142.93.101.158

基本信息:

城市(city): Frankfurt am Main

省份(region): Hesse

国家(country): Germany

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-08-19 20:03:11
attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-26 16:22:37
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-17 03:40:14

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.101.2	attackspambots	Banned for a week because repeated abuses, for example SSH, but not only	2020-10-08 01:01:05
142.93.101.2	attack	Oct 7 11:36:29 root sshd[417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.101.2 user=root Oct 7 11:36:32 root sshd[417]: Failed password for root from 142.93.101.2 port 49244 ssh2 ...	2020-10-07 17:09:59
142.93.101.46	attack	TCP port : 11535	2020-09-21 20:15:34
142.93.101.46	attack	$f2bV_matches	2020-09-21 12:07:29
142.93.101.46	attack	Port scan denied	2020-09-21 03:58:10
142.93.101.46	attack	Sep 19 15:43:29 nextcloud sshd\[13636\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.101.46 user=root Sep 19 15:43:31 nextcloud sshd\[13636\]: Failed password for root from 142.93.101.46 port 40324 ssh2 Sep 19 15:59:11 nextcloud sshd\[30368\]: Invalid user user123 from 142.93.101.46 Sep 19 15:59:11 nextcloud sshd\[30368\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.101.46	2020-09-19 22:00:31
142.93.101.46	attackspam	11777/tcp 30023/tcp 23124/tcp... [2020-08-30/09-18]65pkt,22pt.(tcp)	2020-09-19 13:53:09
142.93.101.46	attackbotsspam	fail2ban detected bruce force on ssh iptables	2020-09-19 05:32:24
142.93.101.46	attack	Invalid user weblogic from 142.93.101.46 port 35024	2020-09-17 06:30:38
142.93.101.46	attackbotsspam	2020-09-14T14:37:49+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-09-15 00:50:55
142.93.101.46	attack	Sep 14 09:46:15 v22019038103785759 sshd\[8351\]: Invalid user vodafone from 142.93.101.46 port 51558 Sep 14 09:46:15 v22019038103785759 sshd\[8351\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.101.46 Sep 14 09:46:17 v22019038103785759 sshd\[8351\]: Failed password for invalid user vodafone from 142.93.101.46 port 51558 ssh2 Sep 14 09:55:29 v22019038103785759 sshd\[9157\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.101.46 user=root Sep 14 09:55:31 v22019038103785759 sshd\[9157\]: Failed password for root from 142.93.101.46 port 60406 ssh2 ...	2020-09-14 16:34:32
142.93.101.148	attack	detected by Fail2Ban	2020-09-12 23:39:39
142.93.101.148	attack	(sshd) Failed SSH login from 142.93.101.148 (DE/Germany/-): 5 in the last 3600 secs	2020-09-12 15:43:02
142.93.101.148	attack	Sep 12 00:25:35 sshgateway sshd\[10111\]: Invalid user oneadmin from 142.93.101.148 Sep 12 00:25:35 sshgateway sshd\[10111\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.101.148 Sep 12 00:25:37 sshgateway sshd\[10111\]: Failed password for invalid user oneadmin from 142.93.101.148 port 41276 ssh2	2020-09-12 07:29:58
142.93.101.21	attackspam	Sep 1 11:28:50 webhost01 sshd[2657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.101.21 Sep 1 11:28:51 webhost01 sshd[2657]: Failed password for invalid user amber from 142.93.101.21 port 40062 ssh2 ...	2020-09-01 12:29:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.101.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23081
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.101.158.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 17 03:40:09 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 158.101.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 158.101.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
115.61.7.136	attackbotsspam	TCP port 23 (Telnet) attempt blocked by firewall. [2019-06-25 08:48:46]	2019-06-25 23:20:45
132.232.13.229	attackspambots	Jun 25 09:21:45 [host] sshd[22986]: Invalid user ix from 132.232.13.229 Jun 25 09:21:45 [host] sshd[22986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.13.229 Jun 25 09:21:47 [host] sshd[22986]: Failed password for invalid user ix from 132.232.13.229 port 44812 ssh2	2019-06-25 23:07:43
