42.101.64.97 - IPInfo

Basic Info

City: Dalian

Region: Liaoning

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: No.31,Jin-rong Street

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.101.64.106	attack	Unauthorized connection attempt detected from IP address 42.101.64.106 to port 1433 [T]	2020-04-15 03:01:19
42.101.64.106	attack	The IP has triggered Cloudflare WAF. CF-Ray: 55515b58ac71e811 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: badHost \| Protocol: HTTP/2 \| Method: GET \| Host: img.skk.moe \| User-Agent: Xiaomi_MCT1_TD-LTE/V1 Linux/4.4.78 Android/8.0 Release/4.4.2017 Browser/AppleWebKit537.36 Mobile Safari/537.36 System/Android 8.0 XiaoMi/MiuiBrowser/9.3.11 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2020-01-16 02:15:46
42.101.64.106	attackspambots	unauthorized connection attempt	2020-01-09 16:30:52
42.101.64.106	attack	Portscan or hack attempt detected by psad/fwsnort	2020-01-08 22:33:35
42.101.64.106	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2019-11-02 18:05:46
42.101.64.106	attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-10-21 06:20:03

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.101.64.97
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52750
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.101.64.97.			IN	A

;; AUTHORITY SECTION:
.			2717	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041000 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 10 21:40:39 +08 2019
;; MSG SIZE  rcvd: 116

