117.5.62.242 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: Viettel Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Aug 21 12:56:44 mxgate1 postfix/postscreen[15099]: CONNECT from [117.5.62.242]:25263 to [176.31.12.44]:25 Aug 21 12:56:44 mxgate1 postfix/dnsblog[15103]: addr 117.5.62.242 listed by domain zen.spamhaus.org as 127.0.0.11 Aug 21 12:56:44 mxgate1 postfix/dnsblog[15103]: addr 117.5.62.242 listed by domain zen.spamhaus.org as 127.0.0.4 Aug 21 12:56:44 mxgate1 postfix/dnsblog[15100]: addr 117.5.62.242 listed by domain cbl.abuseat.org as 127.0.0.2 Aug 21 12:56:44 mxgate1 postfix/dnsblog[15101]: addr 117.5.62.242 listed by domain b.barracudacentral.org as 127.0.0.2 Aug 21 12:56:50 mxgate1 postfix/postscreen[15099]: DNSBL rank 4 for [117.5.62.242]:25263 Aug 21 12:56:51 mxgate1 postfix/postscreen[15099]: NOQUEUE: reject: RCPT from [117.5.62.242]:25263: 550 5.7.1 Service unavailable; client [117.5.62.242] blocked using zen.spamhaus.org; from=x@x helo= Aug 21 12:56:51 mxgate1 postfix/postscreen[15099]: HANGUP after 0.92 from [117.5.62.242]:25263 in tests after SMTP hands........ -------------------------------	2019-08-22 02:57:25

Type

Details

Datetime

attack

Aug 21 12:56:44 mxgate1 postfix/postscreen[15099]: CONNECT from [117.5.62.242]:25263 to [176.31.12.44]:25
Aug 21 12:56:44 mxgate1 postfix/dnsblog[15103]: addr 117.5.62.242 listed by domain zen.spamhaus.org as 127.0.0.11
Aug 21 12:56:44 mxgate1 postfix/dnsblog[15103]: addr 117.5.62.242 listed by domain zen.spamhaus.org as 127.0.0.4
Aug 21 12:56:44 mxgate1 postfix/dnsblog[15100]: addr 117.5.62.242 listed by domain cbl.abuseat.org as 127.0.0.2
Aug 21 12:56:44 mxgate1 postfix/dnsblog[15101]: addr 117.5.62.242 listed by domain b.barracudacentral.org as 127.0.0.2
Aug 21 12:56:50 mxgate1 postfix/postscreen[15099]: DNSBL rank 4 for [117.5.62.242]:25263
Aug 21 12:56:51 mxgate1 postfix/postscreen[15099]: NOQUEUE: reject: RCPT from [117.5.62.242]:25263: 550 5.7.1 Service unavailable; client [117.5.62.242] blocked using zen.spamhaus.org; from=x@x helo=
Aug 21 12:56:51 mxgate1 postfix/postscreen[15099]: HANGUP after 0.92 from [117.5.62.242]:25263 in tests after SMTP hands........
-------------------------------

2019-08-22 02:57:25

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.5.62.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34222
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.5.62.242.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082100 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 22 02:57:09 CST 2019
;; MSG SIZE  rcvd: 116

