42.119.199.215

Basic Info

City: Ho Chi Minh City

Region: Ho Chi Minh

Country: Vietnam

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.119.199.248	attackbots	Automatic report - Port Scan Attack	2020-04-11 22:54:08
42.119.199.185	attackspambots	Unauthorized connection attempt detected from IP address 42.119.199.185 to port 23 [J]	2020-02-02 19:42:31
42.119.199.208	attack	Unauthorised access (Oct 1) SRC=42.119.199.208 LEN=40 TTL=47 ID=5994 TCP DPT=8080 WINDOW=55611 SYN Unauthorised access (Oct 1) SRC=42.119.199.208 LEN=40 TTL=47 ID=13597 TCP DPT=8080 WINDOW=55611 SYN Unauthorised access (Oct 1) SRC=42.119.199.208 LEN=40 TTL=47 ID=55439 TCP DPT=8080 WINDOW=13259 SYN Unauthorised access (Oct 1) SRC=42.119.199.208 LEN=40 TTL=43 ID=3434 TCP DPT=8080 WINDOW=13447 SYN Unauthorised access (Sep 30) SRC=42.119.199.208 LEN=40 TTL=43 ID=6843 TCP DPT=8080 WINDOW=64283 SYN Unauthorised access (Sep 30) SRC=42.119.199.208 LEN=40 TTL=43 ID=12835 TCP DPT=8080 WINDOW=64283 SYN Unauthorised access (Sep 30) SRC=42.119.199.208 LEN=40 TTL=43 ID=8187 TCP DPT=8080 WINDOW=13259 SYN Unauthorised access (Sep 30) SRC=42.119.199.208 LEN=40 TTL=43 ID=1579 TCP DPT=8080 WINDOW=13447 SYN	2019-10-02 00:36:15
42.119.199.208	attack	(Sep 29) LEN=40 TTL=47 ID=30782 TCP DPT=8080 WINDOW=64283 SYN (Sep 29) LEN=40 TTL=47 ID=15214 TCP DPT=8080 WINDOW=64283 SYN (Sep 29) LEN=40 TTL=47 ID=52307 TCP DPT=8080 WINDOW=55611 SYN (Sep 29) LEN=40 TTL=47 ID=21857 TCP DPT=8080 WINDOW=64283 SYN (Sep 29) LEN=40 TTL=47 ID=44771 TCP DPT=8080 WINDOW=13447 SYN (Sep 29) LEN=40 TTL=47 ID=17699 TCP DPT=8080 WINDOW=64283 SYN (Sep 28) LEN=40 TTL=47 ID=28716 TCP DPT=8080 WINDOW=64283 SYN (Sep 28) LEN=40 TTL=47 ID=48677 TCP DPT=8080 WINDOW=55611 SYN (Sep 28) LEN=40 TTL=47 ID=18247 TCP DPT=8080 WINDOW=55611 SYN (Sep 28) LEN=40 TTL=47 ID=49581 TCP DPT=8080 WINDOW=13259 SYN (Sep 27) LEN=40 TTL=47 ID=28336 TCP DPT=8080 WINDOW=64283 SYN	2019-09-30 06:28:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.119.199.215
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59419
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.119.199.215.			IN	A

;; AUTHORITY SECTION:
.			508	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023010600 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 07 00:37:34 CST 2023
;; MSG SIZE  rcvd: 107

