142.93.161.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Hits on port : 7899	2020-02-11 21:59:45

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.161.89	attack	142.93.161.89 - - [16/Aug/2020:13:23:32 +0100] "POST /wp-login.php HTTP/1.1" 200 2261 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.161.89 - - [16/Aug/2020:13:23:37 +0100] "POST /wp-login.php HTTP/1.1" 200 2234 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.161.89 - - [16/Aug/2020:13:23:42 +0100] "POST /wp-login.php HTTP/1.1" 200 2190 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-16 23:37:41
142.93.161.89	attackbotsspam	142.93.161.89 - - [09/Aug/2020:22:08:17 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.161.89 - - [09/Aug/2020:22:23:39 +0200] "POST /xmlrpc.php HTTP/1.1" 403 461 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-10 07:01:18
142.93.161.89	attack	142.93.161.89 - - [09/Aug/2020:05:55:05 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.161.89 - - [09/Aug/2020:05:55:07 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.161.89 - - [09/Aug/2020:05:55:08 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-09 13:00:28
142.93.161.89	attackbots	Automatic report - XMLRPC Attack	2020-07-30 06:20:23
142.93.161.85	attack	Jul 8 14:17:51 debian-2gb-nbg1-2 kernel: \[16469269.799938\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=142.93.161.85 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=37106 PROTO=TCP SPT=45577 DPT=32295 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-08 20:40:21
142.93.161.85	attack	Fail2Ban Ban Triggered	2020-07-05 07:35:59
142.93.161.89	attack	142.93.161.89 - - - [30/Jun/2020:17:25:39 +0200] "GET /wp-login.php HTTP/1.1" 404 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" "-"	2020-07-01 20:17:41
142.93.161.89	attack	142.93.161.89 - - [09/Jun/2020:14:05:00 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.161.89 - - [09/Jun/2020:14:05:22 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-10 00:07:38

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.161.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13719
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.161.20.			IN	A

;; AUTHORITY SECTION:
.			256	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021101 1800 900 604800 86400

;; Query time: 334 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 11 21:59:41 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 20.161.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.161.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
163.172.106.114	attackbotsspam	Jul 17 05:38:05 areeb-Workstation sshd\[14503\]: Invalid user airlive from 163.172.106.114 Jul 17 05:38:05 areeb-Workstation sshd\[14503\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.106.114 Jul 17 05:38:07 areeb-Workstation sshd\[14503\]: Failed password for invalid user airlive from 163.172.106.114 port 37120 ssh2 ...	2019-07-17 08:32:12
119.29.75.165	attackbotsspam	Jun 1 23:37:06 server sshd\[29777\]: Invalid user admin from 119.29.75.165 Jun 1 23:37:06 server sshd\[29777\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.75.165 Jun 1 23:37:08 server sshd\[29777\]: Failed password for invalid user admin from 119.29.75.165 port 33984 ssh2 ...	2019-07-17 08:13:57
66.64.43.162	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-07-17 08:37:23
119.29.246.165	attackbots	Jul 17 00:18:36 ovpn sshd\[21409\]: Invalid user csgoserver from 119.29.246.165 Jul 17 00:18:36 ovpn sshd\[21409\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.246.165 Jul 17 00:18:38 ovpn sshd\[21409\]: Failed password for invalid user csgoserver from 119.29.246.165 port 46844 ssh2 Jul 17 00:21:35 ovpn sshd\[6746\]: Invalid user alumni from 119.29.246.165 Jul 17 00:21:35 ovpn sshd\[6746\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.246.165	2019-07-17 08:21:03
119.64.105.178	attack	May 19 15:11:14 server sshd\[222870\]: Invalid user dbuser from 119.64.105.178 May 19 15:11:14 server sshd\[222870\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.64.105.178 May 19 15:11:16 server sshd\[222870\]: Failed password for invalid user dbuser from 119.64.105.178 port 55822 ssh2 ...	2019-07-17 08:01:30
103.52.52.23	attackbots	Invalid user tw from 103.52.52.23 port 42576	2019-07-17 08:10:27
119.29.228.236	attackspam	May 23 10:55:29 server sshd\[128667\]: Invalid user gz from 119.29.228.236 May 23 10:55:29 server sshd\[128667\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.228.236 May 23 10:55:31 server sshd\[128667\]: Failed password for invalid user gz from 119.29.228.236 port 51840 ssh2 ...	2019-07-17 08:27:51
119.57.162.18	attack	Jun 3 17:56:09 server sshd\[102578\]: Invalid user gray from 119.57.162.18 Jun 3 17:56:09 server sshd\[102578\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.57.162.18 Jun 3 17:56:10 server sshd\[102578\]: Failed password for invalid user gray from 119.57.162.18 port 62415 ssh2 ...	2019-07-17 08:03:05
119.29.247.225	attackbots	Jul 17 00:09:20 MK-Soft-VM4 sshd\[8925\]: Invalid user forum from 119.29.247.225 port 55718 Jul 17 00:09:20 MK-Soft-VM4 sshd\[8925\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.247.225 Jul 17 00:09:22 MK-Soft-VM4 sshd\[8925\]: Failed password for invalid user forum from 119.29.247.225 port 55718 ssh2 ...	2019-07-17 08:19:39
1.192.241.0	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-16 20:34:02,659 INFO [amun_request_handler] PortScan Detected on Port: 445 (1.192.241.0)	2019-07-17 08:26:33
125.64.94.212	attackbotsspam	16.07.2019 23:41:45 Connection to port 1433 blocked by firewall	2019-07-17 08:22:30
119.29.65.240	attack	Jul 17 01:23:58 tux-35-217 sshd\[13825\]: Invalid user amanda from 119.29.65.240 port 60342 Jul 17 01:23:58 tux-35-217 sshd\[13825\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.65.240 Jul 17 01:24:01 tux-35-217 sshd\[13825\]: Failed password for invalid user amanda from 119.29.65.240 port 60342 ssh2 Jul 17 01:27:24 tux-35-217 sshd\[13849\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.65.240 user=root ...	2019-07-17 08:15:52
207.46.13.76	attackspam	Automatic report - Banned IP Access	2019-07-17 08:16:50
136.243.15.47	attackspambots	RDP brute forcing (r)	2019-07-17 08:27:05
119.29.89.200	attack	Jul 7 23:34:13 server sshd\[67869\]: Invalid user office from 119.29.89.200 Jul 7 23:34:13 server sshd\[67869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.89.200 Jul 7 23:34:15 server sshd\[67869\]: Failed password for invalid user office from 119.29.89.200 port 34858 ssh2 ...	2019-07-17 08:10:11

最近上报的IP列表

147.108.72.23	45.140.13.124	62.7.232.56	83.239.244.65
226.182.248.199	59.242.245.209	1.2.253.109	93.67.74.96
220.135.50.116	171.243.124.221	171.22.76.93	139.99.116.27
21.90.70.255	25.48.68.65	49.117.193.175	243.130.135.128
64.163.24.217	95.57.113.244	209.154.53.116	182.203.78.168