42.117.20.30 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: FPT Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt detected from IP address 42.117.20.30 to port 23 [T]	2020-01-07 18:42:47
attackbotsspam	Unauthorized connection attempt detected from IP address 42.117.20.30 to port 23	2020-01-02 19:08:34

Comments on same subnet:

IP	Type	Details	Datetime
42.117.20.146	attackspam	firewall-block, port(s): 23/tcp	2020-08-15 03:29:19
42.117.20.106	attackspambots	1596370021 - 08/02/2020 19:07:01 Host: 42.117.20.106/42.117.20.106 Port: 23 TCP Blocked ...	2020-08-03 01:47:29
42.117.20.103	attackbotsspam	Port probing on unauthorized port 23	2020-08-02 03:40:47
42.117.20.119	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-08-01 22:12:51
42.117.20.8	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-08-01 21:15:51
42.117.20.181	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-27 00:14:09
42.117.20.158	attackbotsspam	TCP (SYN) 42.117.20.158:55984 -> port 23, len 44	2020-05-26 00:13:31
42.117.20.14	attack	unauthorized connection attempt	2020-02-29 13:44:46
42.117.20.147	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-29 00:15:44
42.117.20.188	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-29 00:10:43
42.117.20.196	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-29 00:07:26
42.117.20.216	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-29 00:00:50
42.117.20.222	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-28 23:57:22
42.117.20.46	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-28 23:52:26
42.117.20.60	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-28 23:49:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.117.20.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53467
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.117.20.30.			IN	A

