42.51.195.204 - IPInfo

Basic Info

City: unknown

Region: Henan

Country: China

Internet Service Provider: Henan Telcom Union Technology Co. Ltd

Hostname: unknown

Organization: Zhengzhou Fastidc Technology Co.,Ltd.

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	postfix-failedauth jail [dl]	2019-08-04 03:06:06

Comments on same subnet:

IP	Type	Details	Datetime
42.51.195.216	attackspambots	DATE:2020-03-19 22:52:12, IP:42.51.195.216, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-03-20 07:52:28
42.51.195.216	attack	DATE:2020-02-28 14:28:25, IP:42.51.195.216, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-02-29 03:02:16
42.51.195.205	attackbots	account brute force by foreign IP	2019-08-06 11:18:44
42.51.195.155	attackspambots	Unauthorised access (Aug 4) SRC=42.51.195.155 LEN=40 TTL=110 ID=256 TCP DPT=3306 WINDOW=16384 SYN	2019-08-04 23:52:11
42.51.195.155	attackspambots	:	2019-07-26 20:20:31
42.51.195.155	attack	CloudCIX Reconnaissance Scan Detected, PTR: idc.ly.ha.	2019-07-26 15:10:37
42.51.195.214	attackbots	SASL broute force	2019-07-22 11:29:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.51.195.204
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21052
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.51.195.204.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080300 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Aug 04 03:05:59 CST 2019
;; MSG SIZE  rcvd: 117

Host info

204.195.51.42.in-addr.arpa domain name pointer idc.ly.ha.

Nslookup info:

Server:		183.60.82.98
Address:	183.60.82.98#53

Non-authoritative answer:
*** Can't find 204.195.51.42.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.233.30.96	attackbots	$f2bV_matches	2020-09-27 21:24:41
91.237.239.108	attackbots	Sep 27 01:14:35 mail.srvfarm.net postfix/smtpd[831038]: warning: unknown[91.237.239.108]: SASL PLAIN authentication failed: Sep 27 01:14:35 mail.srvfarm.net postfix/smtpd[831038]: lost connection after AUTH from unknown[91.237.239.108] Sep 27 01:17:30 mail.srvfarm.net postfix/smtpd[831041]: warning: unknown[91.237.239.108]: SASL PLAIN authentication failed: Sep 27 01:17:30 mail.srvfarm.net postfix/smtpd[831041]: lost connection after AUTH from unknown[91.237.239.108] Sep 27 01:17:45 mail.srvfarm.net postfix/smtps/smtpd[817424]: warning: unknown[91.237.239.108]: SASL PLAIN authentication failed:	2020-09-27 21:19:50
20.43.56.138	attack	Invalid user 222 from 20.43.56.138 port 31433	2020-09-27 21:18:15
180.76.96.55	attackbotsspam	$f2bV_matches	2020-09-27 21:26:43
112.85.42.181	attack	Sep 27 15:11:04 vpn01 sshd[15931]: Failed password for root from 112.85.42.181 port 54987 ssh2 Sep 27 15:11:18 vpn01 sshd[15931]: Failed password for root from 112.85.42.181 port 54987 ssh2 Sep 27 15:11:18 vpn01 sshd[15931]: error: maximum authentication attempts exceeded for root from 112.85.42.181 port 54987 ssh2 [preauth] ...	2020-09-27 21:15:10
157.245.108.35	attackbots	Sep 27 09:03:55 hell sshd[16995]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.108.35 Sep 27 09:03:57 hell sshd[16995]: Failed password for invalid user user from 157.245.108.35 port 36802 ssh2 ...	2020-09-27 21:18:34
218.87.149.136	attack	TCP (SYN) 218.87.149.136:50229 -> port 1433, len 40	2020-09-27 20:58:26
111.161.41.156	attackspam	2020-09-27T14:07:54+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-09-27 20:53:46
104.206.128.42	attackspam	5900/tcp 23/tcp 5060/tcp... [2020-07-29/09-26]40pkt,8pt.(tcp),1pt.(udp)	2020-09-27 21:17:02
121.10.139.68	attackbots	firewall-block, port(s): 16218/tcp	2020-09-27 21:16:46
111.53.120.12	attackspam	Port Scan ...	2020-09-27 21:23:07
138.255.148.35	attack	Ssh brute force	2020-09-27 20:57:39
129.56.23.25	attackbots		2020-09-27 21:03:04
91.214.114.7	attackspam	leo_www	2020-09-27 21:05:30
106.12.87.83	attackspam	" "	2020-09-27 21:09:13

Recently Reported IPs

57.59.194.102	39.168.2.163	36.110.54.185	121.96.19.54
162.214.233.149	219.142.159.171	208.8.133.48	203.187.33.50
52.129.92.216	92.37.236.236	24.183.98.111	159.89.32.86
181.77.240.111	150.182.16.4	44.47.201.156	182.159.18.85
15.235.11.105	207.86.96.189	85.120.252.8	101.187.39.74