117.20.29.52 - IPInfo

基本信息:

城市(city): Lahore

省份(region): Punjab

国家(country): Pakistan

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): Transworld Associates (Pvt.) Ltd.

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
117.20.29.205	attackspam	Honeypot attack, port: 5555, PTR: tw29-static205.tw1.com.	2020-03-22 23:39:02
117.20.29.126	attack	port scan and connect, tcp 23 (telnet)	2019-12-05 04:10:23

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.20.29.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2513
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.20.29.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062801 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 29 02:36:34 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

52.29.20.117.in-addr.arpa domain name pointer tw29-static52.tw1.com.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
52.29.20.117.in-addr.arpa	name = tw29-static52.tw1.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
101.91.178.122	attackspam	Mar 16 16:39:59 Ubuntu-1404-trusty-64-minimal sshd\[19384\]: Invalid user x from 101.91.178.122 Mar 16 16:39:59 Ubuntu-1404-trusty-64-minimal sshd\[19384\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.91.178.122 Mar 16 16:40:01 Ubuntu-1404-trusty-64-minimal sshd\[19384\]: Failed password for invalid user x from 101.91.178.122 port 49700 ssh2 Mar 16 17:01:27 Ubuntu-1404-trusty-64-minimal sshd\[3025\]: Invalid user nexus from 101.91.178.122 Mar 16 17:01:27 Ubuntu-1404-trusty-64-minimal sshd\[3025\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.91.178.122	2020-03-17 02:07:26
104.236.22.133	attackspam	Mar 16 18:00:02 localhost sshd[14501]: Invalid user sirius from 104.236.22.133 port 50304 Mar 16 18:00:02 localhost sshd[14501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.22.133 Mar 16 18:00:02 localhost sshd[14501]: Invalid user sirius from 104.236.22.133 port 50304 Mar 16 18:00:04 localhost sshd[14501]: Failed password for invalid user sirius from 104.236.22.133 port 50304 ssh2 Mar 16 18:05:47 localhost sshd[15113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.22.133 user=root Mar 16 18:05:49 localhost sshd[15113]: Failed password for root from 104.236.22.133 port 34276 ssh2 ...	2020-03-17 02:36:38
59.148.173.231	attackspam	(sshd) Failed SSH login from 59.148.173.231 (HK/Hong Kong/059148173231.ctinets.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 16 15:28:15 amsweb01 sshd[18701]: Invalid user luis from 59.148.173.231 port 57168 Mar 16 15:28:17 amsweb01 sshd[18701]: Failed password for invalid user luis from 59.148.173.231 port 57168 ssh2 Mar 16 15:50:55 amsweb01 sshd[21099]: Invalid user minecraft from 59.148.173.231 port 42444 Mar 16 15:50:56 amsweb01 sshd[21099]: Failed password for invalid user minecraft from 59.148.173.231 port 42444 ssh2 Mar 16 16:01:16 amsweb01 sshd[22205]: Invalid user xuming from 59.148.173.231 port 45004	2020-03-17 02:46:10
103.76.22.118	attackbotsspam	Portscan or hack attempt detected by psad/fwsnort	2020-03-17 02:17:37
111.229.78.120	attackbotsspam	SSH brute force attempt	2020-03-17 02:22:22
221.229.219.188	attackbotsspam	Fail2Ban Ban Triggered	2020-03-17 02:44:09
104.131.221.208	attack	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-03-17 02:27:41
188.119.12.67	attack	188.119.12.67 - user321 \[16/Mar/2020:07:41:24 -0700\] "GET /rss/catalog/notifystock/ HTTP/1.1" 401 25188.119.12.67 - - \[16/Mar/2020:07:41:24 -0700\] "POST /index.php/admin HTTP/1.1" 404 20407188.119.12.67 - - \[16/Mar/2020:07:41:24 -0700\] "POST /index.php/admin/index/ HTTP/1.1" 404 20435 ...	2020-03-17 02:44:58
49.234.43.173	attackbots	Mar 16 14:47:05 localhost sshd\[20311\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.43.173 user=root Mar 16 14:47:06 localhost sshd\[20311\]: Failed password for root from 49.234.43.173 port 37488 ssh2 Mar 16 15:07:56 localhost sshd\[20661\]: Invalid user maxwell from 49.234.43.173 port 50578 ...	2020-03-17 02:45:34
192.34.56.234	attack	Mar 16 16:39:23 server2 sshd\[7656\]: User root from 192.34.56.234 not allowed because not listed in AllowUsers Mar 16 16:39:27 server2 sshd\[7658\]: User root from 192.34.56.234 not allowed because not listed in AllowUsers Mar 16 16:40:05 server2 sshd\[7851\]: User root from 192.34.56.234 not allowed because not listed in AllowUsers Mar 16 16:40:10 server2 sshd\[7853\]: User root from 192.34.56.234 not allowed because not listed in AllowUsers Mar 16 16:40:52 server2 sshd\[7863\]: User root from 192.34.56.234 not allowed because not listed in AllowUsers Mar 16 16:40:58 server2 sshd\[7865\]: User root from 192.34.56.234 not allowed because not listed in AllowUsers	2020-03-17 02:53:57
180.249.118.194	attackbotsspam	20/3/16@10:42:25: FAIL: Alarm-Network address from=180.249.118.194 20/3/16@10:42:26: FAIL: Alarm-Network address from=180.249.118.194 ...	2020-03-17 02:09:32
2a01:4f8:201:6390::2	attackspam	20 attempts against mh-misbehave-ban on cedar	2020-03-17 02:38:10
185.143.221.85	attack	TCP port 3389: Scan and connection	2020-03-17 02:19:27
5.135.94.191	attackbotsspam	[portscan] Port scan	2020-03-17 02:35:07
129.204.95.90	attack	Mar 16 10:41:33 Tower sshd[41172]: Connection from 129.204.95.90 port 51578 on 192.168.10.220 port 22 rdomain "" Mar 16 10:41:43 Tower sshd[41172]: Invalid user oracle from 129.204.95.90 port 51578 Mar 16 10:41:43 Tower sshd[41172]: error: Could not get shadow information for NOUSER Mar 16 10:41:43 Tower sshd[41172]: Failed password for invalid user oracle from 129.204.95.90 port 51578 ssh2 Mar 16 10:41:43 Tower sshd[41172]: Received disconnect from 129.204.95.90 port 51578:11: Bye Bye [preauth] Mar 16 10:41:43 Tower sshd[41172]: Disconnected from invalid user oracle 129.204.95.90 port 51578 [preauth]	2020-03-17 02:22:56

最近上报的IP列表

212.83.129.106	187.85.210.215	179.168.7.248	216.187.217.144
190.167.124.124	42.112.143.121	37.187.72.203	2.166.163.185
49.64.255.153	131.100.76.71	57.139.167.60	116.211.171.189
74.130.207.103	186.216.153.229	39.71.248.226	169.232.178.142
41.236.144.242	102.162.175.3	114.43.221.141	203.195.134.205