42.231.162.201

Basic Info

City: Zhengzhou

Region: Henan

Country: China

Internet Service Provider: China Unicom

Hostname: unknown

Organization: CHINA UNICOM China169 Backbone

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.231.162.216	attack	Feb 25 08:25:45 grey postfix/smtpd\[13777\]: NOQUEUE: reject: RCPT from unknown\[42.231.162.216\]: 554 5.7.1 Service unavailable\; Client host \[42.231.162.216\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?42.231.162.216\; from=\ to=\ proto=SMTP helo=\ ...	2020-02-25 17:00:37
42.231.162.217	attackspambots	Feb 22 17:46:06 exim[22632]: [1\57] 1j5Xuk-0005t2-Fn H=(gmail.com) [42.231.162.217] F= rejected after DATA: This message scored 15.2 spam points.	2020-02-23 04:06:56
42.231.162.228	attackspam	Brute force attempt	2020-02-20 23:21:06
42.231.162.219	attackspambots	Feb 17 19:27:26 exim[2643]: [1\39] 1j3l78-0000gd-Du H=(gmail.com) [42.231.162.219] F= rejected after DATA: This message scored 104.8 spam points.	2020-02-18 05:53:31
42.231.162.14	attackspambots	Feb 2 05:56:58 grey postfix/smtpd\[22281\]: NOQUEUE: reject: RCPT from unknown\[42.231.162.14\]: 554 5.7.1 Service unavailable\; Client host \[42.231.162.14\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[42.231.162.14\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-02 14:23:22
42.231.162.224	attackspam	Jan 20 05:58:06 grey postfix/smtpd\[15217\]: NOQUEUE: reject: RCPT from unknown\[42.231.162.224\]: 554 5.7.1 Service unavailable\; Client host \[42.231.162.224\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?42.231.162.224\; from=\ to=\ proto=SMTP helo=\ ...	2020-01-20 14:15:55
42.231.162.217	attackspam	Jan 16 14:04:47 grey postfix/smtpd\[28896\]: NOQUEUE: reject: RCPT from unknown\[42.231.162.217\]: 554 5.7.1 Service unavailable\; Client host \[42.231.162.217\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?42.231.162.217\; from=\ to=\ proto=SMTP helo=\ ...	2020-01-16 21:44:40
42.231.162.228	attackspam	Jan 10 22:11:54 grey postfix/smtpd\[30284\]: NOQUEUE: reject: RCPT from unknown\[42.231.162.228\]: 554 5.7.1 Service unavailable\; Client host \[42.231.162.228\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?42.231.162.228\; from=\ to=\ proto=SMTP helo=\ ...	2020-01-11 05:12:30
42.231.162.216	attack	Spamassassin_42.231.162.216	2019-11-11 09:02:24
42.231.162.190	attack	f2b trigger Multiple SASL failures	2019-09-29 04:17:15
42.231.162.208	attack	"SMTPD" 6184 83083 "2019-09-24 x@x "SMTPD" 6184 83083 "2019-09-24 14:30:54.432" "42.231.162.208" "SENT: 550 Delivery is not allowed to this address." IP Address: 42.231.162.208 Email x@x No MX record resolves to this server for domain: schoenenreus.nl ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=42.231.162.208	2019-09-24 20:59:43
42.231.162.205	attackbots	SASL Brute Force	2019-09-23 04:24:23
42.231.162.203	attackbotsspam	MagicSpam Rule: block_rbl_lists (b.barracudacentral.org); Spammer IP: 42.231.162.203	2019-08-31 13:19:47
42.231.162.202	attackbotsspam	originated or passed SPAM,UCE	2019-08-05 08:12:04
42.231.162.191	attackspam	Brute force attempt	2019-07-30 08:52:07

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.231.162.201
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27722
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.231.162.201.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019052400 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri May 24 21:04:20 CST 2019
;; MSG SIZE  rcvd: 118

