42.48.104.96 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Hunan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	CN_APNIC-HM_<177>1585831207 [1:2403346:56419] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 24 [Classification: Misc Attack] [Priority: 2]: {TCP} 42.48.104.96:57414	2020-04-03 04:48:25

Comments on same subnet:

IP	Type	Details	Datetime
42.48.104.45	attackspambots	5322/tcp 4922/tcp 4722/tcp... [2019-06-12/08-12]125pkt,34pt.(tcp)	2019-08-13 03:44:49
42.48.104.45	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2019-08-01 09:23:23
42.48.104.45	attackbotsspam	" "	2019-07-27 10:56:08
42.48.104.45	attackbotsspam	1 attempts last 24 Hours	2019-07-24 22:28:32
42.48.104.45	attack	Portscan or hack attempt detected by psad/fwsnort	2019-07-16 08:33:25
42.48.104.45	attackbots	Portscan or hack attempt detected by psad/fwsnort	2019-07-06 07:09:11

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.48.104.96
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25860
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.48.104.96.			IN	A

;; AUTHORITY SECTION:
.			383	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040201 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 03 04:48:21 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 96.104.48.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 96.104.48.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.225.153.176	attackspambots	2020-09-12T00:00:25+02:00 exim[5513]: fixed_login authenticator failed for (ugklotvtbi.com) [111.225.153.176]: 535 Incorrect authentication data (set_id=debrecen@europedirect.hu)	2020-09-12 13:33:36
112.85.42.237	attackspambots	Sep 11 20:24:41 propaganda sshd[22547]: Connection from 112.85.42.237 port 54552 on 10.0.0.161 port 22 rdomain "" Sep 11 20:24:43 propaganda sshd[22547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.237 user=root Sep 11 20:24:45 propaganda sshd[22547]: Failed password for root from 112.85.42.237 port 54552 ssh2	2020-09-12 13:43:13
159.203.165.156	attackspam	TCP (SYN) 159.203.165.156:52912 -> port 21082, len 44	2020-09-12 13:28:22
218.92.0.171	attack	Sep 12 01:15:56 NPSTNNYC01T sshd[10146]: Failed password for root from 218.92.0.171 port 42525 ssh2 Sep 12 01:16:03 NPSTNNYC01T sshd[10146]: Failed password for root from 218.92.0.171 port 42525 ssh2 Sep 12 01:16:06 NPSTNNYC01T sshd[10146]: Failed password for root from 218.92.0.171 port 42525 ssh2 Sep 12 01:16:09 NPSTNNYC01T sshd[10146]: Failed password for root from 218.92.0.171 port 42525 ssh2 ...	2020-09-12 13:34:23
49.232.101.33	attack	2020-09-12T04:46:01.803748server.espacesoutien.com sshd[5355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.101.33 user=root 2020-09-12T04:46:03.228356server.espacesoutien.com sshd[5355]: Failed password for root from 49.232.101.33 port 46450 ssh2 2020-09-12T04:48:24.277816server.espacesoutien.com sshd[5508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.101.33 user=root 2020-09-12T04:48:26.333958server.espacesoutien.com sshd[5508]: Failed password for root from 49.232.101.33 port 41040 ssh2 ...	2020-09-12 13:49:10
51.68.224.53	attack	$f2bV_matches	2020-09-12 14:00:44
116.58.172.118	attackbotsspam	Invalid user ubuntu from 116.58.172.118 port 47783	2020-09-12 13:26:21
106.52.12.21	attackbotsspam	SSH brute force	2020-09-12 13:26:51
196.38.70.24	attackspambots	Sep 11 18:05:03 dignus sshd[3215]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.38.70.24 user=root Sep 11 18:05:05 dignus sshd[3215]: Failed password for root from 196.38.70.24 port 17109 ssh2 Sep 11 18:10:04 dignus sshd[3731]: Invalid user tomy from 196.38.70.24 port 28572 Sep 11 18:10:04 dignus sshd[3731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.38.70.24 Sep 11 18:10:06 dignus sshd[3731]: Failed password for invalid user tomy from 196.38.70.24 port 28572 ssh2 ...	2020-09-12 13:59:56
61.177.172.168	attack	Sep 12 07:36:28 santamaria sshd\[4366\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.168 user=root Sep 12 07:36:30 santamaria sshd\[4366\]: Failed password for root from 61.177.172.168 port 7766 ssh2 Sep 12 07:36:48 santamaria sshd\[4373\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.168 user=root ...	2020-09-12 13:41:13
200.236.123.138	attack	Automatic report - Port Scan Attack	2020-09-12 13:50:29
115.159.214.247	attackbots	2020-09-12T05:40:35.416208abusebot.cloudsearch.cf sshd[17553]: Invalid user kuaisuweb from 115.159.214.247 port 35074 2020-09-12T05:40:35.422345abusebot.cloudsearch.cf sshd[17553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.214.247 2020-09-12T05:40:35.416208abusebot.cloudsearch.cf sshd[17553]: Invalid user kuaisuweb from 115.159.214.247 port 35074 2020-09-12T05:40:37.643427abusebot.cloudsearch.cf sshd[17553]: Failed password for invalid user kuaisuweb from 115.159.214.247 port 35074 ssh2 2020-09-12T05:43:45.755113abusebot.cloudsearch.cf sshd[17573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.214.247 user=root 2020-09-12T05:43:47.725539abusebot.cloudsearch.cf sshd[17573]: Failed password for root from 115.159.214.247 port 43788 ssh2 2020-09-12T05:46:54.213568abusebot.cloudsearch.cf sshd[17589]: Invalid user sales from 115.159.214.247 port 52510 ...	2020-09-12 14:02:04
61.177.172.177	attackspambots	Sep 12 07:49:38 Ubuntu-1404-trusty-64-minimal sshd\[24269\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.177 user=root Sep 12 07:49:40 Ubuntu-1404-trusty-64-minimal sshd\[24269\]: Failed password for root from 61.177.172.177 port 36377 ssh2 Sep 12 07:50:06 Ubuntu-1404-trusty-64-minimal sshd\[24375\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.177 user=root Sep 12 07:50:07 Ubuntu-1404-trusty-64-minimal sshd\[24375\]: Failed password for root from 61.177.172.177 port 61901 ssh2 Sep 12 07:50:32 Ubuntu-1404-trusty-64-minimal sshd\[25582\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.177 user=root	2020-09-12 13:54:41
51.254.120.159	attackbotsspam	Sep 12 07:29:18 root sshd[16848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.120.159 ...	2020-09-12 13:37:25
5.188.62.14	attack	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-09-12T04:01:22Z and 2020-09-12T04:10:40Z	2020-09-12 13:30:45

Recently Reported IPs

85.76.220.106	188.9.53.170	204.149.164.24	193.70.240.199
129.104.235.213	78.43.217.241	66.26.210.141	32.234.161.254
87.95.27.169	81.216.30.197	194.126.106.77	185.176.109.98
213.60.138.124	102.185.142.223	139.165.46.179	171.58.33.165
103.113.106.7	18.198.253.28	3.208.204.93	70.215.207.12