172.68.11.107 - IPInfo

基本信息:

城市(city): unknown

省份(region): Western Australia

国家(country): Australia

运营商(isp): CloudFlare Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Content Delivery Network

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	SQL injection:/newsites/free/pierre/search/search-1-prj.php?idPrj=-6940%27%29%20OR%204972%3DCAST%28%28CHR%28113%29%7C%7CCHR%28107%29%7C%7CCHR%28113%29%7C%7CCHR%28120%29%7C%7CCHR%28113%29%29%7C%7C%28SELECT%20%28CASE%20WHEN%20%284972%3D4972%29%20THEN%201%20ELSE%200%20END%29%29%3A%3Atext%7C%7C%28CHR%28113%29%7C%7CCHR%28120%29%7C%7CCHR%28112%29%7C%7CCHR%28120%29%7C%7CCHR%28113%29%29%20AS%20NUMERIC%29%20AND%20%28%27ysxZ%27%3D%27ysxZ	2020-06-07 08:07:09

类型

评论内容

时间

attackbots

SQL injection:/newsites/free/pierre/search/search-1-prj.php?idPrj=-6940%27%29%20OR%204972%3DCAST%28%28CHR%28113%29%7C%7CCHR%28107%29%7C%7CCHR%28113%29%7C%7CCHR%28120%29%7C%7CCHR%28113%29%29%7C%7C%28SELECT%20%28CASE%20WHEN%20%284972%3D4972%29%20THEN%201%20ELSE%200%20END%29%29%3A%3Atext%7C%7C%28CHR%28113%29%7C%7CCHR%28120%29%7C%7CCHR%28112%29%7C%7CCHR%28120%29%7C%7CCHR%28113%29%29%20AS%20NUMERIC%29%20AND%20%28%27ysxZ%27%3D%27ysxZ

2020-06-07 08:07:09

相同子网IP讨论:

IP	类型	评论内容	时间
172.68.11.206	attackspam	Wordpress XMLRPC attack	2020-04-13 14:57:15

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 172.68.11.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22831
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;172.68.11.107.			IN	A

