1.1.242.71 - IPInfo

基本信息:

城市(city): Kantharawichai

省份(region): Maha Sarakham

国家(country): Thailand

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
1.1.242.100	attack	Unauthorized connection attempt from IP address 1.1.242.100 on Port 445(SMB)	2020-07-08 13:35:35
1.1.242.100	attackspam	SSH / Telnet Brute Force Attempts on Honeypot	2020-06-26 08:42:44
1.1.242.43	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 12-03-2020 03:50:08.	2020-03-12 17:03:35
1.1.242.89	attackspambots	port scan/probe/communication attempt; port 23	2019-11-24 07:09:49
1.1.242.11	attack	Unauthorized connection attempt from IP address 1.1.242.11 on Port 445(SMB)	2019-08-28 00:26:49

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.1.242.71
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30420
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.1.242.71.			IN	A

;; AUTHORITY SECTION:
.			362	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030300 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 03 22:25:31 CST 2022
;; MSG SIZE  rcvd: 103

HOST信息:

71.242.1.1.in-addr.arpa domain name pointer node-mkn.pool-1-1.dynamic.totinternet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
71.242.1.1.in-addr.arpa	name = node-mkn.pool-1-1.dynamic.totinternet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
51.79.84.101	attack	2020-09-20T18:23:22.426906abusebot-2.cloudsearch.cf sshd[27803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.ip-51-79-84.net user=root 2020-09-20T18:23:25.221946abusebot-2.cloudsearch.cf sshd[27803]: Failed password for root from 51.79.84.101 port 53516 ssh2 2020-09-20T18:26:27.350730abusebot-2.cloudsearch.cf sshd[27943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.ip-51-79-84.net user=root 2020-09-20T18:26:29.704783abusebot-2.cloudsearch.cf sshd[27943]: Failed password for root from 51.79.84.101 port 45870 ssh2 2020-09-20T18:29:37.942694abusebot-2.cloudsearch.cf sshd[28209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.ip-51-79-84.net user=root 2020-09-20T18:29:40.548426abusebot-2.cloudsearch.cf sshd[28209]: Failed password for root from 51.79.84.101 port 38228 ssh2 2020-09-20T18:32:45.653486abusebot-2.cloudsearch.cf sshd[28472]: pam_unix(ss ...	2020-09-21 04:45:58
195.54.166.118	attack	RDP brute forcing (r)	2020-09-21 04:23:53
191.235.80.118	attack	MSSQL brute force auth on honeypot	2020-09-21 04:37:00
106.12.186.130	attackspambots	Invalid user ubuntu from 106.12.186.130 port 48848	2020-09-21 04:16:11
162.243.128.94	attackbotsspam	8333/tcp 1434/udp 28015/tcp... [2020-07-23/09-20]30pkt,26pt.(tcp),2pt.(udp)	2020-09-21 04:47:02
79.37.243.21	attackspambots	Sep 20 18:50:21 pl1server sshd[24283]: Invalid user pi from 79.37.243.21 port 44278 Sep 20 18:50:21 pl1server sshd[24282]: Invalid user pi from 79.37.243.21 port 44276 Sep 20 18:50:21 pl1server sshd[24283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.37.243.21 Sep 20 18:50:21 pl1server sshd[24282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.37.243.21 Sep 20 18:50:23 pl1server sshd[24283]: Failed password for invalid user pi from 79.37.243.21 port 44278 ssh2 Sep 20 18:50:23 pl1server sshd[24282]: Failed password for invalid user pi from 79.37.243.21 port 44276 ssh2 Sep 20 18:50:23 pl1server sshd[24283]: Connection closed by 79.37.243.21 port 44278 [preauth] Sep 20 18:50:23 pl1server sshd[24282]: Connection closed by 79.37.243.21 port 44276 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=79.37.243.21	2020-09-21 04:47:47
