211.72.1.19 - IPInfo

基本信息:

城市(city): Taipei

省份(region): Taipei City

国家(country): Taiwan, China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): Data Communication Business Group

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	445/tcp 445/tcp 445/tcp... [2019-04-22/06-22]7pkt,1pt.(tcp)	2019-06-22 23:12:17

相同子网IP讨论:

IP	类型	评论内容	时间
211.72.117.101	attackbots	Aug 8 08:19:06 mout sshd[32751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.72.117.101 user=root Aug 8 08:19:07 mout sshd[32751]: Failed password for root from 211.72.117.101 port 58602 ssh2	2020-08-08 17:29:05
211.72.117.101	attackspam	Aug 6 01:24:33 Tower sshd[39798]: Connection from 211.72.117.101 port 43660 on 192.168.10.220 port 22 rdomain "" Aug 6 01:24:34 Tower sshd[39798]: Failed password for root from 211.72.117.101 port 43660 ssh2 Aug 6 01:24:34 Tower sshd[39798]: Received disconnect from 211.72.117.101 port 43660:11: Bye Bye [preauth] Aug 6 01:24:34 Tower sshd[39798]: Disconnected from authenticating user root 211.72.117.101 port 43660 [preauth]	2020-08-06 13:33:37
211.72.109.243	attackbots	Port probing on unauthorized port 81	2020-08-01 15:01:21
211.72.117.101	attackbotsspam	Jul 23 10:39:59 ns382633 sshd\[1497\]: Invalid user andelaria from 211.72.117.101 port 41600 Jul 23 10:39:59 ns382633 sshd\[1497\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.72.117.101 Jul 23 10:40:01 ns382633 sshd\[1497\]: Failed password for invalid user andelaria from 211.72.117.101 port 41600 ssh2 Jul 23 10:43:07 ns382633 sshd\[2229\]: Invalid user user1 from 211.72.117.101 port 44716 Jul 23 10:43:07 ns382633 sshd\[2229\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.72.117.101	2020-07-23 17:22:10
211.72.117.101	attackspambots	2020-07-19T07:12:53.837630hostname sshd[25101]: Failed password for invalid user infra from 211.72.117.101 port 53964 ssh2 ...	2020-07-21 03:25:36
211.72.117.101	attackspambots	Jul 11 18:29:52 nextcloud sshd\[27743\]: Invalid user sic from 211.72.117.101 Jul 11 18:29:52 nextcloud sshd\[27743\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.72.117.101 Jul 11 18:29:54 nextcloud sshd\[27743\]: Failed password for invalid user sic from 211.72.117.101 port 48862 ssh2	2020-07-12 01:00:54
211.72.117.101	attackspambots	Jun 9 22:17:56 abendstille sshd\[23996\]: Invalid user contracts from 211.72.117.101 Jun 9 22:17:56 abendstille sshd\[23996\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.72.117.101 Jun 9 22:17:58 abendstille sshd\[23996\]: Failed password for invalid user contracts from 211.72.117.101 port 39376 ssh2 Jun 9 22:20:22 abendstille sshd\[26543\]: Invalid user pi from 211.72.117.101 Jun 9 22:20:22 abendstille sshd\[26543\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.72.117.101 ...	2020-06-10 04:58:50
211.72.117.101	attack	Fail2Ban Ban Triggered (2)	2020-05-27 21:50:47
211.72.113.127	attackbots	port 23	2020-05-27 19:19:01
211.72.117.101	attackbots	May 20 09:48:02 vmd26974 sshd[26415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.72.117.101 May 20 09:48:03 vmd26974 sshd[26415]: Failed password for invalid user qar from 211.72.117.101 port 33448 ssh2 ...	2020-05-20 18:00:24
211.72.15.95	attack	Unauthorized connection attempt from IP address 211.72.15.95 on Port 445(SMB)	2020-05-14 03:53:43
211.72.117.101	attackbotsspam	Found by fail2ban	2020-04-28 13:23:35
211.72.117.101	attackbots	Apr 20 19:53:32 raspberrypi sshd\[15617\]: Invalid user test1 from 211.72.117.101Apr 20 19:53:34 raspberrypi sshd\[15617\]: Failed password for invalid user test1 from 211.72.117.101 port 54482 ssh2Apr 20 19:57:43 raspberrypi sshd\[18452\]: Invalid user git from 211.72.117.101 ...	2020-04-21 04:14:29
211.72.117.101	attack	Mar 29 15:38:10 host01 sshd[15141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.72.117.101 Mar 29 15:38:12 host01 sshd[15141]: Failed password for invalid user kzo from 211.72.117.101 port 38270 ssh2 Mar 29 15:42:20 host01 sshd[15886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.72.117.101 ...	2020-03-29 23:12:20
211.72.117.101	attack	2020-03-29T05:43:43.606592shield sshd\[32098\]: Invalid user qu from 211.72.117.101 port 58024 2020-03-29T05:43:43.610780shield sshd\[32098\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211-72-117-101.hinet-ip.hinet.net 2020-03-29T05:43:46.378201shield sshd\[32098\]: Failed password for invalid user qu from 211.72.117.101 port 58024 ssh2 2020-03-29T05:52:37.485298shield sshd\[2153\]: Invalid user kw from 211.72.117.101 port 55758 2020-03-29T05:52:37.494416shield sshd\[2153\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211-72-117-101.hinet-ip.hinet.net	2020-03-29 14:05:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.72.1.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32901
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;211.72.1.19.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062201 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 22 23:12:06 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

