169.197.108.42

Basic Info

City: Amsterdam

Region: North Holland

Country: Netherlands

Internet Service Provider: Zenlayer Inc

Hostname: unknown

Organization: Zenlayer Inc

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt detected from IP address 169.197.108.42 to port 80	2020-03-23 12:49:54
attackspambots	Unauthorized connection attempt detected from IP address 169.197.108.42 to port 6443	2020-03-17 20:32:18
attackspambots	Unauthorized connection attempt detected from IP address 169.197.108.42	2020-03-14 02:37:03
attack	Unauthorized connection attempt detected from IP address 169.197.108.42	2020-02-20 04:02:04
attackbotsspam	404 NOT FOUND	2020-02-13 06:56:57
attackspambots	W 31101,/var/log/nginx/access.log,-,-	2020-02-08 10:26:08
attackspam	Unauthorized connection attempt detected from IP address 169.197.108.42 to port 993 [J]	2020-02-01 17:48:35
attackspambots	Unauthorized connection attempt detected from IP address 169.197.108.42 to port 21	2019-12-29 18:21:45
attackbots	Unauthorized connection attempt detected from IP address 169.197.108.42 to port 8090	2019-12-29 03:21:42
attackspambots	scan z	2019-11-20 05:51:51
attackspambots	Honeypot hit.	2019-10-30 04:29:50
attackbots	Microsoft Windows HTTP.sys Remote Code Execution Vulnerability, PTR: survey.internet-census.org.	2019-10-11 20:16:13
attackspam	Microsoft Windows HTTP.sys Remote Code Execution Vulnerability, PTR: survey.internet-census.org.	2019-09-21 08:43:41
attackspambots	Caught in portsentry honeypot	2019-09-06 00:59:13
attackbots	none	2019-08-10 11:50:42

Comments on same subnet:

IP	Type	Details	Datetime
169.197.108.38	attackbotsspam	8081/tcp 8080/tcp 993/tcp... [2020-02-11/04-12]17pkt,9pt.(tcp)	2020-04-12 18:48:26
169.197.108.205	attack	" "	2020-04-12 14:28:30
169.197.108.163	attackspam	Port 443 (HTTPS) access denied	2020-04-10 16:40:39
169.197.108.30	attackspam	Unauthorized connection attempt detected from IP address 169.197.108.30 to port 80	2020-04-10 04:56:50
169.197.108.196	attackspam	trying to access non-authorized port	2020-04-03 16:19:31
169.197.108.198	attack	Attempted connection to port 8080.	2020-03-31 16:21:22
169.197.108.162	attack	Attempted connection to port 8181.	2020-03-30 21:52:26
169.197.108.188	attackbotsspam	8081/tcp 8090/tcp 8088/tcp... [2020-02-01/03-27]13pkt,8pt.(tcp)	2020-03-29 07:04:59
169.197.108.203	attackbotsspam	Port 80 (HTTP) access denied	2020-03-25 19:39:59
169.197.108.6	attack	port scan and connect, tcp 443 (https)	2020-03-20 02:51:45
169.197.108.38	attackspam	Unauthorized connection attempt detected from IP address 169.197.108.38 to port 143	2020-03-17 22:37:18
169.197.108.205	attack	firewall-block, port(s): 8088/tcp	2020-03-12 16:54:55
169.197.108.196	attackbotsspam	" "	2020-03-11 23:01:04
169.197.108.190	attackbots	03/08/2020-23:49:58.879838 169.197.108.190 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-03-09 15:43:51
169.197.108.6	attack	port scan and connect, tcp 143 (imap)	2020-03-04 04:31:57

