102.139.89.111

基本信息:

城市(city): Abidjan

省份(region): Abidjan

国家(country): Ivory Coast

运营商(isp): MTN Cote d'Ivoire S.A

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Mobile ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt from IP address 102.139.89.111 on Port 445(SMB)	2020-05-28 06:44:17

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.139.89.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15716
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;102.139.89.111.			IN	A

;; AUTHORITY SECTION:
.			498	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052702 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 28 06:44:13 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 111.89.139.102.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 111.89.139.102.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
75.31.93.181	attackspam	SSH-BruteForce	2020-05-09 23:17:38
103.131.51.32	attack	xmlrpc attack	2020-05-09 22:53:18
171.242.75.233	attackspambots	2020-05-0305:49:511jV5dW-0008Bd-Vy\<=info@whatsup2013.chH=\(localhost\)[171.242.75.233]:40904P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3170id=22de683b301b3139a5a016ba5da9839f00a1bb@whatsup2013.chT="You'reaswonderfulasasunlight"fornateh4475@gmail.comt30y700@gmail.com2020-05-0305:48:041jV5bn-00084Z-PP\<=info@whatsup2013.chH=\(localhost\)[123.21.245.9]:36164P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3113id=00bf095a517a5058c4c177db3cc8e2fe3cfc30@whatsup2013.chT="Insearchoflong-termconnection"forjohnfabeets@gmail.commgs92576@ymail.com2020-05-0305:51:301jV5f8-0008JJ-3q\<=info@whatsup2013.chH=\(localhost\)[118.69.187.71]:43510P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3135id=0878ce9d96bd979f0306b01cfb0f25398ef9f6@whatsup2013.chT="Youareaslovelyasasunlight"forbrettdowning78@gmail.comkingmcbride231@gmail.com2020-05-0305:49:251jV5d7-00089g-3h\<=info@whatsup2013.chH=\(lo	2020-05-09 23:21:35
176.48.13.231	attackspam	May 8 00:43:05 XXX sshd[52516]: Invalid user admin from 176.48.13.231 port 40540	2020-05-09 23:07:09
178.123.159.97	attackbotsspam	(smtpauth) Failed SMTP AUTH login from 178.123.159.97 (BY/Belarus/mm-97-159-123-178.gomel.dynamic.pppoe.byfly.by): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-05-08 00:27:08 plain authenticator failed for mm-97-159-123-178.gomel.dynamic.pppoe.byfly.by ([127.0.0.1]) [178.123.159.97]: 535 Incorrect authentication data (set_id=ravabet_omomi)	2020-05-09 22:38:12
27.191.150.42	attack	Unauthorized connection attempt detected from IP address 27.191.150.42 to port 1433 [T]	2020-05-09 23:26:10
71.6.232.5	attackspam	05/08/2020-22:49:40.452096 71.6.232.5 Protocol: 17 ET CINS Active Threat Intelligence Poor Reputation IP group 71	2020-05-09 23:07:36
163.44.150.59	attackspam	SSH auth scanning - multiple failed logins	2020-05-09 22:37:24
198.108.66.236	attackbotsspam	May 9 03:21:35 debian-2gb-nbg1-2 kernel: \[11246174.307105\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=198.108.66.236 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=32 ID=39405 PROTO=TCP SPT=3271 DPT=10031 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-09 23:03:34
182.74.25.246	attack	Found by fail2ban	2020-05-09 23:12:33
49.235.146.95	attack	SSH Invalid Login	2020-05-09 23:28:02
71.6.232.8	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 59 - port: 8333 proto: TCP cat: Misc Attack	2020-05-09 22:57:45
89.36.220.145	attackspam	May 9 05:00:38 lukav-desktop sshd\[17659\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.36.220.145 user=root May 9 05:00:40 lukav-desktop sshd\[17659\]: Failed password for root from 89.36.220.145 port 42459 ssh2 May 9 05:03:25 lukav-desktop sshd\[17700\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.36.220.145 user=root May 9 05:03:27 lukav-desktop sshd\[17700\]: Failed password for root from 89.36.220.145 port 34527 ssh2 May 9 05:06:17 lukav-desktop sshd\[3645\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.36.220.145 user=root	2020-05-09 22:52:48
13.92.102.213	attackspambots	May 9 04:38:21 ns382633 sshd\[10384\]: Invalid user prerana from 13.92.102.213 port 52618 May 9 04:38:21 ns382633 sshd\[10384\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.102.213 May 9 04:38:23 ns382633 sshd\[10384\]: Failed password for invalid user prerana from 13.92.102.213 port 52618 ssh2 May 9 04:53:23 ns382633 sshd\[12870\]: Invalid user phd from 13.92.102.213 port 57378 May 9 04:53:23 ns382633 sshd\[12870\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.102.213	2020-05-09 23:08:20
129.226.71.163	attack	May 9 03:17:38 l02a sshd[13581]: Invalid user shared from 129.226.71.163 May 9 03:17:38 l02a sshd[13581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.71.163 May 9 03:17:38 l02a sshd[13581]: Invalid user shared from 129.226.71.163 May 9 03:17:41 l02a sshd[13581]: Failed password for invalid user shared from 129.226.71.163 port 41330 ssh2	2020-05-09 23:15:39

最近上报的IP列表

220.173.89.59	49.111.99.96	75.176.55.63	116.231.50.160
66.199.167.35	108.37.90.140	45.188.1.134	213.205.197.87
1.119.173.113	117.195.220.157	94.29.166.138	208.68.7.129
156.234.168.125	103.206.55.116	94.245.72.203	94.25.165.105
13.208.153.179	109.232.67.178	166.104.230.183	91.5.252.98