111.42.102.140

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Mobile Communications Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	23/tcp [2019-12-12]1pkt	2019-12-13 00:29:39

相同子网IP讨论:

IP	类型	评论内容	时间
111.42.102.79	attackspam	User agent spoofing, Connecting to IP instead of domain name, Page: /HNAP1/	2020-05-07 01:14:37
111.42.102.67	attackspambots	Honeypot attack, port: 5555, PTR: PTR record not found	2020-04-25 03:32:16
111.42.102.127	attackspambots	GPON Home Routers Remote Code Execution Vulnerability	2020-04-02 05:51:06
111.42.102.153	attackbots	Unauthorized connection attempt detected from IP address 111.42.102.153 to port 2323 [J]	2020-01-23 00:28:39
111.42.102.142	attack	unauthorized connection attempt	2020-01-09 17:44:14
111.42.102.65	attack	Unauthorized connection attempt detected from IP address 111.42.102.65 to port 23 [T]	2020-01-09 01:59:28
111.42.102.128	attackspam	Jan 5 22:51:44 debian-2gb-nbg1-2 kernel: \[520425.417666\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=111.42.102.128 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0xE0 TTL=49 ID=36552 PROTO=TCP SPT=1600 DPT=23 WINDOW=57023 RES=0x00 SYN URGP=0	2020-01-06 05:54:28
111.42.102.129	attackbots	Honeypot attack, port: 23, PTR: PTR record not found	2020-01-05 00:45:19
111.42.102.81	attackbots	Dec 26 15:50:33 h2177944 kernel: \[570559.418076\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=40763 DF PROTO=TCP SPT=33462 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 Dec 26 15:50:33 h2177944 kernel: \[570559.418089\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=40763 DF PROTO=TCP SPT=33462 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 Dec 26 15:50:36 h2177944 kernel: \[570562.569922\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=40764 DF PROTO=TCP SPT=33462 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 Dec 26 15:50:36 h2177944 kernel: \[570562.569936\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=40764 DF PROTO=TCP SPT=33462 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 Dec 26 15:50:43 h2177944 kernel: \[570568.878485\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=	2019-12-27 03:21:44
111.42.102.134	attack	5060/udp [2019-12-13]1pkt	2019-12-14 00:53:02
111.42.102.145	attack	Automatic report - Port Scan Attack	2019-12-11 13:17:16
111.42.102.74	attack	Mirai and Reaper Exploitation Traffic	2019-11-23 05:19:47

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.42.102.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22207
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.42.102.140.			IN	A

;; AUTHORITY SECTION:
.			376	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121200 1800 900 604800 86400

