42.55.48.118 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Unicom Liaoning Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorised access (Oct 17) SRC=42.55.48.118 LEN=40 TTL=49 ID=62394 TCP DPT=8080 WINDOW=53292 SYN Unauthorised access (Oct 17) SRC=42.55.48.118 LEN=40 TTL=49 ID=25822 TCP DPT=8080 WINDOW=62988 SYN Unauthorised access (Oct 15) SRC=42.55.48.118 LEN=40 TTL=49 ID=63475 TCP DPT=8080 WINDOW=62988 SYN	2019-10-18 06:11:59

Type

Details

Datetime

attack

Unauthorised access (Oct 17) SRC=42.55.48.118 LEN=40 TTL=49 ID=62394 TCP DPT=8080 WINDOW=53292 SYN 
Unauthorised access (Oct 17) SRC=42.55.48.118 LEN=40 TTL=49 ID=25822 TCP DPT=8080 WINDOW=62988 SYN 
Unauthorised access (Oct 15) SRC=42.55.48.118 LEN=40 TTL=49 ID=63475 TCP DPT=8080 WINDOW=62988 SYN

2019-10-18 06:11:59

Comments on same subnet:

IP	Type	Details	Datetime
42.55.48.205	attackbots	Honeypot attack, port: 23, PTR: PTR record not found	2019-08-07 02:19:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.55.48.118
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2446
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.55.48.118.			IN	A

;; AUTHORITY SECTION:
.			288	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101700 1800 900 604800 86400

;; Query time: 114 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 18 06:11:56 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 118.48.55.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 118.48.55.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
189.125.2.234	attack	Invalid user park from 189.125.2.234 port 52264	2019-08-30 07:42:19
221.162.255.82	attackbotsspam	$f2bV_matches	2019-08-30 07:14:06
51.68.138.143	attack	Aug 30 00:53:40 meumeu sshd[23958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.138.143 Aug 30 00:53:42 meumeu sshd[23958]: Failed password for invalid user corrie from 51.68.138.143 port 47497 ssh2 Aug 30 00:57:32 meumeu sshd[24433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.138.143 ...	2019-08-30 07:02:07
106.12.16.140	attack	2019-08-29T20:26:27.020502abusebot-4.cloudsearch.cf sshd\[24859\]: Invalid user jonathan from 106.12.16.140 port 59886	2019-08-30 07:08:07
104.140.188.22	attackbots	29.08.2019 20:29:12 Connection to port 5900 blocked by firewall	2019-08-30 07:44:16
58.213.166.140	attack	Aug 29 18:46:09 xtremcommunity sshd\[22562\]: Invalid user isk from 58.213.166.140 port 55128 Aug 29 18:46:09 xtremcommunity sshd\[22562\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.213.166.140 Aug 29 18:46:11 xtremcommunity sshd\[22562\]: Failed password for invalid user isk from 58.213.166.140 port 55128 ssh2 Aug 29 18:50:10 xtremcommunity sshd\[22677\]: Invalid user user from 58.213.166.140 port 54846 Aug 29 18:50:10 xtremcommunity sshd\[22677\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.213.166.140 ...	2019-08-30 07:00:29
59.126.66.75	attackbots	(mod_security) mod_security (id:230011) triggered by 59.126.66.75 (TW/Taiwan/59-126-66-75.HINET-IP.hinet.net): 5 in the last 3600 secs	2019-08-30 07:24:45
190.191.194.9	attack	Aug 29 12:44:48 web1 sshd\[30971\]: Invalid user tdas from 190.191.194.9 Aug 29 12:44:48 web1 sshd\[30971\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.191.194.9 Aug 29 12:44:50 web1 sshd\[30971\]: Failed password for invalid user tdas from 190.191.194.9 port 34812 ssh2 Aug 29 12:50:10 web1 sshd\[31443\]: Invalid user daniel from 190.191.194.9 Aug 29 12:50:10 web1 sshd\[31443\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.191.194.9	2019-08-30 07:02:56
118.163.181.157	attack	Aug 29 12:10:21 aiointranet sshd\[24762\]: Invalid user ralph from 118.163.181.157 Aug 29 12:10:21 aiointranet sshd\[24762\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118-163-181-157.hinet-ip.hinet.net Aug 29 12:10:23 aiointranet sshd\[24762\]: Failed password for invalid user ralph from 118.163.181.157 port 39466 ssh2 Aug 29 12:15:04 aiointranet sshd\[25167\]: Invalid user ayub from 118.163.181.157 Aug 29 12:15:04 aiointranet sshd\[25167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118-163-181-157.hinet-ip.hinet.net	2019-08-30 07:43:28
151.80.41.64	attackspambots	Aug 29 23:13:15 dedicated sshd[18921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.41.64 user=root Aug 29 23:13:17 dedicated sshd[18921]: Failed password for root from 151.80.41.64 port 60750 ssh2	2019-08-30 07:17:37
222.214.238.73	attackspambots	Autoban 222.214.238.73 ABORTED AUTH	2019-08-30 07:34:33
80.91.176.139	attackspam	SSH Brute-Forcing (ownc)	2019-08-30 07:39:04
60.250.23.105	attackbots	Aug 30 01:44:05 dedicated sshd[5197]: Invalid user noc from 60.250.23.105 port 52050	2019-08-30 07:46:15
60.223.85.74	attackbots	8080/tcp [2019-08-29]1pkt	2019-08-30 07:35:19
60.183.225.246	attack	Fail2Ban - SSH Bruteforce Attempt	2019-08-30 07:39:33

Recently Reported IPs

201.184.40.194	191.232.51.23	201.184.39.104	49.89.103.24
2.141.66.247	43.82.5.94	81.178.133.172	54.91.71.153
62.74.0.75	14.176.80.221	238.240.179.184	236.29.34.40
202.144.63.93	67.13.223.192	149.85.115.144	152.139.229.203
156.214.49.19	195.147.16.57	212.55.185.45	178.242.57.245