117.4.162.42 - IPInfo

基本信息:

城市(city): Vinh Yen

省份(region): Tinh Vinh Phuc

国家(country): Vietnam

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): Viettel Group

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
117.4.162.39	attack	Attempted connection to port 445.	2020-09-01 20:26:52

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.4.162.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3323
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.4.162.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 09 00:59:59 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

42.162.4.117.in-addr.arpa domain name pointer localhost.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
42.162.4.117.in-addr.arpa	name = localhost.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
139.59.4.145	attackspam	notenschluessel-fulda.de 139.59.4.145 \[01/Oct/2019:05:49:07 +0200\] "POST /wp-login.php HTTP/1.1" 200 5903 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" notenschluessel-fulda.de 139.59.4.145 \[01/Oct/2019:05:49:09 +0200\] "POST /wp-login.php HTTP/1.1" 200 5860 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-10-01 17:30:57
35.197.227.71	attackbotsspam	Invalid user ralf from 35.197.227.71 port 39340	2019-10-01 17:52:36
34.67.85.179	attackbotsspam	2019-10-01T10:04:33.523693 sshd[14996]: Invalid user photo2 from 34.67.85.179 port 60550 2019-10-01T10:04:33.533937 sshd[14996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.67.85.179 2019-10-01T10:04:33.523693 sshd[14996]: Invalid user photo2 from 34.67.85.179 port 60550 2019-10-01T10:04:35.594757 sshd[14996]: Failed password for invalid user photo2 from 34.67.85.179 port 60550 ssh2 2019-10-01T10:08:32.191305 sshd[15064]: Invalid user uno from 34.67.85.179 port 43624 ...	2019-10-01 17:50:28
111.223.252.30	attackbotsspam	111.223.252.30 - user \[30/Sep/2019:20:48:40 -0700\] "GET /rss/catalog/notifystock/ HTTP/1.1" 401 25111.223.252.30 - - \[30/Sep/2019:20:48:40 -0700\] "POST /index.php/admin/sales_order/ HTTP/1.1" 404 20647111.223.252.30 - - \[30/Sep/2019:20:48:40 -0700\] "POST /index.php/admin/ HTTP/1.1" 404 20599 ...	2019-10-01 17:51:33
124.204.45.66	attack	Oct 1 08:01:41 tux-35-217 sshd\[1211\]: Invalid user monroe from 124.204.45.66 port 49546 Oct 1 08:01:41 tux-35-217 sshd\[1211\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.204.45.66 Oct 1 08:01:43 tux-35-217 sshd\[1211\]: Failed password for invalid user monroe from 124.204.45.66 port 49546 ssh2 Oct 1 08:06:31 tux-35-217 sshd\[1220\]: Invalid user www from 124.204.45.66 port 60250 Oct 1 08:06:31 tux-35-217 sshd\[1220\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.204.45.66 ...	2019-10-01 17:34:45
180.92.87.20	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/180.92.87.20/ KR - 1H : (225) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : KR NAME ASN : ASN9770 IP : 180.92.87.20 CIDR : 180.92.80.0/21 PREFIX COUNT : 289 UNIQUE IP COUNT : 145920 WYKRYTE ATAKI Z ASN9770 : 1H - 1 3H - 3 6H - 3 12H - 3 24H - 3 DateTime : 2019-10-01 05:48:53 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-01 17:44:21
124.156.172.252	attack	RDP Bruteforce	2019-10-01 17:56:29
200.40.45.82	attackbotsspam	Sep 30 23:42:09 auw2 sshd\[15339\]: Invalid user billing1 from 200.40.45.82 Sep 30 23:42:09 auw2 sshd\[15339\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=r200-40-45-82.ae-static.anteldata.net.uy Sep 30 23:42:11 auw2 sshd\[15339\]: Failed password for invalid user billing1 from 200.40.45.82 port 58908 ssh2 Sep 30 23:46:51 auw2 sshd\[15795\]: Invalid user oframe4 from 200.40.45.82 Sep 30 23:46:51 auw2 sshd\[15795\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=r200-40-45-82.ae-static.anteldata.net.uy	2019-10-01 17:49:47
