42.113.18.140 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: FPT Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorised access (Oct 11) SRC=42.113.18.140 LEN=40 TTL=47 ID=61014 TCP DPT=23 WINDOW=23470 SYN	2019-10-11 14:42:34

Comments on same subnet:

IP	Type	Details	Datetime
42.113.189.213	attack	Unauthorized connection attempt from IP address 42.113.189.213 on Port 445(SMB)	2020-08-30 21:13:17
42.113.182.147	attack	1598269587 - 08/24/2020 13:46:27 Host: 42.113.182.147/42.113.182.147 Port: 445 TCP Blocked	2020-08-25 02:16:19
42.113.183.75	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-29 03:20:19
42.113.183.111	attackspam	20/2/18@15:23:36: FAIL: IoT-Telnet address from=42.113.183.111 ...	2020-02-19 05:49:37
42.113.183.151	attackbots	1581483181 - 02/12/2020 05:53:01 Host: 42.113.183.151/42.113.183.151 Port: 445 TCP Blocked	2020-02-12 17:32:55
42.113.183.125	attackspambots	20/2/3@01:18:47: FAIL: Alarm-Network address from=42.113.183.125 ...	2020-02-03 17:33:44
42.113.188.158	attackspambots	42.113.188.158 was recorded 5 times by 1 hosts attempting to connect to the following ports: 51413. Incident counter (4h, 24h, all-time): 5, 5, 5	2019-11-26 01:31:58
42.113.184.20	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 24-11-2019 04:55:20.	2019-11-24 13:10:27
42.113.183.201	attack	" "	2019-11-09 04:18:55
42.113.183.91	attackspam	445/tcp [2019-10-31]1pkt	2019-10-31 17:46:50
42.113.183.216	attackspam	Unauthorised access (Oct 6) SRC=42.113.183.216 LEN=40 TTL=50 ID=16582 TCP DPT=8080 WINDOW=40772 SYN Unauthorised access (Oct 6) SRC=42.113.183.216 LEN=40 TTL=50 ID=22999 TCP DPT=8080 WINDOW=36125 SYN Unauthorised access (Oct 6) SRC=42.113.183.216 LEN=40 TTL=50 ID=64734 TCP DPT=8080 WINDOW=36125 SYN	2019-10-06 21:33:12
42.113.185.190	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 30-09-2019 04:55:15.	2019-09-30 15:53:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.113.18.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3756
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.113.18.140.			IN	A

