118.114.246.42

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Sichuan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SASL Brute Force	2019-08-23 02:29:50
attackbots	Aug 19 12:16:10 cp sshd[23821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.114.246.42	2019-08-19 20:37:07
attackspam	Automatic report - Banned IP Access	2019-08-04 18:46:02

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 118.114.246.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50331
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;118.114.246.42.			IN	A

;; AUTHORITY SECTION:
.			1706	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080400 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Aug 04 18:45:55 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 42.246.114.118.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 42.246.114.118.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
157.7.105.138	attackbotsspam	Web Server Attack	2020-05-08 03:08:50
159.65.144.36	attack	(sshd) Failed SSH login from 159.65.144.36 (IN/India/-): 12 in the last 3600 secs	2020-05-08 02:50:24
49.88.112.55	attack	May 7 20:40:22 mail sshd\[16152\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.55 user=root May 7 20:40:24 mail sshd\[16152\]: Failed password for root from 49.88.112.55 port 18457 ssh2 May 7 20:40:44 mail sshd\[16156\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.55 user=root ...	2020-05-08 02:49:36
112.133.219.236	attackspam	May 7 18:21:46 IngegnereFirenze sshd[8750]: Failed password for invalid user jenkins from 112.133.219.236 port 53768 ssh2 ...	2020-05-08 02:48:15
167.172.137.209	attackspambots	May 7 18:49:19 mailrelay sshd[25931]: Invalid user myftp from 167.172.137.209 port 36818 May 7 18:49:19 mailrelay sshd[25931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.137.209 May 7 18:49:21 mailrelay sshd[25931]: Failed password for invalid user myftp from 167.172.137.209 port 36818 ssh2 May 7 18:49:21 mailrelay sshd[25931]: Received disconnect from 167.172.137.209 port 36818:11: Bye Bye [preauth] May 7 18:49:21 mailrelay sshd[25931]: Disconnected from 167.172.137.209 port 36818 [preauth] May 7 19:02:40 mailrelay sshd[26095]: Invalid user o from 167.172.137.209 port 58092 May 7 19:02:40 mailrelay sshd[26095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.137.209 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=167.172.137.209	2020-05-08 03:22:53
20.36.47.241	attack	Lines containing failures of 20.36.47.241 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=20.36.47.241	2020-05-08 03:21:49
173.249.2.13	attack	Attempt to run phpMyAdmin	2020-05-08 03:19:36
195.54.167.12	attackbotsspam	[MK-VM3] Blocked by UFW	2020-05-08 02:54:14
175.24.139.99	attack	(sshd) Failed SSH login from 175.24.139.99 (US/United States/-): 5 in the last 3600 secs	2020-05-08 03:11:55
124.253.160.253	attackspam	trying to access non-authorized port	2020-05-08 03:00:33
142.11.242.173	attack	Email spoofing/spaming	2020-05-08 03:02:50
124.156.121.59	attackbotsspam	(sshd) Failed SSH login from 124.156.121.59 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 7 19:06:41 amsweb01 sshd[23518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.121.59 user=root May 7 19:06:42 amsweb01 sshd[23518]: Failed password for root from 124.156.121.59 port 58326 ssh2 May 7 19:21:21 amsweb01 sshd[24532]: User admin from 124.156.121.59 not allowed because not listed in AllowUsers May 7 19:21:21 amsweb01 sshd[24532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.121.59 user=admin May 7 19:21:23 amsweb01 sshd[24532]: Failed password for invalid user admin from 124.156.121.59 port 48582 ssh2	2020-05-08 02:56:52
192.99.4.151	attackbots	20 attempts against mh-misbehave-ban on pluto	2020-05-08 03:23:58
89.248.174.193	attack	Fail2Ban Ban Triggered	2020-05-08 03:05:30
3.91.7.216	attack	Web Server Attack	2020-05-08 02:52:03

Recently Reported IPs

37.115.185.241	189.240.202.13	54.76.50.214	165.22.235.207
186.227.36.78	5.82.236.119	34.145.227.59	178.21.3.98
70.234.178.56	55.105.239.74	64.136.61.129	86.57.133.253
50.79.59.97	192.44.35.244	94.191.32.80	86.52.11.35
179.180.5.252	82.64.126.39	187.87.8.3	59.3.137.39