49.69.240.242 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	unauthorized connection attempt	2020-01-28 17:46:58

Comments on same subnet:

IP	Type	Details	Datetime
49.69.240.114	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 14:12:01
49.69.240.218	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 14:10:34
49.69.240.222	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 14:08:31
49.69.240.240	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 14:05:14
49.69.240.44	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 14:01:27
49.69.240.72	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 13:58:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.69.240.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55992
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.69.240.242.			IN	A

;; AUTHORITY SECTION:
.			491	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012800 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 28 17:46:48 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 242.240.69.49.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 242.240.69.49.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.118.161.9	attack	Honeypot attack, port: 139, PTR: 92.118.161.9.netsystemsresearch.com.	2020-05-24 17:58:08
213.92.204.175	attack	24-5-2020 05:36:39 Unauthorized connection attempt (Brute-Force). 24-5-2020 05:36:39 Connection from IP address: 213.92.204.175 on port: 587 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=213.92.204.175	2020-05-24 18:21:57
142.93.212.213	attackspam	May 24 00:04:16 web1 sshd\[3985\]: Invalid user xuxy from 142.93.212.213 May 24 00:04:16 web1 sshd\[3985\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.212.213 May 24 00:04:18 web1 sshd\[3985\]: Failed password for invalid user xuxy from 142.93.212.213 port 52108 ssh2 May 24 00:08:31 web1 sshd\[4547\]: Invalid user rpc from 142.93.212.213 May 24 00:08:31 web1 sshd\[4547\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.212.213	2020-05-24 18:17:14
52.163.228.12	attack	May 24 08:19:21 XXX sshd[43024]: Invalid user oyt from 52.163.228.12 port 54690	2020-05-24 18:33:12
122.51.60.39	attackbots	SSH brute-force: detected 20 distinct usernames within a 24-hour window.	2020-05-24 18:29:05
185.216.215.4	attackbotsspam	TCP (SYN) 185.216.215.4:45352 -> port 23, len 44	2020-05-24 18:34:22
211.210.217.192	attackspambots	May 24 05:47:20 debian-2gb-nbg1-2 kernel: \[12550849.950156\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=211.210.217.192 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=22659 PROTO=TCP SPT=29571 DPT=23 WINDOW=15299 RES=0x00 SYN URGP=0	2020-05-24 18:05:46
125.212.203.113	attackspambots	May 24 07:01:31 ws12vmsma01 sshd[64719]: Invalid user zhangwj from 125.212.203.113 May 24 07:01:33 ws12vmsma01 sshd[64719]: Failed password for invalid user zhangwj from 125.212.203.113 port 49738 ssh2 May 24 07:06:57 ws12vmsma01 sshd[65429]: Invalid user puz from 125.212.203.113 ...	2020-05-24 18:09:34
45.254.26.19	attack	2020-05-23 UTC: (9x) - 1234(2x),admin,guest,root(3x),super,telnet	2020-05-24 18:17:28
177.152.124.23	attackbots	May 24 09:37:06 ns3033917 sshd[26952]: Invalid user nnb from 177.152.124.23 port 42262 May 24 09:37:08 ns3033917 sshd[26952]: Failed password for invalid user nnb from 177.152.124.23 port 42262 ssh2 May 24 09:51:02 ns3033917 sshd[27101]: Invalid user uut from 177.152.124.23 port 53880 ...	2020-05-24 18:35:55
223.197.151.55	attackbots	Invalid user sms from 223.197.151.55 port 36890	2020-05-24 18:03:39
1.71.140.71	attack	May 24 08:04:00 legacy sshd[23905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.71.140.71 May 24 08:04:02 legacy sshd[23905]: Failed password for invalid user qwk from 1.71.140.71 port 59326 ssh2 May 24 08:06:44 legacy sshd[24017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.71.140.71 ...	2020-05-24 18:28:41
181.143.228.170	attack	Failed password for invalid user nhx from 181.143.228.170 port 49280 ssh2	2020-05-24 18:11:21
117.158.175.167	attack	Invalid user qry from 117.158.175.167 port 48018	2020-05-24 18:30:15
41.44.73.92	attackspam	DATE:2020-05-24 05:46:55, IP:41.44.73.92, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2020-05-24 18:23:12

Recently Reported IPs

61.218.134.110	42.118.253.173	41.36.234.230	36.72.212.32
27.200.93.105	27.105.56.54	1.54.168.166	210.186.158.166
203.218.14.53	189.236.201.91	187.163.118.161	186.211.130.34
150.107.20.239	103.93.107.116	70.105.222.173	205.111.130.49
61.76.26.64	244.91.207.188	223.68.47.86	220.87.81.99