42.51.133.29 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Henan Telcom Union Technology Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Dec 23 03:07:30 webhost01 sshd[21719]: Failed password for root from 42.51.133.29 port 38920 ssh2 ...	2019-12-23 04:14:34
attack	Dec 10 04:06:59 mailserver sshd[6868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.133.29 user=r.r Dec 10 04:07:01 mailserver sshd[6868]: Failed password for r.r from 42.51.133.29 port 35671 ssh2 Dec 10 04:07:01 mailserver sshd[6868]: Received disconnect from 42.51.133.29 port 35671:11: Bye Bye [preauth] Dec 10 04:07:01 mailserver sshd[6868]: Disconnected from 42.51.133.29 port 35671 [preauth] Dec 10 04:29:59 mailserver sshd[8981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.133.29 user=r.r Dec 10 04:30:01 mailserver sshd[8981]: Failed password for r.r from 42.51.133.29 port 44008 ssh2 Dec 10 04:30:01 mailserver sshd[8981]: Received disconnect from 42.51.133.29 port 44008:11: Bye Bye [preauth] Dec 10 04:30:01 mailserver sshd[8981]: Disconnected from 42.51.133.29 port 44008 [preauth] Dec 10 04:35:55 mailserver sshd[9430]: Invalid user brace from 42.51.133.29 Dec 10 04:35........ -------------------------------	2019-12-10 16:00:12

Type

Details

Datetime

attack

Dec 23 03:07:30 webhost01 sshd[21719]: Failed password for root from 42.51.133.29 port 38920 ssh2
...

2019-12-23 04:14:34

attack

Dec 10 04:06:59 mailserver sshd[6868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.133.29  user=r.r
Dec 10 04:07:01 mailserver sshd[6868]: Failed password for r.r from 42.51.133.29 port 35671 ssh2
Dec 10 04:07:01 mailserver sshd[6868]: Received disconnect from 42.51.133.29 port 35671:11: Bye Bye [preauth]
Dec 10 04:07:01 mailserver sshd[6868]: Disconnected from 42.51.133.29 port 35671 [preauth]
Dec 10 04:29:59 mailserver sshd[8981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.133.29  user=r.r
Dec 10 04:30:01 mailserver sshd[8981]: Failed password for r.r from 42.51.133.29 port 44008 ssh2
Dec 10 04:30:01 mailserver sshd[8981]: Received disconnect from 42.51.133.29 port 44008:11: Bye Bye [preauth]
Dec 10 04:30:01 mailserver sshd[8981]: Disconnected from 42.51.133.29 port 44008 [preauth]
Dec 10 04:35:55 mailserver sshd[9430]: Invalid user brace from 42.51.133.29
Dec 10 04:35........
-------------------------------

2019-12-10 16:00:12

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.51.133.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12189
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.51.133.29.			IN	A

;; AUTHORITY SECTION:
.			458	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121000 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 10 16:00:09 CST 2019
;; MSG SIZE  rcvd: 116

