42.116.248.148

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: FPT Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	60001/tcp [2019-07-11]1pkt	2019-07-11 18:55:55

Comments on same subnet:

IP	Type	Details	Datetime
42.116.248.61	attackbots	SSH login attempts.	2020-05-28 19:47:33
42.116.248.180	attack	Unauthorized connection attempt detected from IP address 42.116.248.180 to port 23	2019-12-30 09:18:22
42.116.248.188	attackbotsspam	Unauthorised access (Sep 28) SRC=42.116.248.188 LEN=40 TTL=47 ID=481 TCP DPT=23 WINDOW=46984 SYN Unauthorised access (Sep 28) SRC=42.116.248.188 LEN=40 TTL=47 ID=481 TCP DPT=23 WINDOW=46984 SYN	2019-09-28 18:32:48

Type

Details

Datetime

42.116.248.61

attackbots

SSH login attempts.

2020-05-28 19:47:33

42.116.248.180

attack

Unauthorized connection attempt detected from IP address 42.116.248.180 to port 23

2019-12-30 09:18:22

42.116.248.188

attackbotsspam

Unauthorised access (Sep 28) SRC=42.116.248.188 LEN=40 TTL=47 ID=481 TCP DPT=23 WINDOW=46984 SYN 
Unauthorised access (Sep 28) SRC=42.116.248.188 LEN=40 TTL=47 ID=481 TCP DPT=23 WINDOW=46984 SYN

2019-09-28 18:32:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.116.248.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9098
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.116.248.148.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071002 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 11 18:55:14 CST 2019
;; MSG SIZE  rcvd: 118

Host info

148.248.116.42.in-addr.arpa has no PTR record

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 148.248.116.42.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
115.77.184.54	attackbots	Automatic report - Banned IP Access	2020-09-12 16:38:40
112.85.42.229	attackspam	Sep 12 10:58:39 abendstille sshd\[25975\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.229 user=root Sep 12 10:58:41 abendstille sshd\[25992\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.229 user=root Sep 12 10:58:41 abendstille sshd\[25975\]: Failed password for root from 112.85.42.229 port 15432 ssh2 Sep 12 10:58:42 abendstille sshd\[25992\]: Failed password for root from 112.85.42.229 port 37755 ssh2 Sep 12 10:58:43 abendstille sshd\[25975\]: Failed password for root from 112.85.42.229 port 15432 ssh2 ...	2020-09-12 17:04:44
34.93.211.49	attackbots	$f2bV_matches	2020-09-12 16:45:29
112.85.42.185	attackbotsspam	SSH Brute-Force attacks	2020-09-12 16:51:33
51.210.10.200	attackbots	2020-09-12T06:06:35.846906upcloud.m0sh1x2.com sshd[2724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=vps-495ece76.vps.ovh.net user=root 2020-09-12T06:06:38.230574upcloud.m0sh1x2.com sshd[2724]: Failed password for root from 51.210.10.200 port 39538 ssh2	2020-09-12 16:41:39
112.30.136.31	attackbotsspam	Sep 12 09:00:31 ns308116 sshd[29789]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.30.136.31 user=root Sep 12 09:00:33 ns308116 sshd[29789]: Failed password for root from 112.30.136.31 port 36756 ssh2 Sep 12 09:05:24 ns308116 sshd[2393]: Invalid user Usuario from 112.30.136.31 port 33228 Sep 12 09:05:24 ns308116 sshd[2393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.30.136.31 Sep 12 09:05:26 ns308116 sshd[2393]: Failed password for invalid user Usuario from 112.30.136.31 port 33228 ssh2 ...	2020-09-12 17:13:27
51.89.68.141	attack	Sep 12 09:13:43 inter-technics sshd[21140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.89.68.141 user=root Sep 12 09:13:45 inter-technics sshd[21140]: Failed password for root from 51.89.68.141 port 42318 ssh2 Sep 12 09:17:36 inter-technics sshd[21376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.89.68.141 user=root Sep 12 09:17:38 inter-technics sshd[21376]: Failed password for root from 51.89.68.141 port 54420 ssh2 Sep 12 09:21:26 inter-technics sshd[21621]: Invalid user kodi from 51.89.68.141 port 38300 ...	2020-09-12 16:49:13
51.178.17.63	attack	Sep 12 04:28:37 sigma sshd\[24750\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=63.ip-51-178-17.eu user=rootSep 12 04:33:03 sigma sshd\[24850\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=63.ip-51-178-17.eu user=root ...	2020-09-12 16:57:43
218.92.0.199	attack	Sep 12 11:09:36 dcd-gentoo sshd[16591]: User root from 218.92.0.199 not allowed because none of user's groups are listed in AllowGroups Sep 12 11:09:38 dcd-gentoo sshd[16591]: error: PAM: Authentication failure for illegal user root from 218.92.0.199 Sep 12 11:09:38 dcd-gentoo sshd[16591]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.199 port 43523 ssh2 ...	2020-09-12 17:11:47
92.222.78.178	attackbots	Sep 12 07:59:25 localhost sshd[69398]: Failed password for root from 92.222.78.178 port 50984 ssh2 Sep 12 08:01:52 localhost sshd[74594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.78.178 user=root Sep 12 08:01:54 localhost sshd[74594]: Failed password for root from 92.222.78.178 port 36464 ssh2 Sep 12 08:04:18 localhost sshd[79784]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.78.178 user=root Sep 12 08:04:19 localhost sshd[79784]: Failed password for root from 92.222.78.178 port 50176 ssh2 ...	2020-09-12 16:52:25
185.39.11.105	attackbotsspam	TCP (SYN) 185.39.11.105:49121 -> port 8080, len 40	2020-09-12 16:42:10
42.236.10.70	attackspambots	Automatic report - Banned IP Access	2020-09-12 17:01:52
91.134.240.130	attackspambots	5x Failed Password	2020-09-12 17:10:33
222.252.11.10	attackbotsspam	Sep 11 19:56:27 sshgateway sshd\[2874\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.11.10 user=root Sep 11 19:56:29 sshgateway sshd\[2874\]: Failed password for root from 222.252.11.10 port 61423 ssh2 Sep 11 20:00:51 sshgateway sshd\[3436\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.11.10 user=root	2020-09-12 16:46:43
183.136.222.142	attackbotsspam	detected by Fail2Ban	2020-09-12 17:03:18

Recently Reported IPs

34.99.188.200	77.42.116.6	86.81.156.150	115.236.69.74
110.132.73.95	185.134.109.205	187.109.55.43	122.167.218.21
41.42.255.99	62.83.180.105	176.159.248.98	155.210.62.154
91.246.209.163	213.229.206.5	44.137.178.134	31.6.101.211
143.208.249.237	52.83.61.198	101.201.179.4	216.230.116.202