42.48.137.58 - IPInfo

Basic Info

City: Chenzhou

Region: Hunan

Country: China

Internet Service Provider: China Unicom Hunan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorized connection attempt detected from IP address 42.48.137.58 to port 5555 [T]	2020-01-17 08:11:05

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.48.137.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52388
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.48.137.58.			IN	A

;; AUTHORITY SECTION:
.			226	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011602 1800 900 604800 86400

;; Query time: 198 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 17 08:11:01 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 58.137.48.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 58.137.48.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.84.251.62	attackspam	Helo	2019-08-08 04:22:20
103.121.195.4	attackbotsspam	Aug 7 21:48:22 * sshd[32105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.121.195.4 Aug 7 21:48:25 * sshd[32105]: Failed password for invalid user matt from 103.121.195.4 port 44118 ssh2	2019-08-08 04:48:12
170.130.187.30	attack	Automatic report - Port Scan Attack	2019-08-08 04:46:50
46.45.143.35	attackspambots	WordPress wp-login brute force :: 46.45.143.35 0.048 BYPASS [08/Aug/2019:03:40:46 1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-08-08 04:42:33
106.12.28.203	attackspam	Aug 7 22:49:11 eventyay sshd[13296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.28.203 Aug 7 22:49:13 eventyay sshd[13296]: Failed password for invalid user ipul from 106.12.28.203 port 47898 ssh2 Aug 7 22:51:59 eventyay sshd[13833]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.28.203 ...	2019-08-08 05:05:52
131.100.77.18	attackbotsspam	Brute force attack to crack SMTP password (port 25 / 587)	2019-08-08 05:12:28
179.33.137.117	attack	Aug 7 20:49:19 MK-Soft-VM3 sshd\[27398\]: Invalid user comercial from 179.33.137.117 port 45186 Aug 7 20:49:19 MK-Soft-VM3 sshd\[27398\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.33.137.117 Aug 7 20:49:21 MK-Soft-VM3 sshd\[27398\]: Failed password for invalid user comercial from 179.33.137.117 port 45186 ssh2 ...	2019-08-08 05:02:09
77.40.61.94	attackbots	IP: 77.40.61.94 ASN: AS12389 Rostelecom Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 7/08/2019 8:22:09 PM UTC	2019-08-08 04:25:05
162.243.61.72	attack	Aug 7 22:37:29 dedicated sshd[20770]: Invalid user chris from 162.243.61.72 port 39598	2019-08-08 04:44:13
185.223.161.80	attack	Ein möglicherweise gefährlicher Request.Form-Wert wurde vom Client (mp$ContentZone$TxtMessage="	2019-08-08 05:11:27
173.245.239.249	attackbots	(imapd) Failed IMAP login from 173.245.239.249 (US/United States/-): 1 in the last 3600 secs	2019-08-08 05:04:27
23.129.64.167	attackspambots	Aug 7 13:41:46 ast sshd[30338]: error: PAM: Authentication failure for root from 23.129.64.167 Aug 7 13:41:50 ast sshd[30338]: error: PAM: Authentication failure for root from 23.129.64.167 Aug 7 13:41:46 ast sshd[30338]: error: PAM: Authentication failure for root from 23.129.64.167 Aug 7 13:41:50 ast sshd[30338]: error: PAM: Authentication failure for root from 23.129.64.167 Aug 7 13:41:46 ast sshd[30338]: error: PAM: Authentication failure for root from 23.129.64.167 Aug 7 13:41:50 ast sshd[30338]: error: PAM: Authentication failure for root from 23.129.64.167 Aug 7 13:41:54 ast sshd[30338]: error: PAM: Authentication failure for root from 23.129.64.167 ...	2019-08-08 04:23:07
209.141.52.141	attack	Aug 7 17:41:13 *** sshd[27021]: Invalid user sales from 209.141.52.141	2019-08-08 04:28:13
66.249.64.11	attack	\[Wed Aug 07 19:41:39.566588 2019\] \[access_compat:error\] \[pid 3263:tid 139662966335232\] \[client 66.249.64.11:43296\] AH01797: client denied by server configuration: /var/www/lug/xmlrpc.php ...	2019-08-08 04:21:39
110.93.219.92	attack	firewall-block, port(s): 445/tcp	2019-08-08 05:05:35

Recently Reported IPs

60.87.172.129	176.164.155.139	105.8.196.135	105.199.2.224
221.180.206.82	220.170.199.140	218.249.40.226	77.67.1.41
210.22.123.122	108.6.144.121	181.19.182.250	60.174.152.143
183.81.103.191	136.150.71.230	183.80.89.145	98.246.102.232
182.138.163.126	3.60.80.103	182.121.96.233	39.12.160.183