42.2.13.100 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt detected from IP address 42.2.13.100 to port 5555 [J]	2020-02-05 07:33:34

Comments on same subnet:

IP	Type	Details	Datetime
42.2.131.7	attackspam	Sep 20 14:01:26 logopedia-1vcpu-1gb-nyc1-01 sshd[443008]: Failed password for root from 42.2.131.7 port 35310 ssh2 ...	2020-09-21 23:17:15
42.2.131.7	attackspambots	Sep 20 14:01:26 logopedia-1vcpu-1gb-nyc1-01 sshd[443008]: Failed password for root from 42.2.131.7 port 35310 ssh2 ...	2020-09-21 15:00:24
42.2.131.7	attackbotsspam	Sep 20 14:01:26 logopedia-1vcpu-1gb-nyc1-01 sshd[443008]: Failed password for root from 42.2.131.7 port 35310 ssh2 ...	2020-09-21 06:53:17
42.2.132.108	attackbots	$f2bV_matches	2020-06-13 19:04:35
42.2.136.107	attack	Brute-force attempt banned	2020-06-07 23:21:10
42.2.131.73	attackspam	May 28 14:02:19 fhem-rasp sshd[9311]: Failed password for root from 42.2.131.73 port 51048 ssh2 May 28 14:02:20 fhem-rasp sshd[9311]: Connection closed by authenticating user root 42.2.131.73 port 51048 [preauth] ...	2020-05-28 21:52:47
42.2.132.131	attackbotsspam	Bruteforce detected by fail2ban	2020-04-29 20:20:12
42.2.132.131	attackspam	Feb 8 04:06:46 XXX sshd[10564]: Invalid user jvn from 42.2.132.131 port 43384	2020-02-08 13:11:20
42.2.135.11	attackspam	" "	2020-02-08 09:58:46
42.2.132.131	attack	Jan 26 05:46:20 MainVPS sshd[13796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.2.132.131 user=root Jan 26 05:46:22 MainVPS sshd[13796]: Failed password for root from 42.2.132.131 port 60990 ssh2 Jan 26 05:51:47 MainVPS sshd[24247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.2.132.131 user=root Jan 26 05:51:49 MainVPS sshd[24247]: Failed password for root from 42.2.132.131 port 45388 ssh2 Jan 26 05:55:02 MainVPS sshd[30728]: Invalid user raisa from 42.2.132.131 port 47818 ...	2020-01-26 13:15:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.2.13.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24341
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.2.13.100.			IN	A

;; AUTHORITY SECTION:
.			406	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020401 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 05 07:33:29 CST 2020
;; MSG SIZE  rcvd: 115

