42.117.20.67 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorized connection attempt detected from IP address 42.117.20.67 to port 23	2020-01-01 02:39:30

相同子网IP讨论:

IP	类型	评论内容	时间
42.117.20.146	attackspam	firewall-block, port(s): 23/tcp	2020-08-15 03:29:19
42.117.20.106	attackspambots	1596370021 - 08/02/2020 19:07:01 Host: 42.117.20.106/42.117.20.106 Port: 23 TCP Blocked ...	2020-08-03 01:47:29
42.117.20.103	attackbotsspam	Port probing on unauthorized port 23	2020-08-02 03:40:47
42.117.20.119	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-08-01 22:12:51
42.117.20.8	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-08-01 21:15:51
42.117.20.181	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-27 00:14:09
42.117.20.158	attackbotsspam	TCP (SYN) 42.117.20.158:55984 -> port 23, len 44	2020-05-26 00:13:31
42.117.20.14	attack	unauthorized connection attempt	2020-02-29 13:44:46
42.117.20.147	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-29 00:15:44
42.117.20.188	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-29 00:10:43
42.117.20.196	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-29 00:07:26
42.117.20.216	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-29 00:00:50
42.117.20.222	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-28 23:57:22
42.117.20.46	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-28 23:52:26
42.117.20.60	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-28 23:49:07

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.117.20.67
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40547
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.117.20.67.			IN	A

;; AUTHORITY SECTION:
.			571	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019123101 1800 900 604800 86400

;; Query time: 28 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 01 02:39:27 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 67.20.117.42.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 67.20.117.42.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
103.75.149.121	attack	$f2bV_matches	2020-05-15 19:51:50
106.75.67.48	attack	Invalid user tokend from 106.75.67.48 port 43005	2020-05-15 19:50:12
65.93.189.5	attackspam	May 14 19:50:11 cumulus sshd[21801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.93.189.5 user=r.r May 14 19:50:14 cumulus sshd[21801]: Failed password for r.r from 65.93.189.5 port 44729 ssh2 May 14 19:50:14 cumulus sshd[21801]: Received disconnect from 65.93.189.5 port 44729:11: Bye Bye [preauth] May 14 19:50:14 cumulus sshd[21801]: Disconnected from 65.93.189.5 port 44729 [preauth] May 14 19:53:37 cumulus sshd[21962]: Invalid user mike from 65.93.189.5 port 49821 May 14 19:53:37 cumulus sshd[21962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.93.189.5 May 14 19:53:39 cumulus sshd[21962]: Failed password for invalid user mike from 65.93.189.5 port 49821 ssh2 May 14 19:53:39 cumulus sshd[21962]: Received disconnect from 65.93.189.5 port 49821:11: Bye Bye [preauth] May 14 19:53:39 cumulus sshd[21962]: Disconnected from 65.93.189.5 port 49821 [preauth] ........ ----------------------------------------------- https:	2020-05-15 20:15:33
106.12.2.221	attack	May 15 08:58:04 santamaria sshd\[27226\]: Invalid user bdos from 106.12.2.221 May 15 08:58:04 santamaria sshd\[27226\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.2.221 May 15 08:58:06 santamaria sshd\[27226\]: Failed password for invalid user bdos from 106.12.2.221 port 56510 ssh2 ...	2020-05-15 20:19:52
190.205.59.6	attackspambots	May 15 12:09:34 ns381471 sshd[9261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.205.59.6 May 15 12:09:36 ns381471 sshd[9261]: Failed password for invalid user azure from 190.205.59.6 port 55116 ssh2	2020-05-15 19:53:08
134.122.94.184	attack	May 15 13:29:06 vps639187 sshd\[2305\]: Invalid user bestyrer from 134.122.94.184 port 56772 May 15 13:29:06 vps639187 sshd\[2305\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.94.184 May 15 13:29:09 vps639187 sshd\[2305\]: Failed password for invalid user bestyrer from 134.122.94.184 port 56772 ssh2 ...	2020-05-15 19:46:44
83.199.179.167	attack	Automatic report - Port Scan Attack	2020-05-15 20:08:22
5.32.27.78	attackbotsspam	[Fri May 15 08:44:17.597244 2020] [:error] [pid 160980] [client 5.32.27.78:44219] [client 5.32.27.78] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "127.0.0.1"] [uri "/cgi-bin/mainfunction.cgi"] [unique_id "Xr6AkWXaAQVjgJelI8TAAAAAAAI"] ...	2020-05-15 20:22:54
89.248.172.85	attackspambots	05/15/2020-07:34:05.607984 89.248.172.85 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-05-15 19:47:09
118.25.104.200	attackspam	leo_www	2020-05-15 20:02:26
171.224.116.231	attackspam	20/5/14@23:47:50: FAIL: Alarm-Network address from=171.224.116.231 ...	2020-05-15 20:09:09
203.147.83.52	attack	(imapd) Failed IMAP login from 203.147.83.52 (NC/New Caledonia/host-203-147-83-52.h36.canl.nc): 1 in the last 3600 secs	2020-05-15 19:51:01
123.207.218.163	attackbots	5x Failed Password	2020-05-15 20:02:09
51.68.123.198	attackbots	May 15 13:54:46 163-172-32-151 sshd[28772]: Invalid user admin from 51.68.123.198 port 36468 ...	2020-05-15 19:55:05
185.56.153.229	attack	Brute force attempt	2020-05-15 19:46:14

最近上报的IP列表

185.19.177.199	183.141.2.130	115.111.133.46	180.204.160.155
179.95.252.139	171.110.228.62	153.37.144.122	139.180.129.196
123.193.149.201	123.113.21.71	119.250.184.47	119.249.222.19
118.68.0.90	115.216.246.181	114.236.230.115	114.231.4.93
112.103.168.112	110.154.188.209	110.52.29.35	109.191.158.133

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表