113.142.72.3 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
113.142.72.2	attack	20/10/9@16:48:25: FAIL: Alarm-Network address from=113.142.72.2 20/10/9@16:48:25: FAIL: Alarm-Network address from=113.142.72.2 ...	2020-10-10 23:04:46
113.142.72.2	attack	20/10/9@16:48:25: FAIL: Alarm-Network address from=113.142.72.2 20/10/9@16:48:25: FAIL: Alarm-Network address from=113.142.72.2 ...	2020-10-10 14:55:33
113.142.72.2	attack	Icarus honeypot on github	2020-08-25 02:04:54
113.142.72.107	attackbotsspam	Unauthorized connection attempt detected from IP address 113.142.72.107 to port 23	2020-06-16 00:07:03
113.142.72.107	attackbots	TCP (SYN) 113.142.72.107:21213 -> port 23, len 44	2020-06-14 05:02:57
113.142.72.107	attackspambots	Lines containing failures of 113.142.72.107 Jun 3 21:48:13 shared04 sshd[29515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.142.72.107 user=r.r Jun 3 21:48:15 shared04 sshd[29515]: Failed password for r.r from 113.142.72.107 port 60339 ssh2 Jun 3 21:48:15 shared04 sshd[29515]: Received disconnect from 113.142.72.107 port 60339:11: Bye Bye [preauth] Jun 3 21:48:15 shared04 sshd[29515]: Disconnected from authenticating user r.r 113.142.72.107 port 60339 [preauth] Jun 3 22:03:49 shared04 sshd[2691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.142.72.107 user=r.r Jun 3 22:03:51 shared04 sshd[2691]: Failed password for r.r from 113.142.72.107 port 34165 ssh2 Jun 3 22:03:51 shared04 sshd[2691]: Received disconnect from 113.142.72.107 port 34165:11: Bye Bye [preauth] Jun 3 22:03:51 shared04 sshd[2691]: Disconnected from authenticating user r.r 113.142.72.107 port 34165 [pr........ ------------------------------	2020-06-07 08:02:31
113.142.72.109	attackspambots	Jun 6 22:44:15 buvik sshd[30122]: Failed password for root from 113.142.72.109 port 50850 ssh2 Jun 6 22:45:48 buvik sshd[30357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.142.72.109 user=root Jun 6 22:45:50 buvik sshd[30357]: Failed password for root from 113.142.72.109 port 58459 ssh2 ...	2020-06-07 05:00:15
113.142.72.220	attack	...	2020-05-04 07:21:49
113.142.72.210	attackbotsspam	Unauthorized connection attempt from IP address 113.142.72.210 on Port 445(SMB)	2020-02-24 19:18:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.142.72.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38751
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;113.142.72.3.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021801 1800 900 604800 86400

;; Query time: 84 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 19 03:34:00 CST 2022
;; MSG SIZE  rcvd: 105

Host info

b';; connection timed out; no servers could be reached
'

Nslookup info:

