42.245.203.134

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Cernet New Technology Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port Scan: TCP/445	2019-08-24 14:32:30

Comments on same subnet:

IP	Type	Details	Datetime
42.245.203.153	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-26 07:54:52
42.245.203.139	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-23 22:23:13
42.245.203.136	attackbots	Port probing on unauthorized port 445	2020-02-14 09:53:22
42.245.203.148	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-13 14:30:01
42.245.203.148	attackspam	Unauthorized connection attempt detected from IP address 42.245.203.148 to port 4899 [J]	2020-01-06 14:26:40
42.245.203.139	attackbotsspam	19/7/22@19:26:43: FAIL: Alarm-Intrusion address from=42.245.203.139 ...	2019-07-23 09:28:25
42.245.203.136	attackspam	19/7/22@19:27:24: FAIL: Alarm-Intrusion address from=42.245.203.136 ...	2019-07-23 09:08:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.245.203.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38582
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.245.203.134.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082302 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 24 14:32:19 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 134.203.245.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 134.203.245.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
163.172.101.217	attackspambots	Unauthorized connection attempt detected from IP address 163.172.101.217 to port 80	2020-02-06 22:02:12
222.186.42.7	attackbots	2020-2-6 3:27:10 PM: failed ssh attempt	2020-02-06 22:27:57
222.186.30.31	attack	Feb 6 15:25:52 h2177944 sshd\[19712\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.31 user=root Feb 6 15:25:54 h2177944 sshd\[19712\]: Failed password for root from 222.186.30.31 port 53782 ssh2 Feb 6 15:25:57 h2177944 sshd\[19712\]: Failed password for root from 222.186.30.31 port 53782 ssh2 Feb 6 15:25:58 h2177944 sshd\[19712\]: Failed password for root from 222.186.30.31 port 53782 ssh2 ...	2020-02-06 22:32:33
54.36.106.204	attack	[2020-02-06 09:11:38] NOTICE[1148] chan_sip.c: Registration from '' failed for '54.36.106.204:57951' - Wrong password [2020-02-06 09:11:38] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-06T09:11:38.256-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="808",SessionID="0x7fd82c590bc8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/54.36.106.204/57951",Challenge="44fef6f4",ReceivedChallenge="44fef6f4",ReceivedHash="d1f817aeebc3bc1681803324a07cb30c" [2020-02-06 09:13:35] NOTICE[1148] chan_sip.c: Registration from '' failed for '54.36.106.204:65192' - Wrong password [2020-02-06 09:13:35] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-06T09:13:35.107-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="908",SessionID="0x7fd82c3c1c38",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/54.36.106.204/651 ...	2020-02-06 22:22:51
102.182.115.151	attackspam	1580996830 - 02/06/2020 14:47:10 Host: 102.182.115.151/102.182.115.151 Port: 445 TCP Blocked	2020-02-06 22:04:08
77.247.110.39	attackspam	[2020-02-06 09:08:43] NOTICE[1148] chan_sip.c: Registration from '"222" ' failed for '77.247.110.39:5787' - Wrong password [2020-02-06 09:08:43] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-06T09:08:43.437-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="222",SessionID="0x7fd82c2bd8a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.39/5787",Challenge="2b3ac8b0",ReceivedChallenge="2b3ac8b0",ReceivedHash="65e7bd2ffe63ed55a23d6f3deb0b2271" [2020-02-06 09:08:43] NOTICE[1148] chan_sip.c: Registration from '"222" ' failed for '77.247.110.39:5787' - Wrong password [2020-02-06 09:08:43] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-06T09:08:43.552-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="222",SessionID="0x7fd82c307128",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.1 ...	2020-02-06 22:26:29
