42.112.149.142

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Dec 21 07:04:42 h2421860 postfix/postscreen[18786]: CONNECT from [42.112.149.142]:20028 to [85.214.119.52]:25 Dec 21 07:04:42 h2421860 postfix/dnsblog[18789]: addr 42.112.149.142 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Dec 21 07:04:42 h2421860 postfix/dnsblog[18795]: addr 42.112.149.142 listed by domain zen.spamhaus.org as 127.0.0.11 Dec 21 07:04:42 h2421860 postfix/dnsblog[18795]: addr 42.112.149.142 listed by domain zen.spamhaus.org as 127.0.0.3 Dec 21 07:04:42 h2421860 postfix/dnsblog[18795]: addr 42.112.149.142 listed by domain zen.spamhaus.org as 127.0.0.4 Dec 21 07:04:43 h2421860 postfix/dnsblog[18796]: addr 42.112.149.142 listed by domain Unknown.trblspam.com as 185.53.179.7 Dec 21 07:04:48 h2421860 postfix/postscreen[18786]: DNSBL rank 5 for [42.112.149.142]:20028 Dec x@x Dec 21 07:04:51 h2421860 postfix/postscreen[18786]: HANGUP after 3.2 from [42.112.149.142]:20028 in tests after SMTP handshake Dec 21 07:04:51 h2421860 postfix/postscreen[18786]: DISC........ -------------------------------	2019-12-21 20:02:16

类型

评论内容

时间

attackbotsspam

Dec 21 07:04:42 h2421860 postfix/postscreen[18786]: CONNECT from [42.112.149.142]:20028 to [85.214.119.52]:25
Dec 21 07:04:42 h2421860 postfix/dnsblog[18789]: addr 42.112.149.142 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Dec 21 07:04:42 h2421860 postfix/dnsblog[18795]: addr 42.112.149.142 listed by domain zen.spamhaus.org as 127.0.0.11
Dec 21 07:04:42 h2421860 postfix/dnsblog[18795]: addr 42.112.149.142 listed by domain zen.spamhaus.org as 127.0.0.3
Dec 21 07:04:42 h2421860 postfix/dnsblog[18795]: addr 42.112.149.142 listed by domain zen.spamhaus.org as 127.0.0.4
Dec 21 07:04:43 h2421860 postfix/dnsblog[18796]: addr 42.112.149.142 listed by domain Unknown.trblspam.com as 185.53.179.7
Dec 21 07:04:48 h2421860 postfix/postscreen[18786]: DNSBL rank 5 for [42.112.149.142]:20028
Dec x@x
Dec 21 07:04:51 h2421860 postfix/postscreen[18786]: HANGUP after 3.2 from [42.112.149.142]:20028 in tests after SMTP handshake
Dec 21 07:04:51 h2421860 postfix/postscreen[18786]: DISC........
-------------------------------

2019-12-21 20:02:16

相同子网IP讨论:

IP	类型	评论内容	时间
42.112.149.45	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-11 16:32:15
42.112.149.40	attackbotsspam	1580791926 - 02/04/2020 05:52:06 Host: 42.112.149.40/42.112.149.40 Port: 445 TCP Blocked	2020-02-04 21:51:15
42.112.149.253	attackbots	Unauthorized connection attempt from IP address 42.112.149.253 on Port 445(SMB)	2020-01-30 04:57:58
42.112.149.115	attackbots	1578950453 - 01/13/2020 22:20:53 Host: 42.112.149.115/42.112.149.115 Port: 445 TCP Blocked	2020-01-14 08:21:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.112.149.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56007
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.112.149.142.			IN	A

