111.42.102.67 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Mobile Communications Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Honeypot attack, port: 5555, PTR: PTR record not found	2020-04-25 03:32:16

Comments on same subnet:

IP	Type	Details	Datetime
111.42.102.79	attackspam	User agent spoofing, Connecting to IP instead of domain name, Page: /HNAP1/	2020-05-07 01:14:37
111.42.102.127	attackspambots	GPON Home Routers Remote Code Execution Vulnerability	2020-04-02 05:51:06
111.42.102.153	attackbots	Unauthorized connection attempt detected from IP address 111.42.102.153 to port 2323 [J]	2020-01-23 00:28:39
111.42.102.142	attack	unauthorized connection attempt	2020-01-09 17:44:14
111.42.102.65	attack	Unauthorized connection attempt detected from IP address 111.42.102.65 to port 23 [T]	2020-01-09 01:59:28
111.42.102.128	attackspam	Jan 5 22:51:44 debian-2gb-nbg1-2 kernel: \[520425.417666\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=111.42.102.128 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0xE0 TTL=49 ID=36552 PROTO=TCP SPT=1600 DPT=23 WINDOW=57023 RES=0x00 SYN URGP=0	2020-01-06 05:54:28
111.42.102.129	attackbots	Honeypot attack, port: 23, PTR: PTR record not found	2020-01-05 00:45:19
111.42.102.81	attackbots	Dec 26 15:50:33 h2177944 kernel: \[570559.418076\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=40763 DF PROTO=TCP SPT=33462 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 Dec 26 15:50:33 h2177944 kernel: \[570559.418089\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=40763 DF PROTO=TCP SPT=33462 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 Dec 26 15:50:36 h2177944 kernel: \[570562.569922\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=40764 DF PROTO=TCP SPT=33462 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 Dec 26 15:50:36 h2177944 kernel: \[570562.569936\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=40764 DF PROTO=TCP SPT=33462 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 Dec 26 15:50:43 h2177944 kernel: \[570568.878485\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=111.42.102.81 DST=85.214.117.9 LEN=	2019-12-27 03:21:44
111.42.102.134	attack	5060/udp [2019-12-13]1pkt	2019-12-14 00:53:02
111.42.102.140	attackspam	23/tcp [2019-12-12]1pkt	2019-12-13 00:29:39
111.42.102.145	attack	Automatic report - Port Scan Attack	2019-12-11 13:17:16
111.42.102.74	attack	Mirai and Reaper Exploitation Traffic	2019-11-23 05:19:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.42.102.67
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57378
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.42.102.67.			IN	A

;; AUTHORITY SECTION:
.			476	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042401 1800 900 604800 86400

;; Query time: 49 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 25 03:32:11 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 67.102.42.111.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 100.100.2.138, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 67.102.42.111.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.186.156.84	attack	Unauthorized connection attempt from IP address 138.186.156.84 on Port 445(SMB)	2019-10-09 06:44:32
59.10.104.17	attack	Port 1433 Scan	2019-10-09 06:21:08
91.121.157.83	attackbots	Oct 8 12:16:59 eddieflores sshd\[3480\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns342344.ip-91-121-157.eu user=root Oct 8 12:17:01 eddieflores sshd\[3480\]: Failed password for root from 91.121.157.83 port 47604 ssh2 Oct 8 12:20:36 eddieflores sshd\[3785\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns342344.ip-91-121-157.eu user=root Oct 8 12:20:38 eddieflores sshd\[3785\]: Failed password for root from 91.121.157.83 port 59608 ssh2 Oct 8 12:24:13 eddieflores sshd\[4051\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns342344.ip-91-121-157.eu user=root	2019-10-09 06:24:22
185.173.35.17	attackspam	" "	2019-10-09 06:49:20
159.224.192.124	attack	Unauthorized connection attempt from IP address 159.224.192.124 on Port 445(SMB)	2019-10-09 06:22:46
204.48.19.178	attack	Oct 9 00:12:47 localhost sshd\[745\]: Invalid user P4rol4@1234 from 204.48.19.178 port 33994 Oct 9 00:12:47 localhost sshd\[745\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.19.178 Oct 9 00:12:49 localhost sshd\[745\]: Failed password for invalid user P4rol4@1234 from 204.48.19.178 port 33994 ssh2	2019-10-09 06:18:44
212.156.93.22	attack	Unauthorized connection attempt from IP address 212.156.93.22 on Port 445(SMB)	2019-10-09 06:36:54
78.138.133.6	attackspam	Unauthorized connection attempt from IP address 78.138.133.6 on Port 445(SMB)	2019-10-09 06:56:07
167.99.158.136	attackspambots	Oct 8 12:04:33 hanapaa sshd\[13223\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.158.136 user=root Oct 8 12:04:35 hanapaa sshd\[13223\]: Failed password for root from 167.99.158.136 port 51342 ssh2 Oct 8 12:08:19 hanapaa sshd\[13550\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.158.136 user=root Oct 8 12:08:21 hanapaa sshd\[13550\]: Failed password for root from 167.99.158.136 port 34018 ssh2 Oct 8 12:12:15 hanapaa sshd\[13984\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.158.136 user=root	2019-10-09 06:36:04
89.46.125.39	attackspam	2019-10-08T22:04:51.556813abusebot.cloudsearch.cf sshd\[1487\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tor-relay.netshelter.de user=root	2019-10-09 06:27:39
178.128.112.98	attackbots	2019-10-08T20:02:49.158300abusebot-5.cloudsearch.cf sshd\[8524\]: Invalid user fuckyou from 178.128.112.98 port 47754	2019-10-09 06:52:42
95.6.61.198	attackspam	Unauthorized connection attempt from IP address 95.6.61.198 on Port 445(SMB)	2019-10-09 06:21:48
190.109.168.19	attackspambots	Unauthorized connection attempt from IP address 190.109.168.19 on Port 445(SMB)	2019-10-09 06:25:05
196.203.31.154	attackspambots	Oct 9 00:06:47 MK-Soft-VM5 sshd[8263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.203.31.154 Oct 9 00:06:49 MK-Soft-VM5 sshd[8263]: Failed password for invalid user user from 196.203.31.154 port 44536 ssh2 ...	2019-10-09 06:27:09
83.246.93.220	attackspambots	Oct 9 00:30:53 localhost sshd\[5342\]: Invalid user Passw0rd10 from 83.246.93.220 port 47073 Oct 9 00:30:53 localhost sshd\[5342\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.246.93.220 Oct 9 00:30:55 localhost sshd\[5342\]: Failed password for invalid user Passw0rd10 from 83.246.93.220 port 47073 ssh2	2019-10-09 06:32:10

Recently Reported IPs

14.185.20.131	223.255.228.107	39.35.8.232	119.206.2.248
5.137.209.208	114.39.193.137	27.209.86.248	211.107.158.93
113.187.250.112	87.34.143.49	247.95.97.249	36.93.48.91
14.180.14.238	191.215.245.87	171.140.154.206	76.142.154.51
110.221.227.48	124.123.82.169	0.5.129.68	136.188.129.31