42.114.202.117

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: FPT Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	"Unauthorized connection attempt on SSHD detected"	2020-05-11 01:16:46

Comments on same subnet:

IP	Type	Details	Datetime
42.114.202.9	attackspam	2020-09-01 07:23:54.678686-0500 localhost smtpd[82836]: NOQUEUE: reject: RCPT from unknown[42.114.202.9]: 554 5.7.1 Service unavailable; Client host [42.114.202.9] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/42.114.202.9; from= to= proto=ESMTP helo=<[42.114.202.9]>	2020-09-01 22:36:35
42.114.202.164	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-07-05 20:35:59

Type

Details

Datetime

42.114.202.9

attackspam

2020-09-01 07:23:54.678686-0500  localhost smtpd[82836]: NOQUEUE: reject: RCPT from unknown[42.114.202.9]: 554 5.7.1 Service unavailable; Client host [42.114.202.9] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/42.114.202.9; from= to= proto=ESMTP helo=<[42.114.202.9]>

2020-09-01 22:36:35

42.114.202.164

attackspam

Honeypot attack, port: 445, PTR: PTR record not found

2020-07-05 20:35:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.114.202.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48007
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.114.202.117.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051001 1800 900 604800 86400

;; Query time: 180 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 11 01:16:41 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 117.202.114.42.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 117.202.114.42.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
197.231.255.162	attack	Nov 6 12:58:02 web1 sshd\[26298\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.231.255.162 user=root Nov 6 12:58:04 web1 sshd\[26298\]: Failed password for root from 197.231.255.162 port 42260 ssh2 Nov 6 13:05:41 web1 sshd\[26962\]: Invalid user db2inst1 from 197.231.255.162 Nov 6 13:05:41 web1 sshd\[26962\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.231.255.162 Nov 6 13:05:43 web1 sshd\[26962\]: Failed password for invalid user db2inst1 from 197.231.255.162 port 51764 ssh2	2019-11-07 07:28:07
162.214.14.226	attack	11/06/2019-23:44:27.775643 162.214.14.226 Protocol: 6 ET POLICY Cleartext WordPress Login	2019-11-07 07:22:05
182.61.55.239	attackbotsspam	2019-11-06T22:42:29.915091hub.schaetter.us sshd\[13886\]: Invalid user display from 182.61.55.239 port 36698 2019-11-06T22:42:29.925062hub.schaetter.us sshd\[13886\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.55.239 2019-11-06T22:42:31.563113hub.schaetter.us sshd\[13886\]: Failed password for invalid user display from 182.61.55.239 port 36698 ssh2 2019-11-06T22:46:01.369795hub.schaetter.us sshd\[13923\]: Invalid user mpweb from 182.61.55.239 port 14123 2019-11-06T22:46:01.377532hub.schaetter.us sshd\[13923\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.55.239 ...	2019-11-07 07:44:55
121.157.82.222	attack	2019-11-06T23:20:05.930745abusebot-7.cloudsearch.cf sshd\[23340\]: Invalid user infa from 121.157.82.222 port 56760	2019-11-07 07:30:00
67.207.92.112	attack	Attempted to connect 2 times to port 80 TCP	2019-11-07 07:41:05
51.83.2.148	attackspam	11/06/2019-23:43:26.159142 51.83.2.148 Protocol: 6 ET POLICY Cleartext WordPress Login	2019-11-07 07:50:34
159.203.58.105	attack	Nov 7 01:03:51 www sshd\[33067\]: Invalid user nagios from 159.203.58.105Nov 7 01:03:52 www sshd\[33067\]: Failed password for invalid user nagios from 159.203.58.105 port 51316 ssh2Nov 7 01:07:33 www sshd\[33084\]: Failed password for root from 159.203.58.105 port 33160 ssh2 ...	2019-11-07 07:28:47
139.155.26.91	attackbotsspam	2019-11-06T23:16:12.659729abusebot.cloudsearch.cf sshd\[20925\]: Invalid user cn from 139.155.26.91 port 49680	2019-11-07 07:35:17
181.230.131.66	attackspambots	2019-11-06T23:16:56.613614shield sshd\[6556\]: Invalid user soporte from 181.230.131.66 port 42486 2019-11-06T23:16:56.621106shield sshd\[6556\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.230.131.66 2019-11-06T23:16:59.025898shield sshd\[6556\]: Failed password for invalid user soporte from 181.230.131.66 port 42486 ssh2 2019-11-06T23:21:22.818083shield sshd\[6831\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.230.131.66 user=root 2019-11-06T23:21:24.405124shield sshd\[6831\]: Failed password for root from 181.230.131.66 port 51018 ssh2	2019-11-07 07:28:18
139.59.17.61	attackspambots	2019-11-06T22:42:20.899058abusebot-8.cloudsearch.cf sshd\[31879\]: Invalid user il from 139.59.17.61 port 37888	2019-11-07 07:46:33
173.236.72.146	attack	Automatic report - XMLRPC Attack	2019-11-07 07:40:36
106.52.179.100	attackspam	$f2bV_matches	2019-11-07 07:14:58
181.48.134.65	attackspambots	2019-11-07T00:45:13.750305tmaserv sshd\[6855\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.134.65 user=root 2019-11-07T00:45:15.904578tmaserv sshd\[6855\]: Failed password for root from 181.48.134.65 port 45830 ssh2 2019-11-07T01:00:14.547729tmaserv sshd\[7578\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.134.65 user=root 2019-11-07T01:00:16.059699tmaserv sshd\[7578\]: Failed password for root from 181.48.134.65 port 51804 ssh2 2019-11-07T01:04:16.384600tmaserv sshd\[7863\]: Invalid user bbs from 181.48.134.65 port 32902 2019-11-07T01:04:16.390147tmaserv sshd\[7863\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.134.65 ...	2019-11-07 07:25:46
43.225.151.142	attack	Nov 6 17:34:05 ny01 sshd[13224]: Failed password for root from 43.225.151.142 port 52633 ssh2 Nov 6 17:38:25 ny01 sshd[13655]: Failed password for root from 43.225.151.142 port 42841 ssh2 Nov 6 17:42:52 ny01 sshd[14080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.225.151.142	2019-11-07 07:16:07
182.151.214.104	attackspam	2019-11-06T23:32:30.410569shield sshd\[8090\]: Invalid user pa@123 from 182.151.214.104 port 8213 2019-11-06T23:32:30.415064shield sshd\[8090\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.151.214.104 2019-11-06T23:32:32.704855shield sshd\[8090\]: Failed password for invalid user pa@123 from 182.151.214.104 port 8213 ssh2 2019-11-06T23:37:09.934860shield sshd\[8483\]: Invalid user newone from 182.151.214.104 port 8215 2019-11-06T23:37:09.939112shield sshd\[8483\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.151.214.104	2019-11-07 07:40:25

Recently Reported IPs

197.45.122.180	202.175.122.210	77.234.203.252	110.137.39.236
114.237.206.21	61.228.153.203	203.99.177.175	104.131.231.109
61.163.213.107	50.211.196.245	2.187.248.252	191.5.98.236
171.248.65.109	171.237.58.150	137.215.181.250	222.252.12.186
197.240.170.178	183.17.146.190	114.34.215.173	23.165.90.191