42.114.31.244 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: FPT Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	unauthorized connection attempt	2020-02-26 16:06:42

Comments on same subnet:

IP	Type	Details	Datetime
42.114.31.88	attackbots	1588391385 - 05/02/2020 05:49:45 Host: 42.114.31.88/42.114.31.88 Port: 445 TCP Blocked	2020-05-02 18:25:42
42.114.31.57	attackbotsspam	Feb 28 17:25:06 h2177944 kernel: \[6104841.793116\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=42.114.31.57 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=63587 PROTO=TCP SPT=19607 DPT=23 WINDOW=24199 RES=0x00 SYN URGP=0 Feb 28 17:25:06 h2177944 kernel: \[6104841.793130\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=42.114.31.57 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=63587 PROTO=TCP SPT=19607 DPT=23 WINDOW=24199 RES=0x00 SYN URGP=0 Feb 28 17:25:06 h2177944 kernel: \[6104841.794708\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=42.114.31.57 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=63587 PROTO=TCP SPT=19607 DPT=23 WINDOW=24199 RES=0x00 SYN URGP=0 Feb 28 17:25:06 h2177944 kernel: \[6104841.794721\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=42.114.31.57 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=63587 PROTO=TCP SPT=19607 DPT=23 WINDOW=24199 RES=0x00 SYN URGP=0 Feb 28 17:25:06 h2177944 kernel: \[6104841.796816\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=42.114.31.57 DST=85.214.117.9 LEN=40 TOS=0	2020-02-29 02:11:30
42.114.31.253	attackspam	Unauthorized connection attempt detected from IP address 42.114.31.253 to port 445	2019-12-28 16:59:22
42.114.31.141	attack	port scan and connect, tcp 23 (telnet)	2019-12-17 03:27:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.114.31.244
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63363
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.114.31.244.			IN	A

;; AUTHORITY SECTION:
.			267	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022601 1800 900 604800 86400

