42.55.2.41 - IPInfo

Basic Info

City: unknown

Region: Liaoning

Country: China

Internet Service Provider: China Unicom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.55.207.204	attackspambots	Unauthorised access (Jul 23) SRC=42.55.207.204 LEN=40 TTL=46 ID=52217 TCP DPT=23 WINDOW=64420 SYN Unauthorised access (Jul 23) SRC=42.55.207.204 LEN=40 TTL=46 ID=49837 TCP DPT=8080 WINDOW=33756 SYN Unauthorised access (Jul 22) SRC=42.55.207.204 LEN=40 TTL=46 ID=38346 TCP DPT=8080 WINDOW=53380 SYN Unauthorised access (Jul 22) SRC=42.55.207.204 LEN=40 TTL=46 ID=26975 TCP DPT=8080 WINDOW=33756 SYN Unauthorised access (Jul 22) SRC=42.55.207.204 LEN=40 TTL=46 ID=46163 TCP DPT=8080 WINDOW=53380 SYN Unauthorised access (Jul 21) SRC=42.55.207.204 LEN=40 TTL=46 ID=40291 TCP DPT=8080 WINDOW=53380 SYN Unauthorised access (Jul 21) SRC=42.55.207.204 LEN=40 TTL=46 ID=2856 TCP DPT=8080 WINDOW=53380 SYN	2020-07-23 19:58:42
42.55.20.21	attackspam	1587730166 - 04/24/2020 14:09:26 Host: 42.55.20.21/42.55.20.21 Port: 23 TCP Blocked	2020-04-24 21:20:49
42.55.218.107	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-30 23:17:58
42.55.246.227	attackspam	Connection by 42.55.246.227 on port: 23 got caught by honeypot at 12/3/2019 3:56:15 AM	2019-12-03 13:42:53
42.55.219.163	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/42.55.219.163/ CN - 1H : (682) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4837 IP : 42.55.219.163 CIDR : 42.52.0.0/14 PREFIX COUNT : 1262 UNIQUE IP COUNT : 56665856 ATTACKS DETECTED ASN4837 : 1H - 14 3H - 32 6H - 68 12H - 131 24H - 245 DateTime : 2019-11-17 07:22:04 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-11-17 20:27:30
42.55.216.173	attackspambots	8080/tcp [2019-10-28]1pkt	2019-10-28 14:11:34
42.55.213.215	attackspam	Seq 2995002506	2019-10-22 04:50:34
42.55.232.56	attack	Port Scan: TCP/52869	2019-09-01 14:00:14
42.55.216.11	attack	Seq 2995002506	2019-08-22 14:34:19
42.55.204.192	attackbots	52869/tcp [2019-07-30]1pkt	2019-07-31 00:04:24
42.55.240.76	attackbots	19/7/5@14:00:59: FAIL: IoT-Telnet address from=42.55.240.76 ...	2019-07-06 06:38:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.55.2.41
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7546
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.55.2.41.			IN	A

;; AUTHORITY SECTION:
.			202	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102301 1800 900 604800 86400

;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 24 03:29:01 CST 2019
;; MSG SIZE  rcvd: 114