server can't find 113.142.72.3.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
186.188.109.135	attackspambots	MIRAI HOST Tue Feb 4 06:52:02 2020 - Child process 38631 handling connection Tue Feb 4 06:52:02 2020 - New connection from: 186.188.109.135:50913 Tue Feb 4 06:52:02 2020 - Sending data to client: [Login: ] Tue Feb 4 06:52:02 2020 - Got data: root Tue Feb 4 06:52:03 2020 - Sending data to client: [Password: ] Tue Feb 4 06:52:04 2020 - Got data: 1234qwer Tue Feb 4 06:52:06 2020 - Child 38631 exiting Tue Feb 4 06:52:06 2020 - Child 38632 granting shell Tue Feb 4 06:52:06 2020 - Sending data to client: [Logged in] Tue Feb 4 06:52:06 2020 - Sending data to client: [Welcome to MX990 Embedded Linux] Tue Feb 4 06:52:06 2020 - Sending data to client: [[root@dvrdvs /]# ] Tue Feb 4 06:52:06 2020 - Got data: enable system shell sh Tue Feb 4 06:52:06 2020 - Sending data to client: [Command not found] Tue Feb 4 06:52:06 2020 - Sending data to client: [[root@dvrdvs /]# ] Tue Feb 4 06:52:06 2020 - Got data: cat /proc/mounts; /bin/busybox RBENQ Tue Feb 4 06:52:06 2020 - Sending data to clie	2020-02-04 23:13:23
14.171.191.235	attackspambots	2019-04-21 07:36:20 1hI59F-00027Z-DU SMTP connection from \(static.vnpt.vn\) \[14.171.191.235\]:33553 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-21 07:37:54 1hI5Al-00029M-AI SMTP connection from \(static.vnpt.vn\) \[14.171.191.235\]:33938 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-21 07:38:27 1hI5BH-0002A3-IG SMTP connection from \(static.vnpt.vn\) \[14.171.191.235\]:34051 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-04 22:56:17
2.94.195.58	attack	1580824334 - 02/04/2020 14:52:14 Host: 2.94.195.58/2.94.195.58 Port: 445 TCP Blocked	2020-02-04 23:15:16
23.97.180.45	attackspambots	SSH Brute-Forcing (server2)	2020-02-04 23:12:15
222.186.30.209	attack	IP blocked	2020-02-04 22:43:45
14.168.100.114	attack	2020-01-26 05:15:15 1ivZKM-0005jL-GR SMTP connection from \(static.vnpt.vn\) \[14.168.100.114\]:31468 I=\[193.107.88.166\]:25 closed by DROP in ACL 2020-01-26 05:15:31 1ivZKc-0005jx-Pq SMTP connection from \(static.vnpt.vn\) \[14.168.100.114\]:31605 I=\[193.107.88.166\]:25 closed by DROP in ACL 2020-01-26 05:15:43 1ivZKo-0005kB-Pr SMTP connection from \(static.vnpt.vn\) \[14.168.100.114\]:31711 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-04 23:00:10
14.167.181.23	attackspambots	2019-02-05 21:05:12 H=\(static.vnpt.vn\) \[14.167.181.23\]:16052 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-02-05 21:05:22 H=\(static.vnpt.vn\) \[14.167.181.23\]:16166 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-02-05 21:05:28 H=\(static.vnpt.vn\) \[14.167.181.23\]:16229 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2020-02-04 23:01:44
14.172.201.162	attackbotsspam	2019-02-27 22:00:17 H=\(static.vnpt.vn\) \[14.172.201.162\]:10769 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-02-27 22:00:42 H=\(static.vnpt.vn\) \[14.172.201.162\]:10932 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-02-27 22:00:59 H=\(static.vnpt.vn\) \[14.172.201.162\]:11036 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2020-02-04 22:51:17
189.89.94.242	attackbots	Feb 4 14:48:26 legacy sshd[12354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.89.94.242 Feb 4 14:48:28 legacy sshd[12354]: Failed password for invalid user sftp from 189.89.94.242 port 46862 ssh2 Feb 4 14:52:37 legacy sshd[12715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.89.94.242 ...	2020-02-04 22:44:19
14.172.66.24	attackbotsspam	2020-01-25 23:28:30 1ivTum-0002Go-4C SMTP connection from \(static.vnpt.vn\) \[14.172.66.24\]:35600 I=\[193.107.88.166\]:25 closed by DROP in ACL 2020-01-25 23:28:59 1ivTvE-0002HP-IA SMTP connection from \(static.vnpt.vn\) \[14.172.66.24\]:35789 I=\[193.107.88.166\]:25 closed by DROP in ACL 2020-01-25 23:29:19 1ivTvY-0002I8-3a SMTP connection from \(static.vnpt.vn\) \[14.172.66.24\]:35910 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-04 22:49:02
52.191.189.131	attackbots	Feb 4 14:54:12 web8 sshd\[13684\]: Invalid user timothy from 52.191.189.131 Feb 4 14:54:12 web8 sshd\[13684\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.191.189.131 Feb 4 14:54:13 web8 sshd\[13684\]: Failed password for invalid user timothy from 52.191.189.131 port 35610 ssh2 Feb 4 14:58:25 web8 sshd\[15729\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.191.189.131 user=root Feb 4 14:58:27 web8 sshd\[15729\]: Failed password for root from 52.191.189.131 port 58786 ssh2	2020-02-04 23:09:45
206.189.230.98	attack	206.189.230.98 - - \[04/Feb/2020:15:07:10 +0100\] "POST /wp-login.php HTTP/1.0" 200 4404 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 206.189.230.98 - - \[04/Feb/2020:15:07:11 +0100\] "POST /wp-login.php HTTP/1.0" 200 4236 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 206.189.230.98 - - \[04/Feb/2020:15:07:14 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-02-04 23:04:03
81.22.45.182	attackspam	Feb 4 15:52:28 mail kernel: [237408.614381] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=81.22.45.182 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=57208 PROTO=TCP SPT=50336 DPT=10897 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-04 22:58:24
14.163.55.82	attackspambots	2019-07-09 09:47:23 1hkkqQ-0002YJ-Cc SMTP connection from \(static.vnpt.vn\) \[14.163.55.82\]:31141 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-09 09:47:53 1hkkqu-0002Yk-Kw SMTP connection from \(static.vnpt.vn\) \[14.163.55.82\]:31284 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-09 09:48:19 1hkkrK-0002Z9-9t SMTP connection from \(static.vnpt.vn\) \[14.163.55.82\]:31389 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-04 23:09:21
104.199.33.113	attack	F2B blocked SSH bruteforcing	2020-02-04 22:48:35

Recently Reported IPs

113.191.252.188	113.195.22.52	113.195.26.10	113.195.33.47
113.20.119.13	113.20.119.166	113.20.119.3	113.20.31.59
113.53.60.131	113.53.91.10	113.53.3.239	113.20.29.125
113.70.78.66	114.181.26.211	114.241.246.58	114.130.119.167
114.130.119.166	114.4.109.105	114.5.202.2	114.6.22.121