42.117.198.4 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: FPT Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Automatic report - Port Scan Attack	2019-12-24 17:41:19

Comments on same subnet:

IP	Type	Details	Datetime
42.117.198.17	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-12-24 17:43:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.117.198.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50792
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.117.198.4.			IN	A

;; AUTHORITY SECTION:
.			490	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122400 1800 900 604800 86400

;; Query time: 984 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 24 17:41:14 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 4.198.117.42.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 4.198.117.42.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.223	attackspambots	Sep 18 14:20:27 mavik sshd[11284]: Failed password for root from 218.92.0.223 port 59642 ssh2 Sep 18 14:20:31 mavik sshd[11284]: Failed password for root from 218.92.0.223 port 59642 ssh2 Sep 18 14:20:34 mavik sshd[11284]: Failed password for root from 218.92.0.223 port 59642 ssh2 Sep 18 14:20:38 mavik sshd[11284]: Failed password for root from 218.92.0.223 port 59642 ssh2 Sep 18 14:20:42 mavik sshd[11284]: Failed password for root from 218.92.0.223 port 59642 ssh2 ...	2020-09-18 21:42:30
103.12.163.71	attackbotsspam	Unauthorized connection attempt from IP address 103.12.163.71 on Port 445(SMB)	2020-09-18 21:58:20
222.186.175.215	attackbotsspam	Sep 18 13:34:57 localhost sshd\[9763\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.215 user=root Sep 18 13:35:00 localhost sshd\[9763\]: Failed password for root from 222.186.175.215 port 53752 ssh2 Sep 18 13:35:03 localhost sshd\[9763\]: Failed password for root from 222.186.175.215 port 53752 ssh2 ...	2020-09-18 21:38:51
164.132.225.151	attack	2020-09-18T15:18:29.305163mail.broermann.family sshd[15182]: Failed password for root from 164.132.225.151 port 42846 ssh2 2020-09-18T15:22:42.907357mail.broermann.family sshd[15324]: Invalid user admin from 164.132.225.151 port 48799 2020-09-18T15:22:42.911307mail.broermann.family sshd[15324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.ip-164-132-225.eu 2020-09-18T15:22:42.907357mail.broermann.family sshd[15324]: Invalid user admin from 164.132.225.151 port 48799 2020-09-18T15:22:45.191999mail.broermann.family sshd[15324]: Failed password for invalid user admin from 164.132.225.151 port 48799 ssh2 ...	2020-09-18 22:15:15
190.221.160.190	attack	Unauthorized connection attempt from IP address 190.221.160.190 on Port 445(SMB)	2020-09-18 21:44:11
179.56.16.65	attackspambots	Sep 17 14:00:54 logopedia-1vcpu-1gb-nyc1-01 sshd[377124]: Invalid user pi from 179.56.16.65 port 47366 ...	2020-09-18 21:51:52
139.59.239.38	attackspambots	Sep 18 15:58:06 host2 sshd[112992]: Failed password for root from 139.59.239.38 port 40196 ssh2 Sep 18 16:00:31 host2 sshd[113033]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.239.38 user=root Sep 18 16:00:32 host2 sshd[113033]: Failed password for root from 139.59.239.38 port 45924 ssh2 Sep 18 16:00:31 host2 sshd[113033]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.239.38 user=root Sep 18 16:00:32 host2 sshd[113033]: Failed password for root from 139.59.239.38 port 45924 ssh2 ...	2020-09-18 22:12:54
186.188.178.124	attackbotsspam	Sep 18 03:01:35 ssh2 sshd[90280]: User root from 186.188.178.124 not allowed because not listed in AllowUsers Sep 18 03:01:35 ssh2 sshd[90280]: Failed password for invalid user root from 186.188.178.124 port 52890 ssh2 Sep 18 03:01:35 ssh2 sshd[90280]: Connection closed by invalid user root 186.188.178.124 port 52890 [preauth] ...	2020-09-18 21:57:00
143.110.200.144	attackbotsspam	Sep 18 15:16:12 server sshd[3121]: Failed password for root from 143.110.200.144 port 51848 ssh2 Sep 18 15:20:34 server sshd[5301]: Failed password for root from 143.110.200.144 port 57584 ssh2 Sep 18 15:23:09 server sshd[6550]: Failed password for root from 143.110.200.144 port 43466 ssh2	2020-09-18 22:09:33
165.227.95.163	attack	Sep 18 14:22:42 nextcloud sshd\[28955\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.95.163 user=root Sep 18 14:22:44 nextcloud sshd\[28955\]: Failed password for root from 165.227.95.163 port 57822 ssh2 Sep 18 14:25:18 nextcloud sshd\[32091\]: Invalid user debian from 165.227.95.163 Sep 18 14:25:18 nextcloud sshd\[32091\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.95.163	2020-09-18 22:14:40
207.38.60.67	attackspam	Sep 18 00:02:22 root sshd[18990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.38.60.67 user=root Sep 18 00:02:23 root sshd[18990]: Failed password for root from 207.38.60.67 port 58840 ssh2 ...	2020-09-18 21:47:04
178.33.67.12	attackbotsspam	Sep 18 15:35:08 marvibiene sshd[13884]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.33.67.12 Sep 18 15:35:10 marvibiene sshd[13884]: Failed password for invalid user backups from 178.33.67.12 port 41600 ssh2	2020-09-18 21:57:30
107.170.20.247	attackbots	Sep 18 13:00:19 mail sshd[25755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.20.247	2020-09-18 22:08:11
74.120.14.30	attackbotsspam	TCP (SYN) 74.120.14.30:23411 -> port 445, len 44	2020-09-18 22:00:40
5.55.254.88	attackspam	Email rejected due to spam filtering	2020-09-18 21:45:26

Recently Reported IPs

111.64.235.28	37.144.0.28	162.201.120.90	114.67.81.81
142.59.160.46	159.192.157.202	103.76.228.244	142.11.245.91
118.71.104.190	82.189.255.149	31.17.66.235	175.154.162.124
104.248.172.112	49.235.149.89	85.209.3.106	14.186.120.222
113.140.216.105	14.236.254.202	73.50.211.105	237.165.251.67