42.118.107.244

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: FPT Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt from IP address 42.118.107.244 on Port 445(SMB)	2019-12-13 17:33:24

Comments on same subnet:

IP	Type	Details	Datetime
42.118.107.76	attackspambots	2020-06-15 20:19:29 server sshd[59036]: Failed password for invalid user root from 42.118.107.76 port 43912 ssh2	2020-06-17 01:52:44
42.118.107.76	attackspambots	2020-06-13T20:24:15.845756mail.csmailer.org sshd[17000]: Invalid user marty from 42.118.107.76 port 45744 2020-06-13T20:24:15.848827mail.csmailer.org sshd[17000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.107.76 2020-06-13T20:24:15.845756mail.csmailer.org sshd[17000]: Invalid user marty from 42.118.107.76 port 45744 2020-06-13T20:24:18.209199mail.csmailer.org sshd[17000]: Failed password for invalid user marty from 42.118.107.76 port 45744 ssh2 2020-06-13T20:27:52.760133mail.csmailer.org sshd[17444]: Invalid user service from 42.118.107.76 port 46774 ...	2020-06-14 04:50:42
42.118.107.76	attack	Jun 13 02:57:39 lnxweb62 sshd[31755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.107.76 Jun 13 02:57:39 lnxweb62 sshd[31755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.107.76	2020-06-13 09:00:41
42.118.107.76	attackspambots	Jun 7 08:38:18 ajax sshd[18663]: Failed password for root from 42.118.107.76 port 55244 ssh2	2020-06-07 16:28:59
42.118.107.76	attackspam	Jun 4 01:59:04 web9 sshd\[13683\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.107.76 user=root Jun 4 01:59:06 web9 sshd\[13683\]: Failed password for root from 42.118.107.76 port 59326 ssh2 Jun 4 02:02:30 web9 sshd\[14077\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.107.76 user=root Jun 4 02:02:31 web9 sshd\[14077\]: Failed password for root from 42.118.107.76 port 53618 ssh2 Jun 4 02:05:55 web9 sshd\[14521\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.107.76 user=root	2020-06-04 23:57:04
42.118.107.76	attack	Jun 2 09:25:10 master sshd[7087]: Failed password for root from 42.118.107.76 port 51268 ssh2 Jun 2 09:33:43 master sshd[7149]: Failed password for root from 42.118.107.76 port 44902 ssh2 Jun 2 09:37:57 master sshd[7171]: Failed password for root from 42.118.107.76 port 50412 ssh2 Jun 2 09:42:06 master sshd[7193]: Failed password for root from 42.118.107.76 port 55924 ssh2 Jun 2 09:46:28 master sshd[7231]: Failed password for root from 42.118.107.76 port 33198 ssh2 Jun 2 09:50:53 master sshd[7250]: Failed password for root from 42.118.107.76 port 38706 ssh2 Jun 2 09:55:15 master sshd[7270]: Failed password for root from 42.118.107.76 port 44206 ssh2 Jun 2 09:59:36 master sshd[7294]: Failed password for root from 42.118.107.76 port 49716 ssh2 Jun 2 10:03:59 master sshd[7327]: Failed password for root from 42.118.107.76 port 55224 ssh2 Jun 2 10:08:19 master sshd[7347]: Failed password for root from 42.118.107.76 port 60734 ssh2	2020-06-02 20:11:37
42.118.107.76	attackspambots	Unauthorized connection attempt detected from IP address 42.118.107.76 to port 445 [T]	2020-03-25 00:09:59
42.118.107.76	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-27 03:38:37,924 INFO [amun_request_handler] PortScan Detected on Port: 445 (42.118.107.76)	2019-06-27 12:12:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.118.107.244
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20876
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.118.107.244.			IN	A

;; AUTHORITY SECTION:
.			557	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121300 1800 900 604800 86400