Host info

100.13.2.42.in-addr.arpa domain name pointer 42-2-13-100.static.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
100.13.2.42.in-addr.arpa	name = 42-2-13-100.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
137.74.129.189	attackspam	Jul 20 01:39:50 microserver sshd[45702]: Invalid user didier from 137.74.129.189 port 50414 Jul 20 01:39:50 microserver sshd[45702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.129.189 Jul 20 01:39:52 microserver sshd[45702]: Failed password for invalid user didier from 137.74.129.189 port 50414 ssh2 Jul 20 01:44:27 microserver sshd[47044]: Invalid user sg from 137.74.129.189 port 48866 Jul 20 01:44:27 microserver sshd[47044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.129.189 Jul 20 01:57:54 microserver sshd[51131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.129.189 user=root Jul 20 01:57:56 microserver sshd[51131]: Failed password for root from 137.74.129.189 port 44064 ssh2 Jul 20 02:02:31 microserver sshd[52366]: Invalid user testuser from 137.74.129.189 port 42452 Jul 20 02:02:31 microserver sshd[52366]: pam_unix(sshd:auth): authentication failure; lo	2019-07-20 08:27:59
66.249.64.168	attackspambots	[19/Jul/2019:18:34:33 +0200] Web-Request: "GET /.well-known/assetlinks.json", User-Agent: "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"	2019-07-20 08:21:26
2.185.215.6	attackbotsspam	2019-07-19 11:33:23 H=(luxuryclass.it) [2.185.215.6]:53928 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.11, 127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-07-19 11:33:24 H=(luxuryclass.it) [2.185.215.6]:53928 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3, 127.0.0.11) (https://www.spamhaus.org/query/ip/2.185.215.6) 2019-07-19 11:33:26 H=(luxuryclass.it) [2.185.215.6]:53928 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.11, 127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/2.185.215.6) ...	2019-07-20 08:55:08
152.250.252.179	attack	Automatic report - Banned IP Access	2019-07-20 08:24:05
83.17.17.198	attackspam	scan z	2019-07-20 08:57:43
146.115.119.61	attackbots	Jul 14 16:09:52 vpxxxxxxx22308 sshd[5848]: Invalid user tester from 146.115.119.61 Jul 14 16:09:52 vpxxxxxxx22308 sshd[5848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.115.119.61 Jul 14 16:09:54 vpxxxxxxx22308 sshd[5848]: Failed password for invalid user tester from 146.115.119.61 port 58770 ssh2 Jul 14 16:19:37 vpxxxxxxx22308 sshd[8210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.115.119.61 user=r.r Jul 14 16:19:39 vpxxxxxxx22308 sshd[8210]: Failed password for r.r from 146.115.119.61 port 34300 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=146.115.119.61	2019-07-20 08:57:08
14.231.160.231	attackbotsspam	Jul 19 19:33:30 srv-4 sshd\[19464\]: Invalid user admin from 14.231.160.231 Jul 19 19:33:30 srv-4 sshd\[19464\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.231.160.231 Jul 19 19:33:32 srv-4 sshd\[19464\]: Failed password for invalid user admin from 14.231.160.231 port 59742 ssh2 ...	2019-07-20 08:47:01
177.128.141.98	attack	$f2bV_matches	2019-07-20 08:38:04
178.128.183.90	attackspambots	Jul 19 20:35:18 TORMINT sshd\[18260\]: Invalid user projects from 178.128.183.90 Jul 19 20:35:18 TORMINT sshd\[18260\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.183.90 Jul 19 20:35:20 TORMINT sshd\[18260\]: Failed password for invalid user projects from 178.128.183.90 port 46988 ssh2 ...	2019-07-20 08:36:48
217.146.88.2	attackspambots	2019-07-19 dovecot_login authenticator failed for $H5G0bB$ \[217.146.88.2\]: 535 Incorrect authentication data $set_id=REMOVEDREMOVEDREMOVED_perl@REMOVED.de$ 2019-07-19 dovecot_login authenticator failed for $nvaymBLdZ$ \[217.146.88.2\]: 535 Incorrect authentication data $set_id=REMOVEDREMOVEDREMOVED_perl@REMOVED.de$ 2019-07-19 dovecot_login authenticator failed for $jld7WC9Mfb$ \[217.146.88.2\]: 535 Incorrect authentication data $set_id=REMOVEDREMOVEDREMOVED_perl@REMOVED.de$	2019-07-20 08:42:26
120.92.102.121	attack	2019-07-20T00:23:40.795567abusebot-4.cloudsearch.cf sshd\[16721\]: Invalid user sym from 120.92.102.121 port 8404	2019-07-20 08:27:30
159.89.225.82	attackbotsspam	2019-07-20T00:28:45.683311abusebot-6.cloudsearch.cf sshd\[16601\]: Invalid user gemma from 159.89.225.82 port 54958	2019-07-20 08:48:46
41.60.234.192	attackbots	Jul 18 16:09:32 our-server-hostname postfix/smtpd[4924]: connect from unknown[41.60.234.192] Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul 18 16:09:39 our-server-hostname postfix/smtpd[4924]: lost connection after RCPT from unknown[41.60.234.192] Jul 18 16:09:39 our-server-hostname postfix/smtpd[4924]: disconnect from unknown[41.60.234.192] Jul 18 20:17:04 our-server-hostname postfix/smtpd[2166]: connect from unknown[41.60.234.192] Jul x@x Jul x@x Jul x@x Jul x@x Jul 18 20:17:09 our-server-hostname postfix/smtpd[2166]: lost connection after RCPT from unknown[41.60.234.192] Jul 18 20:17:09 our-server-hostname postfix/smtpd[2166]: disconnect from unknown[41.60.234.192] Jul 18 22:42:08 our-server-hostname postfix/smtpd[8562]: connect from unknown[41.60.234.192] Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=41.60.234.192	2019-07-20 08:20:58
117.3.70.183	attackbotsspam	WordPress brute force	2019-07-20 08:43:21
121.48.165.11	attackspam	Invalid user etfile from 121.48.165.11 port 3426	2019-07-20 08:19:27

Recently Reported IPs

127.38.112.180	97.3.28.166	14.243.72.110	141.84.164.212
41.190.32.243	221.132.118.208	135.46.58.205	141.49.215.89
184.156.223.2	103.230.28.58	90.57.98.94	41.24.5.239
182.173.219.163	65.219.162.118	246.11.142.122	24.237.39.181
178.226.79.22	140.204.7.70	70.89.122.142	78.80.29.253