13.64.93.10 - IPInfo

基本信息:

城市(city): San Jose

省份(region): California

国家(country): United States

运营商(isp): Microsoft Corporation

主机名(hostname): unknown

机构(organization): Microsoft Corporation

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Mar 12 02:17:26 yesfletchmain sshd\[21548\]: Invalid user couchdb from 13.64.93.10 port 39872 Mar 12 02:17:26 yesfletchmain sshd\[21548\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.64.93.10 Mar 12 02:17:28 yesfletchmain sshd\[21548\]: Failed password for invalid user couchdb from 13.64.93.10 port 39872 ssh2 Mar 12 02:22:31 yesfletchmain sshd\[21657\]: Invalid user victor from 13.64.93.10 port 39872 Mar 12 02:22:31 yesfletchmain sshd\[21657\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.64.93.10 ...	2019-12-23 23:10:50
attackspambots	Brute force SMTP login attempted. ...	2019-08-10 08:37:47

类型

评论内容

时间

attackspam

Mar 12 02:17:26 yesfletchmain sshd\[21548\]: Invalid user couchdb from 13.64.93.10 port 39872
Mar 12 02:17:26 yesfletchmain sshd\[21548\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.64.93.10
Mar 12 02:17:28 yesfletchmain sshd\[21548\]: Failed password for invalid user couchdb from 13.64.93.10 port 39872 ssh2
Mar 12 02:22:31 yesfletchmain sshd\[21657\]: Invalid user victor from 13.64.93.10 port 39872
Mar 12 02:22:31 yesfletchmain sshd\[21657\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.64.93.10
...

2019-12-23 23:10:50

attackspambots

Brute force SMTP login attempted.
...

2019-08-10 08:37:47

相同子网IP讨论:

IP	类型	评论内容	时间
13.64.93.136	attack	Mass mailinglist subscriptions with fake email addresses	2020-05-23 00:39:08

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.64.93.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21231
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;13.64.93.10.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019033001 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Mar 31 07:33:09 +08 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 10.93.64.13.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 10.93.64.13.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
106.12.173.149	attack	$f2bV_matches	2020-06-11 17:42:15
211.140.196.90	attackbots	Jun 11 05:52:00 pornomens sshd\[17543\]: Invalid user admin from 211.140.196.90 port 36007 Jun 11 05:52:00 pornomens sshd\[17543\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.140.196.90 Jun 11 05:52:02 pornomens sshd\[17543\]: Failed password for invalid user admin from 211.140.196.90 port 36007 ssh2 ...	2020-06-11 17:18:46
59.55.36.47	attack	Brute force attempt	2020-06-11 17:27:53
13.76.244.242	attackspambots	Jun 11 06:13:23 ns3042688 postfix/smtpd\[21470\]: warning: unknown\[13.76.244.242\]: SASL LOGIN authentication failed: encryption needed to use mechanism Jun 11 06:14:44 ns3042688 postfix/smtpd\[21470\]: warning: unknown\[13.76.244.242\]: SASL LOGIN authentication failed: encryption needed to use mechanism Jun 11 06:16:06 ns3042688 postfix/smtpd\[22012\]: warning: unknown\[13.76.244.242\]: SASL LOGIN authentication failed: encryption needed to use mechanism Jun 11 06:17:30 ns3042688 postfix/smtpd\[22012\]: warning: unknown\[13.76.244.242\]: SASL LOGIN authentication failed: encryption needed to use mechanism Jun 11 06:18:53 ns3042688 postfix/smtpd\[22012\]: warning: unknown\[13.76.244.242\]: SASL LOGIN authentication failed: encryption needed to use mechanism ...	2020-06-11 17:49:06
74.208.81.55	attackbots	WordPress wp-login brute force :: 74.208.81.55 0.084 BYPASS [11/Jun/2020:08:01:53 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-11 17:24:37
13.82.139.81	attackspam	Brute forcing email accounts	2020-06-11 17:51:35
81.4.109.159	attackbotsspam	(sshd) Failed SSH login from 81.4.109.159 (NL/Netherlands/maestrosecurity.com): 5 in the last 3600 secs	2020-06-11 17:22:05
115.73.217.60	attackbotsspam	Jun 10 21:51:41 Host-KLAX-C postfix/smtps/smtpd[6333]: lost connection after CONNECT from unknown[115.73.217.60] ...	2020-06-11 17:35:51
51.254.53.44	attack	firewall-block, port(s): 23/tcp	2020-06-11 17:28:16
176.241.192.75	attack	Unauthorized connection attempt from IP address 176.241.192.75 on port 993	2020-06-11 17:52:07
114.67.74.139	attackbots	$f2bV_matches	2020-06-11 17:13:55
95.43.212.57	attack	Port probing on unauthorized port 23	2020-06-11 17:15:45
195.54.160.225	attackspambots	Port scan: Attack repeated for 24 hours	2020-06-11 17:32:16
79.137.80.140	attack	Automatic report - XMLRPC Attack	2020-06-11 17:22:31
45.148.10.39	attackbotsspam	Unauthorized connection attempt detected from IP address 45.148.10.39 to port 554 [T]	2020-06-11 17:28:35

最近上报的IP列表

40.121.194.233	51.255.197.18	193.112.46.94	51.38.128.30
193.32.161.55	70.54.86.138	37.126.186.76	115.55.70.235
14.152.92.70	128.199.103.93	149.202.65.173	78.188.112.212
212.129.128.249	58.177.231.178	118.24.63.24	95.167.39.12
177.66.189.146	192.241.201.182	122.226.181.167	183.157.173.47