59.42.24.249 - IPInfo

Basic Info

City: Dongguan

Region: Guangdong

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	20 attempts against mh-ssh on tree	2020-07-01 07:09:56

Comments on same subnet:

IP	Type	Details	Datetime
59.42.24.55	attack	Honeypot attack, port: 445, PTR: 55.24.42.59.broad.gz.gd.dynamic.163data.com.cn.	2020-02-20 15:56:20
59.42.24.81	attackbots	Unauthorized connection attempt detected from IP address 59.42.24.81 to port 3306	2020-01-13 07:42:28
59.42.24.62	attackbotsspam	ET SCAN Suspicious inbound to mySQL port 3306 - port: 3306 proto: TCP cat: Potentially Bad Traffic	2019-12-11 05:53:57

Type

Details

Datetime

59.42.24.55

attack

Honeypot attack, port: 445, PTR: 55.24.42.59.broad.gz.gd.dynamic.163data.com.cn.

2020-02-20 15:56:20

59.42.24.81

attackbots

Unauthorized connection attempt detected from IP address 59.42.24.81 to port 3306

2020-01-13 07:42:28

59.42.24.62

attackbotsspam

ET SCAN Suspicious inbound to mySQL port 3306 - port: 3306 proto: TCP cat: Potentially Bad Traffic

2019-12-11 05:53:57

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 59.42.24.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8738
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;59.42.24.249.			IN	A

;; AUTHORITY SECTION:
.			343	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020063001 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 01 07:09:52 CST 2020
;; MSG SIZE  rcvd: 116

Host info

249.24.42.59.in-addr.arpa domain name pointer 249.24.42.59.broad.gz.gd.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
249.24.42.59.in-addr.arpa	name = 249.24.42.59.broad.gz.gd.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
61.42.1.206	attack	Unauthorized connection attempt from IP address 61.42.1.206 on Port 445(SMB)	2020-01-15 07:12:06
181.191.250.251	attackspambots	Unauthorized connection attempt from IP address 181.191.250.251 on Port 445(SMB)	2020-01-15 07:07:12
112.85.42.186	attackbots	Jan 15 04:27:38 areeb-Workstation sshd[5036]: Failed password for root from 112.85.42.186 port 64658 ssh2 Jan 15 04:27:40 areeb-Workstation sshd[5036]: Failed password for root from 112.85.42.186 port 64658 ssh2 ...	2020-01-15 07:14:42
213.14.216.175	attackspam	Unauthorized connection attempt from IP address 213.14.216.175 on Port 445(SMB)	2020-01-15 06:59:22
159.65.189.115	attackbots	Jan 14 21:13:33 124388 sshd[25443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.189.115 Jan 14 21:13:33 124388 sshd[25443]: Invalid user noc from 159.65.189.115 port 40198 Jan 14 21:13:35 124388 sshd[25443]: Failed password for invalid user noc from 159.65.189.115 port 40198 ssh2 Jan 14 21:15:20 124388 sshd[25447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.189.115 user=root Jan 14 21:15:23 124388 sshd[25447]: Failed password for root from 159.65.189.115 port 58626 ssh2	2020-01-15 07:15:45
91.134.141.89	attackbotsspam	Jan 14 23:54:48 mout sshd[4515]: Invalid user redis from 91.134.141.89 port 38922	2020-01-15 07:04:39
36.89.105.236	attackbotsspam	Unauthorized connection attempt from IP address 36.89.105.236 on Port 445(SMB)	2020-01-15 07:05:39
177.40.179.154	attack	Unauthorized connection attempt from IP address 177.40.179.154 on Port 445(SMB)	2020-01-15 07:14:12
109.69.4.139	attack	20/1/14@16:15:10: FAIL: Alarm-Network address from=109.69.4.139 20/1/14@16:15:10: FAIL: Alarm-Network address from=109.69.4.139 ...	2020-01-15 07:26:19
95.10.15.159	attackspambots	Unauthorized connection attempt from IP address 95.10.15.159 on Port 445(SMB)	2020-01-15 06:57:26
203.205.53.3	attack	Unauthorized connection attempt detected from IP address 203.205.53.3 to port 445	2020-01-15 07:08:42
211.103.193.66	attack	Jan 14 13:51:47 : SSH login attempts with invalid user	2020-01-15 07:13:46
77.40.65.79	attackbotsspam	Fail2Ban - SMTP Bruteforce Attempt	2020-01-15 07:11:37
218.76.65.100	attackbots	Jan 14 17:31:52 ny01 sshd[25734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.76.65.100 Jan 14 17:31:54 ny01 sshd[25734]: Failed password for invalid user sad from 218.76.65.100 port 9979 ssh2 Jan 14 17:38:54 ny01 sshd[26471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.76.65.100	2020-01-15 07:04:01
54.39.163.64	attack	Invalid user myftp from 54.39.163.64 port 33758	2020-01-15 07:25:23

Recently Reported IPs

1.152.70.48	163.14.54.4	76.24.44.12	138.197.135.199
119.117.188.247	86.227.111.122	32.75.49.22	189.161.176.177
221.189.242.44	174.219.28.207	195.195.13.243	107.82.140.22
117.84.149.113	176.26.53.65	98.230.118.17	195.166.148.200
79.143.236.153	179.227.255.80	197.224.6.109	197.245.135.234