42.5.106.138 - IPInfo

Basic Info

City: Liaoyang

Region: Liaoning

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.5.106.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27227
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.5.106.138.			IN	A

;; AUTHORITY SECTION:
.			508	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110200 1800 900 604800 86400

;; Query time: 197 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 02 23:39:05 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 138.106.5.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.106.5.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.45.97.74	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-13 17:25:54
79.104.45.218	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-13 17:49:09
192.241.185.193	attack	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-13 17:49:54
74.59.140.138	attackspambots	Childish website spammer IDIOT!~ Coward acts tough because he hides like a child Hopefully this programmer finds coronavirus soon...LOL!	2020-04-13 17:18:28
120.224.7.195	attackbots	Lines containing failures of 120.224.7.195 Apr 13 00:35:36 shared01 sshd[28709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.224.7.195 user=backup Apr 13 00:35:37 shared01 sshd[28709]: Failed password for backup from 120.224.7.195 port 44590 ssh2 Apr 13 00:35:38 shared01 sshd[28709]: Received disconnect from 120.224.7.195 port 44590:11: Bye Bye [preauth] Apr 13 00:35:38 shared01 sshd[28709]: Disconnected from authenticating user backup 120.224.7.195 port 44590 [preauth] Apr 13 00:41:26 shared01 sshd[30617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.224.7.195 user=r.r Apr 13 00:41:28 shared01 sshd[30617]: Failed password for r.r from 120.224.7.195 port 38922 ssh2 Apr 13 00:41:28 shared01 sshd[30617]: Received disconnect from 120.224.7.195 port 38922:11: Bye Bye [preauth] Apr 13 00:41:28 shared01 sshd[30617]: Disconnected from authenticating user r.r 120.224.7.195 port 38922........ ------------------------------	2020-04-13 17:39:08
113.161.227.9	attack	Unauthorized connection attempt from IP address 113.161.227.9 on Port 445(SMB)	2020-04-13 17:46:33
42.112.233.112	attack	Unauthorized connection attempt from IP address 42.112.233.112 on Port 445(SMB)	2020-04-13 17:34:09
158.174.29.58	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-13 17:48:11
117.4.114.183	attack	Honeypot attack, port: 445, PTR: localhost.	2020-04-13 17:26:14
222.186.175.167	attack	Apr 13 09:27:51 sshgateway sshd\[8248\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.167 user=root Apr 13 09:27:53 sshgateway sshd\[8248\]: Failed password for root from 222.186.175.167 port 46638 ssh2 Apr 13 09:28:03 sshgateway sshd\[8248\]: Failed password for root from 222.186.175.167 port 46638 ssh2	2020-04-13 17:28:28
115.74.225.130	attackbots	Unauthorized connection attempt from IP address 115.74.225.130 on Port 445(SMB)	2020-04-13 17:17:51
159.192.186.235	attackspambots	Unauthorized connection attempt from IP address 159.192.186.235 on Port 445(SMB)	2020-04-13 17:21:32
198.154.112.83	attackbots	[MonApr1310:45:34.0695712020][:error][pid29015:tid47428147746560][client198.154.112.83:44112][client198.154.112.83]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(wp-\)\?config\\\\\\\\.\(php\)\?\\\\\\\\.\(\?:bac\?k\\|o\(\?:ld\\|rig\)\\|copy\\|tmp\\|s\(\?:ave\\|wp\)\\|vim\?\\\\\\\\.\\|~\)"atREQUEST_FILENAME.[file"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf"][line"1254"][id"390597"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-DataLeakage-attempttoaccessbackupsystem/applicationconfigfile\(disablethisruleonlyifyouwanttoallowanyoneaccesstothesebackupfiles\)"][severity"CRITICAL"][hostname"ponzellini.ch"][uri"/.wp-config.php.swp"][unique_id"XpQmrs3bZXiJ1dsfYdtuSgAAAMQ"][MonApr1310:45:35.0552772020][:error][pid28880:tid47428175062784][client198.154.112.83:44542][client198.154.112.83]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\\\\\\\\.php"atARGS:img.[file"/etc/apache2/conf.d/modsec_rules/99_asl_jitp.conf"][line"803"][id"337479"][rev"2"][msg"Atomicorp.comWA	2020-04-13 17:25:08
198.108.66.219	attack	Honeypot attack, port: 81, PTR: worker-13.sfj.corp.censys.io.	2020-04-13 17:15:59
222.186.180.223	attack	Apr1310:56:51server6sshd[16497]:refusedconnectfrom222.186.180.223\(222.186.180.223\)Apr1310:56:52server6sshd[16499]:refusedconnectfrom222.186.180.223\(222.186.180.223\)Apr1310:56:52server6sshd[16500]:refusedconnectfrom222.186.180.223\(222.186.180.223\)Apr1310:56:57server6sshd[16511]:refusedconnectfrom222.186.180.223\(222.186.180.223\)Apr1311:24:55server6sshd[20812]:refusedconnectfrom222.186.180.223\(222.186.180.223\)	2020-04-13 17:27:46

Recently Reported IPs

167.112.155.58	125.47.63.80	202.166.143.64	142.86.107.238
77.85.192.43	145.44.104.47	181.22.251.91	30.118.80.64
101.159.201.207	14.215.51.74	12.188.75.74	193.129.160.239
29.25.206.226	81.169.141.162	32.238.29.172	157.7.17.48
128.134.178.2	121.115.122.249	73.98.17.241	235.160.10.33