176.113.115.252	attackbotsspam	02/06/2020-08:37:41.590159 176.113.115.252 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-06 21:45:30
43.243.129.55	attackbotsspam	Feb 6 15:08:26 plex sshd[24578]: Invalid user aae from 43.243.129.55 port 54872	2020-02-06 22:23:04
193.56.28.34	attackspam	2020-02-06 14:46:42 dovecot_login authenticator failed for \(User\) \[193.56.28.34\]: 535 Incorrect authentication data \(set_id=mateo@no-server.de\) 2020-02-06 14:46:42 dovecot_login authenticator failed for \(User\) \[193.56.28.34\]: 535 Incorrect authentication data \(set_id=mateo@no-server.de\) 2020-02-06 14:46:42 dovecot_login authenticator failed for \(User\) \[193.56.28.34\]: 535 Incorrect authentication data \(set_id=mateo@no-server.de\) 2020-02-06 14:46:42 dovecot_login authenticator failed for \(User\) \[193.56.28.34\]: 535 Incorrect authentication data \(set_id=mateo@no-server.de\) 2020-02-06 14:46:45 dovecot_login authenticator failed for \(User\) \[193.56.28.34\]: 535 Incorrect authentication data \(set_id=mateo@no-server.de\) 2020-02-06 14:46:45 dovecot_login authenticator failed for \(User\) \[193.56.28.34\]: 535 Incorrect authentication data \(set_id=mateo@no-server.de\) 2020-02-06 14:46:45 dovecot_login authenticator failed for \(User\) \[193.56.28.34\]: 535 Incorrect ...	2020-02-06 22:00:42
132.145.173.64	attackspambots	Feb 6 14:59:42 srv-ubuntu-dev3 sshd[65553]: Invalid user czk from 132.145.173.64 Feb 6 14:59:42 srv-ubuntu-dev3 sshd[65553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.173.64 Feb 6 14:59:42 srv-ubuntu-dev3 sshd[65553]: Invalid user czk from 132.145.173.64 Feb 6 14:59:44 srv-ubuntu-dev3 sshd[65553]: Failed password for invalid user czk from 132.145.173.64 port 37924 ssh2 Feb 6 15:02:50 srv-ubuntu-dev3 sshd[65798]: Invalid user gzw from 132.145.173.64 Feb 6 15:02:50 srv-ubuntu-dev3 sshd[65798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.173.64 Feb 6 15:02:50 srv-ubuntu-dev3 sshd[65798]: Invalid user gzw from 132.145.173.64 Feb 6 15:02:52 srv-ubuntu-dev3 sshd[65798]: Failed password for invalid user gzw from 132.145.173.64 port 39862 ssh2 Feb 6 15:06:11 srv-ubuntu-dev3 sshd[66105]: Invalid user kmi from 132.145.173.64 ...	2020-02-06 22:13:56
92.118.38.57	attackbots	2020-02-06 15:05:21 dovecot_login authenticator failed for \(User\) \[92.118.38.57\]: 535 Incorrect authentication data 2020-02-06 15:10:32 dovecot_login authenticator failed for \(User\) \[92.118.38.57\]: 535 Incorrect authentication data \(set_id=cezar@no-server.de\) 2020-02-06 15:10:38 dovecot_login authenticator failed for \(User\) \[92.118.38.57\]: 535 Incorrect authentication data \(set_id=cezar@no-server.de\) 2020-02-06 15:10:57 dovecot_login authenticator failed for \(User\) \[92.118.38.57\]: 535 Incorrect authentication data \(set_id=cfg@no-server.de\) 2020-02-06 15:10:58 dovecot_login authenticator failed for \(User\) \[92.118.38.57\]: 535 Incorrect authentication data \(set_id=cfg@no-server.de\) ...	2020-02-06 22:29:01
58.215.75.86	attackbotsspam	Feb 6 14:47:34 163-172-32-151 sshd[4216]: Invalid user firefly from 58.215.75.86 port 12779 ...	2020-02-06 22:04:30
191.8.162.75	attack	Automatic report - Port Scan Attack	2020-02-06 21:54:35
60.190.129.6	attack	Feb 6 13:38:15 gitlab-ci sshd\[15460\]: Invalid user video from 60.190.129.6Feb 6 13:46:10 gitlab-ci sshd\[15787\]: Invalid user test from 60.190.129.6 ...	2020-02-06 22:26:40
49.145.164.118	attack	Unauthorized connection attempt from IP address 49.145.164.118 on Port 445(SMB)	2020-02-06 22:27:10

Recently Reported IPs

212.18.150.78	82.204.213.67	14.218.147.101	14.218.146.117
14.120.130.129	14.120.128.254	1.174.2.185	153.189.236.5
222.220.52.147	121.13.66.156	5.156.225.121	47.60.188.229
196.221.142.74	139.254.243.191	222.220.29.241	197.216.176.250
245.233.123.196	93.215.181.7	134.78.69.18	232.248.110.106