42.231.162.211

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Henan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.231.162.216	attack	Feb 25 08:25:45 grey postfix/smtpd\[13777\]: NOQUEUE: reject: RCPT from unknown\[42.231.162.216\]: 554 5.7.1 Service unavailable\; Client host \[42.231.162.216\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?42.231.162.216\; from=\ to=\ proto=SMTP helo=\ ...	2020-02-25 17:00:37
42.231.162.217	attackspambots	Feb 22 17:46:06 exim[22632]: [1\57] 1j5Xuk-0005t2-Fn H=(gmail.com) [42.231.162.217] F= rejected after DATA: This message scored 15.2 spam points.	2020-02-23 04:06:56
42.231.162.228	attackspam	Brute force attempt	2020-02-20 23:21:06
42.231.162.219	attackspambots	Feb 17 19:27:26 exim[2643]: [1\39] 1j3l78-0000gd-Du H=(gmail.com) [42.231.162.219] F= rejected after DATA: This message scored 104.8 spam points.	2020-02-18 05:53:31
42.231.162.14	attackspambots	Feb 2 05:56:58 grey postfix/smtpd\[22281\]: NOQUEUE: reject: RCPT from unknown\[42.231.162.14\]: 554 5.7.1 Service unavailable\; Client host \[42.231.162.14\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[42.231.162.14\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-02 14:23:22
42.231.162.224	attackspam	Jan 20 05:58:06 grey postfix/smtpd\[15217\]: NOQUEUE: reject: RCPT from unknown\[42.231.162.224\]: 554 5.7.1 Service unavailable\; Client host \[42.231.162.224\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?42.231.162.224\; from=\ to=\ proto=SMTP helo=\ ...	2020-01-20 14:15:55
42.231.162.217	attackspam	Jan 16 14:04:47 grey postfix/smtpd\[28896\]: NOQUEUE: reject: RCPT from unknown\[42.231.162.217\]: 554 5.7.1 Service unavailable\; Client host \[42.231.162.217\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?42.231.162.217\; from=\ to=\ proto=SMTP helo=\ ...	2020-01-16 21:44:40
42.231.162.228	attackspam	Jan 10 22:11:54 grey postfix/smtpd\[30284\]: NOQUEUE: reject: RCPT from unknown\[42.231.162.228\]: 554 5.7.1 Service unavailable\; Client host \[42.231.162.228\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?42.231.162.228\; from=\ to=\ proto=SMTP helo=\ ...	2020-01-11 05:12:30
42.231.162.216	attack	Spamassassin_42.231.162.216	2019-11-11 09:02:24
42.231.162.190	attack	f2b trigger Multiple SASL failures	2019-09-29 04:17:15
42.231.162.208	attack	"SMTPD" 6184 83083 "2019-09-24 x@x "SMTPD" 6184 83083 "2019-09-24 14:30:54.432" "42.231.162.208" "SENT: 550 Delivery is not allowed to this address." IP Address: 42.231.162.208 Email x@x No MX record resolves to this server for domain: schoenenreus.nl ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=42.231.162.208	2019-09-24 20:59:43
42.231.162.205	attackbots	SASL Brute Force	2019-09-23 04:24:23
42.231.162.203	attackbotsspam	MagicSpam Rule: block_rbl_lists (b.barracudacentral.org); Spammer IP: 42.231.162.203	2019-08-31 13:19:47
42.231.162.202	attackbotsspam	originated or passed SPAM,UCE	2019-08-05 08:12:04
42.231.162.191	attackspam	Brute force attempt	2019-07-30 08:52:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.231.162.211
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24420
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.231.162.211.			IN	A

;; AUTHORITY SECTION:
.			558	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101000 1800 900 604800 86400

;; Query time: 165 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 10 20:06:15 CST 2019
;; MSG SIZE  rcvd: 118

