42.55.20.21 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Unicom Liaoning Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	1587730166 - 04/24/2020 14:09:26 Host: 42.55.20.21/42.55.20.21 Port: 23 TCP Blocked	2020-04-24 21:20:49

相同子网IP讨论:

IP	类型	评论内容	时间
42.55.207.204	attackspambots	Unauthorised access (Jul 23) SRC=42.55.207.204 LEN=40 TTL=46 ID=52217 TCP DPT=23 WINDOW=64420 SYN Unauthorised access (Jul 23) SRC=42.55.207.204 LEN=40 TTL=46 ID=49837 TCP DPT=8080 WINDOW=33756 SYN Unauthorised access (Jul 22) SRC=42.55.207.204 LEN=40 TTL=46 ID=38346 TCP DPT=8080 WINDOW=53380 SYN Unauthorised access (Jul 22) SRC=42.55.207.204 LEN=40 TTL=46 ID=26975 TCP DPT=8080 WINDOW=33756 SYN Unauthorised access (Jul 22) SRC=42.55.207.204 LEN=40 TTL=46 ID=46163 TCP DPT=8080 WINDOW=53380 SYN Unauthorised access (Jul 21) SRC=42.55.207.204 LEN=40 TTL=46 ID=40291 TCP DPT=8080 WINDOW=53380 SYN Unauthorised access (Jul 21) SRC=42.55.207.204 LEN=40 TTL=46 ID=2856 TCP DPT=8080 WINDOW=53380 SYN	2020-07-23 19:58:42
42.55.204.192	attackbots	52869/tcp [2019-07-30]1pkt	2019-07-31 00:04:24

类型

评论内容

时间

42.55.207.204

attackspambots

Unauthorised access (Jul 23) SRC=42.55.207.204 LEN=40 TTL=46 ID=52217 TCP DPT=23 WINDOW=64420 SYN 
Unauthorised access (Jul 23) SRC=42.55.207.204 LEN=40 TTL=46 ID=49837 TCP DPT=8080 WINDOW=33756 SYN 
Unauthorised access (Jul 22) SRC=42.55.207.204 LEN=40 TTL=46 ID=38346 TCP DPT=8080 WINDOW=53380 SYN 
Unauthorised access (Jul 22) SRC=42.55.207.204 LEN=40 TTL=46 ID=26975 TCP DPT=8080 WINDOW=33756 SYN 
Unauthorised access (Jul 22) SRC=42.55.207.204 LEN=40 TTL=46 ID=46163 TCP DPT=8080 WINDOW=53380 SYN 
Unauthorised access (Jul 21) SRC=42.55.207.204 LEN=40 TTL=46 ID=40291 TCP DPT=8080 WINDOW=53380 SYN 
Unauthorised access (Jul 21) SRC=42.55.207.204 LEN=40 TTL=46 ID=2856 TCP DPT=8080 WINDOW=53380 SYN

2020-07-23 19:58:42

42.55.204.192

attackbots

52869/tcp
[2019-07-30]1pkt

2019-07-31 00:04:24

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.55.20.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29741
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.55.20.21.			IN	A

;; AUTHORITY SECTION:
.			265	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042400 1800 900 604800 86400

