020-02-09 16:45:27
128.199.211.110	attack	Feb 9 06:05:38 srv-ubuntu-dev3 sshd[57936]: Invalid user lmo from 128.199.211.110 Feb 9 06:05:38 srv-ubuntu-dev3 sshd[57936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.211.110 Feb 9 06:05:38 srv-ubuntu-dev3 sshd[57936]: Invalid user lmo from 128.199.211.110 Feb 9 06:05:40 srv-ubuntu-dev3 sshd[57936]: Failed password for invalid user lmo from 128.199.211.110 port 48499 ssh2 Feb 9 06:08:42 srv-ubuntu-dev3 sshd[58268]: Invalid user aep from 128.199.211.110 Feb 9 06:08:42 srv-ubuntu-dev3 sshd[58268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.211.110 Feb 9 06:08:42 srv-ubuntu-dev3 sshd[58268]: Invalid user aep from 128.199.211.110 Feb 9 06:08:44 srv-ubuntu-dev3 sshd[58268]: Failed password for invalid user aep from 128.199.211.110 port 34598 ssh2 Feb 9 06:11:57 srv-ubuntu-dev3 sshd[58744]: Invalid user wdb from 128.199.211.110 ...	2020-02-09 17:13:33
78.128.113.90	attackspambots	Feb 9 08:26:22 blackbee postfix/smtpd\[12122\]: warning: unknown\[78.128.113.90\]: SASL PLAIN authentication failed: authentication failure Feb 9 08:26:26 blackbee postfix/smtpd\[12122\]: warning: unknown\[78.128.113.90\]: SASL PLAIN authentication failed: authentication failure Feb 9 08:27:20 blackbee postfix/smtpd\[12122\]: warning: unknown\[78.128.113.90\]: SASL PLAIN authentication failed: authentication failure Feb 9 08:27:24 blackbee postfix/smtpd\[12122\]: warning: unknown\[78.128.113.90\]: SASL PLAIN authentication failed: authentication failure Feb 9 08:35:33 blackbee postfix/smtpd\[12132\]: warning: unknown\[78.128.113.90\]: SASL PLAIN authentication failed: authentication failure ...	2020-02-09 17:09:46
14.169.176.148	attackspambots	2020-02-0905:51:431j0eZK-0002B9-FR\<=verena@rs-solution.chH=$localhost$[14.248.255.133]:52810P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2171id=999C2A7972A6883BE7E2AB13E75189AD@rs-solution.chT="lonelinessisnothappy"forjeffmeister1@yahoo.com2020-02-0905:52:461j0eaL-0002DD-7y\<=verena@rs-solution.chH=$localhost$[113.172.86.129]:37971P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2066id=858036656EBA9427FBFEB70FFB55C5E4@rs-solution.chT="areyoulonelytoo\?"forjalilmub@icloud.com2020-02-0905:52:001j0eZb-0002C6-4W\<=verena@rs-solution.chH=$localhost$[113.163.82.118]:51209P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2204id=5F5AECBFB4604EFD21246DD52152E44D@rs-solution.chT="areyoulonelytoo\?"forzmajeedbawa@ail.com2020-02-0905:52:201j0eZv-0002Cd-JC\<=verena@rs-solution.chH=$localhost$[14.169.176.148]:60426P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=do	2020-02-09 17:19:52
138.197.145.26	attackbots	Fail2Ban - SSH Bruteforce Attempt	2020-02-09 17:02:38
89.216.18.234	attackbots	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-02-09 17:18:28
125.161.246.235	attack	firewall-block, port(s): 22/tcp, 8291/tcp, 8728/tcp	2020-02-09 17:17:36
175.4.220.81	attack	unauthorized connection attempt	2020-02-09 16:47:26

Recently Reported IPs

211.223.187.132	221.182.207.107	87.97.203.127	197.248.164.62
191.54.216.106	189.76.186.120	183.215.169.2	180.76.183.99
179.178.221.11	173.199.197.129	171.234.246.97	193.112.246.0
167.71.217.146	195.243.51.170	27.210.26.52	104.25.24.174
117.158.185.140	42.156.216.32	117.7.214.43	116.90.234.114