217.182.68.93	attackbots	Sep 20 20:14:38 server sshd[53211]: Failed password for root from 217.182.68.93 port 51158 ssh2 Sep 20 20:18:34 server sshd[54043]: Failed password for root from 217.182.68.93 port 33210 ssh2 Sep 20 20:22:25 server sshd[55001]: Failed password for root from 217.182.68.93 port 43494 ssh2	2020-09-21 04:43:54
203.170.58.241	attackspam	Brute Force	2020-09-21 04:32:38
222.186.175.169	attack	[MK-VM6] SSH login failed	2020-09-21 04:26:35
112.85.42.172	attackspam	Sep 20 16:18:05 NPSTNNYC01T sshd[23986]: Failed password for root from 112.85.42.172 port 11703 ssh2 Sep 20 16:18:09 NPSTNNYC01T sshd[23986]: Failed password for root from 112.85.42.172 port 11703 ssh2 Sep 20 16:18:12 NPSTNNYC01T sshd[23986]: Failed password for root from 112.85.42.172 port 11703 ssh2 Sep 20 16:18:15 NPSTNNYC01T sshd[23986]: Failed password for root from 112.85.42.172 port 11703 ssh2 ...	2020-09-21 04:18:37
195.140.187.40	attackbots	Newsletter E-Mail Spam (Confirmed) [C2A525F6716EFDA0CD]	2020-09-21 04:29:40
222.186.31.166	attack	Sep 20 22:13:24 abendstille sshd\[12066\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root Sep 20 22:13:25 abendstille sshd\[12087\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root Sep 20 22:13:25 abendstille sshd\[12066\]: Failed password for root from 222.186.31.166 port 33321 ssh2 Sep 20 22:13:27 abendstille sshd\[12087\]: Failed password for root from 222.186.31.166 port 42752 ssh2 Sep 20 22:13:28 abendstille sshd\[12066\]: Failed password for root from 222.186.31.166 port 33321 ssh2 ...	2020-09-21 04:18:23
113.111.61.225	attackbotsspam	Sep 20 16:41:16 ws12vmsma01 sshd[4014]: Invalid user user04 from 113.111.61.225 Sep 20 16:41:19 ws12vmsma01 sshd[4014]: Failed password for invalid user user04 from 113.111.61.225 port 52930 ssh2 Sep 20 16:45:21 ws12vmsma01 sshd[4603]: Invalid user teste from 113.111.61.225 ...	2020-09-21 04:30:04
62.234.115.152	attack	Lines containing failures of 62.234.115.152 Sep 19 20:34:03 nxxxxxxx sshd[917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.115.152 user=r.r Sep 19 20:34:05 nxxxxxxx sshd[917]: Failed password for r.r from 62.234.115.152 port 51692 ssh2 Sep 19 20:34:05 nxxxxxxx sshd[917]: Received disconnect from 62.234.115.152 port 51692:11: Bye Bye [preauth] Sep 19 20:34:05 nxxxxxxx sshd[917]: Disconnected from authenticating user r.r 62.234.115.152 port 51692 [preauth] Sep 19 20:39:16 nxxxxxxx sshd[1598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.115.152 user=r.r Sep 19 20:39:18 nxxxxxxx sshd[1598]: Failed password for r.r from 62.234.115.152 port 47858 ssh2 Sep 19 20:39:18 nxxxxxxx sshd[1598]: Received disconnect from 62.234.115.152 port 47858:11: Bye Bye [preauth] Sep 19 20:39:18 nxxxxxxx sshd[1598]: Disconnected from authenticating user r.r 62.234.115.152 port 47858 [preauth] S........ ------------------------------	2020-09-21 04:36:33
187.111.1.57	attackspambots	Sep 20 19:03:25 mellenthin postfix/smtpd[12072]: NOQUEUE: reject: RCPT from unknown[187.111.1.57]: 554 5.7.1 Service unavailable; Client host [187.111.1.57] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/187.111.1.57; from= to= proto=ESMTP helo=<57.1.111.187.flexseg.com.br>	2020-09-21 04:39:21

最近上报的IP列表

1.1.241.56	1.1.243.106	1.1.244.186	1.1.244.189
1.1.245.69	1.1.246.39	1.1.251.134	1.10.130.55
1.10.132.109	1.10.133.109	1.10.133.180	1.10.133.241
1.117.149.208	1.117.240.93	1.117.65.73	1.117.83.110
1.117.97.110	1.119.141.60	1.119.147.34	1.12.224.77