;; AUTHORITY SECTION:
.			275	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122100 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 21 20:02:05 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 142.149.112.42.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 142.149.112.42.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
191.5.192.215	attackbots	Automatic report - Port Scan Attack	2019-10-28 17:43:17
78.128.113.119	attack	Oct 28 11:03:38 andromeda postfix/smtpd\[30419\]: warning: unknown\[78.128.113.119\]: SASL PLAIN authentication failed: authentication failure Oct 28 11:03:39 andromeda postfix/smtpd\[31840\]: warning: unknown\[78.128.113.119\]: SASL PLAIN authentication failed: authentication failure Oct 28 11:03:47 andromeda postfix/smtpd\[32143\]: warning: unknown\[78.128.113.119\]: SASL PLAIN authentication failed: authentication failure Oct 28 11:03:48 andromeda postfix/smtpd\[30419\]: warning: unknown\[78.128.113.119\]: SASL PLAIN authentication failed: authentication failure Oct 28 11:03:59 andromeda postfix/smtpd\[30419\]: warning: unknown\[78.128.113.119\]: SASL PLAIN authentication failed: authentication failure	2019-10-28 18:10:16
61.183.35.44	attackbots	Oct 28 10:27:10 localhost sshd\[14177\]: Invalid user text from 61.183.35.44 Oct 28 10:27:10 localhost sshd\[14177\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.183.35.44 Oct 28 10:27:12 localhost sshd\[14177\]: Failed password for invalid user text from 61.183.35.44 port 58369 ssh2 Oct 28 10:33:06 localhost sshd\[14518\]: Invalid user steam from 61.183.35.44 Oct 28 10:33:06 localhost sshd\[14518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.183.35.44 ...	2019-10-28 18:01:56
119.90.61.10	attackbots	Oct 27 21:48:54 friendsofhawaii sshd\[7820\]: Invalid user sa from 119.90.61.10 Oct 27 21:48:54 friendsofhawaii sshd\[7820\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.90.61.10 Oct 27 21:48:56 friendsofhawaii sshd\[7820\]: Failed password for invalid user sa from 119.90.61.10 port 52904 ssh2 Oct 27 21:54:11 friendsofhawaii sshd\[8244\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.90.61.10 user=root Oct 27 21:54:12 friendsofhawaii sshd\[8244\]: Failed password for root from 119.90.61.10 port 40460 ssh2	2019-10-28 17:56:54
193.231.140.185	attackbotsspam	Oct 28 04:06:17 django sshd[44533]: Invalid user login from 193.231.140.185 Oct 28 04:06:17 django sshd[44533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.231.140.185 Oct 28 04:06:19 django sshd[44533]: Failed password for invalid user login from 193.231.140.185 port 58065 ssh2 Oct 28 04:06:19 django sshd[44534]: Received disconnect from 193.231.140.185: 11: Bye Bye Oct 28 04:23:42 django sshd[46082]: Invalid user nat from 193.231.140.185 Oct 28 04:23:42 django sshd[46082]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.231.140.185 Oct 28 04:23:44 django sshd[46082]: Failed password for invalid user nat from 193.231.140.185 port 57858 ssh2 Oct 28 04:23:44 django sshd[46083]: Received disconnect from 193.231.140.185: 11: Bye Bye Oct 28 04:25:02 django sshd[46160]: Invalid user ibm from 193.231.140.185 Oct 28 04:25:02 django sshd[46160]: pam_unix(sshd:auth): authentication fail........ -------------------------------	2019-10-28 18:06:38
71.6.199.23	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 66 - port: 3389 proto: TCP cat: Misc Attack	2019-10-28 17:54:35
112.85.42.87	attack	Oct 27 23:59:01 sachi sshd\[25142\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.87 user=root Oct 27 23:59:03 sachi sshd\[25142\]: Failed password for root from 112.85.42.87 port 23320 ssh2 Oct 27 23:59:37 sachi sshd\[25200\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.87 user=root Oct 27 23:59:39 sachi sshd\[25200\]: Failed password for root from 112.85.42.87 port 21528 ssh2 Oct 28 00:00:14 sachi sshd\[25280\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.87 user=root	2019-10-28 18:07:26
49.88.112.114	attack	Oct 28 10:41:48 vps691689 sshd[24270]: Failed password for root from 49.88.112.114 port 32896 ssh2 Oct 28 10:42:30 vps691689 sshd[24275]: Failed password for root from 49.88.112.114 port 11892 ssh2 ...	2019-10-28 18:00:40
103.106.119.154	attack	Automatic report - XMLRPC Attack	2019-10-28 17:57:30
167.249.189.111	attackbots	Oct 28 11:06:35 SilenceServices sshd[19215]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.249.189.111 Oct 28 11:06:38 SilenceServices sshd[19215]: Failed password for invalid user virgin from 167.249.189.111 port 2262 ssh2 Oct 28 11:11:21 SilenceServices sshd[22194]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.249.189.111	2019-10-28 18:13:11
177.6.80.23	attack	Automatic report - SSH Brute-Force Attack	2019-10-28 17:57:47
27.71.224.2	attackspam	ssh failed login	2019-10-28 17:52:36
129.211.10.228	attackbotsspam	Invalid user Admin from 129.211.10.228 port 39546	2019-10-28 17:34:59
134.175.197.226	attackbotsspam	2019-10-18T09:23:49.756808ns525875 sshd\[7449\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.197.226 user=root 2019-10-18T09:23:51.929788ns525875 sshd\[7449\]: Failed password for root from 134.175.197.226 port 55380 ssh2 2019-10-18T09:29:11.584589ns525875 sshd\[14012\]: Invalid user nathalie from 134.175.197.226 port 46364 2019-10-18T09:29:11.591415ns525875 sshd\[14012\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.197.226 2019-10-18T09:39:53.121003ns525875 sshd\[26784\]: Invalid user zimbra from 134.175.197.226 port 56550 2019-10-18T09:39:53.127876ns525875 sshd\[26784\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.197.226 2019-10-18T09:39:54.639723ns525875 sshd\[26784\]: Failed password for invalid user zimbra from 134.175.197.226 port 56550 ssh2 2019-10-18T09:45:31.583571ns525875 sshd\[1173\]: pam_unix$sshd:auth$: aut ...	2019-10-28 17:46:51
112.170.27.139	attackspambots	$f2bV_matches	2019-10-28 17:47:33

最近上报的IP列表

41.8.56.132	196.100.35.184	197.153.124.103	68.242.226.59
131.40.19.219	195.198.197.217	58.247.194.108	242.203.155.253
157.50.36.38	246.141.41.128	90.243.3.242	199.26.199.61
125.175.166.132	58.154.181.79	106.249.81.159	239.83.172.187
121.177.73.141	211.25.234.14	14.186.239.210	49.232.173.88