19.1.72.211.in-addr.arpa domain name pointer 211-72-1-19.HINET-IP.hinet.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
19.1.72.211.in-addr.arpa	name = 211-72-1-19.HINET-IP.hinet.net.

Authoritative answers can be found from:

IP	类型	评论内容	时间
175.6.68.118	attack	HTTP/80/443 Probe, BF, WP, Hack -	2019-12-26 03:16:10
74.82.47.54	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-26 03:31:23
49.49.246.122	attackspambots	Dec 25 14:50:25 IngegnereFirenze sshd[31488]: Failed password for invalid user admin from 49.49.246.122 port 54849 ssh2 ...	2019-12-26 03:38:41
156.195.231.167	attack	HTTP/80/443 Probe, BF, WP, Hack -	2019-12-26 03:50:07
87.251.166.70	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-26 03:23:34
40.113.89.174	attackspam	Dec 25 15:51:00 debian-2gb-nbg1-2 kernel: \[938194.763526\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=40.113.89.174 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=53409 PROTO=TCP SPT=41793 DPT=5900 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-26 03:17:51
118.89.35.251	attackbots	Dec 25 14:28:44 plusreed sshd[23364]: Invalid user gras from 118.89.35.251 ...	2019-12-26 03:33:58
156.215.117.166	attack	HTTP/80/443 Probe, BF, WP, Hack -	2019-12-26 03:32:21
103.100.209.174	attack	SSH/22 MH Probe, BF, Hack -	2019-12-26 03:27:11
129.211.22.160	attackspam	Dec 25 18:03:34 dev0-dcde-rnet sshd[28430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.22.160 Dec 25 18:03:36 dev0-dcde-rnet sshd[28430]: Failed password for invalid user rinker from 129.211.22.160 port 51200 ssh2 Dec 25 18:12:08 dev0-dcde-rnet sshd[28503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.22.160	2019-12-26 03:22:32
157.230.41.141	attack	HTTP/80/443 Probe, BF, WP, Hack -	2019-12-26 03:29:29
216.189.156.101	attack	SSH/22 MH Probe, BF, Hack -	2019-12-26 03:24:24
40.83.170.197	attackspam	Dec 25 15:50:47 localhost sshd\[9679\]: Invalid user cccccccccc from 40.83.170.197 port 58972 Dec 25 15:50:47 localhost sshd\[9679\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.83.170.197 Dec 25 15:50:49 localhost sshd\[9679\]: Failed password for invalid user cccccccccc from 40.83.170.197 port 58972 ssh2	2019-12-26 03:24:37
156.209.62.87	attack	HTTP/80/443 Probe, BF, WP, Hack -	2019-12-26 03:37:03
185.234.216.206	attack	(smtpauth) Failed SMTP AUTH login from 185.234.216.206 (IE/Ireland/-): 5 in the last 3600 secs	2019-12-26 03:46:23

最近上报的IP列表

68.111.135.255	209.153.247.88	110.76.234.74	170.2.167.188
210.35.35.200	81.12.72.88	179.67.97.72	88.79.64.37
177.66.73.172	204.13.203.99	221.61.191.79	74.89.178.232
83.158.79.5	200.46.138.6	41.32.106.186	169.238.36.104
91.132.138.78	92.46.241.99	218.175.16.113	212.174.144.29