42.115.215.114

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: FPT Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	firewall-block, port(s): 445/tcp	2019-11-24 14:41:13

Comments on same subnet:

IP	Type	Details	Datetime
42.115.215.222	attackspam	20/8/21@23:54:41: FAIL: Alarm-Network address from=42.115.215.222 20/8/21@23:54:41: FAIL: Alarm-Network address from=42.115.215.222 ...	2020-08-22 13:19:03
42.115.215.241	attackspam	firewall-block, port(s): 1433/tcp	2020-02-20 02:27:34
42.115.215.123	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 05-02-2020 13:50:12.	2020-02-05 21:58:44
42.115.215.132	attackspambots	1577859998 - 01/01/2020 07:26:38 Host: 42.115.215.132/42.115.215.132 Port: 445 TCP Blocked	2020-01-01 16:39:13
42.115.215.140	attack	1577428048 - 12/27/2019 07:27:28 Host: 42.115.215.140/42.115.215.140 Port: 445 TCP Blocked	2019-12-27 17:27:19
42.115.215.88	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 08-11-2019 14:35:29.	2019-11-09 03:00:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.115.215.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46711
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.115.215.114.			IN	A

;; AUTHORITY SECTION:
.			544	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112301 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 24 14:41:08 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 114.215.115.42.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 114.215.115.42.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.230.209.21	attack	Dec 13 10:55:59 Tower sshd[11137]: Connection from 111.230.209.21 port 41760 on 192.168.10.220 port 22 Dec 13 10:56:02 Tower sshd[11137]: Invalid user laucella from 111.230.209.21 port 41760 Dec 13 10:56:02 Tower sshd[11137]: error: Could not get shadow information for NOUSER Dec 13 10:56:02 Tower sshd[11137]: Failed password for invalid user laucella from 111.230.209.21 port 41760 ssh2 Dec 13 10:56:03 Tower sshd[11137]: Received disconnect from 111.230.209.21 port 41760:11: Bye Bye [preauth] Dec 13 10:56:03 Tower sshd[11137]: Disconnected from invalid user laucella 111.230.209.21 port 41760 [preauth]	2019-12-14 04:11:52
103.27.237.67	attackspam	Dec 13 16:54:03 ns382633 sshd\[4333\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.27.237.67 user=root Dec 13 16:54:05 ns382633 sshd\[4333\]: Failed password for root from 103.27.237.67 port 6305 ssh2 Dec 13 17:07:15 ns382633 sshd\[7499\]: Invalid user ravitz from 103.27.237.67 port 6637 Dec 13 17:07:15 ns382633 sshd\[7499\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.27.237.67 Dec 13 17:07:17 ns382633 sshd\[7499\]: Failed password for invalid user ravitz from 103.27.237.67 port 6637 ssh2	2019-12-14 04:40:03
158.69.195.175	attackspam	detected by Fail2Ban	2019-12-14 04:34:02
39.97.235.30	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-14 04:20:10
45.134.179.240	attack	Dec 13 22:41:50 debian-2gb-vpn-nbg1-1 kernel: [644486.674897] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=45.134.179.240 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=15580 PROTO=TCP SPT=54720 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-14 04:15:27
103.95.9.247	attackspambots	2019-12-13 09:55:31 H=(tmqcpa.com) [103.95.9.247]:35750 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.11, 127.0.0.3) (https://www.spamhaus.org/query/ip/103.95.9.247) 2019-12-13 09:55:32 H=(tmqcpa.com) [103.95.9.247]:35750 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4, 127.0.0.11) (https://www.spamhaus.org/query/ip/103.95.9.247) 2019-12-13 09:55:34 H=(tmqcpa.com) [103.95.9.247]:35750 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4, 127.0.0.11) (https://www.spamhaus.org/query/ip/103.95.9.247) ...	2019-12-14 04:41:41
188.128.43.28	attack	$f2bV_matches	2019-12-14 04:27:01
177.140.197.32	attackbots	2019-12-13T20:25:11.809628homeassistant sshd[15904]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.140.197.32 user=news 2019-12-13T20:25:13.479245homeassistant sshd[15904]: Failed password for news from 177.140.197.32 port 36497 ssh2 ...	2019-12-14 04:33:48
68.183.18.104	attackbots	IP: 68.183.18.104 ASN: AS14061 DigitalOcean LLC Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 13/12/2019 8:25:58 PM UTC	2019-12-14 04:38:28
169.197.108.189	attackbots	firewall-block, port(s): 8080/tcp	2019-12-14 04:28:05
158.69.160.191	attackspambots	Dec 13 23:06:22 server sshd\[23589\]: Invalid user test from 158.69.160.191 Dec 13 23:06:22 server sshd\[23589\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip191.ip-158-69-160.net Dec 13 23:06:24 server sshd\[23589\]: Failed password for invalid user test from 158.69.160.191 port 43492 ssh2 Dec 13 23:16:03 server sshd\[26497\]: Invalid user testuser from 158.69.160.191 Dec 13 23:16:03 server sshd\[26497\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip191.ip-158-69-160.net ...	2019-12-14 04:35:55
158.69.220.70	attack	Dec 13 21:08:59 meumeu sshd[15312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.220.70 Dec 13 21:09:01 meumeu sshd[15312]: Failed password for invalid user host from 158.69.220.70 port 60212 ssh2 Dec 13 21:14:02 meumeu sshd[16084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.220.70 ...	2019-12-14 04:30:29
190.6.93.174	attack	12/13/2019-16:55:37.813829 190.6.93.174 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-12-14 04:37:41
88.247.166.200	attackbotsspam	Automatic report - Banned IP Access	2019-12-14 04:40:31
87.116.177.34	attackspam	Autoban 87.116.177.34 AUTH/CONNECT	2019-12-14 04:23:14

Recently Reported IPs

96.23.195.210	245.88.149.30	129.74.50.183	98.215.54.164
7.134.50.9	0.140.54.149	222.177.213.224	154.162.0.179
5.90.209.89	116.47.174.203	45.33.146.231	124.36.7.162
158.193.238.99	32.14.159.220	28.7.218.125	53.53.176.143
42.20.12.142	215.234.167.148	25.233.73.186	232.221.35.150