142.93.15.29 - IPInfo

基本信息:

城市(city): North Bergen

省份(region): New Jersey

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Automatic report - Web App Attack	2019-06-29 05:57:14
attackspam	WordPress login Brute force / Web App Attack on client site.	2019-06-22 15:44:39

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.154.174	attack	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-08 03:14:31
142.93.154.174	attackbots	TCP port : 9346	2020-10-07 19:28:32
142.93.152.19	attack	142.93.152.19 - - [29/Sep/2020:20:28:21 +0200] "POST /wp-login.php HTTP/1.0" 200 4794 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-30 02:56:16
142.93.152.19	attackbotsspam	Automatic report - Banned IP Access	2020-09-29 18:58:55
142.93.152.19	attack	142.93.152.19 - - [16/Sep/2020:06:00:16 +0100] "POST /wp-login.php HTTP/1.1" 200 1885 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.152.19 - - [16/Sep/2020:06:00:18 +0100] "POST /wp-login.php HTTP/1.1" 200 1910 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.152.19 - - [16/Sep/2020:06:00:18 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-16 22:02:45
142.93.151.3	attackspambots	" "	2020-09-16 21:33:52
142.93.152.19	attackbotsspam	142.93.152.19 - - [16/Sep/2020:06:00:16 +0100] "POST /wp-login.php HTTP/1.1" 200 1885 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.152.19 - - [16/Sep/2020:06:00:18 +0100] "POST /wp-login.php HTTP/1.1" 200 1910 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.152.19 - - [16/Sep/2020:06:00:18 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-16 14:32:18
142.93.151.3	attackbots	Invalid user vsftp from 142.93.151.3 port 33668	2020-09-16 14:04:13
142.93.152.19	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-16 06:21:52
142.93.151.3	attack	TCP (SYN) 142.93.151.3:58769 -> port 8734, len 44	2020-09-16 05:50:39
142.93.151.3	attackspambots	Sep 11 17:27:17 abendstille sshd\[2037\]: Invalid user admin from 142.93.151.3 Sep 11 17:27:17 abendstille sshd\[2037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.151.3 Sep 11 17:27:19 abendstille sshd\[2037\]: Failed password for invalid user admin from 142.93.151.3 port 56400 ssh2 Sep 11 17:34:53 abendstille sshd\[8871\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.151.3 user=root Sep 11 17:34:55 abendstille sshd\[8871\]: Failed password for root from 142.93.151.3 port 41762 ssh2 ...	2020-09-11 23:43:01
142.93.151.3	attackspam	[ssh] SSH attack	2020-09-11 15:45:05
142.93.151.3	attackbotsspam	Sep 11 01:19:44 host2 sshd[793866]: Failed password for root from 142.93.151.3 port 33778 ssh2 Sep 11 01:28:13 host2 sshd[795090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.151.3 user=root Sep 11 01:28:15 host2 sshd[795090]: Failed password for root from 142.93.151.3 port 47426 ssh2 Sep 11 01:28:13 host2 sshd[795090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.151.3 user=root Sep 11 01:28:15 host2 sshd[795090]: Failed password for root from 142.93.151.3 port 47426 ssh2 ...	2020-09-11 07:56:46
142.93.154.174	attackspambots	TCP ports : 3601 / 17328	2020-09-04 20:36:16
142.93.154.174	attackspambots	SSH Bruteforce attack	2020-09-04 12:17:00

