59.42.39.149 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 59.42.39.149 to port 2220 [J]	2020-02-02 09:58:52

Comments on same subnet:

IP	Type	Details	Datetime
59.42.39.155	attack	SSH authentication failure x 6 reported by Fail2Ban ...	2020-07-23 04:01:10
59.42.39.146	attackspambots	2020-02-05T15:52:16.305628 sshd[2092]: Invalid user yd from 59.42.39.146 port 47891 2020-02-05T15:52:16.319021 sshd[2092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.42.39.146 2020-02-05T15:52:16.305628 sshd[2092]: Invalid user yd from 59.42.39.146 port 47891 2020-02-05T15:52:18.386986 sshd[2092]: Failed password for invalid user yd from 59.42.39.146 port 47891 ssh2 2020-02-05T15:55:54.428772 sshd[2181]: Invalid user ejabberd from 59.42.39.146 port 49656 ...	2020-02-05 23:05:54

Type

Details

Datetime

59.42.39.155

attack

SSH authentication failure x 6 reported by Fail2Ban
...

2020-07-23 04:01:10

59.42.39.146

attackspambots

2020-02-05T15:52:16.305628  sshd[2092]: Invalid user yd from 59.42.39.146 port 47891
2020-02-05T15:52:16.319021  sshd[2092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.42.39.146
2020-02-05T15:52:16.305628  sshd[2092]: Invalid user yd from 59.42.39.146 port 47891
2020-02-05T15:52:18.386986  sshd[2092]: Failed password for invalid user yd from 59.42.39.146 port 47891 ssh2
2020-02-05T15:55:54.428772  sshd[2181]: Invalid user ejabberd from 59.42.39.146 port 49656
...

2020-02-05 23:05:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 59.42.39.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13320
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;59.42.39.149.			IN	A

;; AUTHORITY SECTION:
.			503	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020102 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 02 09:58:37 CST 2020
;; MSG SIZE  rcvd: 116

Host info

149.39.42.59.in-addr.arpa domain name pointer 149.39.42.59.broad.gz.gd.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
149.39.42.59.in-addr.arpa	name = 149.39.42.59.broad.gz.gd.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.128.222.84	attack	$f2bV_matches_ltvn	2019-12-09 06:23:44
61.155.2.2	attackspambots	Dec 8 18:22:14 dev0-dcde-rnet sshd[3136]: Failed password for root from 61.155.2.2 port 53982 ssh2 Dec 8 18:28:10 dev0-dcde-rnet sshd[3213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.155.2.2 Dec 8 18:28:12 dev0-dcde-rnet sshd[3213]: Failed password for invalid user mysql from 61.155.2.2 port 51418 ssh2	2019-12-09 06:38:32
181.41.216.140	attackbotsspam	Dec 8 23:48:27 grey postfix/smtpd\[28132\]: NOQUEUE: reject: RCPT from unknown\[181.41.216.140\]: 554 5.7.1 Service unavailable\; Client host \[181.41.216.140\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[181.41.216.140\]\; from=\ to=\ proto=ESMTP helo=\<\[181.41.216.131\]\>Dec 8 23:48:27 grey postfix/smtpd\[28132\]: NOQUEUE: reject: RCPT from unknown\[181.41.216.140\]: 554 5.7.1 Service unavailable\; Client host \[181.41.216.140\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[181.41.216.140\]\; from=\ to=\ proto=ESMTP helo=\<\[181.41.216.131\]\> ...	2019-12-09 06:48:34
198.108.66.30	attackbotsspam	firewall-block, port(s): 8888/tcp	2019-12-09 06:32:45
106.13.204.251	attackbotsspam	Dec 8 23:02:42 dev0-dcde-rnet sshd[6650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.204.251 Dec 8 23:02:44 dev0-dcde-rnet sshd[6650]: Failed password for invalid user duchaine from 106.13.204.251 port 34120 ssh2 Dec 8 23:09:09 dev0-dcde-rnet sshd[6743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.204.251	2019-12-09 06:28:47
106.12.121.40	attackspambots	Dec 8 12:31:25 TORMINT sshd\[15648\]: Invalid user komiyama from 106.12.121.40 Dec 8 12:31:26 TORMINT sshd\[15648\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.121.40 Dec 8 12:31:27 TORMINT sshd\[15648\]: Failed password for invalid user komiyama from 106.12.121.40 port 51908 ssh2 ...	2019-12-09 06:55:39
189.254.230.170	attack	Unauthorized connection attempt detected from IP address 189.254.230.170 to port 445	2019-12-09 06:27:09
192.241.249.226	attack	Dec 8 23:33:54 legacy sshd[26461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.249.226 Dec 8 23:33:56 legacy sshd[26461]: Failed password for invalid user turidanne from 192.241.249.226 port 43398 ssh2 Dec 8 23:39:30 legacy sshd[26890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.249.226 ...	2019-12-09 06:45:44
77.42.90.109	attack	Automatic report - Port Scan Attack	2019-12-09 06:25:56
115.221.66.144	attackspambots	Automatic report - Port Scan Attack	2019-12-09 06:21:25
198.50.152.30	attack	Fail2Ban Ban Triggered	2019-12-09 06:55:24
103.51.153.235	attackspambots	Dec 8 19:57:54 v22018076622670303 sshd\[14897\]: Invalid user sommer08 from 103.51.153.235 port 54542 Dec 8 19:57:54 v22018076622670303 sshd\[14897\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.51.153.235 Dec 8 19:57:56 v22018076622670303 sshd\[14897\]: Failed password for invalid user sommer08 from 103.51.153.235 port 54542 ssh2 ...	2019-12-09 06:35:28
129.28.188.115	attackbotsspam	2019-12-08T17:42:57.965385abusebot.cloudsearch.cf sshd\[2068\]: Invalid user pcap from 129.28.188.115 port 43582 2019-12-08T17:42:57.972106abusebot.cloudsearch.cf sshd\[2068\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.188.115 2019-12-08T17:42:59.253253abusebot.cloudsearch.cf sshd\[2068\]: Failed password for invalid user pcap from 129.28.188.115 port 43582 ssh2 2019-12-08T17:49:25.404080abusebot.cloudsearch.cf sshd\[3237\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.188.115 user=root 2019-12-08T17:49:27.618519abusebot.cloudsearch.cf sshd\[3237\]: Failed password for root from 129.28.188.115 port 44012 ssh2	2019-12-09 06:57:21
45.143.220.112	attack	firewall-block, port(s): 5061/udp	2019-12-09 06:20:43
106.54.123.106	attackspam	$f2bV_matches	2019-12-09 06:35:14

Recently Reported IPs

90.108.28.140	15.138.249.18	202.183.103.65	179.175.152.188
119.241.248.158	253.173.135.144	142.151.65.178	90.220.10.27
173.222.78.121	104.126.208.17	195.242.134.34	122.47.143.234
43.121.3.26	44.141.91.40	111.17.181.29	141.208.146.95
93.144.24.188	40.136.134.114	208.48.167.216	176.35.86.162