;; AUTHORITY SECTION:
.			189	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060601 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 07 08:07:02 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 107.11.68.172.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.11.68.172.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
178.128.55.52	attack	Oct 5 18:13:08 XXX sshd[22476]: Invalid user ofsaa from 178.128.55.52 port 59146	2019-10-06 01:02:06
49.48.249.184	attack	Unauthorized connection attempt from IP address 49.48.249.184 on Port 445(SMB)	2019-10-06 01:11:50
52.233.166.76	attackbotsspam	Oct 5 06:10:06 kapalua sshd\[23820\]: Failed password for invalid user P4ssw0rd12 from 52.233.166.76 port 43012 ssh2 Oct 5 06:14:57 kapalua sshd\[24407\]: Invalid user Santos_123 from 52.233.166.76 Oct 5 06:14:57 kapalua sshd\[24407\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.233.166.76 Oct 5 06:14:59 kapalua sshd\[24407\]: Failed password for invalid user Santos_123 from 52.233.166.76 port 56552 ssh2 Oct 5 06:19:50 kapalua sshd\[24874\]: Invalid user Joker123 from 52.233.166.76	2019-10-06 00:54:04
51.38.232.52	attack	Oct 5 16:12:51 ip-172-31-62-245 sshd\[1883\]: Invalid user Traduire123 from 51.38.232.52\ Oct 5 16:12:54 ip-172-31-62-245 sshd\[1883\]: Failed password for invalid user Traduire123 from 51.38.232.52 port 45548 ssh2\ Oct 5 16:16:59 ip-172-31-62-245 sshd\[1907\]: Invalid user Qwerty!23 from 51.38.232.52\ Oct 5 16:17:01 ip-172-31-62-245 sshd\[1907\]: Failed password for invalid user Qwerty!23 from 51.38.232.52 port 37349 ssh2\ Oct 5 16:21:16 ip-172-31-62-245 sshd\[1929\]: Invalid user p4\$\$word2019 from 51.38.232.52\	2019-10-06 00:47:28
219.157.30.243	attack	(Oct 5) LEN=40 TTL=49 ID=63516 TCP DPT=8080 WINDOW=17460 SYN (Oct 5) LEN=40 TTL=49 ID=112 TCP DPT=8080 WINDOW=63368 SYN (Oct 5) LEN=40 TTL=49 ID=48728 TCP DPT=8080 WINDOW=63368 SYN (Oct 4) LEN=40 TTL=49 ID=17944 TCP DPT=8080 WINDOW=40066 SYN (Oct 4) LEN=40 TTL=49 ID=3694 TCP DPT=8080 WINDOW=40066 SYN (Oct 4) LEN=40 TTL=49 ID=9074 TCP DPT=8080 WINDOW=29452 SYN (Oct 3) LEN=40 TTL=49 ID=17537 TCP DPT=8080 WINDOW=29452 SYN (Oct 3) LEN=40 TTL=49 ID=17115 TCP DPT=8080 WINDOW=63368 SYN (Oct 2) LEN=40 TTL=49 ID=25494 TCP DPT=8080 WINDOW=29452 SYN (Oct 2) LEN=40 TTL=49 ID=43846 TCP DPT=8080 WINDOW=7322 SYN (Oct 2) LEN=40 TTL=49 ID=13430 TCP DPT=8080 WINDOW=7322 SYN (Oct 1) LEN=40 TTL=49 ID=820 TCP DPT=8080 WINDOW=38927 SYN	2019-10-06 00:55:00
145.239.82.192	attackspam	Oct 5 18:41:46 SilenceServices sshd[22500]: Failed password for root from 145.239.82.192 port 51744 ssh2 Oct 5 18:45:47 SilenceServices sshd[23573]: Failed password for root from 145.239.82.192 port 35220 ssh2	2019-10-06 01:05:38
92.242.44.146	attackbots	2019-10-05T14:11:35.338971tmaserv sshd\[32028\]: Failed password for root from 92.242.44.146 port 54620 ssh2 2019-10-05T14:24:03.648942tmaserv sshd\[332\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.242.44.146 user=root 2019-10-05T14:24:05.173971tmaserv sshd\[332\]: Failed password for root from 92.242.44.146 port 60856 ssh2 2019-10-05T14:28:17.607499tmaserv sshd\[554\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.242.44.146 user=root 2019-10-05T14:28:19.342988tmaserv sshd\[554\]: Failed password for root from 92.242.44.146 port 44114 ssh2 2019-10-05T14:32:34.118594tmaserv sshd\[802\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.242.44.146 user=root ...	2019-10-06 00:57:58
144.217.93.130	attackspam	$f2bV_matches	2019-10-06 00:46:12
188.254.0.160	attack	Oct 5 15:38:30 MK-Soft-VM5 sshd[9867]: Failed password for root from 188.254.0.160 port 42178 ssh2 ...	2019-10-06 00:52:52
23.94.16.72	attackspambots	Triggered by Fail2Ban at Vostok web server	2019-10-06 00:46:43
194.58.188.195	attackbots	Unauthorized connection attempt from IP address 194.58.188.195 on Port 445(SMB)	2019-10-06 01:22:49
51.83.72.108	attackspam	Triggered by Fail2Ban at Vostok web server	2019-10-06 01:03:35
182.75.33.118	attackbots	Unauthorized connection attempt from IP address 182.75.33.118 on Port 445(SMB)	2019-10-06 01:19:17
117.102.176.226	attackspambots	Oct 5 06:58:36 wbs sshd\[13650\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.102.176.226.static.zoot.jp user=root Oct 5 06:58:37 wbs sshd\[13650\]: Failed password for root from 117.102.176.226 port 56082 ssh2 Oct 5 07:03:15 wbs sshd\[14049\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.102.176.226.static.zoot.jp user=root Oct 5 07:03:17 wbs sshd\[14049\]: Failed password for root from 117.102.176.226 port 57772 ssh2 Oct 5 07:07:51 wbs sshd\[14457\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.102.176.226.static.zoot.jp user=root	2019-10-06 01:16:54
2001:8d8:976:91d6:4de9:c9eb:e70:1	attackbots	WordPress wp-login brute force :: 2001:8d8:976:91d6:4de9:c9eb:e70:1 0.092 BYPASS [05/Oct/2019:21:32:53 1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-06 01:10:47

最近上报的IP列表

132.23.220.100	216.11.193.20	151.45.126.78	84.94.149.58
72.205.26.48	34.235.222.87	78.173.59.184	106.34.15.7
174.7.233.125	217.225.132.105	178.128.233.69	3.250.50.56
109.223.226.43	204.136.125.57	222.225.81.59	220.220.224.106
124.25.129.83	65.130.211.63	32.23.240.52	172.68.10.14