49.74.42.253 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Automatic report - Port Scan Attack	2019-07-15 19:38:32

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.74.42.253
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20834
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.74.42.253.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 15 19:38:27 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 253.42.74.49.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 253.42.74.49.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.192.230.28	attack	Chat Spam	2019-09-16 10:29:17
78.250.180.117	attackspambots	Sep 14 03:09:15 tamoto postfix/smtpd[27626]: connect from unknown[78.250.180.117] Sep 14 03:09:15 tamoto postfix/smtpd[27626]: warning: unknown[78.250.180.117]: SASL LOGIN authentication failed: authentication failure Sep 14 03:09:15 tamoto postfix/smtpd[27626]: lost connection after AUTH from unknown[78.250.180.117] Sep 14 03:09:15 tamoto postfix/smtpd[27626]: disconnect from unknown[78.250.180.117] Sep 14 03:09:15 tamoto postfix/smtpd[26338]: connect from unknown[78.250.180.117] Sep 14 03:09:15 tamoto postfix/smtpd[26338]: warning: unknown[78.250.180.117]: SASL LOGIN authentication failed: authentication failure Sep 14 03:09:15 tamoto postfix/smtpd[26338]: lost connection after AUTH from unknown[78.250.180.117] Sep 14 03:09:15 tamoto postfix/smtpd[26338]: disconnect from unknown[78.250.180.117] Sep 14 03:09:15 tamoto postfix/smtpd[29318]: connect from unknown[78.250.180.117] Sep 14 03:09:16 tamoto postfix/smtpd[29318]: warning: unknown[78.250.180.117]: SASL LOGIN auth........ -------------------------------	2019-09-16 10:09:42
222.186.42.163	attackspam	Sep 15 22:28:36 plusreed sshd[26506]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.163 user=root Sep 15 22:28:39 plusreed sshd[26506]: Failed password for root from 222.186.42.163 port 44996 ssh2 ...	2019-09-16 10:33:06
183.239.61.55	attackbotsspam	2019-09-14 12:42:41,168 fail2ban.actions [636]: NOTICE [sshd] Ban 183.239.61.55 2019-09-14 12:57:46,702 fail2ban.actions [636]: NOTICE [sshd] Ban 183.239.61.55 2019-09-14 13:10:43,157 fail2ban.actions [636]: NOTICE [sshd] Ban 183.239.61.55 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=183.239.61.55	2019-09-16 10:12:21
153.36.236.35	attackbotsspam	2019-09-16T02:26:39.014746abusebot-6.cloudsearch.cf sshd\[10366\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.236.35 user=root	2019-09-16 10:29:56
157.245.107.65	attackspambots	Sep 16 01:48:14 OPSO sshd\[5113\]: Invalid user pi from 157.245.107.65 port 44560 Sep 16 01:48:14 OPSO sshd\[5113\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.107.65 Sep 16 01:48:16 OPSO sshd\[5113\]: Failed password for invalid user pi from 157.245.107.65 port 44560 ssh2 Sep 16 01:52:36 OPSO sshd\[6204\]: Invalid user sean from 157.245.107.65 port 58276 Sep 16 01:52:36 OPSO sshd\[6204\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.107.65	2019-09-16 10:37:18
209.126.230.74	attack	Unauthorized SSH login attempts	2019-09-16 10:48:42
223.171.32.55	attack	ssh failed login	2019-09-16 10:31:45
40.87.143.29	attackbotsspam	(sshd) Failed SSH login from 40.87.143.29 (IE/Ireland/Leinster/Dublin/-/[AS8075 Microsoft Corporation]): 1 in the last 3600 secs	2019-09-16 10:58:22
153.36.242.143	attackbotsspam	Sep 15 16:32:09 php1 sshd\[28745\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.242.143 user=root Sep 15 16:32:11 php1 sshd\[28745\]: Failed password for root from 153.36.242.143 port 53832 ssh2 Sep 15 16:32:13 php1 sshd\[28745\]: Failed password for root from 153.36.242.143 port 53832 ssh2 Sep 15 16:32:32 php1 sshd\[28789\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.242.143 user=root Sep 15 16:32:34 php1 sshd\[28789\]: Failed password for root from 153.36.242.143 port 47847 ssh2	2019-09-16 10:52:36
222.186.173.119	attack	2019-09-16T04:39:54.171386centos sshd\[9664\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.119 user=root 2019-09-16T04:39:56.543856centos sshd\[9664\]: Failed password for root from 222.186.173.119 port 54485 ssh2 2019-09-16T04:39:58.816717centos sshd\[9664\]: Failed password for root from 222.186.173.119 port 54485 ssh2	2019-09-16 10:44:27
62.210.30.128	attack	k+ssh-bruteforce	2019-09-16 10:25:10
134.73.95.181	attackspam	Sep 14 03:44:36 mxgate1 postfix/postscreen[12397]: CONNECT from [134.73.95.181]:42452 to [176.31.12.44]:25 Sep 14 03:44:36 mxgate1 postfix/dnsblog[12402]: addr 134.73.95.181 listed by domain zen.spamhaus.org as 127.0.0.3 Sep 14 03:44:36 mxgate1 postfix/dnsblog[12398]: addr 134.73.95.181 listed by domain b.barracudacentral.org as 127.0.0.2 Sep 14 03:44:42 mxgate1 postfix/postscreen[12397]: DNSBL rank 3 for [134.73.95.181]:42452 Sep x@x Sep 14 03:44:43 mxgate1 postfix/postscreen[12397]: DISCONNECT [134.73.95.181]:42452 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=134.73.95.181	2019-09-16 10:37:51
113.64.127.72	attackbotsspam	" "	2019-09-16 10:57:53
185.53.88.70	attack	\[2019-09-15 22:24:34\] SECURITY\[20693\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-15T22:24:34.776-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011442038077034",SessionID="0x7f8a6c6094e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.70/52111",ACLName="no_extension_match" \[2019-09-15 22:25:41\] SECURITY\[20693\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-15T22:25:41.609-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011442038077034",SessionID="0x7f8a6c830888",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.70/49915",ACLName="no_extension_match" \[2019-09-15 22:26:53\] SECURITY\[20693\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-15T22:26:53.889-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011442038077034",SessionID="0x7f8a6c382e88",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.70/53428",ACLName="no_ex	2019-09-16 10:53:30

Recently Reported IPs

19.25.175.188	220.136.27.192	85.242.62.227	254.84.183.41
43.241.24.14	106.206.90.64	114.232.59.41	41.29.44.177
88.217.187.137	106.19.69.230	123.123.89.251	183.83.202.229
183.157.190.116	220.143.160.179	108.228.173.147	60.209.62.22
112.122.204.61	91.154.239.137	23.89.143.174	81.70.95.207