111.42.102.145

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Mobile Communications Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Automatic report - Port Scan Attack	2019-12-11 13:17:16

相同子网IP讨论:

IP	类型	评论内容	时间
111.42.102.79	attackspam	User agent spoofing, Connecting to IP instead of domain name, Page: /HNAP1/	2020-05-07 01:14:37
111.42.102.67	attackspambots	Honeypot attack, port: 5555, PTR: PTR record not found	2020-04-25 03:32:16
111.42.102.127	attackspambots	GPON Home Routers Remote Code Execution Vulnerability	2020-04-02 05:51:06
111.42.102.153	attackbots	Unauthorized connection attempt detected from IP address 111.42.102.153 to port 2323 [J]	2020-01-23 00:28:39
111.42.102.142	attack	unauthorized connection attempt	2020-01-09 17:44:14
111.42.102.65	attack	Unauthorized connection attempt detected from IP address 111.42.102.65 to port 23 [T]	2020-01-09 01:59:28
111.42.102.128	attackspam	Jan 5 22:51:44 debian-2gb-nbg1-2 kernel: \[520425.417666\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=111.42.102.128 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0xE0 TTL=49 ID=36552 PROTO=TCP SPT=1600 DPT=23 WINDOW=57023 RES=0x00 SYN URGP=0	2020-01-06 05:54:28
111.42.102.129	attackbots	Honeypot attack, port: 23, PTR: PTR record not found	2020-01-05 00:45:19
111.42.102.81	attackbots	Dec 26 15:50:33 h2177944 kernel: \[570559.418076\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=40763 DF PROTO=TCP SPT=33462 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 Dec 26 15:50:33 h2177944 kernel: \[570559.418089\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=40763 DF PROTO=TCP SPT=33462 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 Dec 26 15:50:36 h2177944 kernel: \[570562.569922\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=40764 DF PROTO=TCP SPT=33462 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 Dec 26 15:50:36 h2177944 kernel: \[570562.569936\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=40764 DF PROTO=TCP SPT=33462 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 Dec 26 15:50:43 h2177944 kernel: \[570568.878485\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=	2019-12-27 03:21:44
111.42.102.134	attack	5060/udp [2019-12-13]1pkt	2019-12-14 00:53:02
111.42.102.140	attackspam	23/tcp [2019-12-12]1pkt	2019-12-13 00:29:39
111.42.102.74	attack	Mirai and Reaper Exploitation Traffic	2019-11-23 05:19:47

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.42.102.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30030
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.42.102.145.			IN	A

;; AUTHORITY SECTION:
.			522	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121002 1800 900 604800 86400

;; Query time: 143 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 11 13:17:10 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 145.102.42.111.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 145.102.42.111.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
139.59.66.245	attackspambots	May 26 11:39:11 ip-172-31-61-156 sshd[21251]: Invalid user bandit from 139.59.66.245 May 26 11:39:13 ip-172-31-61-156 sshd[21251]: Failed password for invalid user bandit from 139.59.66.245 port 33892 ssh2 May 26 11:39:11 ip-172-31-61-156 sshd[21251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.66.245 May 26 11:39:11 ip-172-31-61-156 sshd[21251]: Invalid user bandit from 139.59.66.245 May 26 11:39:13 ip-172-31-61-156 sshd[21251]: Failed password for invalid user bandit from 139.59.66.245 port 33892 ssh2 ...	2020-05-26 19:49:54
198.108.66.236	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-26 20:01:35
59.152.246.174	attackbotsspam	Unauthorized connection attempt from IP address 59.152.246.174 on Port 445(SMB)	2020-05-26 20:18:56
118.168.24.215	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-26 19:57:54
186.235.149.153	attackspambots	20/5/26@03:30:26: FAIL: Alarm-Network address from=186.235.149.153 20/5/26@03:30:26: FAIL: Alarm-Network address from=186.235.149.153 ...	2020-05-26 19:52:29
59.144.158.82	attack	Unauthorized connection attempt from IP address 59.144.158.82 on Port 445(SMB)	2020-05-26 20:07:33
196.52.43.64	attackspam	firewall-block, port(s): 1900/udp	2020-05-26 20:04:53
195.184.204.47	attackbotsspam	Automatic report - Port Scan Attack	2020-05-26 20:14:00
114.143.141.98	attackbotsspam	SSH brute-force: detected 9 distinct usernames within a 24-hour window.	2020-05-26 19:50:10
167.99.74.187	attack	May 25 22:53:35 php1 sshd\[2095\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.187 user=root May 25 22:53:37 php1 sshd\[2095\]: Failed password for root from 167.99.74.187 port 40806 ssh2 May 25 22:57:47 php1 sshd\[2340\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.187 user=root May 25 22:57:49 php1 sshd\[2340\]: Failed password for root from 167.99.74.187 port 45906 ssh2 May 25 23:01:54 php1 sshd\[2599\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.187 user=root	2020-05-26 19:40:11
112.85.42.178	attackbotsspam	2020-05-26T11:35:15.748941dmca.cloudsearch.cf sshd[25640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.178 user=root 2020-05-26T11:35:17.887145dmca.cloudsearch.cf sshd[25640]: Failed password for root from 112.85.42.178 port 60691 ssh2 2020-05-26T11:35:21.334064dmca.cloudsearch.cf sshd[25640]: Failed password for root from 112.85.42.178 port 60691 ssh2 2020-05-26T11:35:15.748941dmca.cloudsearch.cf sshd[25640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.178 user=root 2020-05-26T11:35:17.887145dmca.cloudsearch.cf sshd[25640]: Failed password for root from 112.85.42.178 port 60691 ssh2 2020-05-26T11:35:21.334064dmca.cloudsearch.cf sshd[25640]: Failed password for root from 112.85.42.178 port 60691 ssh2 2020-05-26T11:35:15.748941dmca.cloudsearch.cf sshd[25640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.178 user=root 2020-05- ...	2020-05-26 19:36:59
222.186.173.238	attackspam	May 26 13:44:10 abendstille sshd\[28570\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root May 26 13:44:13 abendstille sshd\[28570\]: Failed password for root from 222.186.173.238 port 31230 ssh2 May 26 13:44:16 abendstille sshd\[28570\]: Failed password for root from 222.186.173.238 port 31230 ssh2 May 26 13:44:16 abendstille sshd\[28890\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root May 26 13:44:18 abendstille sshd\[28890\]: Failed password for root from 222.186.173.238 port 28926 ssh2 ...	2020-05-26 19:54:33
140.143.61.200	attackspambots	SSH brute-force: detected 6 distinct usernames within a 24-hour window.	2020-05-26 19:46:36
59.127.123.164	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-26 20:20:13
129.232.219.209	attack	ICMP MH Probe, Scan /Distributed -	2020-05-26 19:40:35

最近上报的IP列表

149.99.110.240	202.90.131.90	193.119.51.115	162.243.137.171
116.105.197.81	64.176.180.130	79.121.10.133	201.53.89.11
239.28.50.196	239.15.100.7	154.211.171.233	247.88.197.13
121.128.234.187	24.18.33.1	213.236.44.67	252.227.16.159
105.16.16.20	252.49.224.182	113.172.45.251	198.121.253.215