Host info

Host 97.64.101.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 97.64.101.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.67.68.30	attackbots	Jul 28 15:56:08 microserver sshd[45983]: Invalid user nidayede from 114.67.68.30 port 60360 Jul 28 15:56:08 microserver sshd[45983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.68.30 Jul 28 15:56:10 microserver sshd[45983]: Failed password for invalid user nidayede from 114.67.68.30 port 60360 ssh2 Jul 28 15:59:11 microserver sshd[46166]: Invalid user royals from 114.67.68.30 port 59454 Jul 28 15:59:11 microserver sshd[46166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.68.30 Jul 28 16:10:41 microserver sshd[47973]: Invalid user lesbians from 114.67.68.30 port 55818 Jul 28 16:10:41 microserver sshd[47973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.68.30 Jul 28 16:10:43 microserver sshd[47973]: Failed password for invalid user lesbians from 114.67.68.30 port 55818 ssh2 Jul 28 16:13:37 microserver sshd[48140]: Invalid user chunky from 114.67.68.30 port 54912	2019-07-28 22:21:57
61.50.255.248	attack	Jul 28 02:46:11 shared07 sshd[18194]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.50.255.248 user=r.r Jul 28 02:46:13 shared07 sshd[18194]: Failed password for r.r from 61.50.255.248 port 25911 ssh2 Jul 28 02:46:14 shared07 sshd[18194]: Received disconnect from 61.50.255.248 port 25911:11: Bye Bye [preauth] Jul 28 02:46:14 shared07 sshd[18194]: Disconnected from 61.50.255.248 port 25911 [preauth] Jul 28 03:03:25 shared07 sshd[21646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.50.255.248 user=r.r Jul 28 03:03:27 shared07 sshd[21646]: Failed password for r.r from 61.50.255.248 port 34622 ssh2 Jul 28 03:03:27 shared07 sshd[21646]: Received disconnect from 61.50.255.248 port 34622:11: Bye Bye [preauth] Jul 28 03:03:27 shared07 sshd[21646]: Disconnected from 61.50.255.248 port 34622 [preauth] Jul 28 03:07:36 shared07 sshd[22522]: pam_unix(sshd:auth): authentication failure; logna........ -------------------------------	2019-07-28 22:51:26
171.236.139.238	attack	scan z	2019-07-28 22:44:09
203.173.92.250	attack	2019-07-28 06:27:12 H=(ip-92-250.buanter.net) [203.173.92.250]:59267 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/203.173.92.250) 2019-07-28 06:27:13 H=(ip-92-250.buanter.net) [203.173.92.250]:59267 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/203.173.92.250) 2019-07-28 06:27:13 H=(ip-92-250.buanter.net) [203.173.92.250]:59267 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/203.173.92.250) ...	2019-07-28 22:25:49
112.85.42.173	attackspam	Jul 28 15:39:16 bouncer sshd\[27788\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173 user=root Jul 28 15:39:19 bouncer sshd\[27788\]: Failed password for root from 112.85.42.173 port 40086 ssh2 Jul 28 15:39:21 bouncer sshd\[27788\]: Failed password for root from 112.85.42.173 port 40086 ssh2 ...	2019-07-28 22:19:48
191.53.223.217	attack	Brute force attempt	2019-07-28 23:03:44
54.37.136.60	attackbots	Jul 28 01:07:51 shared06 sshd[25137]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.136.60 user=r.r Jul 28 01:07:53 shared06 sshd[25137]: Failed password for r.r from 54.37.136.60 port 56498 ssh2 Jul 28 01:07:53 shared06 sshd[25137]: Received disconnect from 54.37.136.60 port 56498:11: Bye Bye [preauth] Jul 28 01:07:53 shared06 sshd[25137]: Disconnected from 54.37.136.60 port 56498 [preauth] Jul 28 01:22:53 shared06 sshd[28332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.136.60 user=r.r Jul 28 01:22:55 shared06 sshd[28332]: Failed password for r.r from 54.37.136.60 port 38726 ssh2 Jul 28 01:22:55 shared06 sshd[28332]: Received disconnect from 54.37.136.60 port 38726:11: Bye Bye [preauth] Jul 28 01:22:55 shared06 sshd[28332]: Disconnected from 54.37.136.60 port 38726 [preauth] Jul 28 01:27:20 shared06 sshd[29084]: pam_unix(sshd:auth): authentication failure; logname= uid=........ -------------------------------	2019-07-28 22:30:57
176.225.29.159	attackspambots	Wordpress Admin Login attack	2019-07-28 23:10:47
115.239.244.198	attack	failed_logins	2019-07-28 22:19:10
178.254.25.136	attackbotsspam	Jul 28 17:26:22 dedicated sshd[15270]: Failed password for invalid user desih from 178.254.25.136 port 37334 ssh2 Jul 28 17:26:19 dedicated sshd[15270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.254.25.136 Jul 28 17:26:19 dedicated sshd[15270]: Invalid user desih from 178.254.25.136 port 37334 Jul 28 17:26:22 dedicated sshd[15270]: Failed password for invalid user desih from 178.254.25.136 port 37334 ssh2 Jul 28 17:30:34 dedicated sshd[15700]: Invalid user @mima from 178.254.25.136 port 36748	2019-07-28 23:35:41
193.144.61.81	attack	Jul 28 07:59:38 aat-srv002 sshd[11282]: Failed password for root from 193.144.61.81 port 37822 ssh2 Jul 28 08:03:53 aat-srv002 sshd[11389]: Failed password for root from 193.144.61.81 port 33128 ssh2 Jul 28 08:08:14 aat-srv002 sshd[11468]: Failed password for root from 193.144.61.81 port 56664 ssh2 ...	2019-07-28 22:50:26
192.162.68.22	attack	Jul 27 15:43:44 cumulus sshd[15798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.162.68.22 user=r.r Jul 27 15:43:46 cumulus sshd[15798]: Failed password for r.r from 192.162.68.22 port 33852 ssh2 Jul 27 15:43:46 cumulus sshd[15798]: Received disconnect from 192.162.68.22 port 33852:11: Bye Bye [preauth] Jul 27 15:43:46 cumulus sshd[15798]: Disconnected from 192.162.68.22 port 33852 [preauth] Jul 27 18:40:51 cumulus sshd[23780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.162.68.22 user=r.r Jul 27 18:40:53 cumulus sshd[23780]: Failed password for r.r from 192.162.68.22 port 53548 ssh2 Jul 27 18:40:53 cumulus sshd[23780]: Received disconnect from 192.162.68.22 port 53548:11: Bye Bye [preauth] Jul 27 18:40:53 cumulus sshd[23780]: Disconnected from 192.162.68.22 port 53548 [preauth] Jul 27 18:46:44 cumulus sshd[24039]: pam_unix(sshd:auth): authentication failure; logname= uid=0........ -------------------------------	2019-07-28 22:42:21
177.209.137.158	attackspambots	Automatic report - Port Scan Attack	2019-07-28 23:26:03
84.109.74.138	attackbots	Brute forcing Wordpress login	2019-07-28 22:52:46
104.214.231.44	attackspambots	Jul 28 16:33:20 MK-Soft-Root2 sshd\[24824\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.214.231.44 user=root Jul 28 16:33:22 MK-Soft-Root2 sshd\[24824\]: Failed password for root from 104.214.231.44 port 51808 ssh2 Jul 28 16:38:56 MK-Soft-Root2 sshd\[25568\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.214.231.44 user=root ...	2019-07-28 22:45:53

Recently Reported IPs

83.219.159.219	190.60.223.236	187.189.48.7	201.49.127.212
153.226.216.146	81.171.98.189	117.241.120.27	5.172.151.106
178.128.236.154	79.173.208.175	103.200.42.101	220.184.82.106
156.222.69.65	201.144.30.83	96.248.86.218	31.192.139.182
112.133.232.68	123.206.210.160	37.75.11.170	164.52.24.168