119.29.121.229	attack	Oct 1 05:36:46 liveconfig01 sshd[31391]: Invalid user aaUser from 119.29.121.229 Oct 1 05:36:46 liveconfig01 sshd[31391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.121.229 Oct 1 05:36:48 liveconfig01 sshd[31391]: Failed password for invalid user aaUser from 119.29.121.229 port 44432 ssh2 Oct 1 05:36:48 liveconfig01 sshd[31391]: Received disconnect from 119.29.121.229 port 44432:11: Bye Bye [preauth] Oct 1 05:36:48 liveconfig01 sshd[31391]: Disconnected from 119.29.121.229 port 44432 [preauth] Oct 1 05:43:37 liveconfig01 sshd[31720]: Invalid user amelie from 119.29.121.229 Oct 1 05:43:37 liveconfig01 sshd[31720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.121.229 Oct 1 05:43:40 liveconfig01 sshd[31720]: Failed password for invalid user amelie from 119.29.121.229 port 60254 ssh2 Oct 1 05:43:40 liveconfig01 sshd[31720]: Received disconnect from 119.29.121.229 p........ -------------------------------	2019-10-01 17:22:12
51.83.69.78	attackspambots	Oct 1 09:18:00 venus sshd\[21250\]: Invalid user 123456 from 51.83.69.78 port 50806 Oct 1 09:18:00 venus sshd\[21250\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.69.78 Oct 1 09:18:02 venus sshd\[21250\]: Failed password for invalid user 123456 from 51.83.69.78 port 50806 ssh2 ...	2019-10-01 17:35:48
176.125.54.41	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/176.125.54.41/ UA - 1H : (160) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : UA NAME ASN : ASN59671 IP : 176.125.54.41 CIDR : 176.125.32.0/19 PREFIX COUNT : 5 UNIQUE IP COUNT : 11520 WYKRYTE ATAKI Z ASN59671 : 1H - 1 3H - 1 6H - 2 12H - 2 24H - 2 DateTime : 2019-10-01 05:48:53 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-01 17:45:07
111.68.104.130	attackbotsspam	Sep 30 21:17:11 nandi sshd[22349]: reveeclipse mapping checking getaddrinfo for noc-ip-phone.uog.edu.pk [111.68.104.130] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 30 21:17:11 nandi sshd[22349]: Invalid user ftpadmin from 111.68.104.130 Sep 30 21:17:11 nandi sshd[22349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.130 Sep 30 21:17:13 nandi sshd[22349]: Failed password for invalid user ftpadmin from 111.68.104.130 port 27452 ssh2 Sep 30 21:17:13 nandi sshd[22349]: Received disconnect from 111.68.104.130: 11: Bye Bye [preauth] Sep 30 21:22:47 nandi sshd[26402]: reveeclipse mapping checking getaddrinfo for noc-ip-phone.uog.edu.pk [111.68.104.130] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 30 21:22:47 nandi sshd[26402]: Invalid user n from 111.68.104.130 Sep 30 21:22:47 nandi sshd[26402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.130 Sep 30 21:22:50 nandi sshd[26402]:........ -------------------------------	2019-10-01 17:59:37
185.155.21.78	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/185.155.21.78/ ES - 1H : (84) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ES NAME ASN : ASN202743 IP : 185.155.21.78 CIDR : 185.155.20.0/22 PREFIX COUNT : 1 UNIQUE IP COUNT : 1024 WYKRYTE ATAKI Z ASN202743 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-01 05:48:18 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-01 18:00:57
185.170.131.9	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/185.170.131.9/ LB - 1H : (3) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : LB NAME ASN : ASN48629 IP : 185.170.131.9 CIDR : 185.170.131.0/24 PREFIX COUNT : 8 UNIQUE IP COUNT : 2048 WYKRYTE ATAKI Z ASN48629 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-01 05:48:53 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-01 17:43:48
95.180.194.148	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/95.180.194.148/ MK - 1H : (6) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : MK NAME ASN : ASN41557 IP : 95.180.194.148 CIDR : 95.180.194.0/24 PREFIX COUNT : 42 UNIQUE IP COUNT : 60160 WYKRYTE ATAKI Z ASN41557 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 2 DateTime : 2019-10-01 05:48:18 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-01 18:02:16

最近上报的IP列表

61.121.229.187	83.56.51.65	78.189.117.35	97.206.104.198
124.18.99.60	198.92.251.245	113.208.44.154	190.78.134.110
8.162.156.154	116.38.241.27	159.192.8.11	128.114.84.11
50.49.113.0	39.197.196.187	192.227.133.123	80.83.115.238
77.247.109.227	60.62.215.170	182.43.165.234	178.30.216.249