42.117.13.189 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: FPT Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt detected from IP address 42.117.13.189 to port 23 [J]	2020-01-21 19:18:27
attack	Unauthorized connection attempt detected from IP address 42.117.13.189 to port 23 [J]	2020-01-21 01:32:39

Comments on same subnet:

IP	Type	Details	Datetime
42.117.137.17	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-29 00:56:21
42.117.137.99	attack	Unauthorized connection attempt detected from IP address 42.117.137.99 to port 23 [J]	2020-02-04 05:54:08
42.117.130.28	attackspambots	unauthorized connection attempt	2020-01-28 20:26:52
42.117.13.150	attackspam	Unauthorized connection attempt detected from IP address 42.117.13.150 to port 23 [J]	2020-01-27 04:16:44
42.117.130.60	attackbots	Unauthorized connection attempt detected from IP address 42.117.130.60 to port 23 [J]	2020-01-18 19:44:14
42.117.130.136	attack	Unauthorized connection attempt detected from IP address 42.117.130.136 to port 23 [J]	2020-01-18 18:54:00
42.117.137.40	attackspambots	Unauthorized connection attempt detected from IP address 42.117.137.40 to port 23 [J]	2020-01-12 17:00:57
42.117.130.213	attackspambots	Unauthorized connection attempt detected from IP address 42.117.130.213 to port 23 [J]	2020-01-07 04:16:30
42.117.130.151	attack	Unauthorized connection attempt detected from IP address 42.117.130.151 to port 23	2019-12-31 21:23:04
42.117.130.11	attackbotsspam	Unauthorized connection attempt detected from IP address 42.117.130.11 to port 23	2019-12-31 00:41:12
42.117.13.5	attackbotsspam	42.117.13.5 - - \[16/Oct/2019:20:54:03 -0700\] "POST /index.php/admin/ HTTP/1.1" 404 2059942.117.13.5 - - \[16/Oct/2019:20:54:03 -0700\] "POST /index.php/admin/index/ HTTP/1.1" 404 2062342.117.13.5 - - \[16/Oct/2019:20:54:03 -0700\] "POST /index.php/admin HTTP/1.1" 404 20595 ...	2019-10-17 14:19:44
42.117.132.233	attackbotsspam	" "	2019-08-10 07:27:19
42.117.130.32	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-26 03:14:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.117.13.189
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49963
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.117.13.189.			IN	A

;; AUTHORITY SECTION:
.			351	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012001 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 21 01:32:35 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 189.13.117.42.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 189.13.117.42.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
124.53.7.132	attackbotsspam	Automatic report - SSH Brute-Force Attack	2020-01-09 21:50:22
176.113.70.58	attackbotsspam	SIP/5060 Probe, BF, Hack -	2020-01-09 21:49:29
39.76.4.222	attackspam	Honeypot hit.	2020-01-09 21:58:12
193.95.243.179	attack	firewall-block, port(s): 8080/tcp	2020-01-09 22:10:20
108.160.199.219	attack	Jan 9 14:10:33 nextcloud sshd\[21874\]: Invalid user share from 108.160.199.219 Jan 9 14:10:33 nextcloud sshd\[21874\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=108.160.199.219 Jan 9 14:10:35 nextcloud sshd\[21874\]: Failed password for invalid user share from 108.160.199.219 port 57134 ssh2 ...	2020-01-09 21:50:47
185.153.196.225	attackbots	SIP/5060 Probe, BF, Hack -	2020-01-09 21:59:43
124.82.156.29	attackbotsspam	Jan 9 18:58:54 gw1 sshd[4764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.82.156.29 Jan 9 18:58:56 gw1 sshd[4764]: Failed password for invalid user gitlab from 124.82.156.29 port 36120 ssh2 ...	2020-01-09 22:04:57
106.13.219.148	attackbotsspam	Jan 9 14:23:01 meumeu sshd[11433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.219.148 Jan 9 14:23:03 meumeu sshd[11433]: Failed password for invalid user deu from 106.13.219.148 port 60452 ssh2 Jan 9 14:26:43 meumeu sshd[12019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.219.148 ...	2020-01-09 21:47:22
47.94.93.134	attack	Unauthorized connection attempt detected from IP address 47.94.93.134 to port 7822	2020-01-09 22:06:18
123.180.44.45	attackbots	2020-01-09 07:10:16 dovecot_login authenticator failed for (bwmyd) [123.180.44.45]:49768 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=lijing@lerctr.org) 2020-01-09 07:10:24 dovecot_login authenticator failed for (fglkn) [123.180.44.45]:49768 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=lijing@lerctr.org) 2020-01-09 07:10:35 dovecot_login authenticator failed for (pyrxk) [123.180.44.45]:49768 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=lijing@lerctr.org) ...	2020-01-09 21:51:15
141.98.80.204	attackbots	Unauthorised access (Jan 9) SRC=141.98.80.204 LEN=40 TTL=248 ID=35770 TCP DPT=3389 WINDOW=1024 SYN	2020-01-09 22:21:49
185.226.113.11	attack	Telnet/23 MH Probe, BF, Hack -	2020-01-09 22:16:11
192.241.201.182	attack	Too many connections or unauthorized access detected from Arctic banned ip	2020-01-09 21:43:55
188.156.110.139	attack	Jan 9 10:08:24 firewall sshd[29424]: Invalid user hxn from 188.156.110.139 Jan 9 10:08:27 firewall sshd[29424]: Failed password for invalid user hxn from 188.156.110.139 port 42362 ssh2 Jan 9 10:10:31 firewall sshd[29445]: Invalid user ywk from 188.156.110.139 ...	2020-01-09 21:56:14
222.186.175.169	attack	Jan 9 15:09:29 dcd-gentoo sshd[24932]: User root from 222.186.175.169 not allowed because none of user's groups are listed in AllowGroups Jan 9 15:09:32 dcd-gentoo sshd[24932]: error: PAM: Authentication failure for illegal user root from 222.186.175.169 Jan 9 15:09:29 dcd-gentoo sshd[24932]: User root from 222.186.175.169 not allowed because none of user's groups are listed in AllowGroups Jan 9 15:09:32 dcd-gentoo sshd[24932]: error: PAM: Authentication failure for illegal user root from 222.186.175.169 Jan 9 15:09:29 dcd-gentoo sshd[24932]: User root from 222.186.175.169 not allowed because none of user's groups are listed in AllowGroups Jan 9 15:09:32 dcd-gentoo sshd[24932]: error: PAM: Authentication failure for illegal user root from 222.186.175.169 Jan 9 15:09:32 dcd-gentoo sshd[24932]: Failed keyboard-interactive/pam for invalid user root from 222.186.175.169 port 43388 ssh2 ...	2020-01-09 22:16:47

Recently Reported IPs

180.180.42.14	180.127.243.182	176.125.113.203	164.52.36.243
153.142.239.137	121.31.147.18	120.10.26.219	118.126.101.81
117.144.113.74	115.218.20.212	113.117.6.95	113.116.19.106
112.124.5.204	112.72.213.66	101.80.227.43	82.18.211.159
94.73.222.50	61.53.170.187	59.175.61.32	49.234.196.225