必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Mobile Communications Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:
类型 评论内容 时间
attack
Automatic report - Port Scan Attack
2019-12-11 13:17:16
相同子网IP讨论:
IP 类型 评论内容 时间
111.42.102.79 attackspam
User agent spoofing, Connecting to IP instead of domain name, Page: /HNAP1/
2020-05-07 01:14:37
111.42.102.67 attackspambots
Honeypot attack, port: 5555, PTR: PTR record not found
2020-04-25 03:32:16
111.42.102.127 attackspambots
GPON Home Routers Remote Code Execution Vulnerability
2020-04-02 05:51:06
111.42.102.153 attackbots
Unauthorized connection attempt detected from IP address 111.42.102.153 to port 2323 [J]
2020-01-23 00:28:39
111.42.102.142 attack
unauthorized connection attempt
2020-01-09 17:44:14
111.42.102.65 attack
Unauthorized connection attempt detected from IP address 111.42.102.65 to port 23 [T]
2020-01-09 01:59:28
111.42.102.128 attackspam
Jan  5 22:51:44 debian-2gb-nbg1-2 kernel: \[520425.417666\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=111.42.102.128 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0xE0 TTL=49 ID=36552 PROTO=TCP SPT=1600 DPT=23 WINDOW=57023 RES=0x00 SYN URGP=0
2020-01-06 05:54:28
111.42.102.129 attackbots
Honeypot attack, port: 23, PTR: PTR record not found
2020-01-05 00:45:19
111.42.102.81 attackbots
Dec 26 15:50:33 h2177944 kernel: \[570559.418076\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=40763 DF PROTO=TCP SPT=33462 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 
Dec 26 15:50:33 h2177944 kernel: \[570559.418089\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=40763 DF PROTO=TCP SPT=33462 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 
Dec 26 15:50:36 h2177944 kernel: \[570562.569922\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=40764 DF PROTO=TCP SPT=33462 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 
Dec 26 15:50:36 h2177944 kernel: \[570562.569936\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=40764 DF PROTO=TCP SPT=33462 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 
Dec 26 15:50:43 h2177944 kernel: \[570568.878485\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=
2019-12-27 03:21:44
111.42.102.134 attack
5060/udp
[2019-12-13]1pkt
2019-12-14 00:53:02
111.42.102.140 attackspam
23/tcp
[2019-12-12]1pkt
2019-12-13 00:29:39
111.42.102.74 attack
Mirai and Reaper Exploitation Traffic
2019-11-23 05:19:47
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.42.102.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30030
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.42.102.145.			IN	A

;; AUTHORITY SECTION:
.			522	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121002 1800 900 604800 86400

;; Query time: 143 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 11 13:17:10 CST 2019
;; MSG SIZE  rcvd: 118
HOST信息:
Host 145.102.42.111.in-addr.arpa not found: 2(SERVFAIL)
NSLOOKUP信息:
;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 145.102.42.111.in-addr.arpa: SERVFAIL