Host info

Host 215.199.119.42.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

server can't find 42.119.199.215.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.55.53.49	attackbots	Lines containing failures of 190.55.53.49 Jul 16 07:00:20 neon sshd[6638]: Invalid user moses from 190.55.53.49 port 41988 Jul 16 07:00:20 neon sshd[6638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.55.53.49 Jul 16 07:00:23 neon sshd[6638]: Failed password for invalid user moses from 190.55.53.49 port 41988 ssh2 Jul 16 07:00:23 neon sshd[6638]: Received disconnect from 190.55.53.49 port 41988:11: Bye Bye [preauth] Jul 16 07:00:23 neon sshd[6638]: Disconnected from invalid user moses 190.55.53.49 port 41988 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=190.55.53.49	2020-07-17 20:52:01
45.64.237.125	attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-17T12:14:13Z and 2020-07-17T12:25:24Z	2020-07-17 21:08:17
120.131.3.91	attack	Jul 17 14:14:42 debian-2gb-nbg1-2 kernel: \[17246636.781098\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=120.131.3.91 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=12948 PROTO=TCP SPT=59619 DPT=22681 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-17 20:50:16
61.177.172.159	attack	Jul 17 15:24:27 jane sshd[16089]: Failed password for root from 61.177.172.159 port 40573 ssh2 Jul 17 15:24:31 jane sshd[16089]: Failed password for root from 61.177.172.159 port 40573 ssh2 ...	2020-07-17 21:25:11
162.243.233.102	attack	2020-07-17T13:59:10.606590vps773228.ovh.net sshd[23114]: Failed password for invalid user steve from 162.243.233.102 port 50713 ssh2 2020-07-17T14:14:31.298821vps773228.ovh.net sshd[23246]: Invalid user zahir from 162.243.233.102 port 59990 2020-07-17T14:14:31.317500vps773228.ovh.net sshd[23246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.233.102 2020-07-17T14:14:31.298821vps773228.ovh.net sshd[23246]: Invalid user zahir from 162.243.233.102 port 59990 2020-07-17T14:14:33.416885vps773228.ovh.net sshd[23246]: Failed password for invalid user zahir from 162.243.233.102 port 59990 ssh2 ...	2020-07-17 21:05:25
24.251.101.144	attackbotsspam	Brute forcing email accounts	2020-07-17 21:06:42
193.148.69.157	attackbots	$f2bV_matches	2020-07-17 20:51:43
188.166.18.69	attackbots	188.166.18.69 - - [17/Jul/2020:14:14:19 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.166.18.69 - - [17/Jul/2020:14:14:21 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.166.18.69 - - [17/Jul/2020:14:14:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-17 21:15:54
111.198.61.150	attack	SSH Brute-Force reported by Fail2Ban	2020-07-17 21:27:53
178.62.11.53	attackbots	Jul 17 13:22:19 gospond sshd[22062]: Invalid user alison from 178.62.11.53 port 41658 Jul 17 13:22:21 gospond sshd[22062]: Failed password for invalid user alison from 178.62.11.53 port 41658 ssh2 Jul 17 13:26:29 gospond sshd[22105]: Invalid user ian from 178.62.11.53 port 59234 ...	2020-07-17 21:14:15
120.92.111.13	attackspambots	Jul 17 13:43:00 rocket sshd[32170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.111.13 Jul 17 13:43:02 rocket sshd[32170]: Failed password for invalid user tat from 120.92.111.13 port 28158 ssh2 Jul 17 13:48:42 rocket sshd[392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.111.13 ...	2020-07-17 20:53:03
222.186.173.238	attackbotsspam	Jul 17 14:05:47 rocket sshd[2638]: Failed password for root from 222.186.173.238 port 61862 ssh2 Jul 17 14:06:00 rocket sshd[2638]: error: maximum authentication attempts exceeded for root from 222.186.173.238 port 61862 ssh2 [preauth] ...	2020-07-17 21:09:54
94.102.56.231	attackbots	Triggered: repeated knocking on closed ports.	2020-07-17 20:55:32
122.51.169.118	attackspambots	"Unauthorized connection attempt on SSHD detected"	2020-07-17 20:58:51
220.134.171.195	attackbots	2 more HTTP hits without headers : 1 with length 14, 1 with length 4	2020-07-17 21:03:55

Recently Reported IPs

43.27.16.5	43.109.24.234	42.114.71.132	41.255.184.99
40.85.85.154	39.220.42.227	4.66.203.9	38.182.255.128
37.6.59.243	37.208.156.2	38.70.239.156	36.243.236.211
34.176.251.70	33.88.81.101	32.180.184.140	32.208.115.231
31.201.61.108	30.7.82.187	3.188.125.252	3.123.20.67