Host info

211.162.231.42.in-addr.arpa domain name pointer hn.kd.ny.adsl.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
211.162.231.42.in-addr.arpa	name = hn.kd.ny.adsl.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
134.175.219.34	attackspambots	Aug 19 02:11:35 mail sshd\[12372\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.219.34 Aug 19 02:11:37 mail sshd\[12372\]: Failed password for invalid user user from 134.175.219.34 port 48526 ssh2 Aug 19 02:16:23 mail sshd\[12946\]: Invalid user m from 134.175.219.34 port 36909 Aug 19 02:16:23 mail sshd\[12946\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.219.34 Aug 19 02:16:25 mail sshd\[12946\]: Failed password for invalid user m from 134.175.219.34 port 36909 ssh2	2019-08-19 11:12:23
189.91.239.181	attack	Aug 18 16:54:05 lcprod sshd\[5583\]: Invalid user tomcat from 189.91.239.181 Aug 18 16:54:05 lcprod sshd\[5583\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189-91-239-181-wlan.lpnet.com.br Aug 18 16:54:06 lcprod sshd\[5583\]: Failed password for invalid user tomcat from 189.91.239.181 port 35200 ssh2 Aug 18 16:59:41 lcprod sshd\[6130\]: Invalid user hue from 189.91.239.181 Aug 18 16:59:41 lcprod sshd\[6130\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189-91-239-181-wlan.lpnet.com.br	2019-08-19 11:07:21
162.144.109.122	attackspambots	Aug 19 07:25:53 itv-usvr-01 sshd[9146]: Invalid user postgres from 162.144.109.122 Aug 19 07:25:53 itv-usvr-01 sshd[9146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.144.109.122 Aug 19 07:25:53 itv-usvr-01 sshd[9146]: Invalid user postgres from 162.144.109.122 Aug 19 07:25:55 itv-usvr-01 sshd[9146]: Failed password for invalid user postgres from 162.144.109.122 port 39378 ssh2 Aug 19 07:34:12 itv-usvr-01 sshd[9452]: Invalid user hostmaster from 162.144.109.122	2019-08-19 10:54:02
80.211.137.127	attackspam	Aug 19 03:31:15 DAAP sshd[29015]: Invalid user vuser from 80.211.137.127 port 60938 Aug 19 03:31:15 DAAP sshd[29015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.137.127 Aug 19 03:31:15 DAAP sshd[29015]: Invalid user vuser from 80.211.137.127 port 60938 Aug 19 03:31:17 DAAP sshd[29015]: Failed password for invalid user vuser from 80.211.137.127 port 60938 ssh2 Aug 19 03:31:15 DAAP sshd[29015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.137.127 Aug 19 03:31:15 DAAP sshd[29015]: Invalid user vuser from 80.211.137.127 port 60938 Aug 19 03:31:17 DAAP sshd[29015]: Failed password for invalid user vuser from 80.211.137.127 port 60938 ssh2 ...	2019-08-19 10:36:12
77.233.4.133	attack	Aug 19 04:47:29 ncomp sshd[536]: Invalid user resin from 77.233.4.133 Aug 19 04:47:29 ncomp sshd[536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.233.4.133 Aug 19 04:47:29 ncomp sshd[536]: Invalid user resin from 77.233.4.133 Aug 19 04:47:30 ncomp sshd[536]: Failed password for invalid user resin from 77.233.4.133 port 40055 ssh2	2019-08-19 10:51:16
51.255.34.233	attackbotsspam	Automatic report - Banned IP Access	2019-08-19 10:32:39
51.77.200.226	attackspambots	Aug 19 04:18:13 mail sshd\[29545\]: Failed password for invalid user tf2mgeserver from 51.77.200.226 port 46234 ssh2 Aug 19 04:22:25 mail sshd\[30013\]: Invalid user user from 51.77.200.226 port 36896 Aug 19 04:22:25 mail sshd\[30013\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.200.226 Aug 19 04:22:26 mail sshd\[30013\]: Failed password for invalid user user from 51.77.200.226 port 36896 ssh2 Aug 19 04:26:37 mail sshd\[30474\]: Invalid user min from 51.77.200.226 port 55788 Aug 19 04:26:37 mail sshd\[30474\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.200.226	2019-08-19 10:32:15
