42.231.163.197

Basic Info

City: Zhengzhou

Region: Henan

Country: China

Internet Service Provider: China Unicom

Hostname: unknown

Organization: CHINA UNICOM China169 Backbone

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.231.163.223	attack	Mar 6 23:06:00 grey postfix/smtpd\[18312\]: NOQUEUE: reject: RCPT from unknown\[42.231.163.223\]: 554 5.7.1 Service unavailable\; Client host \[42.231.163.223\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?42.231.163.223\; from=\ to=\ proto=SMTP helo=\ ...	2020-03-07 06:40:18
42.231.163.224	attackbots	Email rejected due to spam filtering	2020-03-02 03:13:26
42.231.163.211	attackbots	spam	2020-02-29 17:44:39
42.231.163.88	attackspam	Feb 27 05:58:49 grey postfix/smtpd\[3219\]: NOQUEUE: reject: RCPT from unknown\[42.231.163.88\]: 554 5.7.1 Service unavailable\; Client host \[42.231.163.88\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[42.231.163.88\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-27 13:38:47
42.231.163.134	attackspambots	Fake domain expiration notices spf=pass. smtp.mailfrom=info@shaxiamight.top	2020-02-15 16:52:55
42.231.163.120	attackbotsspam	Email rejected due to spam filtering	2020-02-11 18:37:41

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.231.163.197
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59602
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.231.163.197.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041102 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 12 12:17:32 +08 2019
;; MSG SIZE  rcvd: 118

Host info

197.163.231.42.in-addr.arpa domain name pointer hn.kd.ny.adsl.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
197.163.231.42.in-addr.arpa	name = hn.kd.ny.adsl.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.175.93.19	attackspambots	Feb 24 14:29:07 debian-2gb-nbg1-2 kernel: \[4810148.305278\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.175.93.19 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=47214 PROTO=TCP SPT=53841 DPT=5933 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-24 22:37:43
121.224.40.57	attackbots	lfd: (smtpauth) Failed SMTP AUTH login from 121.224.40.57 (CN/China/57.40.224.121.broad.sz.js.dynamic.163data.com.cn): 5 in the last 3600 secs - Tue Jul 31 01:38:41 2018	2020-02-24 22:11:58
93.174.93.195	attack	93.174.93.195 was recorded 25 times by 14 hosts attempting to connect to the following ports: 45685,46896,46080,45682. Incident counter (4h, 24h, all-time): 25, 163, 6296	2020-02-24 21:56:02
37.187.119.2	attackbots	Brute force blocker - service: exim2 - aantal: 25 - Tue Jul 31 00:00:15 2018	2020-02-24 22:12:34
49.81.201.84	attack	Brute force blocker - service: proftpd1 - aantal: 63 - Sat Jul 28 07:50:15 2018	2020-02-24 22:25:02
106.58.209.161	attack	Feb 24 14:29:48 * sshd[6096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.58.209.161 Feb 24 14:29:50 * sshd[6096]: Failed password for invalid user admin from 106.58.209.161 port 50784 ssh2	2020-02-24 21:53:24
49.88.112.114	attackspam	Feb 24 03:45:16 wbs sshd\[7589\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Feb 24 03:45:19 wbs sshd\[7589\]: Failed password for root from 49.88.112.114 port 30767 ssh2 Feb 24 03:45:21 wbs sshd\[7589\]: Failed password for root from 49.88.112.114 port 30767 ssh2 Feb 24 03:45:24 wbs sshd\[7589\]: Failed password for root from 49.88.112.114 port 30767 ssh2 Feb 24 03:46:36 wbs sshd\[7679\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root	2020-02-24 22:06:52
222.186.52.78	attackbots	Feb 24 14:28:22 * sshd[5924]: Failed password for root from 222.186.52.78 port 40924 ssh2	2020-02-24 22:19:05
83.136.248.146	attack	Brute force blocker - service: exim2 - aantal: 25 - Sun Jul 29 15:00:12 2018	2020-02-24 22:16:51
188.147.141.207	attack	Wordpress login scanning	2020-02-24 22:13:04
77.45.122.162	attackbots	Port probing on unauthorized port 23	2020-02-24 22:35:36
94.102.56.215	attackbots	94.102.56.215 was recorded 29 times by 14 hosts attempting to connect to the following ports: 7842,7822,7805,7876. Incident counter (4h, 24h, all-time): 29, 163, 5245	2020-02-24 22:29:39
185.100.222.62	attackbots	lfd: (smtpauth) Failed SMTP AUTH login from 185.100.222.62 (-): 5 in the last 3600 secs - Wed Aug 1 21:59:57 2018	2020-02-24 22:04:03
66.240.236.119	attack	02/24/2020-08:29:13.735490 66.240.236.119 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 68	2020-02-24 22:34:00
49.88.112.113	attackbots	Feb 24 04:19:36 web9 sshd\[23674\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root Feb 24 04:19:38 web9 sshd\[23674\]: Failed password for root from 49.88.112.113 port 30530 ssh2 Feb 24 04:21:17 web9 sshd\[23920\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root Feb 24 04:21:19 web9 sshd\[23920\]: Failed password for root from 49.88.112.113 port 52575 ssh2 Feb 24 04:22:01 web9 sshd\[24043\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root	2020-02-24 22:33:33

Recently Reported IPs

179.184.23.195	66.28.139.131	40.107.6.84	113.160.229.12
185.148.243.95	113.247.233.22	184.168.200.142	167.99.80.173
104.148.64.196	23.233.9.144	104.148.64.198	221.229.173.231
41.39.73.218	104.148.64.195	192.241.198.60	118.69.195.170
192.54.56.208	186.210.91.171	122.155.0.239	202.141.250.148