Host info

29.133.51.42.in-addr.arpa domain name pointer idc.ly.ha.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
29.133.51.42.in-addr.arpa	name = idc.ly.ha.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
79.137.79.167	attack	Aug 16 15:45:55 lcl-usvr-02 sshd[12126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.79.167 user=root Aug 16 15:45:56 lcl-usvr-02 sshd[12126]: Failed password for root from 79.137.79.167 port 53746 ssh2 Aug 16 15:45:59 lcl-usvr-02 sshd[12126]: Failed password for root from 79.137.79.167 port 53746 ssh2 Aug 16 15:45:55 lcl-usvr-02 sshd[12126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.79.167 user=root Aug 16 15:45:56 lcl-usvr-02 sshd[12126]: Failed password for root from 79.137.79.167 port 53746 ssh2 Aug 16 15:45:59 lcl-usvr-02 sshd[12126]: Failed password for root from 79.137.79.167 port 53746 ssh2 Aug 16 15:45:55 lcl-usvr-02 sshd[12126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.79.167 user=root Aug 16 15:45:56 lcl-usvr-02 sshd[12126]: Failed password for root from 79.137.79.167 port 53746 ssh2 Aug 16 15:45:59 lcl-usvr-02 sshd[12126]: Failed password	2019-08-16 17:07:55
188.166.165.100	attackspam	Automatic report - Banned IP Access	2019-08-16 17:03:31
107.173.254.200	attackbotsspam	16.08.2019 05:20:10 Recursive DNS scan	2019-08-16 17:47:47
142.93.49.103	attack	2019-08-16T10:09:42.4865631240 sshd\[20102\]: Invalid user qin from 142.93.49.103 port 53262 2019-08-16T10:09:42.4911111240 sshd\[20102\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.49.103 2019-08-16T10:09:45.0737651240 sshd\[20102\]: Failed password for invalid user qin from 142.93.49.103 port 53262 ssh2 ...	2019-08-16 17:05:54
111.35.160.215	attackspam	port scan and connect, tcp 23 (telnet)	2019-08-16 16:55:26
80.211.221.137	attack	\[2019-08-16 08:45:08\] NOTICE\[23191\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '"601" \' failed for '80.211.221.137:5439' $callid: 886638000$ - Failed to authenticate \[2019-08-16 08:45:08\] SECURITY\[1715\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-08-16T08:45:08.978+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="\",SessionID="886638000",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/80.211.221.137/5439",Challenge="1565937908/b5c255e169892ea5c27fec7d46fda0ba",Response="05491e2e473f03265e3b7862f952ad8b",ExpectedResponse="" \[2019-08-16 08:45:09\] NOTICE\[29653\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '"601" \' failed for '80.211.221.137:5439' $callid: 886638000$ - Failed to authenticate \[2019-08-16 08:45:09\] SECURITY\[1715\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-08-16T08:45:09.027+0200",Severi	2019-08-16 17:06:49
122.152.210.200	attackspam	k+ssh-bruteforce	2019-08-16 16:54:57
27.205.18.11	attackbots	52869/tcp [2019-08-16]1pkt	2019-08-16 16:53:11
121.7.127.92	attack	Aug 15 20:37:38 wbs sshd\[31072\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=bb121-7-127-92.singnet.com.sg user=root Aug 15 20:37:40 wbs sshd\[31072\]: Failed password for root from 121.7.127.92 port 53737 ssh2 Aug 15 20:43:19 wbs sshd\[31814\]: Invalid user samuel from 121.7.127.92 Aug 15 20:43:19 wbs sshd\[31814\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=bb121-7-127-92.singnet.com.sg Aug 15 20:43:20 wbs sshd\[31814\]: Failed password for invalid user samuel from 121.7.127.92 port 48998 ssh2	2019-08-16 17:23:47
118.71.145.139	attack	445/tcp [2019-08-16]1pkt	2019-08-16 17:09:16
217.182.77.186	attackspam	Aug 16 07:16:24 SilenceServices sshd[12708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.77.186 Aug 16 07:16:26 SilenceServices sshd[12708]: Failed password for invalid user cwalker from 217.182.77.186 port 41568 ssh2 Aug 16 07:20:49 SilenceServices sshd[15960]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.77.186	2019-08-16 16:59:15
150.136.193.165	attack	Invalid user tarmo from 150.136.193.165 port 62310	2019-08-16 17:23:20
201.211.137.197	attack	445/tcp [2019-08-16]1pkt	2019-08-16 16:46:39
165.22.7.99	attack	Aug 16 09:31:25 mail sshd[25078]: Invalid user admin from 165.22.7.99 Aug 16 09:31:25 mail sshd[25078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.7.99 Aug 16 09:31:25 mail sshd[25078]: Invalid user admin from 165.22.7.99 Aug 16 09:31:27 mail sshd[25078]: Failed password for invalid user admin from 165.22.7.99 port 40298 ssh2 Aug 16 09:39:45 mail sshd[26063]: Invalid user esadmin from 165.22.7.99 ...	2019-08-16 16:45:24
218.92.0.160	attackbotsspam	$f2bV_matches	2019-08-16 17:39:01

Recently Reported IPs

82.20.204.21	90.68.91.17	50.105.122.16	115.223.18.75
197.13.10.23	45.58.54.34	135.79.71.29	252.61.203.61
122.51.112.109	132.15.103.134	134.175.11.179	138.207.146.246
45.224.105.135	11.186.96.235	125.74.27.31	219.139.154.29
129.204.105.244	140.143.207.171	62.210.232.250	180.247.234.3