;; Query time: 421 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 13 17:33:20 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 244.107.118.42.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 244.107.118.42.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
134.122.73.25	attack	May 5 20:57:44 pixelmemory sshd[718377]: Failed password for invalid user karma from 134.122.73.25 port 54374 ssh2 May 5 21:09:36 pixelmemory sshd[720524]: Invalid user gitblit from 134.122.73.25 port 45956 May 5 21:09:36 pixelmemory sshd[720524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.73.25 May 5 21:09:36 pixelmemory sshd[720524]: Invalid user gitblit from 134.122.73.25 port 45956 May 5 21:09:38 pixelmemory sshd[720524]: Failed password for invalid user gitblit from 134.122.73.25 port 45956 ssh2 ...	2020-05-06 16:36:49
125.88.181.107	attackbotsspam	May 6 08:13:04 vps339862 kernel: \[7964499.624495\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:06:39:8f:aa:3b:a2:08:00 SRC=125.88.181.107 DST=51.254.206.43 LEN=40 TOS=0x00 PREC=0x00 TTL=99 ID=256 PROTO=TCP SPT=6000 DPT=91 SEQ=496697344 ACK=0 WINDOW=16384 RES=0x00 SYN URGP=0 May 6 08:13:04 vps339862 kernel: \[7964499.624733\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:06:39:8f:aa:3b:a2:08:00 SRC=125.88.181.107 DST=51.254.206.43 LEN=40 TOS=0x00 PREC=0x00 TTL=99 ID=256 PROTO=TCP SPT=6000 DPT=96 SEQ=1360134144 ACK=0 WINDOW=16384 RES=0x00 SYN URGP=0 May 6 08:13:04 vps339862 kernel: \[7964499.625284\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:06:39:8f:aa:3b:a2:08:00 SRC=125.88.181.107 DST=51.254.206.43 LEN=40 TOS=0x00 PREC=0x00 TTL=99 ID=256 PROTO=TCP SPT=6000 DPT=93 SEQ=651427840 ACK=0 WINDOW=16384 RES=0x00 SYN URGP=0 May 6 08:13:04 vps339862 kernel: \[7964499.626531\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6: ...	2020-05-06 16:41:44
175.198.83.204	attackbotsspam	May 6 10:26:01 vpn01 sshd[23732]: Failed password for root from 175.198.83.204 port 49662 ssh2 ...	2020-05-06 16:39:12
51.15.214.21	attackbots	$f2bV_matches	2020-05-06 17:02:33
153.0.150.42	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-05-06 17:05:26
187.174.149.2	attackspambots	May 6 08:32:53 mail.srvfarm.net postfix/smtpd[197295]: warning: unknown[187.174.149.2]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 6 08:32:53 mail.srvfarm.net postfix/smtpd[197295]: lost connection after AUTH from unknown[187.174.149.2] May 6 08:33:23 mail.srvfarm.net postfix/smtpd[197294]: warning: unknown[187.174.149.2]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 6 08:33:23 mail.srvfarm.net postfix/smtpd[197294]: lost connection after AUTH from unknown[187.174.149.2] May 6 08:37:59 mail.srvfarm.net postfix/smtpd[196722]: warning: unknown[187.174.149.2]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-05-06 16:51:08
191.234.162.169	attackbots	May 6 08:50:56 ovpn sshd\[10918\]: Invalid user ratna from 191.234.162.169 May 6 08:50:56 ovpn sshd\[10918\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.234.162.169 May 6 08:50:57 ovpn sshd\[10918\]: Failed password for invalid user ratna from 191.234.162.169 port 35202 ssh2 May 6 08:56:39 ovpn sshd\[12298\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.234.162.169 user=root May 6 08:56:42 ovpn sshd\[12298\]: Failed password for root from 191.234.162.169 port 45796 ssh2	2020-05-06 16:46:05
141.98.80.48	attack	May 6 10:16:24 mail.srvfarm.net postfix/smtpd[237959]: warning: unknown[141.98.80.48]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 6 10:16:24 mail.srvfarm.net postfix/smtpd[237959]: lost connection after AUTH from unknown[141.98.80.48] May 6 10:16:29 mail.srvfarm.net postfix/smtpd[238454]: lost connection after AUTH from unknown[141.98.80.48] May 6 10:16:34 mail.srvfarm.net postfix/smtpd[238457]: lost connection after AUTH from unknown[141.98.80.48] May 6 10:16:38 mail.srvfarm.net postfix/smtpd[224026]: lost connection after AUTH from unknown[141.98.80.48]	2020-05-06 16:46:26
92.118.37.70	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 86 - port: 3389 proto: TCP cat: Misc Attack	2020-05-06 16:58:50
172.81.226.22	attackspambots	20 attempts against mh-ssh on echoip	2020-05-06 17:04:25
152.136.219.175	attackbots	May 6 05:51:27 vps639187 sshd\[24346\]: Invalid user liming from 152.136.219.175 port 59762 May 6 05:51:27 vps639187 sshd\[24346\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.219.175 May 6 05:51:30 vps639187 sshd\[24346\]: Failed password for invalid user liming from 152.136.219.175 port 59762 ssh2 ...	2020-05-06 16:39:35
58.56.90.148	attackbotsspam	May 6 05:45:31 minden010 sshd[2403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.56.90.148 May 6 05:45:32 minden010 sshd[2403]: Failed password for invalid user spark from 58.56.90.148 port 45358 ssh2 May 6 05:50:58 minden010 sshd[4041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.56.90.148 ...	2020-05-06 17:00:23
203.186.10.162	attackbots	frenzy	2020-05-06 17:07:57
162.243.137.117	attackbots	Port scan(s) denied	2020-05-06 16:47:56
162.243.141.120	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-06 17:05:03

Recently Reported IPs

19.10.225.25	53.223.122.235	145.235.108.95	93.21.178.249
177.39.218.57	73.0.181.190	186.130.185.65	159.130.192.213
64.166.147.131	47.85.58.40	143.188.131.60	131.241.4.41
235.219.227.189	218.255.164.32	96.67.93.133	148.195.186.156
115.79.100.221	80.242.214.78	103.25.120.138	62.28.7.213