42.114.31.141 - IPInfo

Basic Info

City: Ho Chi Minh City

Region: Ho Chi Minh

Country: Vietnam

Internet Service Provider: FPT Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	port scan and connect, tcp 23 (telnet)	2019-12-17 03:27:18

Comments on same subnet:

IP	Type	Details	Datetime
42.114.31.88	attackbots	1588391385 - 05/02/2020 05:49:45 Host: 42.114.31.88/42.114.31.88 Port: 445 TCP Blocked	2020-05-02 18:25:42
42.114.31.57	attackbotsspam	Feb 28 17:25:06 h2177944 kernel: \[6104841.793116\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=42.114.31.57 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=63587 PROTO=TCP SPT=19607 DPT=23 WINDOW=24199 RES=0x00 SYN URGP=0 Feb 28 17:25:06 h2177944 kernel: \[6104841.793130\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=42.114.31.57 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=63587 PROTO=TCP SPT=19607 DPT=23 WINDOW=24199 RES=0x00 SYN URGP=0 Feb 28 17:25:06 h2177944 kernel: \[6104841.794708\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=42.114.31.57 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=63587 PROTO=TCP SPT=19607 DPT=23 WINDOW=24199 RES=0x00 SYN URGP=0 Feb 28 17:25:06 h2177944 kernel: \[6104841.794721\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=42.114.31.57 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=63587 PROTO=TCP SPT=19607 DPT=23 WINDOW=24199 RES=0x00 SYN URGP=0 Feb 28 17:25:06 h2177944 kernel: \[6104841.796816\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=42.114.31.57 DST=85.214.117.9 LEN=40 TOS=0	2020-02-29 02:11:30
42.114.31.244	attackspam	unauthorized connection attempt	2020-02-26 16:06:42
42.114.31.253	attackspam	Unauthorized connection attempt detected from IP address 42.114.31.253 to port 445	2019-12-28 16:59:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.114.31.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3151
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.114.31.141.			IN	A

;; AUTHORITY SECTION:
.			301	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121602 1800 900 604800 86400

;; Query time: 124 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 17 03:27:14 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 141.31.114.42.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 141.31.114.42.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
212.129.24.77	attackspambots	CloudCIX Reconnaissance Scan Detected, PTR: 212-129-24-77.rev.poneytelecom.eu.	2019-11-06 18:09:37
222.186.180.147	attackbots	Nov 6 10:55:48 fr01 sshd[27201]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.147 user=root Nov 6 10:55:50 fr01 sshd[27201]: Failed password for root from 222.186.180.147 port 56586 ssh2 ...	2019-11-06 18:05:23
185.153.199.118	attack	Microsoft Windows Terminal server RDP over non-standard port attempt - 235	2019-11-06 18:23:30
112.85.42.232	attackbotsspam	2019-11-06T10:12:03.348950abusebot-2.cloudsearch.cf sshd\[29729\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.232 user=root	2019-11-06 18:26:04
80.211.251.135	attackspambots	" "	2019-11-06 18:16:38
152.136.86.234	attack	Automatic report - Banned IP Access	2019-11-06 17:57:42
177.92.16.186	attack	2019-11-06T09:05:19.409319shield sshd\[30005\]: Invalid user ellort from 177.92.16.186 port 24551 2019-11-06T09:05:19.415230shield sshd\[30005\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.92.16.186 2019-11-06T09:05:21.756347shield sshd\[30005\]: Failed password for invalid user ellort from 177.92.16.186 port 24551 ssh2 2019-11-06T09:10:08.750093shield sshd\[30551\]: Invalid user gerrit from 177.92.16.186 port 47457 2019-11-06T09:10:08.756038shield sshd\[30551\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.92.16.186	2019-11-06 18:09:23
89.248.174.222	attack	ET DROP Dshield Block Listed Source group 1 - port: 8089 proto: TCP cat: Misc Attack	2019-11-06 18:22:44
66.249.64.194	attack	Automatic report - Banned IP Access	2019-11-06 18:23:01
112.17.78.170	attackbots	firewall-block, port(s): 30301/udp	2019-11-06 18:21:48
175.207.13.200	attack	Nov 5 20:58:46 web9 sshd\[7397\]: Invalid user sds33322 from 175.207.13.200 Nov 5 20:58:46 web9 sshd\[7397\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.207.13.200 Nov 5 20:58:48 web9 sshd\[7397\]: Failed password for invalid user sds33322 from 175.207.13.200 port 37420 ssh2 Nov 5 21:03:52 web9 sshd\[8068\]: Invalid user apaajaboleh from 175.207.13.200 Nov 5 21:03:52 web9 sshd\[8068\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.207.13.200	2019-11-06 17:44:36
106.13.187.202	attackspambots	Nov 4 06:40:21 cumulus sshd[9411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.187.202 user=r.r Nov 4 06:40:23 cumulus sshd[9411]: Failed password for r.r from 106.13.187.202 port 54496 ssh2 Nov 4 06:40:24 cumulus sshd[9411]: Received disconnect from 106.13.187.202 port 54496:11: Bye Bye [preauth] Nov 4 06:40:24 cumulus sshd[9411]: Disconnected from 106.13.187.202 port 54496 [preauth] Nov 4 07:07:00 cumulus sshd[10057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.187.202 user=r.r Nov 4 07:07:02 cumulus sshd[10057]: Failed password for r.r from 106.13.187.202 port 35086 ssh2 Nov 4 07:07:03 cumulus sshd[10057]: Received disconnect from 106.13.187.202 port 35086:11: Bye Bye [preauth] Nov 4 07:07:03 cumulus sshd[10057]: Disconnected from 106.13.187.202 port 35086 [preauth] Nov 4 07:12:21 cumulus sshd[10308]: Invalid user student4 from 106.13.187.202 port 44192 No........ -------------------------------	2019-11-06 17:49:55
59.91.218.77	attack	[06/Nov/2019:07:25:49 +0100] Web-Request: "GET /wp-login.php", User-Agent: "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1" [06/Nov/2019:07:25:55 +0100] Web-Request: "GET /wp-login.php", User-Agent: "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"	2019-11-06 18:17:29
45.77.242.155	attackbotsspam	Automatic report - XMLRPC Attack	2019-11-06 17:52:57
185.39.11.41	attackbotsspam	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-11-06 17:50:11

Recently Reported IPs

198.168.0.241	61.220.213.106	40.92.71.51	198.168.0.33
143.34.68.87	162.5.212.115	40.92.41.67	190.115.122.166
116.108.111.97	122.158.207.245	198.168.0.7	186.82.138.66
198.168.0.80	1.203.178.248	2.121.0.82	13.79.206.233
183.194.11.12	163.11.82.77	38.94.42.190	41.8.178.231