Host info

201.162.231.42.in-addr.arpa domain name pointer hn.kd.ny.adsl.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
201.162.231.42.in-addr.arpa	name = hn.kd.ny.adsl.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
144.172.73.43	attackspambots	Jun 12 13:09:58 ucs sshd\[27622\]: Invalid user honey from 144.172.73.43 port 51676 Jun 12 13:09:58 ucs sshd\[27624\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.172.73.43 Jun 12 13:10:01 ucs sshd\[27622\]: error: PAM: User not known to the underlying authentication module for illegal user honey from 144.172.73.43 Jun 12 13:10:01 ucs sshd\[27622\]: Failed keyboard-interactive/pam for invalid user honey from 144.172.73.43 port 51676 ssh2 ...	2020-06-12 19:10:11
176.119.231.62	attackbotsspam	2020-06-12T04:46:28.232304morrigan.ad5gb.com sshd[5336]: Invalid user carol from 176.119.231.62 port 40598 2020-06-12T04:46:29.988969morrigan.ad5gb.com sshd[5336]: Failed password for invalid user carol from 176.119.231.62 port 40598 ssh2 2020-06-12T04:46:30.743107morrigan.ad5gb.com sshd[5336]: Disconnected from invalid user carol 176.119.231.62 port 40598 [preauth]	2020-06-12 19:01:23
177.128.120.35	attackspambots	Unauthorized connection attempt detected from IP address 177.128.120.35 to port 6666 [T]	2020-06-12 18:43:12
191.32.218.21	attackbotsspam	Jun 12 12:19:26 ns41 sshd[27019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.32.218.21	2020-06-12 18:46:27
79.124.62.82	attackbots	TCP (SYN) 79.124.62.82:52997 -> port 8399, len 44	2020-06-12 19:00:51
217.182.94.110	attackspam	Jun 12 06:53:21 ws22vmsma01 sshd[143158]: Failed password for root from 217.182.94.110 port 59790 ssh2 Jun 12 07:02:35 ws22vmsma01 sshd[147265]: Failed password for root from 217.182.94.110 port 38362 ssh2 ...	2020-06-12 18:40:24
49.51.9.206	attack	Port Scan detected! ...	2020-06-12 18:56:57
103.16.202.174	attackbots	Jun 12 12:57:38 mail sshd[28306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.16.202.174 Jun 12 12:57:40 mail sshd[28306]: Failed password for invalid user matt from 103.16.202.174 port 46989 ssh2 ...	2020-06-12 19:10:39
218.92.0.189	attackbotsspam	Jun 12 11:02:59 srv-ubuntu-dev3 sshd[113509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.189 user=root Jun 12 11:03:01 srv-ubuntu-dev3 sshd[113509]: Failed password for root from 218.92.0.189 port 53749 ssh2 Jun 12 11:03:03 srv-ubuntu-dev3 sshd[113509]: Failed password for root from 218.92.0.189 port 53749 ssh2 Jun 12 11:02:59 srv-ubuntu-dev3 sshd[113509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.189 user=root Jun 12 11:03:01 srv-ubuntu-dev3 sshd[113509]: Failed password for root from 218.92.0.189 port 53749 ssh2 Jun 12 11:03:03 srv-ubuntu-dev3 sshd[113509]: Failed password for root from 218.92.0.189 port 53749 ssh2 Jun 12 11:02:59 srv-ubuntu-dev3 sshd[113509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.189 user=root Jun 12 11:03:01 srv-ubuntu-dev3 sshd[113509]: Failed password for root from 218.92.0.189 port 53749 ssh2 J ...	2020-06-12 18:51:14
59.127.243.224	attackspambots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-06-12 19:09:56
91.121.104.181	attackbots	2020-06-12T09:34:38.279079shield sshd\[19972\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.104.181 user=root 2020-06-12T09:34:40.563917shield sshd\[19972\]: Failed password for root from 91.121.104.181 port 46908 ssh2 2020-06-12T09:37:45.317261shield sshd\[20952\]: Invalid user osb from 91.121.104.181 port 56344 2020-06-12T09:37:45.321834shield sshd\[20952\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.104.181 2020-06-12T09:37:48.278977shield sshd\[20952\]: Failed password for invalid user osb from 91.121.104.181 port 56344 ssh2	2020-06-12 19:07:30
49.233.87.146	attackspambots	Invalid user uc from 49.233.87.146 port 55321	2020-06-12 18:47:27
112.85.42.176	attackspam	Jun 12 12:53:09 abendstille sshd\[2101\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root Jun 12 12:53:09 abendstille sshd\[2104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root Jun 12 12:53:11 abendstille sshd\[2101\]: Failed password for root from 112.85.42.176 port 55343 ssh2 Jun 12 12:53:11 abendstille sshd\[2104\]: Failed password for root from 112.85.42.176 port 38227 ssh2 Jun 12 12:53:14 abendstille sshd\[2101\]: Failed password for root from 112.85.42.176 port 55343 ssh2 ...	2020-06-12 19:06:46
137.74.171.160	attackspam	Jun 12 11:11:40 vps687878 sshd\[16824\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.171.160 user=root Jun 12 11:11:43 vps687878 sshd\[16824\]: Failed password for root from 137.74.171.160 port 59544 ssh2 Jun 12 11:15:12 vps687878 sshd\[17097\]: Invalid user adonay from 137.74.171.160 port 60824 Jun 12 11:15:12 vps687878 sshd\[17097\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.171.160 Jun 12 11:15:13 vps687878 sshd\[17097\]: Failed password for invalid user adonay from 137.74.171.160 port 60824 ssh2 ...	2020-06-12 19:13:52
61.177.172.158	attackspam	2020-06-12T10:16:47.450941shield sshd\[8003\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.158 user=root 2020-06-12T10:16:49.921428shield sshd\[8003\]: Failed password for root from 61.177.172.158 port 20012 ssh2 2020-06-12T10:16:52.066924shield sshd\[8003\]: Failed password for root from 61.177.172.158 port 20012 ssh2 2020-06-12T10:16:54.377610shield sshd\[8003\]: Failed password for root from 61.177.172.158 port 20012 ssh2 2020-06-12T10:17:46.501276shield sshd\[8201\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.158 user=root	2020-06-12 19:07:59

Recently Reported IPs

173.49.120.100	109.141.53.255	157.50.198.55	11.70.242.183
220.217.195.34	85.113.160.217	183.46.77.62	193.2.103.231
79.138.37.5	90.126.81.228	187.255.134.70	188.252.137.81
105.202.85.78	204.140.150.180	148.222.27.12	129.213.49.56
198.87.211.28	36.72.17.97	35.155.54.255	81.7.166.154