Host info

Host 41.2.55.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 41.2.55.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.6.84.34	attack	Sep 12 10:52:06 root sshd[32329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.6.84.34 Sep 12 10:52:08 root sshd[32329]: Failed password for invalid user admin from 116.6.84.34 port 19799 ssh2 ...	2020-09-12 20:53:16
51.158.190.194	attackspambots	detected by Fail2Ban	2020-09-12 21:27:40
13.85.152.27	attackbotsspam	Sep 12 11:42:30 XXXXXX sshd[37506]: Invalid user ec2-user from 13.85.152.27 port 38212	2020-09-12 20:57:25
5.188.62.14	attackbots	SSH Bruteforce Attempt on Honeypot	2020-09-12 21:28:14
122.51.60.34	attackspam	Sep 11 18:58:38 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=122.51.60.34 DST=173.212.244.83 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=46082 DF PROTO=TCP SPT=52080 DPT=8080 WINDOW=29200 RES=0x00 SYN URGP=0 Sep 11 18:58:39 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=122.51.60.34 DST=173.212.244.83 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=42680 DF PROTO=TCP SPT=46246 DPT=1433 WINDOW=29200 RES=0x00 SYN URGP=0 Sep 11 18:58:40 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=122.51.60.34 DST=173.212.244.83 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=26658 DF PROTO=TCP SPT=33560 DPT=6379 WINDOW=29200 RES=0x00 SYN URGP=0 Sep 11 18:58:41 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=122.51.60.34 DST=173.212.244.83 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=30603 DF PROTO=TCP SPT=47802 DPT=7001 WINDOW=29200 RES=0x00 SYN URGP=0 Sep 11 18:58 ...	2020-09-12 20:54:22
102.44.152.167	attackbots	Threat Management Alert 1: Attempted Administrator Privilege Gain. Signature ET EXPLOIT MVPower DVR Shell UCE. From: 102.44.152.167:58383, to: 192.168.4.99:80, protocol: TCP	2020-09-12 20:47:54
178.128.226.2	attackbotsspam	TCP port : 6500	2020-09-12 21:11:16
139.198.191.217	attackbots	Sep 12 02:49:29 php1 sshd\[32318\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.191.217 user=root Sep 12 02:49:31 php1 sshd\[32318\]: Failed password for root from 139.198.191.217 port 55754 ssh2 Sep 12 02:55:16 php1 sshd\[32721\]: Invalid user oracle from 139.198.191.217 Sep 12 02:55:16 php1 sshd\[32721\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.191.217 Sep 12 02:55:18 php1 sshd\[32721\]: Failed password for invalid user oracle from 139.198.191.217 port 35872 ssh2	2020-09-12 21:04:08
112.230.81.221	attackspam	Sep 12 09:51:03 fhem-rasp sshd[7210]: Connection closed by 112.230.81.221 port 54904 [preauth] Sep 12 09:51:03 fhem-rasp sshd[7216]: Connection closed by 112.230.81.221 port 54910 [preauth] ...	2020-09-12 20:58:24
177.37.71.40	attackspambots	Sep 12 10:33:02 vps-51d81928 sshd[21112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.37.71.40 Sep 12 10:33:02 vps-51d81928 sshd[21112]: Invalid user wp-user from 177.37.71.40 port 33794 Sep 12 10:33:04 vps-51d81928 sshd[21112]: Failed password for invalid user wp-user from 177.37.71.40 port 33794 ssh2 Sep 12 10:36:29 vps-51d81928 sshd[21136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.37.71.40 user=root Sep 12 10:36:31 vps-51d81928 sshd[21136]: Failed password for root from 177.37.71.40 port 57261 ssh2 ...	2020-09-12 21:11:41
103.145.13.212	attack	NL NL/Netherlands/- Hits: 11	2020-09-12 21:10:47
200.159.63.178	attackspambots	Sep 12 11:18:45 *** sshd[30017]: User root from 200.159.63.178 not allowed because not listed in AllowUsers	2020-09-12 21:21:07
188.6.172.38	attackspam	Bruteforce detected by fail2ban	2020-09-12 21:06:16
201.48.115.236	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-12 21:07:06
45.135.134.39	attackbots	Sep 12 01:07:37 doubuntu sshd[25088]: error: maximum authentication attempts exceeded for root from 45.135.134.39 port 59086 ssh2 [preauth] Sep 12 01:07:40 doubuntu sshd[25090]: error: maximum authentication attempts exceeded for root from 45.135.134.39 port 60304 ssh2 [preauth] Sep 12 01:07:43 doubuntu sshd[25092]: Disconnected from authenticating user root 45.135.134.39 port 33290 [preauth] ...	2020-09-12 21:17:54

Recently Reported IPs

65.69.46.118	125.89.244.235	36.16.178.76	116.85.35.126
209.112.204.171	114.32.157.225	56.230.43.191	170.0.131.101
219.231.1.201	143.93.189.72	128.231.176.199	189.189.216.95
36.201.74.246	136.35.179.18	188.115.30.29	101.224.229.133
72.159.41.214	103.16.108.96	175.44.186.203	73.102.246.88