;; Query time: 121 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 13 00:29:31 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 140.102.42.111.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 140.102.42.111.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
222.90.79.50	attackbots	Port Scan ...	2020-09-28 21:45:03
54.37.14.3	attack	$f2bV_matches	2020-09-28 21:34:58
116.196.94.108	attackbotsspam	Sep 28 12:45:28 meumeu sshd[858847]: Invalid user origin from 116.196.94.108 port 48400 Sep 28 12:45:28 meumeu sshd[858847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.108 Sep 28 12:45:28 meumeu sshd[858847]: Invalid user origin from 116.196.94.108 port 48400 Sep 28 12:45:31 meumeu sshd[858847]: Failed password for invalid user origin from 116.196.94.108 port 48400 ssh2 Sep 28 12:47:36 meumeu sshd[858946]: Invalid user paco from 116.196.94.108 port 45248 Sep 28 12:47:36 meumeu sshd[858946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.94.108 Sep 28 12:47:36 meumeu sshd[858946]: Invalid user paco from 116.196.94.108 port 45248 Sep 28 12:47:38 meumeu sshd[858946]: Failed password for invalid user paco from 116.196.94.108 port 45248 ssh2 Sep 28 12:49:21 meumeu sshd[859022]: Invalid user core from 116.196.94.108 port 39036 ...	2020-09-28 21:54:53
103.145.13.230	attackspam	103.145.13.230 was recorded 5 times by 2 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 5, 26, 157	2020-09-28 21:29:22
112.85.42.172	attackspam	Sep 28 11:31:35 gw1 sshd[7538]: Failed password for root from 112.85.42.172 port 38136 ssh2 Sep 28 11:31:48 gw1 sshd[7538]: error: maximum authentication attempts exceeded for root from 112.85.42.172 port 38136 ssh2 [preauth] ...	2020-09-28 21:41:32
51.38.187.198	attackbotsspam	xmlrpc attack	2020-09-28 21:17:18
138.68.248.80	attack	2020-09-28T11:25:45.097195vps-d63064a2 sshd[16738]: Invalid user adi from 138.68.248.80 port 49768 2020-09-28T11:25:47.228216vps-d63064a2 sshd[16738]: Failed password for invalid user adi from 138.68.248.80 port 49768 ssh2 2020-09-28T11:31:18.644362vps-d63064a2 sshd[16822]: Invalid user jessica from 138.68.248.80 port 59084 2020-09-28T11:31:18.654134vps-d63064a2 sshd[16822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.248.80 2020-09-28T11:31:18.644362vps-d63064a2 sshd[16822]: Invalid user jessica from 138.68.248.80 port 59084 2020-09-28T11:31:20.824607vps-d63064a2 sshd[16822]: Failed password for invalid user jessica from 138.68.248.80 port 59084 ssh2 ...	2020-09-28 21:49:21
152.32.164.141	attack	sshd: Failed password for .... from 152.32.164.141 port 52728 ssh2 (3 attempts)	2020-09-28 21:32:34
106.75.148.111	attackspambots	106.75.148.111 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 28 08:19:59 server5 sshd[13837]: Failed password for root from 179.243.62.83 port 28333 ssh2 Sep 28 08:17:29 server5 sshd[12669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.158.36 user=root Sep 28 08:17:31 server5 sshd[12669]: Failed password for root from 180.76.158.36 port 58450 ssh2 Sep 28 08:18:18 server5 sshd[13062]: Failed password for root from 62.171.148.132 port 54724 ssh2 Sep 28 08:14:43 server5 sshd[11724]: Failed password for root from 62.171.148.132 port 44784 ssh2 Sep 28 08:15:55 server5 sshd[12179]: Failed password for root from 106.75.148.111 port 47610 ssh2 IP Addresses Blocked: 179.243.62.83 (BR/Brazil/-) 180.76.158.36 (CN/China/-) 62.171.148.132 (DE/Germany/-)	2020-09-28 21:18:56
202.45.147.118	attack	SSH invalid-user multiple login attempts	2020-09-28 21:42:56
192.35.168.249	attackbotsspam	SMTP:25. Failed access attempt. IP Blocked	2020-09-28 21:19:20
122.51.68.7	attackbots	2020-09-27 UTC: (30x) - admin,alumno,arief,bot,deploy,ekp,ginseng,gitblit,maria,menu,misha,mongo,mysql,programacion,pt,root(7x),s1,secretaria,sonic,sysadm,train1,ubuntu,user,wiki	2020-09-28 21:34:12
138.128.216.164	attackbotsspam	Time: Sun Sep 27 04:55:24 2020 +0000 IP: 138.128.216.164 (NL/Netherlands/138.128.216.164.16clouds.com) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 27 04:48:18 3 sshd[17348]: Failed password for root from 138.128.216.164 port 57474 ssh2 Sep 27 04:52:55 3 sshd[27679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.128.216.164 user=root Sep 27 04:52:57 3 sshd[27679]: Failed password for root from 138.128.216.164 port 49920 ssh2 Sep 27 04:55:17 3 sshd[375]: Invalid user jenkins from 138.128.216.164 port 60744 Sep 27 04:55:20 3 sshd[375]: Failed password for invalid user jenkins from 138.128.216.164 port 60744 ssh2	2020-09-28 21:28:24
39.48.78.101	attackbots	/wp-login.php	2020-09-28 21:17:30
51.75.19.175	attackspambots	Time: Sat Sep 26 22:14:04 2020 00 IP: 51.75.19.175 (FR/France/175.ip-51-75-19.eu) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 26 21:54:23 -11 sshd[10137]: Invalid user signature from 51.75.19.175 port 54998 Sep 26 21:54:30 -11 sshd[10137]: Failed password for invalid user signature from 51.75.19.175 port 54998 ssh2 Sep 26 22:08:09 -11 sshd[10673]: Invalid user tg from 51.75.19.175 port 33088 Sep 26 22:08:11 -11 sshd[10673]: Failed password for invalid user tg from 51.75.19.175 port 33088 ssh2 Sep 26 22:14:02 -11 sshd[10875]: Invalid user robert from 51.75.19.175 port 51376	2020-09-28 21:29:47

最近上报的IP列表

63.81.90.9	117.247.141.153	63.81.90.51	23.125.91.111
63.81.90.50	63.81.90.47	63.81.90.38	181.34.177.151
41.230.125.103	109.241.214.210	63.81.90.37	63.81.90.33
63.81.90.31	3.135.230.91	83.209.1.83	63.81.90.29
63.81.90.21	63.81.90.188	63.81.90.19	63.81.90.14