42.3.20.248 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Honeypot attack, port: 5555, PTR: 42-3-20-248.static.netvigator.com.	2020-01-19 23:04:43

Comments on same subnet:

IP	Type	Details	Datetime
42.3.200.213	attackspambots	Honeypot attack, port: 5555, PTR: 42-3-200-213.static.netvigator.com.	2020-03-03 18:03:54
42.3.201.88	attackbotsspam	Honeypot attack, port: 5555, PTR: 42-3-201-088.static.netvigator.com.	2020-01-26 01:12:23

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.3.20.248
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29988
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.3.20.248.			IN	A

;; AUTHORITY SECTION:
.			173	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011900 1800 900 604800 86400

;; Query time: 139 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 19 23:04:40 CST 2020
;; MSG SIZE  rcvd: 115

Host info

248.20.3.42.in-addr.arpa domain name pointer 42-3-20-248.static.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
248.20.3.42.in-addr.arpa	name = 42-3-20-248.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.147.215.14	attackbotsspam	[2020-04-06 12:02:26] NOTICE[12114] chan_sip.c: Registration from '' failed for '185.147.215.14:55895' - Wrong password [2020-04-06 12:02:26] SECURITY[12128] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-04-06T12:02:26.486-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="52176",SessionID="0x7f020c088288",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.14/55895",Challenge="2b35bf42",ReceivedChallenge="2b35bf42",ReceivedHash="af24ce35cc1024b0f3350364ccc72d53" [2020-04-06 12:05:54] NOTICE[12114] chan_sip.c: Registration from '' failed for '185.147.215.14:61823' - Wrong password [2020-04-06 12:05:54] SECURITY[12128] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-04-06T12:05:54.729-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="47205",SessionID="0x7f020c04b958",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/18 ...	2020-04-07 00:32:22
91.191.232.30	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-06 23:44:49
95.87.37.103	attack	4567/tcp [2020-04-06]1pkt	2020-04-06 23:44:06
180.183.251.242	attackspambots	failed_logins	2020-04-06 23:38:15
195.254.176.143	attackbots	Apr 6 17:37:12 wordpress wordpress(blog.ruhnke.cloud)[10608]: Blocked authentication attempt for admin from ::ffff:195.254.176.143	2020-04-06 23:47:37
157.41.145.20	attackspam	445/tcp [2020-04-06]1pkt	2020-04-07 00:35:10
66.249.75.95	attack	Automatic report - Banned IP Access	2020-04-06 23:45:25
46.41.134.48	attackspambots	Apr 6 18:09:00 legacy sshd[23909]: Failed password for root from 46.41.134.48 port 58268 ssh2 Apr 6 18:12:51 legacy sshd[24037]: Failed password for root from 46.41.134.48 port 60258 ssh2 ...	2020-04-07 00:30:12
77.42.78.173	attackspam	23/tcp [2020-04-06]1pkt	2020-04-07 00:29:44
200.195.174.228	attackspambots	Apr 6 03:21:58 php1 sshd\[23085\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.195.174.228 user=root Apr 6 03:21:59 php1 sshd\[23085\]: Failed password for root from 200.195.174.228 port 41910 ssh2 Apr 6 03:26:46 php1 sshd\[23465\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.195.174.228 user=root Apr 6 03:26:48 php1 sshd\[23465\]: Failed password for root from 200.195.174.228 port 53892 ssh2 Apr 6 03:31:31 php1 sshd\[23854\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.195.174.228 user=root	2020-04-06 23:30:13
94.102.56.215	attackbotsspam	94.102.56.215 was recorded 21 times by 12 hosts attempting to connect to the following ports: 40954,41007,40947. Incident counter (4h, 24h, all-time): 21, 118, 10159	2020-04-07 00:33:13
220.160.111.78	attackbots	Apr 6 17:33:02 v22019038103785759 sshd\[7570\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.160.111.78 user=root Apr 6 17:33:04 v22019038103785759 sshd\[7570\]: Failed password for root from 220.160.111.78 port 4023 ssh2 Apr 6 17:34:57 v22019038103785759 sshd\[7683\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.160.111.78 user=root Apr 6 17:34:59 v22019038103785759 sshd\[7683\]: Failed password for root from 220.160.111.78 port 4024 ssh2 Apr 6 17:36:43 v22019038103785759 sshd\[7815\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.160.111.78 user=root ...	2020-04-07 00:33:41
77.39.9.254	attack	Honeypot attack, port: 445, PTR: host-77-39-9-254.stavropol.ru.	2020-04-07 00:07:18
104.248.45.204	attackbots	Brute force attempt	2020-04-07 00:06:54
213.251.41.225	attackspambots	Apr 6 13:20:53 IngegnereFirenze sshd[6868]: User root from 213.251.41.225 not allowed because not listed in AllowUsers ...	2020-04-06 23:26:25

Recently Reported IPs

154.58.6.105	67.198.73.159	226.199.18.115	116.48.22.18
102.120.156.194	58.12.78.109	60.69.7.107	60.48.73.201
190.100.3.142	92.55.84.18	127.19.158.3	201.108.133.169
222.254.27.212	180.175.193.129	61.0.122.139	252.96.134.156
221.13.203.109	224.181.62.68	114.46.126.238	117.200.58.93