相关IP信息:
最新评论:
IP 类型 评论内容 时间
84.1.30.70 attack
Apr 15 16:49:55 sip sshd[4266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.1.30.70
Apr 15 16:49:57 sip sshd[4266]: Failed password for invalid user mysql from 84.1.30.70 port 50934 ssh2
Apr 15 17:04:47 sip sshd[9821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.1.30.70
2020-04-15 23:38:50
185.202.1.240 attackspambots
2020-04-15T14:58:29.025407abusebot-3.cloudsearch.cf sshd[2611]: Invalid user kafka from 185.202.1.240 port 24007
2020-04-15T14:58:29.253989abusebot-3.cloudsearch.cf sshd[2611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.202.1.240
2020-04-15T14:58:29.025407abusebot-3.cloudsearch.cf sshd[2611]: Invalid user kafka from 185.202.1.240 port 24007
2020-04-15T14:58:30.926844abusebot-3.cloudsearch.cf sshd[2611]: Failed password for invalid user kafka from 185.202.1.240 port 24007 ssh2
2020-04-15T14:58:32.828696abusebot-3.cloudsearch.cf sshd[2616]: Invalid user linktechs from 185.202.1.240 port 28081
2020-04-15T14:58:33.058757abusebot-3.cloudsearch.cf sshd[2616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.202.1.240
2020-04-15T14:58:32.828696abusebot-3.cloudsearch.cf sshd[2616]: Invalid user linktechs from 185.202.1.240 port 28081
2020-04-15T14:58:34.947105abusebot-3.cloudsearch.cf sshd[2616]: Failed
...
2020-04-15 23:03:37
103.207.11.10 attackbots
Apr 15 14:10:37 haigwepa sshd[6209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.207.11.10 
Apr 15 14:10:38 haigwepa sshd[6209]: Failed password for invalid user office from 103.207.11.10 port 39596 ssh2
...
2020-04-15 23:09:19
42.56.70.168 attackspam
Apr 15 14:00:49 rotator sshd\[6342\]: Failed password for root from 42.56.70.168 port 46198 ssh2Apr 15 14:04:00 rotator sshd\[6392\]: Invalid user tsbot from 42.56.70.168Apr 15 14:04:02 rotator sshd\[6392\]: Failed password for invalid user tsbot from 42.56.70.168 port 36003 ssh2Apr 15 14:07:19 rotator sshd\[7190\]: Invalid user millard from 42.56.70.168Apr 15 14:07:20 rotator sshd\[7190\]: Failed password for invalid user millard from 42.56.70.168 port 54034 ssh2Apr 15 14:10:36 rotator sshd\[8009\]: Invalid user user from 42.56.70.168
...
2020-04-15 23:11:08
24.184.66.155 attackspambots
Honeypot attack, port: 5555, PTR: ool-18b8429b.dyn.optonline.net.
2020-04-15 23:50:42
196.0.0.73 attackbotsspam
Honeypot attack, port: 445, PTR: malaba-br2-core.ugandatelecom.com.
2020-04-15 23:08:27
27.221.97.3 attack
Apr 15 14:05:33 xeon sshd[19498]: Failed password for root from 27.221.97.3 port 37470 ssh2
2020-04-15 23:52:45
178.62.117.151 attack
firewall-block, port(s): 27252/tcp
2020-04-15 23:37:21
111.229.246.61 attackbotsspam
Apr 15 16:12:09 MainVPS sshd[23559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.246.61  user=root
Apr 15 16:12:11 MainVPS sshd[23559]: Failed password for root from 111.229.246.61 port 55044 ssh2
Apr 15 16:15:29 MainVPS sshd[26649]: Invalid user www from 111.229.246.61 port 33698
Apr 15 16:15:29 MainVPS sshd[26649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.246.61
Apr 15 16:15:29 MainVPS sshd[26649]: Invalid user www from 111.229.246.61 port 33698
Apr 15 16:15:31 MainVPS sshd[26649]: Failed password for invalid user www from 111.229.246.61 port 33698 ssh2
...
2020-04-15 23:38:07
222.186.42.155 attack
Apr 15 15:12:25 ip-172-31-61-156 sshd[9404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155  user=root
Apr 15 15:12:27 ip-172-31-61-156 sshd[9404]: Failed password for root from 222.186.42.155 port 40818 ssh2
...
2020-04-15 23:13:03
124.66.148.70 attackbotsspam
Honeypot attack, port: 445, PTR: mail.sanwagroup.com.sg.
2020-04-15 23:20:57
196.219.188.194 attackbots
(smtpauth) Failed SMTP AUTH login from 196.219.188.194 (EG/Egypt/host-196.219.188.194-static.tedata.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-04-15 16:40:18 plain authenticator failed for ([127.0.0.1]) [196.219.188.194]: 535 Incorrect authentication data (set_id=fd2302)
2020-04-15 23:22:43
196.217.108.232 attack
Unauthorized connection attempt detected from IP address 196.217.108.232 to port 8080
2020-04-15 23:41:06
181.30.28.59 attackbotsspam
Apr 15 14:09:17  sshd[32481]: Failed password for invalid user ftpuser from 181.30.28.59 port 50222 ssh2
2020-04-15 23:48:36
185.175.93.6 attackspam
04/15/2020-11:00:08.801865 185.175.93.6 Protocol: 6 ET DROP Dshield Block Listed Source group 1
2020-04-15 23:35:18

最近上报的IP列表

149.99.110.240 202.90.131.90 193.119.51.115 162.243.137.171
116.105.197.81 64.176.180.130 79.121.10.133 201.53.89.11
239.28.50.196 239.15.100.7 154.211.171.233 247.88.197.13
121.128.234.187 24.18.33.1 213.236.44.67 252.227.16.159
105.16.16.20 252.49.224.182 113.172.45.251 198.121.253.215