42.112.149.142

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Dec 21 07:04:42 h2421860 postfix/postscreen[18786]: CONNECT from [42.112.149.142]:20028 to [85.214.119.52]:25 Dec 21 07:04:42 h2421860 postfix/dnsblog[18789]: addr 42.112.149.142 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Dec 21 07:04:42 h2421860 postfix/dnsblog[18795]: addr 42.112.149.142 listed by domain zen.spamhaus.org as 127.0.0.11 Dec 21 07:04:42 h2421860 postfix/dnsblog[18795]: addr 42.112.149.142 listed by domain zen.spamhaus.org as 127.0.0.3 Dec 21 07:04:42 h2421860 postfix/dnsblog[18795]: addr 42.112.149.142 listed by domain zen.spamhaus.org as 127.0.0.4 Dec 21 07:04:43 h2421860 postfix/dnsblog[18796]: addr 42.112.149.142 listed by domain Unknown.trblspam.com as 185.53.179.7 Dec 21 07:04:48 h2421860 postfix/postscreen[18786]: DNSBL rank 5 for [42.112.149.142]:20028 Dec x@x Dec 21 07:04:51 h2421860 postfix/postscreen[18786]: HANGUP after 3.2 from [42.112.149.142]:20028 in tests after SMTP handshake Dec 21 07:04:51 h2421860 postfix/postscreen[18786]: DISC........ -------------------------------	2019-12-21 20:02:16

类型

评论内容

时间

attackbotsspam

Dec 21 07:04:42 h2421860 postfix/postscreen[18786]: CONNECT from [42.112.149.142]:20028 to [85.214.119.52]:25
Dec 21 07:04:42 h2421860 postfix/dnsblog[18789]: addr 42.112.149.142 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Dec 21 07:04:42 h2421860 postfix/dnsblog[18795]: addr 42.112.149.142 listed by domain zen.spamhaus.org as 127.0.0.11
Dec 21 07:04:42 h2421860 postfix/dnsblog[18795]: addr 42.112.149.142 listed by domain zen.spamhaus.org as 127.0.0.3
Dec 21 07:04:42 h2421860 postfix/dnsblog[18795]: addr 42.112.149.142 listed by domain zen.spamhaus.org as 127.0.0.4
Dec 21 07:04:43 h2421860 postfix/dnsblog[18796]: addr 42.112.149.142 listed by domain Unknown.trblspam.com as 185.53.179.7
Dec 21 07:04:48 h2421860 postfix/postscreen[18786]: DNSBL rank 5 for [42.112.149.142]:20028
Dec x@x
Dec 21 07:04:51 h2421860 postfix/postscreen[18786]: HANGUP after 3.2 from [42.112.149.142]:20028 in tests after SMTP handshake
Dec 21 07:04:51 h2421860 postfix/postscreen[18786]: DISC........
-------------------------------

2019-12-21 20:02:16

相同子网IP讨论:

IP	类型	评论内容	时间
42.112.149.45	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-11 16:32:15
42.112.149.40	attackbotsspam	1580791926 - 02/04/2020 05:52:06 Host: 42.112.149.40/42.112.149.40 Port: 445 TCP Blocked	2020-02-04 21:51:15
42.112.149.253	attackbots	Unauthorized connection attempt from IP address 42.112.149.253 on Port 445(SMB)	2020-01-30 04:57:58
42.112.149.115	attackbots	1578950453 - 01/13/2020 22:20:53 Host: 42.112.149.115/42.112.149.115 Port: 445 TCP Blocked	2020-01-14 08:21:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.112.149.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56007
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.112.149.142.			IN	A

