42.117.13.5 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: FPT Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	42.117.13.5 - - \[16/Oct/2019:20:54:03 -0700\] "POST /index.php/admin/ HTTP/1.1" 404 2059942.117.13.5 - - \[16/Oct/2019:20:54:03 -0700\] "POST /index.php/admin/index/ HTTP/1.1" 404 2062342.117.13.5 - - \[16/Oct/2019:20:54:03 -0700\] "POST /index.php/admin HTTP/1.1" 404 20595 ...	2019-10-17 14:19:44

Type

Details

Datetime

attackbotsspam

42.117.13.5 - - \[16/Oct/2019:20:54:03 -0700\] "POST /index.php/admin/ HTTP/1.1" 404 2059942.117.13.5 - - \[16/Oct/2019:20:54:03 -0700\] "POST /index.php/admin/index/ HTTP/1.1" 404 2062342.117.13.5 - - \[16/Oct/2019:20:54:03 -0700\] "POST /index.php/admin HTTP/1.1" 404 20595
...

2019-10-17 14:19:44

Comments on same subnet:

IP	Type	Details	Datetime
42.117.137.17	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-29 00:56:21
42.117.137.99	attack	Unauthorized connection attempt detected from IP address 42.117.137.99 to port 23 [J]	2020-02-04 05:54:08
42.117.130.28	attackspambots	unauthorized connection attempt	2020-01-28 20:26:52
42.117.13.150	attackspam	Unauthorized connection attempt detected from IP address 42.117.13.150 to port 23 [J]	2020-01-27 04:16:44
42.117.13.189	attackbots	Unauthorized connection attempt detected from IP address 42.117.13.189 to port 23 [J]	2020-01-21 19:18:27
42.117.13.189	attack	Unauthorized connection attempt detected from IP address 42.117.13.189 to port 23 [J]	2020-01-21 01:32:39
42.117.130.60	attackbots	Unauthorized connection attempt detected from IP address 42.117.130.60 to port 23 [J]	2020-01-18 19:44:14
42.117.130.136	attack	Unauthorized connection attempt detected from IP address 42.117.130.136 to port 23 [J]	2020-01-18 18:54:00
42.117.137.40	attackspambots	Unauthorized connection attempt detected from IP address 42.117.137.40 to port 23 [J]	2020-01-12 17:00:57
42.117.130.213	attackspambots	Unauthorized connection attempt detected from IP address 42.117.130.213 to port 23 [J]	2020-01-07 04:16:30
42.117.130.151	attack	Unauthorized connection attempt detected from IP address 42.117.130.151 to port 23	2019-12-31 21:23:04
42.117.130.11	attackbotsspam	Unauthorized connection attempt detected from IP address 42.117.130.11 to port 23	2019-12-31 00:41:12
42.117.132.233	attackbotsspam	" "	2019-08-10 07:27:19
42.117.130.32	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-26 03:14:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.117.13.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58447
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.117.13.5.			IN	A

