42.55.151.92 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.55.151.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10949
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.55.151.92.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025022001 1800 900 604800 86400

;; Query time: 10 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 21 02:15:00 CST 2025
;; MSG SIZE  rcvd: 105

Host info

Host 92.151.55.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 92.151.55.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.247.109.30	attack	Portscan or hack attempt detected by psad/fwsnort	2019-06-29 01:25:26
141.8.132.35	attack	[Thu Jun 27 12:25:38.565576 2019] [:error] [pid 26865:tid 140527362074368] [client 141.8.132.35:59414] [client 141.8.132.35] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.1.1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "792"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.1.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XRRTUhlQuTljWBroxg@h6QAAAAk"] ...	2019-06-29 01:27:10
91.206.15.85	attackspam	Port scan on 8 port(s): 2677 2710 2732 2812 2953 3143 3319 3324	2019-06-29 01:56:35
173.225.99.250	attackspambots	SMTP connections (rejected by our exim4 rDNS rule) persistent every 5 seconds	2019-06-29 01:10:13
202.150.142.38	attack	2019-06-28T17:25:53.833984abusebot-8.cloudsearch.cf sshd\[29457\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host38.subnet142.comnet.net.id user=root	2019-06-29 02:06:11
49.206.224.31	attackspambots	SSH Brute-Force reported by Fail2Ban	2019-06-29 01:38:30
218.95.153.90	attackspambots	'IP reached maximum auth failures for a one day block'	2019-06-29 01:33:45
92.118.161.53	attack	firewall-block, port(s): 8531/tcp	2019-06-29 01:15:27
118.210.181.106	attackspambots	Brute force SMTP login attempts.	2019-06-29 01:09:43
222.72.138.208	attackbots	Jun 24 23:18:44 sanyalnet-cloud-vps4 sshd[17523]: Connection from 222.72.138.208 port 61735 on 64.137.160.124 port 22 Jun 24 23:18:46 sanyalnet-cloud-vps4 sshd[17523]: Invalid user testuser from 222.72.138.208 Jun 24 23:18:46 sanyalnet-cloud-vps4 sshd[17523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.72.138.208 Jun 24 23:18:48 sanyalnet-cloud-vps4 sshd[17523]: Failed password for invalid user testuser from 222.72.138.208 port 61735 ssh2 Jun 24 23:18:48 sanyalnet-cloud-vps4 sshd[17523]: Received disconnect from 222.72.138.208: 11: Bye Bye [preauth] Jun 24 23:20:59 sanyalnet-cloud-vps4 sshd[17595]: Connection from 222.72.138.208 port 3117 on 64.137.160.124 port 22 Jun 24 23:21:01 sanyalnet-cloud-vps4 sshd[17595]: Invalid user alex from 222.72.138.208 Jun 24 23:21:01 sanyalnet-cloud-vps4 sshd[17595]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.72.138.208 ........ ----------------------------------------------- h	2019-06-29 01:19:35
206.189.132.204	attackbotsspam	Jun 28 16:22:57 XXX sshd[58024]: Invalid user oracle4 from 206.189.132.204 port 50612	2019-06-29 01:37:59
198.108.66.80	attackbots	[Thu Jun 27 11:06:15.528008 2019] [:error] [pid 25225:tid 140579438585600] [client 198.108.66.80:58942] [client 198.108.66.80] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.1.1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "792"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.1.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XRRAt-VRDWRc23Tf8fMciAAAAAY"] ...	2019-06-29 01:20:35
91.121.110.50	attack	$f2bV_matches	2019-06-29 01:47:17
37.208.66.215	attackspambots	[portscan] Port scan	2019-06-29 01:39:51
187.20.134.136	attack	ssh default account attempted login	2019-06-29 01:46:57

Recently Reported IPs

180.87.187.96	220.13.144.220	187.12.59.70	197.40.107.101
80.218.86.167	239.147.214.80	153.167.136.114	215.32.146.125
90.100.232.102	214.36.39.144	79.150.69.64	139.72.12.1
218.254.167.235	151.195.95.103	16.33.97.70	177.87.33.185
165.18.132.16	247.209.58.136	55.215.234.74	223.174.255.66