42.113.204.248

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: FPT Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 31-03-2020 04:55:20.	2020-03-31 12:38:22

Comments on same subnet:

IP	Type	Details	Datetime
42.113.204.121	attackbots	Host Scan	2020-07-24 17:27:41
42.113.204.176	attack	Attempted connection to port 445.	2020-06-01 19:52:38
42.113.204.196	attackspambots	20/4/18@23:55:34: FAIL: Alarm-Intrusion address from=42.113.204.196 ...	2020-04-19 13:21:03
42.113.204.247	attack	Unauthorized connection attempt detected from IP address 42.113.204.247 to port 445 [T]	2020-03-25 00:12:17
42.113.204.27	attackspambots	Mar 5 14:31:15 [munged] sshd[24203]: Failed password for root from 42.113.204.27 port 45688 ssh2	2020-03-06 05:58:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.113.204.248
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20526
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.113.204.248.			IN	A

;; AUTHORITY SECTION:
.			388	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020033001 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 31 12:38:15 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 248.204.113.42.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 248.204.113.42.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
122.228.19.79	attackspam	12/10/2019-14:57:12.531342 122.228.19.79 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-12-10 22:14:33
219.129.32.1	attackspambots	Dec 10 12:35:43 km20725 sshd\[16831\]: Invalid user demetrios from 219.129.32.1Dec 10 12:35:45 km20725 sshd\[16831\]: Failed password for invalid user demetrios from 219.129.32.1 port 62182 ssh2Dec 10 12:42:44 km20725 sshd\[17415\]: Invalid user ftp from 219.129.32.1Dec 10 12:42:45 km20725 sshd\[17415\]: Failed password for invalid user ftp from 219.129.32.1 port 9302 ssh2 ...	2019-12-10 22:13:19
139.219.14.12	attack	Dec 10 12:51:05 server sshd\[27600\]: Invalid user schnur from 139.219.14.12 Dec 10 12:51:05 server sshd\[27600\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.14.12 Dec 10 12:51:07 server sshd\[27600\]: Failed password for invalid user schnur from 139.219.14.12 port 41286 ssh2 Dec 10 13:22:45 server sshd\[4359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.219.14.12 user=mysql Dec 10 13:22:47 server sshd\[4359\]: Failed password for mysql from 139.219.14.12 port 38148 ssh2 ...	2019-12-10 22:12:20
128.199.143.89	attackbotsspam	2019-12-10T13:25:24.910482abusebot-4.cloudsearch.cf sshd\[8245\]: Invalid user bourns from 128.199.143.89 port 45848	2019-12-10 21:55:53
202.84.45.250	attack	2019-12-10T06:58:57.817040abusebot-2.cloudsearch.cf sshd\[18119\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.84.45.250 user=nobody	2019-12-10 21:48:11
197.82.202.98	attackbots	Dec 9 15:19:44 hostnameis sshd[6441]: reveeclipse mapping checking getaddrinfo for 197-82-202-98.dsl.mweb.co.za [197.82.202.98] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 9 15:19:44 hostnameis sshd[6441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.82.202.98 user=r.r Dec 9 15:19:46 hostnameis sshd[6441]: Failed password for r.r from 197.82.202.98 port 33920 ssh2 Dec 9 15:19:46 hostnameis sshd[6441]: Received disconnect from 197.82.202.98: 11: Bye Bye [preauth] Dec 9 15:34:06 hostnameis sshd[6617]: reveeclipse mapping checking getaddrinfo for 197-82-202-98.dsl.mweb.co.za [197.82.202.98] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 9 15:34:06 hostnameis sshd[6617]: Invalid user home from 197.82.202.98 Dec 9 15:34:06 hostnameis sshd[6617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.82.202.98 Dec 9 15:34:08 hostnameis sshd[6617]: Failed password for invalid user home from 197.8........ ------------------------------	2019-12-10 22:17:21
182.46.101.203	attackbotsspam	Dec 10 01:24:55 web1 postfix/smtpd[3384]: warning: unknown[182.46.101.203]: SASL LOGIN authentication failed: authentication failure ...	2019-12-10 22:11:42
188.254.0.226	attackbotsspam	Dec 10 04:04:14 wbs sshd\[31539\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.226 user=root Dec 10 04:04:16 wbs sshd\[31539\]: Failed password for root from 188.254.0.226 port 39726 ssh2 Dec 10 04:10:12 wbs sshd\[32231\]: Invalid user test from 188.254.0.226 Dec 10 04:10:12 wbs sshd\[32231\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.226 Dec 10 04:10:14 wbs sshd\[32231\]: Failed password for invalid user test from 188.254.0.226 port 46320 ssh2	2019-12-10 22:18:47
63.80.184.127	attackbotsspam	Dec 10 08:24:10 grey postfix/smtpd\[26595\]: NOQUEUE: reject: RCPT from fresh.sapuxfiori.com\[63.80.184.127\]: 554 5.7.1 Service unavailable\; Client host \[63.80.184.127\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[63.80.184.127\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-10 22:04:28
219.144.65.204	attackspambots	Invalid user castis from 219.144.65.204 port 57402	2019-12-10 22:05:28
163.172.28.183	attackbotsspam	Dec 10 08:38:34 TORMINT sshd\[31737\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.28.183 user=root Dec 10 08:38:35 TORMINT sshd\[31737\]: Failed password for root from 163.172.28.183 port 47870 ssh2 Dec 10 08:43:41 TORMINT sshd\[32110\]: Invalid user calva from 163.172.28.183 Dec 10 08:43:41 TORMINT sshd\[32110\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.28.183 ...	2019-12-10 21:51:59
167.86.79.146	attackbotsspam	SIP/5060 Probe, BF, Hack -	2019-12-10 22:05:55
47.107.16.68	attack	Host Scan	2019-12-10 21:46:46
183.166.170.130	attackspam	2019-12-10 00:25:04 H=(ylmf-pc) [183.166.170.130]:58813 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2019-12-10 00:25:04 H=(ylmf-pc) [183.166.170.130]:59566 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2019-12-10 00:25:04 H=(ylmf-pc) [183.166.170.130]:60217 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc ...	2019-12-10 22:02:46
78.231.60.44	attackbotsspam	Dec 10 14:36:46 vtv3 sshd[21753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.231.60.44 Dec 10 14:36:48 vtv3 sshd[21753]: Failed password for invalid user aslanidis from 78.231.60.44 port 41782 ssh2 Dec 10 14:45:47 vtv3 sshd[26275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.231.60.44 Dec 10 15:02:53 vtv3 sshd[2013]: Failed password for root from 78.231.60.44 port 41858 ssh2 Dec 10 15:11:30 vtv3 sshd[6206]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.231.60.44 Dec 10 15:11:32 vtv3 sshd[6206]: Failed password for invalid user nandakumar from 78.231.60.44 port 51000 ssh2 Dec 10 15:48:22 vtv3 sshd[24021]: Failed password for root from 78.231.60.44 port 32954 ssh2 Dec 10 15:56:51 vtv3 sshd[28479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.231.60.44 Dec 10 15:56:53 vtv3 sshd[28479]: Failed password for invalid user guest f	2019-12-10 21:58:11

Recently Reported IPs

23.56.181.80	177.196.103.93	162.243.133.202	112.197.34.91
178.141.146.91	14.160.145.141	175.5.175.142	114.67.109.192
110.78.180.85	119.50.179.72	106.13.227.104	189.62.136.109
114.67.76.166	125.191.31.67	178.142.123.100	117.87.26.26
15.164.7.242	116.97.204.126	121.227.110.212	2001:558:5014:80:4c84:9c95:1dba:bb6f