;; AUTHORITY SECTION:
.			137	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010200 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 02 19:08:26 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 30.20.117.42.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 30.20.117.42.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
61.163.231.150	attackbots	Brute force attempt	2019-10-13 15:06:04
131.161.252.83	attack	Oct 13 06:20:34 ip-172-31-62-245 sshd\[10069\]: Invalid user Premier123 from 131.161.252.83\ Oct 13 06:20:36 ip-172-31-62-245 sshd\[10069\]: Failed password for invalid user Premier123 from 131.161.252.83 port 55590 ssh2\ Oct 13 06:25:27 ip-172-31-62-245 sshd\[10148\]: Invalid user Welcome123 from 131.161.252.83\ Oct 13 06:25:29 ip-172-31-62-245 sshd\[10148\]: Failed password for invalid user Welcome123 from 131.161.252.83 port 46494 ssh2\ Oct 13 06:30:15 ip-172-31-62-245 sshd\[10191\]: Invalid user 123Electronic from 131.161.252.83\	2019-10-13 15:01:38
103.233.153.146	attack	Oct 13 03:08:12 firewall sshd[17314]: Failed password for root from 103.233.153.146 port 49921 ssh2 Oct 13 03:12:44 firewall sshd[17413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.233.153.146 user=root Oct 13 03:12:47 firewall sshd[17413]: Failed password for root from 103.233.153.146 port 40958 ssh2 ...	2019-10-13 15:16:31
221.140.151.235	attackspam	Brute force attempt	2019-10-13 15:02:44
220.76.107.50	attackbots	Oct 13 13:16:43 webhost01 sshd[2019]: Failed password for root from 220.76.107.50 port 49794 ssh2 ...	2019-10-13 14:42:20
168.196.128.101	attackspam	Automatic report - Port Scan Attack	2019-10-13 15:01:12
54.36.148.41	attackbotsspam	Automatic report - Banned IP Access	2019-10-13 14:41:46
159.65.148.115	attack	Oct 13 07:56:02 icinga sshd[10856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.148.115 Oct 13 07:56:04 icinga sshd[10856]: Failed password for invalid user Tiger123 from 159.65.148.115 port 58552 ssh2 ...	2019-10-13 14:49:41
113.102.147.82	attack	Unauthorised access (Oct 13) SRC=113.102.147.82 LEN=40 TOS=0x10 PREC=0x40 TTL=51 ID=27741 TCP DPT=23 WINDOW=6337 SYN Unauthorised access (Oct 13) SRC=113.102.147.82 LEN=40 TOS=0x10 PREC=0x40 TTL=51 ID=27741 TCP DPT=23 WINDOW=6337 SYN Unauthorised access (Oct 13) SRC=113.102.147.82 LEN=40 TOS=0x10 PREC=0x40 TTL=51 ID=27741 TCP DPT=23 WINDOW=6337 SYN	2019-10-13 15:13:23
206.189.81.101	attackspam	Oct 13 07:10:47 www sshd\[167557\]: Invalid user P@55w0rd12345 from 206.189.81.101 Oct 13 07:10:47 www sshd\[167557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.81.101 Oct 13 07:10:49 www sshd\[167557\]: Failed password for invalid user P@55w0rd12345 from 206.189.81.101 port 59370 ssh2 ...	2019-10-13 14:51:23
23.236.233.95	attackspam	(From highranks4ursite@gmail.com) Hello! Are you interested in making your website more engaging, useful to users and profitable in the long term? I'm an online marketing specialist, and I specialize in SEO (search engine optimization). It's proven to be the most effective way to make people who are searching on major search engines like Google and Bing find your website faster and easier. This opens more sales opportunities while overshadowing your competitors, therefore will generate more sales. I can tell you more about this during a free consultation if you'd like. I make sure that all of my work is affordable and effective to all my clients. I also have an awesome portfolio of past works that you can take a look at. If you're interested, please reply to let me know so we can schedule a time for us to talk. I hope to speak with you soon! Randall Rose	2019-10-13 14:53:09
201.95.82.97	attackbots	Lines containing failures of 201.95.82.97 Oct 7 04:21:26 shared01 sshd[15111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.95.82.97 user=r.r Oct 7 04:21:29 shared01 sshd[15111]: Failed password for r.r from 201.95.82.97 port 49894 ssh2 Oct 7 04:21:29 shared01 sshd[15111]: Received disconnect from 201.95.82.97 port 49894:11: Bye Bye [preauth] Oct 7 04:21:29 shared01 sshd[15111]: Disconnected from authenticating user r.r 201.95.82.97 port 49894 [preauth] Oct 7 04:32:25 shared01 sshd[18157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.95.82.97 user=r.r Oct 7 04:32:27 shared01 sshd[18157]: Failed password for r.r from 201.95.82.97 port 52888 ssh2 Oct 7 04:32:28 shared01 sshd[18157]: Received disconnect from 201.95.82.97 port 52888:11: Bye Bye [preauth] Oct 7 04:32:28 shared01 sshd[18157]: Disconnected from authenticating user r.r 201.95.82.97 port 52888 [preauth] Oct 7 ........ ------------------------------	2019-10-13 14:52:30
112.198.194.243	attackbots	Oct 13 08:00:03 nextcloud sshd\[13985\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.198.194.243 user=root Oct 13 08:00:06 nextcloud sshd\[13985\]: Failed password for root from 112.198.194.243 port 45726 ssh2 Oct 13 08:04:43 nextcloud sshd\[21581\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.198.194.243 user=root ...	2019-10-13 15:06:38
171.67.70.128	attack	Input Traffic from this IP, but critial abuseconfidencescore	2019-10-13 15:12:55
45.136.109.251	attackspam	Oct 13 07:47:35 mc1 kernel: \[2232037.497435\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.251 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=59865 PROTO=TCP SPT=57299 DPT=8630 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 13 07:52:47 mc1 kernel: \[2232349.244629\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.251 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=20928 PROTO=TCP SPT=57299 DPT=7937 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 13 07:56:44 mc1 kernel: \[2232586.706644\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.251 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=2447 PROTO=TCP SPT=57299 DPT=7949 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-13 14:39:07

Recently Reported IPs

203.227.178.32	153.224.178.207	100.243.7.177	203.205.52.208
183.192.247.69	183.131.200.41	183.80.179.64	183.2.220.241
180.211.170.218	171.110.89.29	139.5.71.29	123.201.225.107
121.54.175.8	119.139.196.67	118.145.11.97	116.107.232.66
116.7.45.34	113.205.146.214	113.190.87.230	113.53.171.245