113.20.101.4 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): CMC Telecom Infrastructure Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Honeypot attack, port: 445, PTR: static.cmcti.vn.	2020-04-05 01:11:11

相同子网IP讨论:

IP	类型	评论内容	时间
113.20.101.92	attackbots	Honeypot attack, port: 445, PTR: static.cmcti.vn.	2020-05-11 04:13:53
113.20.101.188	attackbots	20/4/23@23:55:39: FAIL: Alarm-Network address from=113.20.101.188 20/4/23@23:55:39: FAIL: Alarm-Network address from=113.20.101.188 ...	2020-04-24 13:57:48
113.20.101.39	attack	1584335379 - 03/16/2020 06:09:39 Host: 113.20.101.39/113.20.101.39 Port: 445 TCP Blocked	2020-03-16 21:00:43
113.20.101.149	attack	1578459403 - 01/08/2020 05:56:43 Host: 113.20.101.149/113.20.101.149 Port: 445 TCP Blocked	2020-01-08 13:19:28
113.20.101.225	attackspambots	Honeypot attack, port: 445, PTR: static.cmcti.vn.	2020-01-05 00:28:03
113.20.101.165	attackspam	Unauthorized connection attempt from IP address 113.20.101.165 on Port 445(SMB)	2019-11-26 04:39:13

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.20.101.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39681
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.20.101.4.			IN	A

;; AUTHORITY SECTION:
.			268	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040401 1800 900 604800 86400

;; Query time: 528 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 05 01:11:01 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