Host info

242.62.5.117.in-addr.arpa domain name pointer localhost.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
242.62.5.117.in-addr.arpa	name = localhost.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.172.216	attack	2020-06-07T07:52:22.793301lavrinenko.info sshd[29373]: Failed password for root from 106.13.172.216 port 35784 ssh2 2020-06-07T07:54:11.117924lavrinenko.info sshd[29409]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.172.216 user=root 2020-06-07T07:54:13.271437lavrinenko.info sshd[29409]: Failed password for root from 106.13.172.216 port 56054 ssh2 2020-06-07T07:56:01.098275lavrinenko.info sshd[29448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.172.216 user=root 2020-06-07T07:56:02.685832lavrinenko.info sshd[29448]: Failed password for root from 106.13.172.216 port 48090 ssh2 ...	2020-06-07 12:59:59
195.54.161.41	attack	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-06-07 13:38:50
177.124.184.44	attackspambots	Jun 7 07:07:27 vps647732 sshd[15349]: Failed password for root from 177.124.184.44 port 42894 ssh2 ...	2020-06-07 13:51:11
167.114.155.2	attack	2020-06-07T05:52:55.107345centos sshd[6703]: Failed password for root from 167.114.155.2 port 45346 ssh2 2020-06-07T05:57:22.098232centos sshd[6964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.155.2 user=root 2020-06-07T05:57:24.253379centos sshd[6964]: Failed password for root from 167.114.155.2 port 49018 ssh2 ...	2020-06-07 13:28:05
140.246.135.188	attack	Jun 7 06:30:33 fhem-rasp sshd[28916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.246.135.188 user=root Jun 7 06:30:34 fhem-rasp sshd[28916]: Failed password for root from 140.246.135.188 port 39064 ssh2 ...	2020-06-07 13:05:45
106.54.40.151	attackspam	Jun 7 06:58:00 legacy sshd[24243]: Failed password for root from 106.54.40.151 port 55806 ssh2 Jun 7 07:01:56 legacy sshd[24335]: Failed password for root from 106.54.40.151 port 48033 ssh2 ...	2020-06-07 13:19:58
222.186.180.41	attackspambots	Jun 6 18:02:43 sachi sshd\[17959\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.41 user=root Jun 6 18:02:45 sachi sshd\[17959\]: Failed password for root from 222.186.180.41 port 6014 ssh2 Jun 6 18:02:48 sachi sshd\[17959\]: Failed password for root from 222.186.180.41 port 6014 ssh2 Jun 6 18:02:51 sachi sshd\[17959\]: Failed password for root from 222.186.180.41 port 6014 ssh2 Jun 6 18:03:01 sachi sshd\[17996\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.41 user=root	2020-06-07 13:13:51
218.232.135.95	attack	Fail2Ban Ban Triggered	2020-06-07 13:50:07
112.85.42.181	attackspambots	Unauthorised connection attempt detected at AUO FR1 NODE2. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-07 13:42:05
80.82.77.86	attackspam	Jun 7 06:38:24 debian-2gb-nbg1-2 kernel: \[13763450.450970\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.77.86 DST=195.201.40.59 LEN=130 TOS=0x00 PREC=0x00 TTL=247 ID=54321 PROTO=UDP SPT=53188 DPT=32768 LEN=110	2020-06-07 12:59:11
185.103.245.18	attack	Automatic report - Port Scan Attack	2020-06-07 13:01:31
51.83.255.237	attackspambots	Jun 7 07:38:26 vps647732 sshd[15840]: Failed password for root from 51.83.255.237 port 60710 ssh2 ...	2020-06-07 13:48:06
117.6.229.123	attackspam	20/6/6@23:57:44: FAIL: Alarm-Network address from=117.6.229.123 ...	2020-06-07 13:15:53
103.145.12.125	attackspambots	[2020-06-07 01:08:00] NOTICE[1288] chan_sip.c: Registration from '"1024" ' failed for '103.145.12.125:5826' - Wrong password [2020-06-07 01:08:00] SECURITY[1303] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-07T01:08:00.443-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1024",SessionID="0x7f4d74239348",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.125/5826",Challenge="0ad10139",ReceivedChallenge="0ad10139",ReceivedHash="6f14678dfe856ba2d38c9c8c3488b86e" [2020-06-07 01:08:00] NOTICE[1288] chan_sip.c: Registration from '"1024" ' failed for '103.145.12.125:5826' - Wrong password [2020-06-07 01:08:00] SECURITY[1303] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-07T01:08:00.662-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1024",SessionID="0x7f4d740619f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-06-07 13:12:43
71.246.210.34	attack	Jun 7 04:54:21 ajax sshd[20218]: Failed password for root from 71.246.210.34 port 57946 ssh2	2020-06-07 13:22:38

Recently Reported IPs

102.190.75.228	233.156.168.86	25.172.244.226	111.32.144.247
71.151.83.162	86.87.166.95	18.64.121.125	1.143.56.29
118.136.6.113	78.120.36.189	189.240.92.2	94.49.91.167
5.88.175.237	194.147.32.131	117.222.98.86	223.229.237.20
154.124.239.163	139.155.142.208	104.155.222.148	173.169.106.211