121.52.145.197

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Pakistan

运营商(isp): Pern-Pakistan Education & Research Network is an

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 15:38:53,015 INFO [shellcode_manager] (121.52.145.197) no match, writing hexdump (b700a7d86b7fbaf277cf51b638f0e724 :2073382) - MS17010 (EternalBlue)	2019-07-23 06:54:43

类型

评论内容

时间

attack

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 15:38:53,015 INFO [shellcode_manager] (121.52.145.197) no match, writing hexdump (b700a7d86b7fbaf277cf51b638f0e724 :2073382) - MS17010 (EternalBlue)

2019-07-23 06:54:43

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.52.145.197
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39399
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.52.145.197.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062001 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jun 21 06:27:37 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

197.145.52.121.in-addr.arpa domain name pointer mce.edu.pk.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
197.145.52.121.in-addr.arpa	name = mce.edu.pk.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
85.175.245.192	attack	Feb 10 04:57:15 sigma sshd\[22132\]: Failed password for root from 85.175.245.192 port 41172 ssh2Feb 10 04:57:17 sigma sshd\[22132\]: Failed password for root from 85.175.245.192 port 41172 ssh2 ...	2020-02-10 13:33:14
103.72.222.35	attackspam	Automatic report - SSH Brute-Force Attack	2020-02-10 13:13:19
198.154.198.110	attackbots	2020-02-10 05:50:19 dovecot_login authenticator failed for $ADMIN$ \[198.154.198.110\]: 535 Incorrect authentication data $set_id=mail@nopcommerce.it$ 2020-02-10 05:50:47 dovecot_login authenticator failed for $ADMIN$ \[198.154.198.110\]: 535 Incorrect authentication data $set_id=mail@opso.it$ 2020-02-10 05:54:03 dovecot_login authenticator failed for $ADMIN$ \[198.154.198.110\]: 535 Incorrect authentication data $set_id=info@nopcommerce.it$ 2020-02-10 05:54:31 dovecot_login authenticator failed for $ADMIN$ \[198.154.198.110\]: 535 Incorrect authentication data $set_id=info@opso.it$ 2020-02-10 05:57:43 dovecot_login authenticator failed for $ADMIN$ \[198.154.198.110\]: 535 Incorrect authentication data $set_id=@nopcommerce.it$	2020-02-10 13:04:46
101.89.151.127	attackbots	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.151.127 Failed password for invalid user gvb from 101.89.151.127 port 50067 ssh2 Invalid user jva from 101.89.151.127 port 60579 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.151.127 Failed password for invalid user jva from 101.89.151.127 port 60579 ssh2	2020-02-10 13:15:40
122.53.125.250	attack	Honeypot attack, port: 445, PTR: 122.53.125.250.static.pldt.net.	2020-02-10 13:38:01
42.58.7.237	attack	unauthorized connection attempt	2020-02-10 13:33:34
61.177.172.128	attack	$f2bV_matches	2020-02-10 13:02:36
42.104.97.231	attackspambots	Feb 10 05:57:11 nextcloud sshd\[21154\]: Invalid user jfe from 42.104.97.231 Feb 10 05:57:11 nextcloud sshd\[21154\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.104.97.231 Feb 10 05:57:13 nextcloud sshd\[21154\]: Failed password for invalid user jfe from 42.104.97.231 port 45688 ssh2	2020-02-10 13:35:25
203.77.246.210	attackbots	1581310657 - 02/10/2020 05:57:37 Host: 203.77.246.210/203.77.246.210 Port: 445 TCP Blocked	2020-02-10 13:10:20
110.232.253.23	attackbots	(From online@website-rankings.co) Hello and Good Day I am Sanjeev Yadav, Marketing Manager with a reputable online marketing company based in India. We can fairly quickly promote your website to the top of the search rankings with no long term contracts! We can place your website on top of the Natural Listings on Google, Yahoo and MSN. Our Search Engine Optimization team delivers more top rankings than anyone else and we can prove it. We do not use "link farms" or "black hat" methods that Google and the other search engines frown upon and can use to de-list or ban your site. The techniques are proprietary, involving some valuable closely held trade secrets. Our prices are less than half of what other companies charge. We would be happy to send you a proposal using the top search phrases for your area of expertise. Please contact me at your convenience so we can start saving you some money. In order for us to respond to your request for information, please include your company’s website address	2020-02-10 13:17:23
111.254.202.83	attackspambots	Honeypot attack, port: 445, PTR: 111-254-202-83.dynamic-ip.hinet.net.	2020-02-10 13:07:43
81.31.204.9	attackspam	Feb 9 19:25:05 hpm sshd\[7995\]: Invalid user fe from 81.31.204.9 Feb 9 19:25:05 hpm sshd\[7995\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.31.204.9 Feb 9 19:25:07 hpm sshd\[7995\]: Failed password for invalid user fe from 81.31.204.9 port 53014 ssh2 Feb 9 19:28:17 hpm sshd\[8387\]: Invalid user klv from 81.31.204.9 Feb 9 19:28:17 hpm sshd\[8387\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.31.204.9	2020-02-10 13:41:39
202.77.105.100	attack	Feb 10 00:26:57 plusreed sshd[24868]: Invalid user tmo from 202.77.105.100 Feb 10 00:26:57 plusreed sshd[24868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.77.105.100 Feb 10 00:26:57 plusreed sshd[24868]: Invalid user tmo from 202.77.105.100 Feb 10 00:26:59 plusreed sshd[24868]: Failed password for invalid user tmo from 202.77.105.100 port 48654 ssh2 ...	2020-02-10 13:35:46
106.12.197.232	attack	Feb 10 01:54:03 firewall sshd[24602]: Invalid user gnf from 106.12.197.232 Feb 10 01:54:05 firewall sshd[24602]: Failed password for invalid user gnf from 106.12.197.232 port 49480 ssh2 Feb 10 01:57:29 firewall sshd[24738]: Invalid user jkn from 106.12.197.232 ...	2020-02-10 13:19:34
49.73.61.26	attackspam	Feb 10 05:53:48 sd-53420 sshd\[9951\]: Invalid user tol from 49.73.61.26 Feb 10 05:53:48 sd-53420 sshd\[9951\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.73.61.26 Feb 10 05:53:50 sd-53420 sshd\[9951\]: Failed password for invalid user tol from 49.73.61.26 port 42553 ssh2 Feb 10 05:57:24 sd-53420 sshd\[10289\]: Invalid user kjd from 49.73.61.26 Feb 10 05:57:24 sd-53420 sshd\[10289\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.73.61.26 ...	2020-02-10 13:24:23

最近上报的IP列表

59.194.123.206	49.206.197.238	94.23.76.183	198.71.239.29
14.136.24.138	103.18.4.8	113.10.152.199	210.242.252.80
87.242.15.165	196.46.20.132	220.142.18.162	35.242.229.248
237.14.143.210	206.189.207.200	186.237.91.56	183.191.183.235
1.224.228.233	185.132.231.242	207.237.127.163	223.223.205.229