113.142.72.220

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Shaanxi Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	...	2020-05-04 07:21:49

Comments on same subnet:

IP	Type	Details	Datetime
113.142.72.2	attack	20/10/9@16:48:25: FAIL: Alarm-Network address from=113.142.72.2 20/10/9@16:48:25: FAIL: Alarm-Network address from=113.142.72.2 ...	2020-10-10 23:04:46
113.142.72.2	attack	20/10/9@16:48:25: FAIL: Alarm-Network address from=113.142.72.2 20/10/9@16:48:25: FAIL: Alarm-Network address from=113.142.72.2 ...	2020-10-10 14:55:33
113.142.72.2	attack	Icarus honeypot on github	2020-08-25 02:04:54
113.142.72.107	attackbotsspam	Unauthorized connection attempt detected from IP address 113.142.72.107 to port 23	2020-06-16 00:07:03
113.142.72.107	attackbots	TCP (SYN) 113.142.72.107:21213 -> port 23, len 44	2020-06-14 05:02:57
113.142.72.107	attackspambots	Lines containing failures of 113.142.72.107 Jun 3 21:48:13 shared04 sshd[29515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.142.72.107 user=r.r Jun 3 21:48:15 shared04 sshd[29515]: Failed password for r.r from 113.142.72.107 port 60339 ssh2 Jun 3 21:48:15 shared04 sshd[29515]: Received disconnect from 113.142.72.107 port 60339:11: Bye Bye [preauth] Jun 3 21:48:15 shared04 sshd[29515]: Disconnected from authenticating user r.r 113.142.72.107 port 60339 [preauth] Jun 3 22:03:49 shared04 sshd[2691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.142.72.107 user=r.r Jun 3 22:03:51 shared04 sshd[2691]: Failed password for r.r from 113.142.72.107 port 34165 ssh2 Jun 3 22:03:51 shared04 sshd[2691]: Received disconnect from 113.142.72.107 port 34165:11: Bye Bye [preauth] Jun 3 22:03:51 shared04 sshd[2691]: Disconnected from authenticating user r.r 113.142.72.107 port 34165 [pr........ ------------------------------	2020-06-07 08:02:31
113.142.72.109	attackspambots	Jun 6 22:44:15 buvik sshd[30122]: Failed password for root from 113.142.72.109 port 50850 ssh2 Jun 6 22:45:48 buvik sshd[30357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.142.72.109 user=root Jun 6 22:45:50 buvik sshd[30357]: Failed password for root from 113.142.72.109 port 58459 ssh2 ...	2020-06-07 05:00:15
113.142.72.210	attackbotsspam	Unauthorized connection attempt from IP address 113.142.72.210 on Port 445(SMB)	2020-02-24 19:18:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.142.72.220
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17250
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.142.72.220.			IN	A