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.15.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43253
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.15.29.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062201 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 22 15:44:32 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 29.15.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 29.15.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
36.155.115.227	attackspambots	Aug 8 22:24:06 vps639187 sshd\[14128\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.155.115.227 user=root Aug 8 22:24:08 vps639187 sshd\[14128\]: Failed password for root from 36.155.115.227 port 38622 ssh2 Aug 8 22:25:24 vps639187 sshd\[14155\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.155.115.227 user=root ...	2020-08-09 07:15:34
103.140.83.18	attack	Aug 8 20:45:04 onepixel sshd[421398]: Invalid user zenith from 103.140.83.18 port 51852 Aug 8 20:45:04 onepixel sshd[421398]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.140.83.18 Aug 8 20:45:04 onepixel sshd[421398]: Invalid user zenith from 103.140.83.18 port 51852 Aug 8 20:45:06 onepixel sshd[421398]: Failed password for invalid user zenith from 103.140.83.18 port 51852 ssh2 Aug 8 20:47:29 onepixel sshd[422725]: Invalid user ghghjkl from 103.140.83.18 port 58702	2020-08-09 06:40:09
125.75.4.83	attackspam	Aug 8 20:10:17 marvibiene sshd[62132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.75.4.83 user=root Aug 8 20:10:19 marvibiene sshd[62132]: Failed password for root from 125.75.4.83 port 41452 ssh2 Aug 8 20:25:28 marvibiene sshd[62302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.75.4.83 user=root Aug 8 20:25:30 marvibiene sshd[62302]: Failed password for root from 125.75.4.83 port 43312 ssh2	2020-08-09 07:10:30
49.235.213.170	attackbotsspam	Aug 8 23:26:18 server sshd[19117]: Failed password for root from 49.235.213.170 port 42412 ssh2 Aug 8 23:30:00 server sshd[20268]: Failed password for root from 49.235.213.170 port 54564 ssh2 Aug 8 23:33:41 server sshd[21380]: Failed password for root from 49.235.213.170 port 38484 ssh2	2020-08-09 06:53:50
192.241.158.8	attack	firewall-block, port(s): 2376/tcp	2020-08-09 07:09:39
201.157.39.44	attackbots	web-1 [ssh_2] SSH Attack	2020-08-09 06:49:30
112.80.35.2	attack	2020-08-08T10:33:46.717180perso.[domain] sshd[537316]: Failed password for root from 112.80.35.2 port 65534 ssh2 2020-08-08T10:39:21.859355perso.[domain] sshd[537344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.80.35.2 user=root 2020-08-08T10:39:24.044479perso.[domain] sshd[537344]: Failed password for root from 112.80.35.2 port 65534 ssh2 ...	2020-08-09 07:13:11
187.58.65.21	attack	Aug 8 21:25:55 gospond sshd[28556]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.58.65.21 user=root Aug 8 21:25:58 gospond sshd[28556]: Failed password for root from 187.58.65.21 port 31314 ssh2 ...	2020-08-09 06:52:27
220.166.241.138	attack	Aug 4 14:05:50 * sshd[11941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.241.138 user=r.r Aug 4 14:05:52 * sshd[11941]: Failed password for r.r from 220.166.241.138 port 48516 ssh2 Aug 4 14:05:52 * sshd[11941]: Received disconnect from 220.166.241.138 port 48516:11: Bye Bye [preauth] Aug 4 14:05:52 * sshd[11941]: Disconnected from 220.166.241.138 port 48516 [preauth] Aug 4 14:12:13 * sshd[12045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.241.138 user=r.r Aug 4 14:12:15 * sshd[12045]: Failed password for r.r from 220.166.241.138 port 48792 ssh2 Aug 4 14:12:16 * sshd[12045]: Received disconnect from 220.166.241.138 port 48792:11: Bye Bye [preauth] Aug 4 14:12:16 * sshd[12045]: Disconnected from 220.166.241.138 port 48792 [preauth] Aug 4 14:14:58 *** sshd[12103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruse........ -------------------------------	2020-08-09 06:41:35
