59.42.255.159 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Jiaochangdonglu49Haofuyingzewanczuo

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-02 01:10:06
attackbotsspam	Unauthorized connection attempt detected from IP address 59.42.255.159 to port 1433 [J]	2020-02-02 09:14:24
attack	Unauthorized connection attempt detected from IP address 59.42.255.159 to port 445 [T]	2020-01-20 23:33:29
attackspam	445/tcp 445/tcp 445/tcp... [2019-06-06/08-06]10pkt,1pt.(tcp)	2019-08-07 09:28:47

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 59.42.255.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27734
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;59.42.255.159.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080602 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 07 09:28:41 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 159.255.42.59.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 159.255.42.59.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
189.30.231.156	attackspam	Automatic report - XMLRPC Attack	2020-06-06 19:49:04
113.247.138.250	attackbots	prod6 ...	2020-06-06 19:54:44
96.125.164.246	attack	Jun 6 13:47:38 srv2 sshd\[14478\]: Invalid user 91.238.176.131 from 96.125.164.246 port 56228 Jun 6 13:50:20 srv2 sshd\[14522\]: Invalid user 91.149.48.102 from 96.125.164.246 port 57140 Jun 6 13:53:02 srv2 sshd\[14554\]: Invalid user 91.146.100.98 from 96.125.164.246 port 55856	2020-06-06 20:04:52
106.4.166.36	attackspam	Brute force blocker - service: proftpd1 - aantal: 155 - Fri Mar 9 21:55:14 2018	2020-06-06 19:46:12
173.201.196.184	attack	Automatic report - XMLRPC Attack	2020-06-06 19:56:54
220.178.31.90	attackbots	Jun 6 05:40:09 server1 sshd\[21637\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.178.31.90 user=root Jun 6 05:40:11 server1 sshd\[21637\]: Failed password for root from 220.178.31.90 port 47710 ssh2 Jun 6 05:43:51 server1 sshd\[23250\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.178.31.90 user=root Jun 6 05:43:53 server1 sshd\[23250\]: Failed password for root from 220.178.31.90 port 42838 ssh2 Jun 6 05:47:34 server1 sshd\[24506\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.178.31.90 user=root ...	2020-06-06 19:48:39
188.6.161.77	attackspambots	Bruteforce detected by fail2ban	2020-06-06 20:07:05
37.187.105.36	attackbots	Jun 6 09:56:00 marvibiene sshd[4593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.105.36 user=root Jun 6 09:56:02 marvibiene sshd[4593]: Failed password for root from 37.187.105.36 port 48590 ssh2 Jun 6 10:08:54 marvibiene sshd[4714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.105.36 user=root Jun 6 10:08:56 marvibiene sshd[4714]: Failed password for root from 37.187.105.36 port 56786 ssh2 ...	2020-06-06 19:57:39
149.202.164.82	attackspambots	2020-06-06T10:17:02.693875ionos.janbro.de sshd[55265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.164.82 user=root 2020-06-06T10:17:04.600797ionos.janbro.de sshd[55265]: Failed password for root from 149.202.164.82 port 36054 ssh2 2020-06-06T10:20:38.561868ionos.janbro.de sshd[55280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.164.82 user=root 2020-06-06T10:20:41.121712ionos.janbro.de sshd[55280]: Failed password for root from 149.202.164.82 port 38894 ssh2 2020-06-06T10:24:06.527935ionos.janbro.de sshd[55300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.164.82 user=root 2020-06-06T10:24:07.973345ionos.janbro.de sshd[55300]: Failed password for root from 149.202.164.82 port 41734 ssh2 2020-06-06T10:27:36.143457ionos.janbro.de sshd[55332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14 ...	2020-06-06 20:03:18
167.172.238.159	attackbotsspam	<6 unauthorized SSH connections	2020-06-06 20:07:50
41.33.45.180	attackspambots	Jun 6 07:15:41 sip sshd[559935]: Failed password for root from 41.33.45.180 port 43598 ssh2 Jun 6 07:19:19 sip sshd[559980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.33.45.180 user=root Jun 6 07:19:21 sip sshd[559980]: Failed password for root from 41.33.45.180 port 47520 ssh2 ...	2020-06-06 20:01:41
185.53.88.206	attackspam	[2020-06-06 07:47:04] NOTICE[1288] chan_sip.c: Registration from '"50" ' failed for '185.53.88.206:5382' - Wrong password [2020-06-06 07:47:04] SECURITY[1303] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-06T07:47:04.125-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="50",SessionID="0x7f4d74136238",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.206/5382",Challenge="0e462be0",ReceivedChallenge="0e462be0",ReceivedHash="68286d4ff4721dc4b7c4a1ed3522afd5" [2020-06-06 07:47:04] NOTICE[1288] chan_sip.c: Registration from '"50" ' failed for '185.53.88.206:5382' - Wrong password [2020-06-06 07:47:04] SECURITY[1303] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-06T07:47:04.232-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="50",SessionID="0x7f4d74239348",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.206/ ...	2020-06-06 19:52:21
171.14.78.196	attackspambots	Port probing on unauthorized port 4899	2020-06-06 20:26:54
222.186.175.169	attack	Jun 6 13:44:56 vmi345603 sshd[30245]: Failed password for root from 222.186.175.169 port 18976 ssh2 Jun 6 13:44:59 vmi345603 sshd[30245]: Failed password for root from 222.186.175.169 port 18976 ssh2 ...	2020-06-06 19:48:20
101.227.34.23	attack	$f2bV_matches	2020-06-06 20:25:06

Recently Reported IPs

91.160.60.40	227.214.62.137	188.217.210.130	171.139.230.6
100.86.206.178	210.115.220.34	245.85.11.167	244.26.230.189
204.36.210.136	78.246.154.88	125.27.36.68	53.235.69.51
124.121.128.49	249.144.39.70	10.253.163.150	155.255.78.28
49.218.71.28	166.184.103.70	64.87.62.213	73.131.81.130