42.117.205.199

Basic Info

City: Dong Nai

Region: Tinh Ha Tinh

Country: Vietnam

Internet Service Provider: FPT Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	23/tcp 23/tcp [2019-06-23]2pkt	2019-06-24 04:21:46

Comments on same subnet:

IP	Type	Details	Datetime
42.117.205.59	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-28 23:31:13
42.117.205.76	attackbotsspam	Unauthorized connection attempt detected from IP address 42.117.205.76 to port 23 [T]	2020-01-27 07:11:11
42.117.205.166	attack	Unauthorized connection attempt detected from IP address 42.117.205.166 to port 23 [J]	2020-01-21 01:03:11

Type

Details

Datetime

42.117.205.59

attackbots

MultiHost/MultiPort Probe, Scan, Hack -

2020-02-28 23:31:13

42.117.205.76

attackbotsspam

Unauthorized connection attempt detected from IP address 42.117.205.76 to port 23 [T]

2020-01-27 07:11:11

42.117.205.166

attack

Unauthorized connection attempt detected from IP address 42.117.205.166 to port 23 [J]

2020-01-21 01:03:11

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.117.205.199
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28496
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.117.205.199.			IN	A

;; AUTHORITY SECTION:
.			2356	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062301 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jun 24 04:21:40 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 199.205.117.42.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 199.205.117.42.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.76.158.162	attackspambots	$f2bV_matches	2019-11-02 12:39:16
162.243.14.185	attackbots	(sshd) Failed SSH login from 162.243.14.185 (US/United States/ajantainc.com): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Nov 2 03:57:18 andromeda sshd[22508]: Invalid user sammy from 162.243.14.185 port 44252 Nov 2 03:57:20 andromeda sshd[22508]: Failed password for invalid user sammy from 162.243.14.185 port 44252 ssh2 Nov 2 04:02:21 andromeda sshd[23083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.14.185 user=root	2019-11-02 12:31:31
92.119.160.107	attackbots	Nov 2 04:42:04 h2177944 kernel: \[5541826.585695\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=31941 PROTO=TCP SPT=48045 DPT=47867 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 2 05:00:13 h2177944 kernel: \[5542915.503765\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=6880 PROTO=TCP SPT=48045 DPT=47605 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 2 05:00:47 h2177944 kernel: \[5542949.026670\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=55899 PROTO=TCP SPT=48045 DPT=47829 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 2 05:04:17 h2177944 kernel: \[5543159.122917\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=19111 PROTO=TCP SPT=48045 DPT=47939 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 2 05:07:50 h2177944 kernel: \[5543372.296173\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.2	2019-11-02 12:28:28
151.80.254.74	attack	Nov 2 05:16:07 dev0-dcde-rnet sshd[26615]: Failed password for root from 151.80.254.74 port 44240 ssh2 Nov 2 05:21:26 dev0-dcde-rnet sshd[26630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.254.74 Nov 2 05:21:27 dev0-dcde-rnet sshd[26630]: Failed password for invalid user teampspeak3 from 151.80.254.74 port 54712 ssh2	2019-11-02 12:37:16
222.186.175.215	attack	Nov 2 05:09:27 herz-der-gamer sshd[16474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.215 user=root Nov 2 05:09:29 herz-der-gamer sshd[16474]: Failed password for root from 222.186.175.215 port 55938 ssh2 ...	2019-11-02 12:11:37
13.75.69.108	attackbotsspam	k+ssh-bruteforce	2019-11-02 12:40:52
132.145.90.84	attack	Nov 2 06:50:59 hosting sshd[17270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.90.84 user=root Nov 2 06:51:01 hosting sshd[17270]: Failed password for root from 132.145.90.84 port 45078 ssh2 Nov 2 06:55:14 hosting sshd[17531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.90.84 user=root Nov 2 06:55:16 hosting sshd[17531]: Failed password for root from 132.145.90.84 port 55828 ssh2 ...	2019-11-02 12:20:45
189.130.55.149	attackspam	Automatic report - Port Scan Attack	2019-11-02 12:38:20
