42.4.251.20 - IPInfo

Basic Info

City: unknown

Region: Liaoning

Country: China

Internet Service Provider: Unicom Liaoning Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	DATE:2020-02-02 16:06:54, IP:42.4.251.20, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-02-03 04:53:27

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.4.251.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53561
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.4.251.20.			IN	A

;; AUTHORITY SECTION:
.			399	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020201 1800 900 604800 86400

;; Query time: 68 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 03 04:53:24 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 20.251.4.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.251.4.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.35.27.97	attackspambots	Invalid user lko from 112.35.27.97 port 58926	2020-08-26 01:45:02
62.234.145.195	attackbots	Aug 25 16:11:19 v22019038103785759 sshd\[30007\]: Invalid user sac from 62.234.145.195 port 32790 Aug 25 16:11:19 v22019038103785759 sshd\[30007\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.145.195 Aug 25 16:11:22 v22019038103785759 sshd\[30007\]: Failed password for invalid user sac from 62.234.145.195 port 32790 ssh2 Aug 25 16:16:52 v22019038103785759 sshd\[30542\]: Invalid user ebd from 62.234.145.195 port 60814 Aug 25 16:16:52 v22019038103785759 sshd\[30542\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.145.195 ...	2020-08-26 01:54:55
93.146.237.163	attackspam	Aug 25 19:36:59 vm1 sshd[21315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.146.237.163 Aug 25 19:37:00 vm1 sshd[21315]: Failed password for invalid user deploy from 93.146.237.163 port 60430 ssh2 ...	2020-08-26 01:52:16
110.165.40.168	attack	Aug 25 17:23:22 ns3033917 sshd[14427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.165.40.168 Aug 25 17:23:22 ns3033917 sshd[14427]: Invalid user ronald from 110.165.40.168 port 40098 Aug 25 17:23:24 ns3033917 sshd[14427]: Failed password for invalid user ronald from 110.165.40.168 port 40098 ssh2 ...	2020-08-26 01:47:25
58.16.145.208	attackspam	failed root login	2020-08-26 01:55:38
117.247.226.29	attackbotsspam	IP blocked	2020-08-26 01:43:31
179.157.2.75	attackbots	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-26 01:34:32
51.68.227.98	attackbotsspam	Aug 25 23:20:20 NG-HHDC-SVS-001 sshd[21275]: Invalid user zmh from 51.68.227.98 ...	2020-08-26 01:24:21
118.97.23.26	attackspambots	Aug 25 19:41:16 haigwepa sshd[16095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.97.23.26 Aug 25 19:41:18 haigwepa sshd[16095]: Failed password for invalid user pha from 118.97.23.26 port 33309 ssh2 ...	2020-08-26 01:43:05
119.45.137.244	attackspambots	Aug 25 15:27:33 root sshd[22887]: Invalid user zsy from 119.45.137.244 ...	2020-08-26 01:42:20
184.67.105.182	attackbots	SSH break in attempt ...	2020-08-26 01:32:55
167.99.155.36	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 22689 resulting in total of 3 scans from 167.99.0.0/16 block.	2020-08-26 01:36:58
167.71.224.234	attackbotsspam	2020-08-25T17:14:35.102871shield sshd\[16870\]: Invalid user terrariaserver from 167.71.224.234 port 48668 2020-08-25T17:14:35.112304shield sshd\[16870\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.224.234 2020-08-25T17:14:36.907071shield sshd\[16870\]: Failed password for invalid user terrariaserver from 167.71.224.234 port 48668 ssh2 2020-08-25T17:16:55.472534shield sshd\[17335\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.224.234 user=root 2020-08-25T17:16:57.821929shield sshd\[17335\]: Failed password for root from 167.71.224.234 port 51286 ssh2	2020-08-26 01:37:14
34.92.228.170	attack	Invalid user coracaobobo from 34.92.228.170 port 43396	2020-08-26 01:59:07
68.183.193.148	attackbots	Invalid user bnc from 68.183.193.148 port 32828	2020-08-26 01:54:28

Recently Reported IPs

31.52.160.236	96.30.254.242	177.79.86.28	185.227.6.108
159.158.79.217	141.101.15.130	175.32.235.180	37.49.226.108
185.185.31.36	37.49.226.5	44.203.39.144	107.121.96.108
151.45.222.128	72.78.59.183	183.141.180.128	82.79.140.105
162.186.189.151	191.163.116.131	82.168.254.33	99.196.15.121