;; Query time: 162 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 26 16:06:34 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 244.31.114.42.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 244.31.114.42.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
72.11.168.29	attackspam	Sep 6 17:04:10 hcbb sshd\[2005\]: Invalid user gitolite3 from 72.11.168.29 Sep 6 17:04:10 hcbb sshd\[2005\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=72-11-168-29.cpe.axion.ca Sep 6 17:04:12 hcbb sshd\[2005\]: Failed password for invalid user gitolite3 from 72.11.168.29 port 45944 ssh2 Sep 6 17:10:19 hcbb sshd\[2596\]: Invalid user vbox123 from 72.11.168.29 Sep 6 17:10:19 hcbb sshd\[2596\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=72-11-168-29.cpe.axion.ca	2019-09-07 11:13:39
218.69.91.84	attackspambots	Sep 7 00:43:16 marvibiene sshd[35151]: Invalid user fctrserver from 218.69.91.84 port 35150 Sep 7 00:43:16 marvibiene sshd[35151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.69.91.84 Sep 7 00:43:16 marvibiene sshd[35151]: Invalid user fctrserver from 218.69.91.84 port 35150 Sep 7 00:43:18 marvibiene sshd[35151]: Failed password for invalid user fctrserver from 218.69.91.84 port 35150 ssh2 ...	2019-09-07 10:55:53
141.98.9.42	attack	Sep 7 04:59:16 webserver postfix/smtpd\[14701\]: warning: unknown\[141.98.9.42\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 05:00:08 webserver postfix/smtpd\[14701\]: warning: unknown\[141.98.9.42\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 05:01:02 webserver postfix/smtpd\[14701\]: warning: unknown\[141.98.9.42\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 05:01:55 webserver postfix/smtpd\[16923\]: warning: unknown\[141.98.9.42\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 05:02:46 webserver postfix/smtpd\[16923\]: warning: unknown\[141.98.9.42\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-09-07 11:02:28
128.199.95.60	attack	2019-09-02T00:25:26.053721ns557175 sshd\[4501\]: Invalid user choi from 128.199.95.60 port 42496 2019-09-02T00:25:26.060188ns557175 sshd\[4501\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.95.60 2019-09-02T00:25:27.691756ns557175 sshd\[4501\]: Failed password for invalid user choi from 128.199.95.60 port 42496 ssh2 2019-09-02T00:35:19.808615ns557175 sshd\[4723\]: Invalid user tz from 128.199.95.60 port 33856 2019-09-02T00:35:19.813245ns557175 sshd\[4723\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.95.60 2019-09-02T00:35:21.520055ns557175 sshd\[4723\]: Failed password for invalid user tz from 128.199.95.60 port 33856 ssh2 2019-09-02T00:41:43.068134ns557175 sshd\[4857\]: Invalid user test from 128.199.95.60 port 49930 2019-09-02T00:41:43.073587ns557175 sshd\[4857\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.95.60 2019-09 ...	2019-09-07 10:42:55
163.172.191.192	attack	Sep 6 17:17:16 sachi sshd\[29205\]: Invalid user ubuntu from 163.172.191.192 Sep 6 17:17:16 sachi sshd\[29205\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.191.192 Sep 6 17:17:18 sachi sshd\[29205\]: Failed password for invalid user ubuntu from 163.172.191.192 port 56364 ssh2 Sep 6 17:22:02 sachi sshd\[29606\]: Invalid user tomcat from 163.172.191.192 Sep 6 17:22:02 sachi sshd\[29606\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.191.192	2019-09-07 11:28:23
222.186.15.110	attackspambots	09/06/2019-22:45:11.559873 222.186.15.110 Protocol: 6 ET SCAN Potential SSH Scan	2019-09-07 10:45:30
185.222.211.250	attackbots	RDP Bruteforce	2019-09-07 10:58:42
71.75.128.193	attackbotsspam	Sep 7 04:01:01 MainVPS sshd[1591]: Invalid user redmine from 71.75.128.193 port 43606 Sep 7 04:01:01 MainVPS sshd[1591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.75.128.193 Sep 7 04:01:01 MainVPS sshd[1591]: Invalid user redmine from 71.75.128.193 port 43606 Sep 7 04:01:03 MainVPS sshd[1591]: Failed password for invalid user redmine from 71.75.128.193 port 43606 ssh2 Sep 7 04:05:21 MainVPS sshd[1958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.75.128.193 user=mysql Sep 7 04:05:23 MainVPS sshd[1958]: Failed password for mysql from 71.75.128.193 port 33304 ssh2 ...	2019-09-07 10:50:13
110.47.218.84	attackbots	Sep 7 04:45:38 OPSO sshd\[1040\]: Invalid user tomas from 110.47.218.84 port 60320 Sep 7 04:45:38 OPSO sshd\[1040\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.47.218.84 Sep 7 04:45:41 OPSO sshd\[1040\]: Failed password for invalid user tomas from 110.47.218.84 port 60320 ssh2 Sep 7 04:50:16 OPSO sshd\[1658\]: Invalid user password from 110.47.218.84 port 46526 Sep 7 04:50:16 OPSO sshd\[1658\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.47.218.84	2019-09-07 10:59:20
209.85.160.194	attackbots	Spam assholes pretending to be paypal. This IP needs to be shut down!	2019-09-07 11:19:14
165.22.201.204	attackspambots	F2B jail: sshd. Time: 2019-09-07 05:29:07, Reported by: VKReport	2019-09-07 11:34:12
114.216.7.230	attackspam	k+ssh-bruteforce	2019-09-07 11:03:46
172.104.92.168	attackspambots	" "	2019-09-07 11:07:53
110.138.149.172	attackspambots	2019-09-07T00:42:53.957712abusebot-7.cloudsearch.cf sshd\[16761\]: Invalid user server from 110.138.149.172 port 12379	2019-09-07 11:13:56
218.98.40.150	attack	Sep 7 05:08:20 dev0-dcfr-rnet sshd[15544]: Failed password for root from 218.98.40.150 port 47870 ssh2 Sep 7 05:08:30 dev0-dcfr-rnet sshd[15546]: Failed password for root from 218.98.40.150 port 15049 ssh2	2019-09-07 11:25:11

Recently Reported IPs

169.183.130.23	236.226.237.135	5.129.145.176	213.34.227.150
2.180.25.50	210.179.34.34	202.94.83.74	185.218.244.65
178.21.184.130	171.225.216.75	168.0.252.53	123.17.146.19
122.194.17.32	118.34.62.154	114.34.164.228	226.137.87.103
113.25.51.251	87.227.161.157	81.214.126.212	69.44.202.220