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 169.197.108.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34477
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;169.197.108.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 09 03:43:44 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 42.108.197.169.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.3, trying next server
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 42.108.197.169.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.247.108.150	attackspam	\[2019-07-19 21:54:21\] NOTICE\[20804\] chan_sip.c: Registration from '"205" \' failed for '77.247.108.150:5698' - Wrong password \[2019-07-19 21:54:21\] SECURITY\[20812\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-19T21:54:21.507-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="205",SessionID="0x7f06f804c2c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.108.150/5698",Challenge="303ea015",ReceivedChallenge="303ea015",ReceivedHash="5574b21e1180cee7483e35a21dadbf0b" \[2019-07-19 21:54:21\] NOTICE\[20804\] chan_sip.c: Registration from '"205" \' failed for '77.247.108.150:5698' - Wrong password \[2019-07-19 21:54:21\] SECURITY\[20812\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-19T21:54:21.638-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="205",SessionID="0x7f06f88cc728",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/U	2019-07-20 14:53:04
211.24.79.26	attack	Jul 20 07:44:28 mail sshd\[25607\]: Failed password for root from 211.24.79.26 port 57766 ssh2 Jul 20 08:01:19 mail sshd\[25806\]: Invalid user shirley from 211.24.79.26 port 43066 Jul 20 08:01:19 mail sshd\[25806\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.24.79.26 ...	2019-07-20 15:06:22
183.17.230.120	attackspam	SMB Server BruteForce Attack	2019-07-20 14:35:41
190.67.116.12	attackspam	Jul 20 03:29:27 ns37 sshd[23210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.67.116.12	2019-07-20 14:35:00
85.163.230.163	attackspambots	Jul 20 07:53:44 s64-1 sshd[11948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.163.230.163 Jul 20 07:53:46 s64-1 sshd[11948]: Failed password for invalid user isaque from 85.163.230.163 port 53201 ssh2 Jul 20 07:58:34 s64-1 sshd[11983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.163.230.163 ...	2019-07-20 14:14:21
92.177.197.60	attackspambots	Invalid user paul from 92.177.197.60 port 40087	2019-07-20 14:32:07
130.61.94.211	attackspam	MagicSpam Rule: valid_helo_domain; Spammer IP: 130.61.94.211	2019-07-20 14:13:32
61.41.159.29	attackbots	Jul 20 07:20:00 icinga sshd[8310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.41.159.29 Jul 20 07:20:01 icinga sshd[8310]: Failed password for invalid user text from 61.41.159.29 port 47026 ssh2 ...	2019-07-20 14:44:22
78.36.97.186	attackspam	Jul 20 04:30:37 srv-4 sshd\[22178\]: Invalid user admin from 78.36.97.186 Jul 20 04:30:37 srv-4 sshd\[22178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.36.97.186 Jul 20 04:30:39 srv-4 sshd\[22178\]: Failed password for invalid user admin from 78.36.97.186 port 54815 ssh2 ...	2019-07-20 14:17:37
87.98.147.104	attack	Jul 20 08:23:54 localhost sshd\[554\]: Invalid user administrador from 87.98.147.104 port 40524 Jul 20 08:23:54 localhost sshd\[554\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.98.147.104 Jul 20 08:23:57 localhost sshd\[554\]: Failed password for invalid user administrador from 87.98.147.104 port 40524 ssh2	2019-07-20 14:29:50
85.209.0.115	attackbots	Port scan on 3 port(s): 11865 22902 58544	2019-07-20 14:42:00
14.225.3.37	attack	" "	2019-07-20 14:45:11
51.255.168.30	attack	Jul 20 08:51:09 meumeu sshd[12435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.168.30 Jul 20 08:51:11 meumeu sshd[12435]: Failed password for invalid user ranger from 51.255.168.30 port 33716 ssh2 Jul 20 08:55:48 meumeu sshd[13161]: Failed password for root from 51.255.168.30 port 60956 ssh2 ...	2019-07-20 15:01:03
157.230.30.23	attackbotsspam	Jul 20 07:45:39 icinga sshd[10801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.30.23 Jul 20 07:45:41 icinga sshd[10801]: Failed password for invalid user denny from 157.230.30.23 port 51464 ssh2 ...	2019-07-20 14:37:36
180.183.49.101	attackspam	blacklist username guest Invalid user guest from 180.183.49.101 port 53950	2019-07-20 14:35:59

Recently Reported IPs

183.88.235.31	68.183.114.2	49.247.131.11	157.92.26.222
193.35.154.239	212.2.204.181	107.179.229.2	94.177.224.72
180.125.175.139	149.129.214.140	219.92.175.60	103.243.143.140
159.203.116.103	178.128.62.134	35.189.169.188	5.9.140.71
47.88.213.154	185.176.26.13	210.245.51.2	193.70.35.223