91.242.20.73 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Azerbaijan

Internet Service Provider: CNC.az MMC

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Autoban 91.242.20.73 AUTH/CONNECT	2019-08-05 08:08:46

Comments on same subnet:

IP	Type	Details	Datetime
91.242.20.42	attack	2020-01-24 13:19:09 1iuxvR-00021X-BU SMTP connection from \(\[91.242.20.42\]\) \[91.242.20.42\]:23243 I=\[193.107.88.166\]:25 closed by DROP in ACL 2020-01-24 13:19:37 1iuxvy-00022R-If SMTP connection from \(\[91.242.20.42\]\) \[91.242.20.42\]:22696 I=\[193.107.88.166\]:25 closed by DROP in ACL 2020-01-24 13:20:01 1iuxwM-00022r-RH SMTP connection from \(\[91.242.20.42\]\) \[91.242.20.42\]:16515 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-01-28 06:43:55

Type

Details

Datetime

91.242.20.42

attack

2020-01-24 13:19:09 1iuxvR-00021X-BU SMTP connection from \(\[91.242.20.42\]\) \[91.242.20.42\]:23243 I=\[193.107.88.166\]:25 closed by DROP in ACL
2020-01-24 13:19:37 1iuxvy-00022R-If SMTP connection from \(\[91.242.20.42\]\) \[91.242.20.42\]:22696 I=\[193.107.88.166\]:25 closed by DROP in ACL
2020-01-24 13:20:01 1iuxwM-00022r-RH SMTP connection from \(\[91.242.20.42\]\) \[91.242.20.42\]:16515 I=\[193.107.88.166\]:25 closed by DROP in ACL
...

2020-01-28 06:43:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.242.20.73
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29076
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;91.242.20.73.			IN	A

;; AUTHORITY SECTION:
.			2827	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080401 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 05 08:08:39 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 73.20.242.91.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 73.20.242.91.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
69.122.35.173	attackspambots	NAME : AS6128 CIDR : 69.122.32.0/20 SYN Flood DDoS Attack US - block certain countries :) IP: 69.122.35.173 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-08-16 04:17:46
27.78.36.73	attackspam	08/15/2019-16:21:32.245936 27.78.36.73 Protocol: 6 ET SCAN Potential SSH Scan	2019-08-16 04:31:11
142.93.141.59	attack	Aug 15 10:33:40 tdfoods sshd\[26183\]: Invalid user mahendra from 142.93.141.59 Aug 15 10:33:40 tdfoods sshd\[26183\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=device-proxy.hosting.autoenterprise.com.ua Aug 15 10:33:41 tdfoods sshd\[26183\]: Failed password for invalid user mahendra from 142.93.141.59 port 57438 ssh2 Aug 15 10:37:49 tdfoods sshd\[26548\]: Invalid user teste from 142.93.141.59 Aug 15 10:37:49 tdfoods sshd\[26548\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=device-proxy.hosting.autoenterprise.com.ua	2019-08-16 04:38:30
178.33.181.17	attackbots	scan z	2019-08-16 04:11:24
123.15.187.231	attack	8080/tcp [2019-08-15]1pkt	2019-08-16 04:50:35
163.172.117.140	attackbotsspam	Aug 15 21:21:16 ms-srv sshd[47559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.117.140 Aug 15 21:21:18 ms-srv sshd[47559]: Failed password for invalid user zhang from 163.172.117.140 port 47380 ssh2	2019-08-16 04:40:31
86.104.220.20	attackspambots	Aug 15 14:31:03 mail sshd\[1914\]: Failed password for root from 86.104.220.20 port 52905 ssh2 Aug 15 14:50:41 mail sshd\[2434\]: Invalid user milan from 86.104.220.20 port 26329 Aug 15 14:50:41 mail sshd\[2434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.104.220.20 ...	2019-08-16 04:11:56
138.255.8.248	attackspambots	Automatic report - Port Scan Attack	2019-08-16 04:12:15
189.59.40.212	attack	Aug 15 03:54:35 shared02 sshd[29535]: Invalid user aufbauorganisation from 189.59.40.212 Aug 15 03:54:35 shared02 sshd[29535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.59.40.212 Aug 15 03:54:38 shared02 sshd[29535]: Failed password for invalid user aufbauorganisation from 189.59.40.212 port 57590 ssh2 Aug 15 03:54:38 shared02 sshd[29535]: Received disconnect from 189.59.40.212 port 57590:11: Bye Bye [preauth] Aug 15 03:54:38 shared02 sshd[29535]: Disconnected from 189.59.40.212 port 57590 [preauth] Aug 15 04:02:16 shared02 sshd[3028]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.59.40.212 user=r.r Aug 15 04:02:18 shared02 sshd[3028]: Failed password for r.r from 189.59.40.212 port 47934 ssh2 Aug 15 04:02:18 shared02 sshd[3028]: Received d .... truncated .... Aug 15 03:54:35 shared02 sshd[29535]: Invalid user aufbauorganisation from 189.59.40.212 Aug 15 03:54:35 shared02 ........ -------------------------------	2019-08-16 04:14:13
104.223.204.162	attackbots	SMB Server BruteForce Attack	2019-08-16 04:48:27
206.189.142.10	attackbotsspam	2019-08-15T20:21:15.511551abusebot-7.cloudsearch.cf sshd\[18168\]: Invalid user receptie from 206.189.142.10 port 52224	2019-08-16 04:44:14
177.1.214.207	attackspambots	Invalid user tmuser from 177.1.214.207 port 29426	2019-08-16 04:20:09
60.250.23.105	attackspam	Aug 15 22:34:27 OPSO sshd\[5734\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.250.23.105 user=admin Aug 15 22:34:30 OPSO sshd\[5734\]: Failed password for admin from 60.250.23.105 port 33928 ssh2 Aug 15 22:38:56 OPSO sshd\[6788\]: Invalid user omega from 60.250.23.105 port 50368 Aug 15 22:38:56 OPSO sshd\[6788\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.250.23.105 Aug 15 22:38:58 OPSO sshd\[6788\]: Failed password for invalid user omega from 60.250.23.105 port 50368 ssh2	2019-08-16 04:42:16
54.37.71.235	attack	Aug 15 16:17:39 TORMINT sshd\[12774\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.71.235 user=root Aug 15 16:17:41 TORMINT sshd\[12774\]: Failed password for root from 54.37.71.235 port 53315 ssh2 Aug 15 16:23:42 TORMINT sshd\[13200\]: Invalid user test from 54.37.71.235 Aug 15 16:23:42 TORMINT sshd\[13200\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.71.235 ...	2019-08-16 04:29:45
123.30.236.149	attack	Aug 16 02:06:37 areeb-Workstation sshd\[18244\]: Invalid user accounts from 123.30.236.149 Aug 16 02:06:37 areeb-Workstation sshd\[18244\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.30.236.149 Aug 16 02:06:40 areeb-Workstation sshd\[18244\]: Failed password for invalid user accounts from 123.30.236.149 port 57492 ssh2 ...	2019-08-16 04:44:54

Recently Reported IPs

177.124.247.227	25.204.213.74	167.71.91.98	162.244.176.126
144.163.148.72	139.209.45.220	125.75.40.120	119.202.209.82
125.47.200.192	118.166.109.138	64.103.38.107	116.54.12.154
112.252.30.162	111.242.254.114	109.242.227.105	100.17.33.3
100.8.79.232	97.105.137.194	91.134.154.161	85.130.190.147