42.48.79.122 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.48.79.31	attack	03/11/2020-06:42:34.082492 42.48.79.31 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-03-12 00:30:13

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.48.79.122
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56781
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.48.79.122.			IN	A

;; AUTHORITY SECTION:
.			194	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021202 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 11:20:50 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 122.79.48.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 122.79.48.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
180.178.129.58	attackbotsspam	Unauthorized connection attempt from IP address 180.178.129.58 on Port 445(SMB)	2020-10-09 06:40:29
142.44.146.33	attackbotsspam	Oct 8 21:08:27 scw-tender-jepsen sshd[30031]: Failed password for root from 142.44.146.33 port 47124 ssh2	2020-10-09 06:50:40
221.157.34.54	attackbotsspam	Oct 7 22:44:55 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=221.157.34.54 DST=77.73.69.240 LEN=58 TOS=0x00 PREC=0x00 TTL=117 ID=57237 PROTO=UDP SPT=28461 DPT=19273 LEN=38 Oct 7 22:44:55 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=221.157.34.54 DST=77.73.69.240 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=57238 PROTO=UDP SPT=28461 DPT=19273 LEN=28 Oct 7 22:44:59 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=221.157.34.54 DST=77.73.69.240 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=57239 PROTO=UDP SPT=28461 DPT=19273 LEN=28 Oct 7 22:45:05 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=221.157.34.54 DST=77.73.69.240 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=57240 PROTO=UDP SPT=28461 DPT=19273 LEN=28 Oct 7 22:45:17 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=221.157.34.54 DST=77. ...	2020-10-09 06:51:12
103.147.10.222	attackbots	103.147.10.222 - - [08/Oct/2020:23:12:41 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 2417 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.147.10.222 - - [08/Oct/2020:23:12:45 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 2480 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.147.10.222 - - [08/Oct/2020:23:12:47 +0100] "POST /wp/xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-09 06:58:48
182.74.58.62	attackbotsspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-10-09 06:41:44
45.148.124.199	attackbots	C1,Magento Bruteforce Login Attack POST /index.php/admin/	2020-10-09 06:36:33
172.81.208.125	attack	Oct 8 20:58:08 ms-srv sshd[13673]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.208.125 user=root Oct 8 20:58:10 ms-srv sshd[13673]: Failed password for invalid user root from 172.81.208.125 port 52720 ssh2	2020-10-09 06:49:04
195.70.59.121	attackbotsspam	Oct 9 00:55:56 s1 sshd\[29854\]: User root from 195.70.59.121 not allowed because not listed in AllowUsers Oct 9 00:55:56 s1 sshd\[29854\]: Failed password for invalid user root from 195.70.59.121 port 40270 ssh2 Oct 9 00:59:17 s1 sshd\[30028\]: Invalid user asterisk from 195.70.59.121 port 50260 Oct 9 00:59:17 s1 sshd\[30028\]: Failed password for invalid user asterisk from 195.70.59.121 port 50260 ssh2 Oct 9 01:02:36 s1 sshd\[31958\]: Invalid user bill from 195.70.59.121 port 33264 Oct 9 01:02:36 s1 sshd\[31958\]: Failed password for invalid user bill from 195.70.59.121 port 33264 ssh2 ...	2020-10-09 07:11:11
187.198.62.132	attackspam	Unauthorized connection attempt from IP address 187.198.62.132 on Port 445(SMB)	2020-10-09 06:37:24
185.220.102.252	attackbotsspam	Bruteforce detected by fail2ban	2020-10-09 07:07:23
201.71.159.248	attackbots	Unauthorized connection attempt from IP address 201.71.159.248 on Port 445(SMB)	2020-10-09 06:36:09
84.86.117.79	attackspambots	2020-10-07T20:45:26.906883abusebot-5.cloudsearch.cf sshd[15339]: Invalid user admin from 84.86.117.79 port 51095 2020-10-07T20:45:26.920814abusebot-5.cloudsearch.cf sshd[15339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=84-86-117-79.fixed.kpn.net 2020-10-07T20:45:26.906883abusebot-5.cloudsearch.cf sshd[15339]: Invalid user admin from 84.86.117.79 port 51095 2020-10-07T20:45:29.100078abusebot-5.cloudsearch.cf sshd[15339]: Failed password for invalid user admin from 84.86.117.79 port 51095 ssh2 2020-10-07T20:45:29.366337abusebot-5.cloudsearch.cf sshd[15341]: Invalid user admin from 84.86.117.79 port 51137 2020-10-07T20:45:29.383648abusebot-5.cloudsearch.cf sshd[15341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=84-86-117-79.fixed.kpn.net 2020-10-07T20:45:29.366337abusebot-5.cloudsearch.cf sshd[15341]: Invalid user admin from 84.86.117.79 port 51137 2020-10-07T20:45:31.315050abusebot-5.cloudsearch.c ...	2020-10-09 06:42:42
49.233.145.188	attack	Oct 8 23:41:16 haigwepa sshd[29573]: Failed password for root from 49.233.145.188 port 34910 ssh2 ...	2020-10-09 06:52:06
165.227.114.134	attack	Oct 8 18:28:43 Tower sshd[37024]: Connection from 165.227.114.134 port 54242 on 192.168.10.220 port 22 rdomain "" Oct 8 18:28:44 Tower sshd[37024]: Failed password for root from 165.227.114.134 port 54242 ssh2 Oct 8 18:28:44 Tower sshd[37024]: Received disconnect from 165.227.114.134 port 54242:11: Bye Bye [preauth] Oct 8 18:28:44 Tower sshd[37024]: Disconnected from authenticating user root 165.227.114.134 port 54242 [preauth]	2020-10-09 07:08:52
156.206.223.16	attack	Icarus honeypot on github	2020-10-09 07:00:42

Recently Reported IPs

42.48.79.137	189.9.158.56	42.48.78.47	42.49.221.208
42.48.79.79	42.48.79.163	42.48.79.24	42.48.79.200
42.48.79.173	42.55.147.202	42.60.81.146	42.52.251.47
42.82.224.67	42.87.204.241	42.53.130.165	42.85.50.0
42.82.224.68	42.94.101.171	42.93.138.216	42.95.223.117