42.117.195.247

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt from IP address 42.117.195.247 on Port 445(SMB)	2020-03-28 20:59:49

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.117.195.247
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61522
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.117.195.247.			IN	A

;; AUTHORITY SECTION:
.			472	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032801 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 28 20:59:41 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 247.195.117.42.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 247.195.117.42.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
64.64.104.10	attackbotsspam	Unauthorized connection attempt detected from IP address 64.64.104.10 to port 22	2020-04-05 21:49:03
146.185.130.101	attackspambots	Apr 5 14:42:10 v22019038103785759 sshd\[31484\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.130.101 user=root Apr 5 14:42:12 v22019038103785759 sshd\[31484\]: Failed password for root from 146.185.130.101 port 39366 ssh2 Apr 5 14:43:38 v22019038103785759 sshd\[31564\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.130.101 user=root Apr 5 14:43:40 v22019038103785759 sshd\[31564\]: Failed password for root from 146.185.130.101 port 34112 ssh2 Apr 5 14:44:56 v22019038103785759 sshd\[31634\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.130.101 user=root ...	2020-04-05 21:49:25
43.226.156.229	attack	2020-04-05 05:44:17 Possible DoS HGOD SynKiller Flooding 43.226.156.229	2020-04-05 21:58:00
122.155.204.68	attackbots	SSH/22 MH Probe, BF, Hack -	2020-04-05 22:21:19
164.163.210.128	attackbotsspam	xmlrpc attack	2020-04-05 22:03:31
125.133.19.221	attackbots	Apr 5 15:47:58 freya sshd[22909]: Invalid user zimbra from 125.133.19.221 port 43253 Apr 5 15:47:58 freya sshd[22909]: Disconnected from invalid user zimbra 125.133.19.221 port 43253 [preauth] Apr 5 15:50:23 freya sshd[23307]: Invalid user john from 125.133.19.221 port 53250 Apr 5 15:50:23 freya sshd[23307]: Disconnected from invalid user john 125.133.19.221 port 53250 [preauth] Apr 5 15:52:46 freya sshd[23666]: Invalid user oracle from 125.133.19.221 port 35025 ...	2020-04-05 22:01:18
188.166.236.211	attack	2020-04-05T08:45:02.061237mail.thespaminator.com sshd[28976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.236.211 user=root 2020-04-05T08:45:04.222744mail.thespaminator.com sshd[28976]: Failed password for root from 188.166.236.211 port 55086 ssh2 ...	2020-04-05 21:37:29
165.22.33.32	attackspambots	Apr 5 12:48:36 vlre-nyc-1 sshd\[21467\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.33.32 user=root Apr 5 12:48:38 vlre-nyc-1 sshd\[21467\]: Failed password for root from 165.22.33.32 port 47884 ssh2 Apr 5 12:52:15 vlre-nyc-1 sshd\[21560\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.33.32 user=root Apr 5 12:52:17 vlre-nyc-1 sshd\[21560\]: Failed password for root from 165.22.33.32 port 58830 ssh2 Apr 5 12:55:55 vlre-nyc-1 sshd\[21658\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.33.32 user=root ...	2020-04-05 22:00:48
139.59.17.33	attack	Apr 5 13:54:18 pi sshd[1116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.17.33 user=root Apr 5 13:54:20 pi sshd[1116]: Failed password for invalid user root from 139.59.17.33 port 59466 ssh2	2020-04-05 22:09:41
185.36.81.39	attack	2020-04-05 07:44:46 H=(gHYd2yL8uB) [185.36.81.39]:61441 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed 2020-04-05 07:44:50 dovecot_login authenticator failed for (rtYMgtT7H) [185.36.81.39]:61974 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=mhogan@lerctr.org) 2020-04-05 07:44:57 dovecot_login authenticator failed for (RLtQbdpYx) [185.36.81.39]:63338 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=mhogan@lerctr.org) ...	2020-04-05 21:49:55
34.92.239.56	attack	SSH invalid-user multiple login try	2020-04-05 21:46:17
90.162.244.87	attack	Apr 5 16:50:32 hosting sshd[7731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.162.244.87 user=root Apr 5 16:50:34 hosting sshd[7731]: Failed password for root from 90.162.244.87 port 51582 ssh2 ...	2020-04-05 21:57:10
115.75.223.65	attackbotsspam	trying to access non-authorized port	2020-04-05 22:18:48
186.105.190.168	attackbots	Apr 4 22:04:26 host sshd[10192]: User r.r from 186.105.190.168 not allowed because none of user's groups are listed in AllowGroups Apr 4 22:04:26 host sshd[10192]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.105.190.168 user=r.r Apr 4 22:04:28 host sshd[10192]: Failed password for invalid user r.r from 186.105.190.168 port 46282 ssh2 Apr 4 22:04:28 host sshd[10192]: Received disconnect from 186.105.190.168 port 46282:11: Bye Bye [preauth] Apr 4 22:04:28 host sshd[10192]: Disconnected from invalid user r.r 186.105.190.168 port 46282 [preauth] Apr 4 22:13:23 host sshd[12220]: User r.r from 186.105.190.168 not allowed because none of user's groups are listed in AllowGroups Apr 4 22:13:23 host sshd[12220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.105.190.168 user=r.r Apr 4 22:13:25 host sshd[12220]: Failed password for invalid user r.r from 186.105.190.168 port 51074........ -------------------------------	2020-04-05 22:24:22
5.55.133.85	attackbots	Unauthorised access (Apr 5) SRC=5.55.133.85 LEN=40 TTL=54 ID=40866 TCP DPT=8080 WINDOW=30417 SYN	2020-04-05 21:43:43

最近上报的IP列表

14.170.90.153	137.64.50.15	58.65.231.52	219.77.165.18
211.63.156.179	191.200.227.226	102.49.128.212	124.254.190.251
125.90.242.69	111.241.123.220	77.244.117.62	51.32.63.198
110.138.86.14	110.46.12.14	45.230.115.164	193.0.204.100
188.75.255.78	111.43.223.175	104.162.169.143	94.25.228.1