4.101.20.113.in-addr.arpa domain name pointer static.cmcti.vn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
4.101.20.113.in-addr.arpa	name = static.cmcti.vn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
51.38.236.221	attack	Sep 1 14:26:37 php2 sshd\[21506\]: Invalid user jenghan from 51.38.236.221 Sep 1 14:26:37 php2 sshd\[21506\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.ip-51-38-236.eu Sep 1 14:26:39 php2 sshd\[21506\]: Failed password for invalid user jenghan from 51.38.236.221 port 50710 ssh2 Sep 1 14:31:14 php2 sshd\[21897\]: Invalid user admin2 from 51.38.236.221 Sep 1 14:31:14 php2 sshd\[21897\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.ip-51-38-236.eu	2019-09-02 08:45:31
157.230.33.207	attackbots	Sep 2 02:12:22 SilenceServices sshd[13569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.33.207 Sep 2 02:12:24 SilenceServices sshd[13569]: Failed password for invalid user oracle from 157.230.33.207 port 34240 ssh2 Sep 2 02:16:54 SilenceServices sshd[17005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.33.207	2019-09-02 08:21:30
190.190.40.203	attack	Sep 1 13:49:54 hiderm sshd\[6775\]: Invalid user station from 190.190.40.203 Sep 1 13:49:54 hiderm sshd\[6775\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.190.40.203 Sep 1 13:49:56 hiderm sshd\[6775\]: Failed password for invalid user station from 190.190.40.203 port 34882 ssh2 Sep 1 13:55:08 hiderm sshd\[7229\]: Invalid user libuuid from 190.190.40.203 Sep 1 13:55:08 hiderm sshd\[7229\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.190.40.203	2019-09-02 08:06:29
61.142.247.210	attackspambots	SPAM Delivery Attempt	2019-09-02 08:13:29
58.20.139.5	attackspam	Sep 1 23:57:21 MK-Soft-VM6 sshd\[21181\]: Invalid user bbj from 58.20.139.5 port 51060 Sep 1 23:57:21 MK-Soft-VM6 sshd\[21181\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.20.139.5 Sep 1 23:57:23 MK-Soft-VM6 sshd\[21181\]: Failed password for invalid user bbj from 58.20.139.5 port 51060 ssh2 ...	2019-09-02 08:33:50
202.88.246.161	attack	Invalid user rishi from 202.88.246.161 port 59230	2019-09-02 08:51:00
188.166.246.46	attackspam	k+ssh-bruteforce	2019-09-02 08:14:39
221.122.67.66	attackbots	Invalid user nicholas from 221.122.67.66 port 57490	2019-09-02 08:36:52
92.118.37.82	attackbotsspam	Sep 2 02:03:09 h2177944 kernel: \[259250.707362\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.82 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=12776 PROTO=TCP SPT=55326 DPT=25309 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 2 02:03:20 h2177944 kernel: \[259261.746723\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.82 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=59440 PROTO=TCP SPT=55326 DPT=28599 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 2 02:04:22 h2177944 kernel: \[259324.084524\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.82 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=9335 PROTO=TCP SPT=55326 DPT=26581 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 2 02:06:57 h2177944 kernel: \[259478.739938\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.82 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=43128 PROTO=TCP SPT=55326 DPT=22328 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 2 02:07:05 h2177944 kernel: \[259487.593435\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.82 DST=85.214.117.9 LEN=40	2019-09-02 08:10:44
177.69.26.97	attackbots	Sep 1 19:32:45 MK-Soft-VM3 sshd\[4309\]: Invalid user nexus from 177.69.26.97 port 53914 Sep 1 19:32:45 MK-Soft-VM3 sshd\[4309\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.69.26.97 Sep 1 19:32:47 MK-Soft-VM3 sshd\[4309\]: Failed password for invalid user nexus from 177.69.26.97 port 53914 ssh2 ...	2019-09-02 08:10:15
106.12.36.98	attackbotsspam	Sep 2 00:52:33 nextcloud sshd\[23342\]: Invalid user robby from 106.12.36.98 Sep 2 00:52:33 nextcloud sshd\[23342\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.36.98 Sep 2 00:52:35 nextcloud sshd\[23342\]: Failed password for invalid user robby from 106.12.36.98 port 57830 ssh2 ...	2019-09-02 08:25:33
178.140.255.103	attackspam	Sep 1 17:29:36 hb sshd\[7835\]: Invalid user pi from 178.140.255.103 Sep 1 17:29:36 hb sshd\[7833\]: Invalid user pi from 178.140.255.103 Sep 1 17:29:36 hb sshd\[7835\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=broadband-178-140-255-103.ip.moscow.rt.ru Sep 1 17:29:36 hb sshd\[7833\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=broadband-178-140-255-103.ip.moscow.rt.ru Sep 1 17:29:38 hb sshd\[7833\]: Failed password for invalid user pi from 178.140.255.103 port 48214 ssh2	2019-09-02 08:07:26
14.63.174.149	attackbots	Sep 2 02:14:41 nextcloud sshd\[30416\]: Invalid user reich from 14.63.174.149 Sep 2 02:14:41 nextcloud sshd\[30416\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.174.149 Sep 2 02:14:42 nextcloud sshd\[30416\]: Failed password for invalid user reich from 14.63.174.149 port 34159 ssh2 ...	2019-09-02 08:28:06
80.211.245.183	attackbotsspam	Sep 1 22:36:28 heissa sshd\[632\]: Invalid user yasmina from 80.211.245.183 port 60346 Sep 1 22:36:28 heissa sshd\[632\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.245.183 Sep 1 22:36:30 heissa sshd\[632\]: Failed password for invalid user yasmina from 80.211.245.183 port 60346 ssh2 Sep 1 22:40:19 heissa sshd\[1170\]: Invalid user msdn from 80.211.245.183 port 47556 Sep 1 22:40:19 heissa sshd\[1170\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.245.183	2019-09-02 08:48:33
46.105.110.79	attackspambots	Sep 2 02:45:07 SilenceServices sshd[6332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.110.79 Sep 2 02:45:09 SilenceServices sshd[6332]: Failed password for invalid user amdsa from 46.105.110.79 port 45394 ssh2 Sep 2 02:48:55 SilenceServices sshd[9342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.110.79	2019-09-02 08:53:50

最近上报的IP列表

141.98.81.206	141.98.81.182	168.192.253.66	172.105.95.101
141.98.81.113	141.98.81.112	77.71.16.37	33.148.117.181
5.183.93.80	3.34.5.66	75.163.172.178	91.15.182.151
144.119.42.117	40.118.4.85	84.110.84.187	91.145.128.146
52.51.241.88	45.252.218.150	40.115.30.190	45.250.137.146