106.12.33.134	attackspambots	Aug 4 08:40:53 hurricane sshd[17234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.33.134 user=r.r Aug 4 08:40:55 hurricane sshd[17234]: Failed password for r.r from 106.12.33.134 port 34912 ssh2 Aug 4 08:40:55 hurricane sshd[17234]: Received disconnect from 106.12.33.134 port 34912:11: Bye Bye [preauth] Aug 4 08:40:55 hurricane sshd[17234]: Disconnected from 106.12.33.134 port 34912 [preauth] Aug 4 08:49:10 hurricane sshd[17300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.33.134 user=r.r Aug 4 08:49:12 hurricane sshd[17300]: Failed password for r.r from 106.12.33.134 port 45518 ssh2 Aug 4 08:49:12 hurricane sshd[17300]: Received disconnect from 106.12.33.134 port 45518:11: Bye Bye [preauth] Aug 4 08:49:12 hurricane sshd[17300]: Disconnected from 106.12.33.134 port 45518 [preauth] Aug 4 08:52:10 hurricane sshd[17308]: pam_unix(sshd:auth): authentication failu........ -------------------------------	2020-08-09 06:39:46
139.198.5.138	attackbots	2020-08-08T22:33:40.987019shield sshd\[14974\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.5.138 user=root 2020-08-08T22:33:43.064783shield sshd\[14974\]: Failed password for root from 139.198.5.138 port 33784 ssh2 2020-08-08T22:36:54.714504shield sshd\[16364\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.5.138 user=root 2020-08-08T22:36:56.089971shield sshd\[16364\]: Failed password for root from 139.198.5.138 port 25968 ssh2 2020-08-08T22:40:14.784142shield sshd\[17955\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.5.138 user=root	2020-08-09 06:47:34
31.132.2.36	attackbotsspam	Bad mail behaviour	2020-08-09 07:15:01
77.8.113.10	attack	Aug 8 21:24:39 scw-tender-jepsen sshd[16444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.8.113.10 Aug 8 21:24:39 scw-tender-jepsen sshd[16446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.8.113.10	2020-08-09 06:42:02
91.191.209.37	attackbotsspam	2020-08-09 00:31:22 dovecot_login authenticator failed for \(User\) \[91.191.209.37\]: 535 Incorrect authentication data \(set_id=brain@hosting1.no-server.de\) 2020-08-09 00:31:34 dovecot_login authenticator failed for \(User\) \[91.191.209.37\]: 535 Incorrect authentication data \(set_id=bf@hosting1.no-server.de\) 2020-08-09 00:31:47 dovecot_login authenticator failed for \(User\) \[91.191.209.37\]: 535 Incorrect authentication data \(set_id=bf@hosting1.no-server.de\) 2020-08-09 00:31:54 dovecot_login authenticator failed for \(User\) \[91.191.209.37\]: 535 Incorrect authentication data \(set_id=bf@hosting1.no-server.de\) 2020-08-09 00:32:03 dovecot_login authenticator failed for \(User\) \[91.191.209.37\]: 535 Incorrect authentication data \(set_id=bf@hosting1.no-server.de\) 2020-08-09 00:32:11 dovecot_login authenticator failed for \(User\) \[91.191.209.37\]: 535 Incorrect authentication data \(set_id=medios@hosting1.no-server.de\) ...	2020-08-09 06:47:47
180.166.150.114	attackbotsspam	(sshd) Failed SSH login from 180.166.150.114 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 8 23:44:05 amsweb01 sshd[5714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.150.114 user=root Aug 8 23:44:06 amsweb01 sshd[5714]: Failed password for root from 180.166.150.114 port 22472 ssh2 Aug 8 23:48:38 amsweb01 sshd[6379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.150.114 user=root Aug 8 23:48:40 amsweb01 sshd[6379]: Failed password for root from 180.166.150.114 port 40247 ssh2 Aug 8 23:52:22 amsweb01 sshd[7012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.150.114 user=root	2020-08-09 06:56:45

最近上报的IP列表

74.133.227.150	205.131.122.36	74.205.35.88	70.54.245.87
14.188.23.68	27.145.204.158	156.193.213.206	38.145.121.101
95.250.8.164	108.228.151.178	110.156.135.211	222.39.160.44
151.195.230.114	84.228.35.170	27.88.4.143	37.108.76.142
104.248.158.113	57.152.211.229	118.215.193.202	214.40.150.249