;; AUTHORITY SECTION:
.			177	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101001 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 11 14:42:29 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 140.18.113.42.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 140.18.113.42.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.181.11.216	attack	Sep 13 20:44:09 ip-172-31-1-72 sshd\[25913\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.181.11.216 user=root Sep 13 20:44:11 ip-172-31-1-72 sshd\[25913\]: Failed password for root from 222.181.11.216 port 11710 ssh2 Sep 13 20:49:46 ip-172-31-1-72 sshd\[25956\]: Invalid user shelby from 222.181.11.216 Sep 13 20:49:46 ip-172-31-1-72 sshd\[25956\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.181.11.216 Sep 13 20:49:48 ip-172-31-1-72 sshd\[25956\]: Failed password for invalid user shelby from 222.181.11.216 port 14974 ssh2	2019-09-14 04:55:29
132.148.246.254	attackbots	WP admin tries to login	2019-09-14 05:09:05
192.119.111.221	attackspambots	Sep 14 00:07:03 yabzik postfix/smtpd[11468]: warning: hwsrv-583170.hostwindsdns.com[192.119.111.221]: SASL LOGIN authentication failed: authentication failure Sep 14 00:07:06 yabzik postfix/smtpd[11468]: warning: hwsrv-583170.hostwindsdns.com[192.119.111.221]: SASL LOGIN authentication failed: authentication failure Sep 14 00:07:08 yabzik postfix/smtpd[11468]: warning: hwsrv-583170.hostwindsdns.com[192.119.111.221]: SASL LOGIN authentication failed: authentication failure Sep 14 00:07:10 yabzik postfix/smtpd[11468]: warning: hwsrv-583170.hostwindsdns.com[192.119.111.221]: SASL LOGIN authentication failed: authentication failure Sep 14 00:07:13 yabzik postfix/smtpd[11468]: warning: hwsrv-583170.hostwindsdns.com[192.119.111.221]: SASL LOGIN authentication failed: authentication failure	2019-09-14 05:24:54
81.177.49.160	attackbots	Port Scan: TCP/443	2019-09-14 05:21:03
81.171.58.72	attack	\[2019-09-13 16:41:25\] NOTICE\[20685\] chan_sip.c: Registration from '\' failed for '81.171.58.72:56754' - Wrong password \[2019-09-13 16:41:25\] SECURITY\[20693\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-13T16:41:25.281-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="9143",SessionID="0x7f8a6c255a88",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/81.171.58.72/56754",Challenge="376670ac",ReceivedChallenge="376670ac",ReceivedHash="434faa32ad2bc81725ec401c7deb8fbf" \[2019-09-13 16:41:44\] NOTICE\[20685\] chan_sip.c: Registration from '\' failed for '81.171.58.72:64344' - Wrong password \[2019-09-13 16:41:44\] SECURITY\[20693\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-13T16:41:44.033-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="7429",SessionID="0x7f8a6c830888",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/81.171.5	2019-09-14 05:06:40
61.177.172.128	attackspam	Scanning random ports - tries to find possible vulnerable services	2019-09-14 04:50:03
89.248.174.193	attackbotsspam	firewall-block, port(s): 2086/tcp, 2480/tcp	2019-09-14 05:15:55
41.223.142.211	attackbotsspam	Sep 13 15:35:54 vps647732 sshd[31052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.223.142.211 Sep 13 15:35:56 vps647732 sshd[31052]: Failed password for invalid user teste@123 from 41.223.142.211 port 33654 ssh2 ...	2019-09-14 05:16:45
178.128.201.224	attack	Sep 13 21:31:41 XXX sshd[27197]: Invalid user ofsaa from 178.128.201.224 port 60524	2019-09-14 04:52:47
178.89.122.209	attackbots	KZ - 1H : (5) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : KZ NAME ASN : ASN9198 IP : 178.89.122.209 CIDR : 178.89.120.0/22 PREFIX COUNT : 1223 UNIQUE IP COUNT : 1472256 WYKRYTE ATAKI Z ASN9198 : 1H - 2 3H - 2 6H - 2 12H - 3 24H - 4 INFO : Best E-Mail Spam Filter Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-14 05:13:45
159.65.54.48	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-09-14 05:04:03
159.65.83.5	attack	Fail2Ban Ban Triggered	2019-09-14 05:26:11
218.92.0.191	attack	Sep 13 23:23:33 dcd-gentoo sshd[31408]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Sep 13 23:23:35 dcd-gentoo sshd[31408]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Sep 13 23:23:33 dcd-gentoo sshd[31408]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Sep 13 23:23:35 dcd-gentoo sshd[31408]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Sep 13 23:23:33 dcd-gentoo sshd[31408]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Sep 13 23:23:35 dcd-gentoo sshd[31408]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Sep 13 23:23:35 dcd-gentoo sshd[31408]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 36530 ssh2 ...	2019-09-14 05:27:04
180.248.80.38	attack	Automatic report - Port Scan Attack	2019-09-14 05:18:35
46.101.142.99	attackbots	ssh failed login	2019-09-14 04:58:29

Recently Reported IPs

95.231.76.33	135.100.248.63	208.137.69.119	10.67.77.53
224.41.10.1	32.172.109.203	240.215.70.28	31.78.6.132
57.193.29.244	54.75.153.201	99.152.98.109	202.154.252.125
110.143.255.111	250.47.58.115	116.14.71.177	74.177.163.91
137.219.30.95	49.54.93.51	233.92.114.43	152.217.134.62