94.228.182.244	attackspambots	Jun 25 13:54:35 thevastnessof sshd[5772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.228.182.244 ...	2019-06-25 23:31:11
113.141.70.199	attackspambots	Jun 25 02:50:29 TORMINT sshd\[22282\]: Invalid user developer from 113.141.70.199 Jun 25 02:50:29 TORMINT sshd\[22282\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.141.70.199 Jun 25 02:50:31 TORMINT sshd\[22282\]: Failed password for invalid user developer from 113.141.70.199 port 40684 ssh2 ...	2019-06-25 22:53:19
168.228.150.42	attackbots	mail.log:Jun 19 21:08:12 mail postfix/smtpd[21732]: warning: unknown[168.228.150.42]: SASL PLAIN authentication failed: authentication failure	2019-06-25 23:14:51
106.13.9.75	attackbotsspam	Jun 25 13:17:37 core01 sshd\[19215\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.9.75 user=root Jun 25 13:17:40 core01 sshd\[19215\]: Failed password for root from 106.13.9.75 port 35842 ssh2 ...	2019-06-25 23:29:44
107.170.106.13	attackbots	jannisjulius.de 107.170.106.13 \[25/Jun/2019:15:40:37 +0200\] "POST /wp-login.php HTTP/1.1" 200 6117 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" jannisjulius.de 107.170.106.13 \[25/Jun/2019:15:40:38 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4090 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-06-25 22:27:38
200.54.180.100	attackbots	Invalid user cesar from 200.54.180.100 port 10737	2019-06-25 23:04:20
164.132.42.206	attack	Jun 25 03:07:55 plusreed sshd[2150]: Invalid user academie from 164.132.42.206 ...	2019-06-25 22:26:20
207.46.13.24	attackbots	Automatic report - Web App Attack	2019-06-25 23:26:54
54.36.148.114	attackspambots	Automatic report - Web App Attack	2019-06-25 22:24:18
112.33.19.138	attackspam	Brute force attempt	2019-06-25 22:33:32
52.160.126.123	attackbotsspam	Jun 25 15:17:02 MK-Soft-Root2 sshd\[2865\]: Invalid user support from 52.160.126.123 port 38110 Jun 25 15:17:02 MK-Soft-Root2 sshd\[2865\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.160.126.123 Jun 25 15:17:05 MK-Soft-Root2 sshd\[2865\]: Failed password for invalid user support from 52.160.126.123 port 38110 ssh2 ...	2019-06-25 23:32:59
198.50.179.183	attackspambots	Jun 24 21:44:46 lvps87-230-18-107 sshd[29840]: Invalid user amanda from 198.50.179.183 Jun 24 21:44:46 lvps87-230-18-107 sshd[29840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.50.179.183 Jun 24 21:44:48 lvps87-230-18-107 sshd[29840]: Failed password for invalid user amanda from 198.50.179.183 port 59648 ssh2 Jun 24 21:44:48 lvps87-230-18-107 sshd[29840]: Received disconnect from 198.50.179.183: 11: Bye Bye [preauth] Jun 24 21:47:30 lvps87-230-18-107 sshd[29899]: Invalid user modeste from 198.50.179.183 Jun 24 21:47:30 lvps87-230-18-107 sshd[29899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.50.179.183 Jun 24 21:47:31 lvps87-230-18-107 sshd[29899]: Failed password for invalid user modeste from 198.50.179.183 port 36554 ssh2 Jun 24 21:47:31 lvps87-230-18-107 sshd[29899]: Received disconnect from 198.50.179.183: 11: Bye Bye [preauth] Jun 24 21:49:01 lvps87-230-18-107 sshd[2........ -------------------------------	2019-06-25 23:29:02
180.179.227.201	attackbots	Jun 25 13:53:12 lnxmail61 sshd[8051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.179.227.201 Jun 25 13:53:12 lnxmail61 sshd[8051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.179.227.201	2019-06-25 23:11:53

最近上报的IP列表

111.199.29.101	92.53.65.144	91.147.206.59	49.4.51.224
177.3.174.103	98.34.107.37	24.164.229.186	161.52.177.96
107.232.144.225	91.177.116.173	23.16.119.188	191.94.198.92
2001:16b8:2e75:be00:fd62:8307:90fc:8d40	36.81.76.10	110.141.87.55	12.7.150.202
216.145.165.158	182.199.219.20	42.81.197.100	97.35.90.235