139.190.222.166	attackbotsspam	Aug 19 01:07:38 srv-4 sshd\[8801\]: Invalid user admin from 139.190.222.166 Aug 19 01:07:38 srv-4 sshd\[8801\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.190.222.166 Aug 19 01:07:40 srv-4 sshd\[8801\]: Failed password for invalid user admin from 139.190.222.166 port 37984 ssh2 ...	2019-08-19 10:40:08
94.191.108.176	attackbots	Aug 19 03:05:17 mail sshd\[19809\]: Invalid user narendra from 94.191.108.176 port 33216 Aug 19 03:05:17 mail sshd\[19809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.108.176 Aug 19 03:05:20 mail sshd\[19809\]: Failed password for invalid user narendra from 94.191.108.176 port 33216 ssh2 Aug 19 03:07:17 mail sshd\[20071\]: Invalid user admin from 94.191.108.176 port 50992 Aug 19 03:07:17 mail sshd\[20071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.108.176	2019-08-19 11:13:51
218.92.1.142	attack	Aug 18 22:28:48 TORMINT sshd\[22459\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.1.142 user=root Aug 18 22:28:50 TORMINT sshd\[22459\]: Failed password for root from 218.92.1.142 port 27195 ssh2 Aug 18 22:32:56 TORMINT sshd\[22812\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.1.142 user=root ...	2019-08-19 10:46:09
78.130.243.128	attack	Aug 19 01:03:08 XXX sshd[23620]: Invalid user msr from 78.130.243.128 port 35384	2019-08-19 10:48:32
202.70.89.55	attackbots	Aug 19 03:24:12 minden010 sshd[15913]: Failed password for root from 202.70.89.55 port 48290 ssh2 Aug 19 03:30:32 minden010 sshd[18111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.70.89.55 Aug 19 03:30:34 minden010 sshd[18111]: Failed password for invalid user demuji from 202.70.89.55 port 40060 ssh2 ...	2019-08-19 10:30:29
159.89.107.227	attackspambots	diesunddas.net 159.89.107.227 \[19/Aug/2019:02:25:49 +0200\] "POST /wp-login.php HTTP/1.1" 200 8413 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" diesunddas.net 159.89.107.227 \[19/Aug/2019:02:25:54 +0200\] "POST /wp-login.php HTTP/1.1" 200 8413 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-08-19 10:30:53
212.64.72.20	attack	Aug 19 02:15:14 mail sshd\[12817\]: Invalid user db4web from 212.64.72.20 port 52816 Aug 19 02:15:14 mail sshd\[12817\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.72.20 Aug 19 02:15:16 mail sshd\[12817\]: Failed password for invalid user db4web from 212.64.72.20 port 52816 ssh2 Aug 19 02:20:02 mail sshd\[13408\]: Invalid user bamboo from 212.64.72.20 port 42876 Aug 19 02:20:02 mail sshd\[13408\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.72.20	2019-08-19 11:11:21
218.92.0.198	attackbotsspam	Aug 19 05:49:40 pkdns2 sshd\[42920\]: Failed password for root from 218.92.0.198 port 42514 ssh2Aug 19 05:50:38 pkdns2 sshd\[42994\]: Failed password for root from 218.92.0.198 port 27547 ssh2Aug 19 05:51:33 pkdns2 sshd\[43035\]: Failed password for root from 218.92.0.198 port 17254 ssh2Aug 19 05:52:28 pkdns2 sshd\[43078\]: Failed password for root from 218.92.0.198 port 34812 ssh2Aug 19 05:52:30 pkdns2 sshd\[43078\]: Failed password for root from 218.92.0.198 port 34812 ssh2Aug 19 05:53:23 pkdns2 sshd\[43115\]: Failed password for root from 218.92.0.198 port 28181 ssh2 ...	2019-08-19 11:03:51

Recently Reported IPs

227.181.64.65	188.16.146.219	170.247.201.85	159.89.193.210
157.245.193.75	157.245.154.245	156.208.119.168	156.202.209.210
128.71.119.43	124.128.97.146	123.18.201.159	116.99.67.181
113.162.172.211	93.51.186.90	85.230.71.108	243.105.40.254
242.99.23.194	148.23.241.180	113.235.188.201	82.178.3.30