;; AUTHORITY SECTION:
.			515	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101700 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 17 14:19:39 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 5.13.117.42.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 5.13.117.42.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
201.190.176.19	attack	Feb 9 06:01:04 sxvn sshd[1585476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.190.176.19	2020-02-09 15:05:11
222.186.30.35	attackspam	Feb 9 07:18:22 legacy sshd[5912]: Failed password for root from 222.186.30.35 port 36893 ssh2 Feb 9 07:26:46 legacy sshd[6412]: Failed password for root from 222.186.30.35 port 44100 ssh2 Feb 9 07:26:48 legacy sshd[6412]: Failed password for root from 222.186.30.35 port 44100 ssh2 ...	2020-02-09 14:57:07
111.231.33.135	attack	Feb 9 09:56:21 gw1 sshd[22039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.33.135 Feb 9 09:56:23 gw1 sshd[22039]: Failed password for invalid user dag from 111.231.33.135 port 38452 ssh2 ...	2020-02-09 14:56:09
106.13.138.225	attackspam	Feb 9 08:08:53 server sshd\[8791\]: Invalid user fye from 106.13.138.225 Feb 9 08:08:53 server sshd\[8791\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.225 Feb 9 08:08:55 server sshd\[8791\]: Failed password for invalid user fye from 106.13.138.225 port 35050 ssh2 Feb 9 08:17:44 server sshd\[10346\]: Invalid user iiz from 106.13.138.225 Feb 9 08:17:44 server sshd\[10346\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.138.225 ...	2020-02-09 15:14:17
122.52.48.92	attack	Feb 9 07:06:36 markkoudstaal sshd[18096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.52.48.92 Feb 9 07:06:38 markkoudstaal sshd[18096]: Failed password for invalid user iut from 122.52.48.92 port 51031 ssh2 Feb 9 07:11:17 markkoudstaal sshd[18921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.52.48.92	2020-02-09 15:05:55
189.41.80.199	attackspam	Automatic report - Port Scan Attack	2020-02-09 15:05:32
51.38.129.120	attack	Automatic report - Banned IP Access	2020-02-09 15:18:06
92.103.210.13	attackbots	Feb 9 04:55:38 *** sshd[1421]: Did not receive identification string from 92.103.210.13	2020-02-09 15:23:23
202.72.243.198	attack	Automatic report - SSH Brute-Force Attack	2020-02-09 14:59:24
5.160.232.231	attackbotsspam	Feb 9 06:27:00 sso sshd[3016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.160.232.231 Feb 9 06:27:02 sso sshd[3016]: Failed password for invalid user gnj from 5.160.232.231 port 56242 ssh2 ...	2020-02-09 14:59:58
35.175.106.191	attack	Feb 9 10:25:57 areeb-Workstation sshd[3455]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.175.106.191 Feb 9 10:25:58 areeb-Workstation sshd[3455]: Failed password for invalid user pdx from 35.175.106.191 port 47236 ssh2 ...	2020-02-09 15:01:44
5.135.181.53	attack	Feb 9 06:15:23 game-panel sshd[27152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.181.53 Feb 9 06:15:25 game-panel sshd[27152]: Failed password for invalid user ajv from 5.135.181.53 port 49458 ssh2 Feb 9 06:17:45 game-panel sshd[27277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.181.53	2020-02-09 15:17:18
80.82.65.122	attack	Feb 9 07:57:17 h2177944 kernel: \[4429473.920019\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=80.82.65.122 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=11551 PROTO=TCP SPT=56352 DPT=30913 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 9 07:57:17 h2177944 kernel: \[4429473.920035\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=80.82.65.122 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=11551 PROTO=TCP SPT=56352 DPT=30913 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 9 08:03:29 h2177944 kernel: \[4429845.673855\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=80.82.65.122 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=29642 PROTO=TCP SPT=56352 DPT=30937 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 9 08:03:29 h2177944 kernel: \[4429845.673868\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=80.82.65.122 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=29642 PROTO=TCP SPT=56352 DPT=30937 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 9 08:23:48 h2177944 kernel: \[4431063.942253\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=80.82.65.122 DST=85.214.117.9	2020-02-09 15:31:03
14.186.164.22	attackspam	2020-02-0905:56:211j0edo-0002VX-EJ\<=verena@rs-solution.chH=\(localhost\)[43.255.239.48]:37980P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2118id=8E8B3D6E65B19F2CF0F5BC04F01AB89F@rs-solution.chT="Ihopeyouareadecentperson"forgangstaguzy@gmail.com2020-02-0905:56:011j0edU-0002Us-4J\<=verena@rs-solution.chH=\(localhost\)[14.186.164.22]:52567P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2122id=4144F2A1AA7E50E33F3A73CB3F7B7377@rs-solution.chT="areyoulonelytoo\?"forkellyd.allen40@gmail.com2020-02-0905:55:381j0ed7-0002UD-TZ\<=verena@rs-solution.chH=\(localhost\)[14.242.62.125]:46934P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2083id=0E0BBDEEE5311FAC70753C8470C17C90@rs-solution.chT="apleasantsurprise"forjessgabrielson131@gmail.com2020-02-0905:55:221j0ecr-0002Ts-Cf\<=verena@rs-solution.chH=\(localhost\)[117.1.235.33]:57685P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:2	2020-02-09 14:50:28
199.195.251.227	attackspam	Feb 9 12:09:39 gw1 sshd[24529]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.251.227 Feb 9 12:09:41 gw1 sshd[24529]: Failed password for invalid user cek from 199.195.251.227 port 33838 ssh2 ...	2020-02-09 15:31:41

Recently Reported IPs

178.85.22.95	63.88.118.192	56.73.22.102	105.154.224.28
14.207.116.57	196.218.177.170	222.189.191.28	70.65.24.213
111.20.190.32	69.195.124.132	1.175.81.252	185.128.25.102
170.245.94.168	78.37.22.49	36.224.215.30	177.95.75.114
94.158.165.14	176.209.34.213	91.90.79.62	154.253.168.119