116.206.42.104

Basic Info

City: Bandar Lampung

Region: Lampung

Country: Indonesia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
116.206.42.127	attackbotsspam	Unauthorised access (Aug 9) SRC=116.206.42.127 LEN=52 TOS=0x08 PREC=0x80 TTL=108 ID=8532 DF TCP DPT=445 WINDOW=8192 SYN	2020-08-09 16:00:23
116.206.42.106	attack	SMB Server BruteForce Attack	2020-06-19 19:56:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.206.42.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57528
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.206.42.104.			IN	A

;; AUTHORITY SECTION:
.			431	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020121300 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 13 16:19:13 CST 2020
;; MSG SIZE  rcvd: 118

Host info

104.42.206.116.in-addr.arpa has no PTR record

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
104.42.206.116.in-addr.arpa	name = subs46-116-206-42-104.three.co.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.182	attack	Aug 19 21:41:19 localhost sshd[52731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.182 user=root Aug 19 21:41:21 localhost sshd[52731]: Failed password for root from 222.186.175.182 port 63964 ssh2 Aug 19 21:41:25 localhost sshd[52731]: Failed password for root from 222.186.175.182 port 63964 ssh2 Aug 19 21:41:19 localhost sshd[52731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.182 user=root Aug 19 21:41:21 localhost sshd[52731]: Failed password for root from 222.186.175.182 port 63964 ssh2 Aug 19 21:41:25 localhost sshd[52731]: Failed password for root from 222.186.175.182 port 63964 ssh2 Aug 19 21:41:19 localhost sshd[52731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.182 user=root Aug 19 21:41:21 localhost sshd[52731]: Failed password for root from 222.186.175.182 port 63964 ssh2 Aug 19 21:41:25 localhost sshd[52 ...	2020-08-20 05:44:16
174.219.7.140	attackbotsspam	Brute forcing email accounts	2020-08-20 05:14:06
139.162.77.6	attack	" "	2020-08-20 05:08:18
46.101.4.101	attackspambots	$f2bV_matches	2020-08-20 05:20:57
182.61.4.60	attackspam	Aug 20 02:18:43 dhoomketu sshd[2495260]: Invalid user vvv from 182.61.4.60 port 33746 Aug 20 02:18:43 dhoomketu sshd[2495260]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.4.60 Aug 20 02:18:43 dhoomketu sshd[2495260]: Invalid user vvv from 182.61.4.60 port 33746 Aug 20 02:18:45 dhoomketu sshd[2495260]: Failed password for invalid user vvv from 182.61.4.60 port 33746 ssh2 Aug 20 02:23:06 dhoomketu sshd[2495375]: Invalid user bo from 182.61.4.60 port 42246 ...	2020-08-20 05:16:32
74.208.82.213	attack	SSH login attempts.	2020-08-20 05:37:14
74.208.90.44	attack	SSH login attempts.	2020-08-20 05:38:45
157.92.36.18	attack	Aug 19 23:24:32 web-main sshd[1956033]: Invalid user librenms from 157.92.36.18 port 39724 Aug 19 23:24:34 web-main sshd[1956033]: Failed password for invalid user librenms from 157.92.36.18 port 39724 ssh2 Aug 19 23:35:20 web-main sshd[1957397]: Invalid user sgl from 157.92.36.18 port 45124	2020-08-20 05:36:50
213.109.87.223	attackbotsspam	srvr1: (mod_security) mod_security (id:920350) triggered by 213.109.87.223 (UA/-/s-213-109-87-223.under.net.ua): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/19 20:52:29 [error] 338292#0: 638706 [client 213.109.87.223] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159787034950.354027"] [ref "o0,16v21,16"], client: 213.109.87.223, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-08-20 05:45:24
68.183.210.212	attackbotsspam	Aug 19 14:32:22 dignus sshd[16285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.210.212 Aug 19 14:32:24 dignus sshd[16285]: Failed password for invalid user vfp from 68.183.210.212 port 54334 ssh2 Aug 19 14:38:12 dignus sshd[16962]: Invalid user ibs from 68.183.210.212 port 35626 Aug 19 14:38:12 dignus sshd[16962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.210.212 Aug 19 14:38:14 dignus sshd[16962]: Failed password for invalid user ibs from 68.183.210.212 port 35626 ssh2 ...	2020-08-20 05:44:58
166.137.104.41	attackspam	Brute forcing email accounts	2020-08-20 05:37:44
222.186.175.202	attackbotsspam	Aug 19 17:27:11 ny01 sshd[12893]: Failed password for root from 222.186.175.202 port 43336 ssh2 Aug 19 17:27:24 ny01 sshd[12893]: error: maximum authentication attempts exceeded for root from 222.186.175.202 port 43336 ssh2 [preauth] Aug 19 17:27:30 ny01 sshd[12933]: Failed password for root from 222.186.175.202 port 48886 ssh2	2020-08-20 05:30:09
74.198.18.229	attack	SSH login attempts.	2020-08-20 05:12:22
51.77.212.179	attack	Aug 19 23:04:30 meumeu sshd[1020388]: Invalid user checker from 51.77.212.179 port 34355 Aug 19 23:04:30 meumeu sshd[1020388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.212.179 Aug 19 23:04:30 meumeu sshd[1020388]: Invalid user checker from 51.77.212.179 port 34355 Aug 19 23:04:32 meumeu sshd[1020388]: Failed password for invalid user checker from 51.77.212.179 port 34355 ssh2 Aug 19 23:08:11 meumeu sshd[1020514]: Invalid user customerservice from 51.77.212.179 port 38254 Aug 19 23:08:11 meumeu sshd[1020514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.212.179 Aug 19 23:08:11 meumeu sshd[1020514]: Invalid user customerservice from 51.77.212.179 port 38254 Aug 19 23:08:13 meumeu sshd[1020514]: Failed password for invalid user customerservice from 51.77.212.179 port 38254 ssh2 Aug 19 23:11:48 meumeu sshd[1020810]: Invalid user mysql from 51.77.212.179 port 42152 ...	2020-08-20 05:15:22
188.166.225.37	attack	Aug 19 22:05:45 rocket sshd[29400]: Failed password for root from 188.166.225.37 port 35764 ssh2 Aug 19 22:10:10 rocket sshd[30261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.225.37 ...	2020-08-20 05:17:38

Recently Reported IPs

213.239.103.6	138.97.225.27	87.214.62.70	51.222.56.132
108.243.192.31	139.228.66.56	86.248.185.67	196.158.13.252
49.88.64.181	172.4.5.152	14.160.222.151	178.76.194.86
35.158.232.97	106.206.0.181	180.248.120.205	14.193.34.168
109.194.163.249	213.178.34.202	118.100.178.199	92.46.71.210