42.200.117.201

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): PCCW IMS Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	82/tcp [2019-09-28]1pkt	2019-09-28 19:59:09

相同子网IP讨论:

IP	类型	评论内容	时间
42.200.117.159	attack	The IP has triggered Cloudflare WAF. CF-Ray: 540fadae296ad1b3 \| WAF_Rule_ID: 1aff1cdfeb5c4074965d7cd85bfc1d4e \| WAF_Kind: firewall \| CF_Action: challenge \| Country: HK \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 \| CF_DC: HKG. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:23:26
42.200.117.25	attack	Honeypot attack, port: 23, PTR: 42-200-117-25.static.imsbiz.com.	2019-08-23 12:33:32

类型

评论内容

时间

42.200.117.159

attack

The IP has triggered Cloudflare WAF. CF-Ray: 540fadae296ad1b3 | WAF_Rule_ID: 1aff1cdfeb5c4074965d7cd85bfc1d4e | WAF_Kind: firewall | CF_Action: challenge | Country: HK | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: d.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 | CF_DC: HKG. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 03:23:26

42.200.117.25

attack

Honeypot attack, port: 23, PTR: 42-200-117-25.static.imsbiz.com.

2019-08-23 12:33:32

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.200.117.201
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62541
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.200.117.201.			IN	A

;; AUTHORITY SECTION:
.			121	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092800 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Sep 28 19:59:00 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

201.117.200.42.in-addr.arpa domain name pointer 42-200-117-201.static.imsbiz.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
201.117.200.42.in-addr.arpa	name = 42-200-117-201.static.imsbiz.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
45.235.8.213	attack	Jul 9 06:38:37 our-server-hostname postfix/smtpd[3308]: connect from unknown[45.235.8.213] Jul x@x Jul 9 06:38:40 our-server-hostname postfix/smtpd[3308]: lost connection after RCPT from unknown[45.235.8.213] Jul 9 06:38:40 our-server-hostname postfix/smtpd[3308]: disconnect from unknown[45.235.8.213] Jul 9 06:47:06 our-server-hostname postfix/smtpd[5483]: connect from unknown[45.235.8.213] Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul 9 06:47:21 our-server-hostname postfix/smtpd[5483]: lost connection after RCPT from unknown[45.235.8.213] Jul 9 06:47:21 our-server-hostname postfix/smtpd[5483]: disconnect from unknown[45.235.8.213] Jul 9 06:50:57 our-server-hostname postfix/smtpd[2912]: connect from unknown[45.235.8.213] Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul 9 06:51:09 our-server-hostn........ -------------------------------	2019-07-09 19:20:45
51.158.106.49	attackbots	LGS,WP GET /wordpress8/wp-login.php	2019-07-09 18:46:33
177.128.144.128	attackbotsspam	Brute force attempt	2019-07-09 18:44:14
211.169.249.156	attack	Jul 9 05:58:53 pornomens sshd\[17767\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.169.249.156 user=root Jul 9 05:58:55 pornomens sshd\[17767\]: Failed password for root from 211.169.249.156 port 52370 ssh2 Jul 9 06:01:26 pornomens sshd\[17786\]: Invalid user test from 211.169.249.156 port 48848 Jul 9 06:01:26 pornomens sshd\[17786\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.169.249.156 ...	2019-07-09 19:00:41
103.225.99.36	attackbots	Jul 9 12:09:52 v22018076622670303 sshd\[11932\]: Invalid user cheng from 103.225.99.36 port 16573 Jul 9 12:09:52 v22018076622670303 sshd\[11932\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.225.99.36 Jul 9 12:09:54 v22018076622670303 sshd\[11932\]: Failed password for invalid user cheng from 103.225.99.36 port 16573 ssh2 ...	2019-07-09 19:09:25
169.255.136.14	attackspam	proto=tcp . spt=60916 . dpt=25 . (listed on Blocklist de Jul 08) (174)	2019-07-09 19:37:47
139.59.95.244	attackspam	Jul 9 10:25:54 localhost sshd\[4575\]: Invalid user strenesse from 139.59.95.244 port 45998 Jul 9 10:25:54 localhost sshd\[4575\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.95.244 Jul 9 10:25:56 localhost sshd\[4575\]: Failed password for invalid user strenesse from 139.59.95.244 port 45998 ssh2 ...	2019-07-09 18:52:45
167.71.182.62	attackspam	1562642138 - 07/09/2019 10:15:38 Host: 167.71.182.62/167.71.182.62 Port: 23 TCP Blocked ...	2019-07-09 19:19:40
188.166.114.107	attackbots	blacklistmaster Blacklist Description Status b.barracudacentral.org - Barracuda Reputation Block List Listed ProjectHoneyPot - Project Honey Pot Listed dnsbl.spfbl.net - SPFBL DNSBL (bad reputation only) Listed	2019-07-09 19:08:29
51.15.71.134	attack	[portscan] Port scan	2019-07-09 19:21:19
46.20.70.252	attack	" "	2019-07-09 19:03:36
106.12.20.91	attackbotsspam	Jul 9 04:07:32 cac1d2 sshd\[10489\]: Invalid user wzy from 106.12.20.91 port 49064 Jul 9 04:07:32 cac1d2 sshd\[10489\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.91 Jul 9 04:07:34 cac1d2 sshd\[10489\]: Failed password for invalid user wzy from 106.12.20.91 port 49064 ssh2 ...	2019-07-09 19:17:03
122.155.223.52	attack	DATE:2019-07-09 05:15:27, IP:122.155.223.52, PORT:ssh brute force auth on SSH service (patata)	2019-07-09 19:25:37
206.189.23.43	attackspambots	2019-07-09T08:05:25.812622abusebot-4.cloudsearch.cf sshd\[24721\]: Invalid user tomcat from 206.189.23.43 port 54722	2019-07-09 18:49:31
106.12.116.185	attackbots	Jul 9 11:19:33 OPSO sshd\[29948\]: Invalid user fuck from 106.12.116.185 port 38592 Jul 9 11:19:33 OPSO sshd\[29948\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.116.185 Jul 9 11:19:35 OPSO sshd\[29948\]: Failed password for invalid user fuck from 106.12.116.185 port 38592 ssh2 Jul 9 11:22:17 OPSO sshd\[30330\]: Invalid user festival from 106.12.116.185 port 60680 Jul 9 11:22:17 OPSO sshd\[30330\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.116.185	2019-07-09 19:27:22

最近上报的IP列表

151.248.0.54	67.76.65.5	3.16.150.13	223.22.243.177
42.117.53.65	117.64.249.138	65.60.38.210	92.255.187.222
162.13.137.98	160.16.52.115	111.243.57.79	2001:41d0:1004:2164::
197.225.166.204	77.40.72.226	59.115.230.189	111.253.9.97
125.113.32.46	202.168.151.102	3.16.29.9	197.159.3.45