93.39.104.224	attackspam	Nov 1 00:22:44 fwweb01 sshd[26318]: Invalid user systeam from 93.39.104.224 Nov 1 00:22:44 fwweb01 sshd[26318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93-39-104-224.ip75.fastwebnet.hostname Nov 1 00:22:47 fwweb01 sshd[26318]: Failed password for invalid user systeam from 93.39.104.224 port 60706 ssh2 Nov 1 00:22:47 fwweb01 sshd[26318]: Received disconnect from 93.39.104.224: 11: Bye Bye [preauth] Nov 1 00:29:32 fwweb01 sshd[26640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93-39-104-224.ip75.fastwebnet.hostname user=r.r Nov 1 00:29:34 fwweb01 sshd[26640]: Failed password for r.r from 93.39.104.224 port 40942 ssh2 Nov 1 00:29:34 fwweb01 sshd[26640]: Received disconnect from 93.39.104.224: 11: Bye Bye [preauth] Nov 1 00:35:15 fwweb01 sshd[26968]: Invalid user 00 from 93.39.104.224 Nov 1 00:35:15 fwweb01 sshd[26968]: pam_unix(sshd:auth): authentication failure; logname........ -------------------------------	2019-11-02 12:12:23
200.11.240.237	attackspam	Nov 1 18:26:56 wbs sshd\[29216\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.11.240.237 user=root Nov 1 18:26:57 wbs sshd\[29216\]: Failed password for root from 200.11.240.237 port 34692 ssh2 Nov 1 18:31:38 wbs sshd\[29576\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.11.240.237 user=root Nov 1 18:31:39 wbs sshd\[29576\]: Failed password for root from 200.11.240.237 port 53460 ssh2 Nov 1 18:36:24 wbs sshd\[30004\]: Invalid user monitor from 200.11.240.237	2019-11-02 12:36:46
219.90.67.89	attackspam	Nov 2 03:49:03 yesfletchmain sshd\[16037\]: User root from 219.90.67.89 not allowed because not listed in AllowUsers Nov 2 03:49:03 yesfletchmain sshd\[16037\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.90.67.89 user=root Nov 2 03:49:05 yesfletchmain sshd\[16037\]: Failed password for invalid user root from 219.90.67.89 port 33998 ssh2 Nov 2 03:55:00 yesfletchmain sshd\[16147\]: User root from 219.90.67.89 not allowed because not listed in AllowUsers Nov 2 03:55:00 yesfletchmain sshd\[16147\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.90.67.89 user=root ...	2019-11-02 12:34:01
148.70.33.136	attackspam	Nov 2 05:16:59 vps01 sshd[10389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.33.136 Nov 2 05:17:01 vps01 sshd[10389]: Failed password for invalid user d3b1an from 148.70.33.136 port 60550 ssh2	2019-11-02 12:30:37
167.172.82.230	attack	Lines containing failures of 167.172.82.230 Oct 31 06:46:45 zabbix sshd[79640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.82.230 user=r.r Oct 31 06:46:47 zabbix sshd[79640]: Failed password for r.r from 167.172.82.230 port 47148 ssh2 Oct 31 06:46:47 zabbix sshd[79640]: Received disconnect from 167.172.82.230 port 47148:11: Bye Bye [preauth] Oct 31 06:46:47 zabbix sshd[79640]: Disconnected from authenticating user r.r 167.172.82.230 port 47148 [preauth] Oct 31 07:04:24 zabbix sshd[81004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.82.230 user=r.r Oct 31 07:04:26 zabbix sshd[81004]: Failed password for r.r from 167.172.82.230 port 42114 ssh2 Oct 31 07:04:27 zabbix sshd[81004]: Received disconnect from 167.172.82.230 port 42114:11: Bye Bye [preauth] Oct 31 07:04:27 zabbix sshd[81004]: Disconnected from authenticating user r.r 167.172.82.230 port 42114 [preauth] Oct 3........ ------------------------------	2019-11-02 12:19:16
46.38.144.17	attackspambots	Nov 2 05:21:29 webserver postfix/smtpd\[1279\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 2 05:22:41 webserver postfix/smtpd\[614\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 2 05:23:53 webserver postfix/smtpd\[1279\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 2 05:25:07 webserver postfix/smtpd\[1805\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 2 05:26:17 webserver postfix/smtpd\[1279\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-11-02 12:36:08
119.122.88.207	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 02-11-2019 03:55:15.	2019-11-02 12:24:52

Recently Reported IPs

222.184.179.4	205.185.120.22	117.241.237.112	35.225.16.121
175.147.104.17	79.180.211.22	62.219.78.156	190.161.104.178
187.32.98.171	140.143.200.18	103.138.10.71	188.162.185.254
178.17.174.10	121.232.16.51	194.93.59.12	111.37.210.142
117.67.98.58	110.184.213.58	171.44.223.66	106.111.190.254