;; Query time: 88 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 24 21:20:32 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 21.20.55.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 21.20.55.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
167.114.114.114	attackspam	Jun 28 14:14:04 [host] sshd[25959]: Invalid user a Jun 28 14:14:04 [host] sshd[25959]: pam_unix(sshd: Jun 28 14:14:06 [host] sshd[25959]: Failed passwor	2020-06-28 21:45:48
222.186.30.76	attackbotsspam	Jun 28 13:36:31 scw-6657dc sshd[20337]: Failed password for root from 222.186.30.76 port 33188 ssh2 Jun 28 13:36:31 scw-6657dc sshd[20337]: Failed password for root from 222.186.30.76 port 33188 ssh2 Jun 28 13:36:36 scw-6657dc sshd[20337]: Failed password for root from 222.186.30.76 port 33188 ssh2 ...	2020-06-28 21:40:40
46.166.151.73	attackbotsspam	[2020-06-28 09:48:03] NOTICE[1273][C-000055ba] chan_sip.c: Call from '' (46.166.151.73:64781) to extension '95401114422006166' rejected because extension not found in context 'public'. [2020-06-28 09:48:03] SECURITY[1288] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-06-28T09:48:03.064-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="95401114422006166",SessionID="0x7f31c02f97a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.73/64781",ACLName="no_extension_match" [2020-06-28 09:49:07] NOTICE[1273][C-000055bb] chan_sip.c: Call from '' (46.166.151.73:53635) to extension '95501114422006166' rejected because extension not found in context 'public'. [2020-06-28 09:49:07] SECURITY[1288] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-06-28T09:49:07.111-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="95501114422006166",SessionID="0x7f31c02f97a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="I ...	2020-06-28 22:00:20
218.92.0.168	attackspam	Jun 28 15:46:37 * sshd[28987]: Failed password for root from 218.92.0.168 port 48760 ssh2 Jun 28 15:46:47 * sshd[28987]: Failed password for root from 218.92.0.168 port 48760 ssh2	2020-06-28 21:56:06
206.167.33.43	attackspambots	Jun 28 10:00:56 ny01 sshd[28777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.167.33.43 Jun 28 10:00:58 ny01 sshd[28777]: Failed password for invalid user sye from 206.167.33.43 port 38488 ssh2 Jun 28 10:05:43 ny01 sshd[29413]: Failed password for root from 206.167.33.43 port 37364 ssh2	2020-06-28 22:06:38
68.183.230.47	attackspam	2020-06-28T12:13:17.079878abusebot.cloudsearch.cf sshd[29269]: Invalid user andreas from 68.183.230.47 port 37578 2020-06-28T12:13:17.085213abusebot.cloudsearch.cf sshd[29269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.230.47 2020-06-28T12:13:17.079878abusebot.cloudsearch.cf sshd[29269]: Invalid user andreas from 68.183.230.47 port 37578 2020-06-28T12:13:19.270100abusebot.cloudsearch.cf sshd[29269]: Failed password for invalid user andreas from 68.183.230.47 port 37578 ssh2 2020-06-28T12:16:11.395139abusebot.cloudsearch.cf sshd[29291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.230.47 user=root 2020-06-28T12:16:13.133503abusebot.cloudsearch.cf sshd[29291]: Failed password for root from 68.183.230.47 port 39082 ssh2 2020-06-28T12:17:01.731629abusebot.cloudsearch.cf sshd[29297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.230.47 use ...	2020-06-28 22:07:38
107.182.226.200	attackspambots	Brute forcing email accounts	2020-06-28 21:41:54
189.29.211.174	attackbotsspam	Automatic report - Port Scan Attack	2020-06-28 21:55:03
217.30.65.117	attack	Fail2Ban - HTTP Auth Bruteforce Attempt	2020-06-28 21:33:05
1.203.115.64	attackspambots	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-06-28 21:36:52
115.124.86.106	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-06-28 22:08:55
129.204.38.234	attack	Jun 28 14:01:25 Invalid user owj from 129.204.38.234 port 33816	2020-06-28 22:04:50
194.1.188.84	attackspam	Jun 28 14:35:03 mail sshd\[19884\]: Invalid user admin from 194.1.188.84 Jun 28 14:35:04 mail sshd\[19884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.1.188.84 Jun 28 14:35:05 mail sshd\[19884\]: Failed password for invalid user admin from 194.1.188.84 port 55498 ssh2	2020-06-28 22:04:10
45.95.168.176	attackspam	Jun 28 14:11:47 minden010 sshd[6528]: Failed password for root from 45.95.168.176 port 36342 ssh2 Jun 28 14:11:56 minden010 sshd[6550]: Failed password for root from 45.95.168.176 port 52938 ssh2 ...	2020-06-28 22:13:10
58.188.178.14	attackspambots	Automatic report - XMLRPC Attack	2020-06-28 22:14:24

最近上报的IP列表

65.52.37.206	253.135.205.193	114.39.198.201	216.72.150.47
178.236.222.119	171.248.160.89	113.250.13.210	113.187.118.249
46.239.6.72	213.176.34.217	178.62.198.142	45.62.248.24
9.18.245.5	90.118.83.148	188.106.150.205	107.172.225.13
196.247.31.157	163.172.29.120	126.145.129.198	87.242.47.150