;; AUTHORITY SECTION:
.			589	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050301 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 04 07:21:45 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 220.72.142.113.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 220.72.142.113.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
88.214.26.102	attackbotsspam	02/05/2020-08:48:48.963486 88.214.26.102 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-05 23:21:26
45.55.222.162	attackbotsspam	2020-02-05T13:45:09.548633abusebot-2.cloudsearch.cf sshd[13271]: Invalid user sasaridis from 45.55.222.162 port 45974 2020-02-05T13:45:09.554763abusebot-2.cloudsearch.cf sshd[13271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.222.162 2020-02-05T13:45:09.548633abusebot-2.cloudsearch.cf sshd[13271]: Invalid user sasaridis from 45.55.222.162 port 45974 2020-02-05T13:45:11.451547abusebot-2.cloudsearch.cf sshd[13271]: Failed password for invalid user sasaridis from 45.55.222.162 port 45974 ssh2 2020-02-05T13:46:59.266784abusebot-2.cloudsearch.cf sshd[13540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.222.162 user=root 2020-02-05T13:47:01.264844abusebot-2.cloudsearch.cf sshd[13540]: Failed password for root from 45.55.222.162 port 36102 ssh2 2020-02-05T13:48:49.117253abusebot-2.cloudsearch.cf sshd[13632]: Invalid user sarkis from 45.55.222.162 port 54458 ...	2020-02-05 23:21:52
222.186.42.155	attackbotsspam	2020-2-5 4:09:21 PM: failed ssh attempt	2020-02-05 23:10:54
191.242.190.40	attackspam	20/2/5@08:49:33: FAIL: Alarm-Network address from=191.242.190.40 20/2/5@08:49:33: FAIL: Alarm-Network address from=191.242.190.40 ...	2020-02-05 22:38:26
185.220.101.60	attackspambots	02/05/2020-14:49:32.088480 185.220.101.60 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 33	2020-02-05 22:40:39
161.117.178.197	attackspam	Feb 5 13:41:15 yesfletchmain sshd\[19911\]: Invalid user todd from 161.117.178.197 port 44594 Feb 5 13:41:15 yesfletchmain sshd\[19911\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.117.178.197 Feb 5 13:41:17 yesfletchmain sshd\[19911\]: Failed password for invalid user todd from 161.117.178.197 port 44594 ssh2 Feb 5 13:48:56 yesfletchmain sshd\[19992\]: Invalid user sentry from 161.117.178.197 port 40650 Feb 5 13:48:56 yesfletchmain sshd\[19992\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.117.178.197 ...	2020-02-05 23:09:19
91.77.165.18	attackbots	Feb 5 11:49:56 firewall sshd[21820]: Invalid user 123 from 91.77.165.18 Feb 5 11:49:58 firewall sshd[21820]: Failed password for invalid user 123 from 91.77.165.18 port 39552 ssh2 Feb 5 11:53:19 firewall sshd[21945]: Invalid user yana from 91.77.165.18 ...	2020-02-05 23:18:39
190.64.64.74	attackspam	Feb 5 05:46:04 mockhub sshd[28775]: Failed password for root from 190.64.64.74 port 17026 ssh2 ...	2020-02-05 23:00:31
77.42.82.154	attackspambots	1580910553 - 02/05/2020 14:49:13 Host: 77.42.82.154/77.42.82.154 Port: 8080 TCP Blocked	2020-02-05 22:51:35
157.230.235.233	attackspam	2020-02-05T16:03:13.357031scmdmz1 sshd[22619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.235.233 user=root 2020-02-05T16:03:15.620167scmdmz1 sshd[22619]: Failed password for root from 157.230.235.233 port 60984 ssh2 2020-02-05T16:05:13.557173scmdmz1 sshd[22794]: Invalid user pubsub from 157.230.235.233 port 49774 2020-02-05T16:05:13.560148scmdmz1 sshd[22794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.235.233 2020-02-05T16:05:13.557173scmdmz1 sshd[22794]: Invalid user pubsub from 157.230.235.233 port 49774 2020-02-05T16:05:15.296491scmdmz1 sshd[22794]: Failed password for invalid user pubsub from 157.230.235.233 port 49774 ssh2 ...	2020-02-05 23:11:14
162.243.129.9	attack	firewall-block, port(s): 8080/tcp	2020-02-05 22:55:44
45.117.171.124	attackbots	WordPress XMLRPC scan :: 45.117.171.124 0.164 BYPASS [05/Feb/2020:13:48:42 0000] [censored_4] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-02-05 23:28:58
89.248.168.62	attackbots	Feb 5 15:01:42 h2177944 kernel: \[4109395.681878\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.62 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=59436 PROTO=TCP SPT=58143 DPT=4444 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 5 15:01:42 h2177944 kernel: \[4109395.681891\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.62 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=59436 PROTO=TCP SPT=58143 DPT=4444 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 5 15:10:50 h2177944 kernel: \[4109944.107812\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.62 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=46137 PROTO=TCP SPT=58143 DPT=24000 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 5 15:45:13 h2177944 kernel: \[4112006.311717\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.62 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=18465 PROTO=TCP SPT=58143 DPT=29000 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 5 15:45:13 h2177944 kernel: \[4112006.311732\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.62 DST=85.214.117	2020-02-05 22:48:37
112.90.197.66	attackbots	6379/tcp 6381/tcp 6380/tcp... [2020-01-27/02-05]84pkt,4pt.(tcp)	2020-02-05 22:59:02
110.35.79.23	attack	Feb 5 16:05:27 legacy sshd[28787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.35.79.23 Feb 5 16:05:29 legacy sshd[28787]: Failed password for invalid user mongodb from 110.35.79.23 port 57540 ssh2 Feb 5 16:09:17 legacy sshd[29122]: Failed password for root from 110.35.79.23 port 44001 ssh2 ...	2020-02-05 23:24:44

Recently Reported IPs

87.211.52.81	39.120.14.217	185.6.106.87	58.232.132.60
157.40.108.122	212.96.58.4	178.55.46.52	122.189.149.30
139.59.92.190	1.152.75.128	112.19.94.19	236.205.12.212
67.126.155.234	228.123.202.172	28.121.235.115	54.171.176.243
44.17.146.200	56.66.115.8	241.135.117.8	49.234.30.19