;; AUTHORITY SECTION:
.			275	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122100 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 21 20:02:05 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 142.149.112.42.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 142.149.112.42.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
175.6.5.233	attack	Mar 1 00:42:30 NPSTNNYC01T sshd[6492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.6.5.233 Mar 1 00:42:32 NPSTNNYC01T sshd[6492]: Failed password for invalid user administrator from 175.6.5.233 port 29920 ssh2 Mar 1 00:45:33 NPSTNNYC01T sshd[6746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.6.5.233 ...	2020-03-01 14:06:49
184.176.219.93	attack	Brute forcing email accounts	2020-03-01 14:07:42
103.4.67.83	attackspambots	Unauthorized connection attempt detected from IP address 103.4.67.83 to port 445	2020-03-01 13:35:15
118.69.141.239	attackbotsspam	Honeypot attack, port: 81, PTR: PTR record not found	2020-03-01 14:10:30
1.80.218.61	attackbotsspam	Invalid user ftpuser from 1.80.218.61 port 4998	2020-03-01 14:04:31
174.68.175.245	attackspambots	Honeypot attack, port: 5555, PTR: ip174-68-175-245.lv.lv.cox.net.	2020-03-01 14:08:05
171.97.106.51	attack	Automatic report - Port Scan Attack	2020-03-01 13:28:10
107.6.171.131	attackspam	Honeypot attack, port: 445, PTR: sh-ams-nl-gp1-wk104.internet-census.org.	2020-03-01 14:02:56
222.186.175.140	attackbotsspam	Mar 1 06:44:40 dedicated sshd[20829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.140 user=root Mar 1 06:44:42 dedicated sshd[20829]: Failed password for root from 222.186.175.140 port 3952 ssh2	2020-03-01 14:03:42
218.92.0.184	attackspam	Mar 1 05:37:51 combo sshd[1658]: Failed password for root from 218.92.0.184 port 9393 ssh2 Mar 1 05:37:56 combo sshd[1658]: Failed password for root from 218.92.0.184 port 9393 ssh2 Mar 1 05:37:59 combo sshd[1658]: Failed password for root from 218.92.0.184 port 9393 ssh2 ...	2020-03-01 13:38:25
213.186.33.40	spam	MARRE de ces ORDURES et autres FILS de PUTE genre SOUS MERDES capables de POLLUER STUPIDEMENT pour ne pas dire CONNEMENT la Planète par des POURRIELS INUTILES sur des listes VOLÉES on ne sait où et SANS notre accord, en TOTALE INFRACTION avec les Législations Européennes comme Française sur la RGPD, donc à condamner à 750 € par pourriel émis ! christophe@transletter.eu MICCICHE Christophe Léonard Michel (COUDOUX - 13111) 512 509 597 puis 831 288 469 - SAS https://www.interppro.net interppro.net => Network Solutions, LLC => web.com => 23.236.62.147 https://www.mywot.com/scorecard/interppro.net https://www.mywot.com/scorecard/web.com https://en.asytech.cn/check-ip/23.236.62.147 https://www.infogreffe.fr/entreprise-societe/831288469-interppro-130417B008730000.html transletter.eu => 188.165.53.185 188.165.53.185 => OVH https://www.mywot.com/scorecard/transletter.eu https://www.mywot.com/scorecard/ovh.com https://en.asytech.cn/check-ip/188.165.53.185 Message-ID: <15f55a827779eb9c458f92891af92f81@transletter.eu> From: Cliquez ICI pour vous désabonner cmati.com => 213.186.33.40 213.186.33.40 => OVH https://www.mywot.com/scorecard/cmati.com https://www.mywot.com/scorecard/ovh.com https://en.asytech.cn/check-ip/213.186.33.40	2020-03-01 13:46:35
49.88.112.76	attackspambots	2020-03-01T05:49:31.083206shield sshd\[26436\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.76 user=root 2020-03-01T05:49:33.256555shield sshd\[26436\]: Failed password for root from 49.88.112.76 port 15268 ssh2 2020-03-01T05:49:35.295430shield sshd\[26436\]: Failed password for root from 49.88.112.76 port 15268 ssh2 2020-03-01T05:49:37.945499shield sshd\[26436\]: Failed password for root from 49.88.112.76 port 15268 ssh2 2020-03-01T05:51:11.292461shield sshd\[26752\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.76 user=root	2020-03-01 13:57:14
51.91.254.143	attackspambots	Feb 29 19:41:22 hanapaa sshd\[6321\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.ip-51-91-254.eu user=news Feb 29 19:41:24 hanapaa sshd\[6321\]: Failed password for news from 51.91.254.143 port 45250 ssh2 Feb 29 19:46:46 hanapaa sshd\[6778\]: Invalid user cpaneleximscanner from 51.91.254.143 Feb 29 19:46:46 hanapaa sshd\[6778\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.ip-51-91-254.eu Feb 29 19:46:47 hanapaa sshd\[6778\]: Failed password for invalid user cpaneleximscanner from 51.91.254.143 port 55844 ssh2	2020-03-01 13:48:06
178.156.202.137	attack	Unauthorized connection attempt detected from IP address 178.156.202.137 to port 22 [J]	2020-03-01 14:09:28
54.39.22.191	attackspambots	Mar 1 06:25:01 localhost sshd\[23122\]: Invalid user paul from 54.39.22.191 port 45990 Mar 1 06:25:01 localhost sshd\[23122\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.22.191 Mar 1 06:25:03 localhost sshd\[23122\]: Failed password for invalid user paul from 54.39.22.191 port 45990 ssh2	2020-03-01 13:40:19

最近上报的IP列表

41.8.56.132	196.100.35.184	197.153.124.103	68.242.226.59
131.40.19.219	195.198.197.217	58.247.194.108	242.203.155.253
157.50.36.38	246.141.41.128	90.243.3.242	199.26.199.61
125.175.166.132	58.154.181.79	106.249.81.159	239.83.172.187
121.177.73.141	211.25.234.14	14.186.239.210	49.232.173.88