120.4.198.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Heibei Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Automatic report - Port Scan Attack	2019-09-02 14:43:59

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.4.198.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21328
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.4.198.142.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Sep 02 14:43:52 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 142.198.4.120.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 142.198.4.120.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.253.252.8	attackspam	Honeypot attack, port: 81, PTR: static.vnpt.vn.	2020-02-27 15:15:15
156.96.58.78	attackspambots	SMTP Brute-Force	2020-02-27 15:20:47
54.200.182.16	attack	02/27/2020-08:14:32.051381 54.200.182.16 Protocol: 6 SURICATA TLS invalid record/traffic	2020-02-27 15:21:21
91.230.153.121	attackspam	Feb 27 08:00:18 debian-2gb-nbg1-2 kernel: \[5046012.438220\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=91.230.153.121 DST=195.201.40.59 LEN=40 TOS=0x10 PREC=0x60 TTL=245 ID=42702 PROTO=TCP SPT=55779 DPT=53008 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-27 15:12:38
139.99.40.27	attackbots	Feb 27 07:04:02 localhost sshd\[31654\]: Invalid user sport from 139.99.40.27 port 59580 Feb 27 07:04:02 localhost sshd\[31654\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.40.27 Feb 27 07:04:03 localhost sshd\[31654\]: Failed password for invalid user sport from 139.99.40.27 port 59580 ssh2 Feb 27 07:13:42 localhost sshd\[31890\]: Invalid user butter from 139.99.40.27 port 36794 Feb 27 07:13:42 localhost sshd\[31890\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.40.27 ...	2020-02-27 15:39:45
115.74.199.239	attack	Honeypot attack, port: 445, PTR: adsl.viettel.vn.	2020-02-27 15:21:09
120.71.145.166	attackspam	Feb 27 12:34:50 gw1 sshd[6847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.71.145.166 Feb 27 12:34:52 gw1 sshd[6847]: Failed password for invalid user debian from 120.71.145.166 port 51433 ssh2 ...	2020-02-27 15:35:25
138.197.180.102	attack	Feb 26 20:07:14 tdfoods sshd\[32140\]: Invalid user e from 138.197.180.102 Feb 26 20:07:14 tdfoods sshd\[32140\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.102 Feb 26 20:07:17 tdfoods sshd\[32140\]: Failed password for invalid user e from 138.197.180.102 port 46426 ssh2 Feb 26 20:15:42 tdfoods sshd\[353\]: Invalid user em from 138.197.180.102 Feb 26 20:15:42 tdfoods sshd\[353\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.102	2020-02-27 15:06:32
176.223.81.220	attack	kp-sea2-01 recorded 2 login violations from 176.223.81.220 and was blocked at 2020-02-27 05:47:31. 176.223.81.220 has been blocked on 0 previous occasions. 176.223.81.220's first attempt was recorded at 2020-02-27 05:47:31	2020-02-27 15:19:50
148.70.33.136	attackspam	Automatic report - Banned IP Access	2020-02-27 15:47:51
185.143.223.168	attack	Feb 27 08:01:14 grey postfix/smtpd\[8239\]: NOQUEUE: reject: RCPT from unknown\[185.143.223.168\]: 554 5.7.1 Service unavailable\; Client host \[185.143.223.168\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[185.143.223.168\]\; from=\ to=\ proto=ESMTP helo=\<\[185.143.223.170\]\> ...	2020-02-27 15:41:52
123.20.124.163	attackbotsspam	unauthorized connection attempt	2020-02-27 15:26:32
222.186.169.192	attackbots	Feb 27 08:15:22 domagoj sshd\[12114\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.169.192 user=root Feb 27 08:15:24 domagoj sshd\[12114\]: Failed password for root from 222.186.169.192 port 59942 ssh2 Feb 27 08:15:41 domagoj sshd\[12116\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.169.192 user=root Feb 27 08:15:43 domagoj sshd\[12116\]: Failed password for root from 222.186.169.192 port 10400 ssh2	2020-02-27 15:16:13
185.153.199.83	attackbotsspam	Tried sshing with brute force.	2020-02-27 15:44:56
96.73.111.201	attackbotsspam	Honeypot attack, port: 81, PTR: 96-73-111-201-static.hfc.comcastbusiness.net.	2020-02-27 15:37:30

Recently Reported IPs

71.6.233.82	214.213.255.19	95.105.252.74	86.9.197.251
123.158.49.153	61.246.114.154	144.220.87.236	221.213.75.249
143.117.197.93	4.71.67.28	101.249.56.148	2401:c080:1000:4191:5400:2ff:fe38:2109
1.80.0.166	110.167.92.12	240e:58:2:200:100::c9	110.167.89.159
110.78.80.78	240e:58:2:200:100::ed	221.11.4.155	173.232.191.181