142.93.161.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Hits on port : 7899	2020-02-11 21:59:45

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.161.89	attack	142.93.161.89 - - [16/Aug/2020:13:23:32 +0100] "POST /wp-login.php HTTP/1.1" 200 2261 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.161.89 - - [16/Aug/2020:13:23:37 +0100] "POST /wp-login.php HTTP/1.1" 200 2234 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.161.89 - - [16/Aug/2020:13:23:42 +0100] "POST /wp-login.php HTTP/1.1" 200 2190 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-16 23:37:41
142.93.161.89	attackbotsspam	142.93.161.89 - - [09/Aug/2020:22:08:17 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.161.89 - - [09/Aug/2020:22:23:39 +0200] "POST /xmlrpc.php HTTP/1.1" 403 461 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-10 07:01:18
142.93.161.89	attack	142.93.161.89 - - [09/Aug/2020:05:55:05 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.161.89 - - [09/Aug/2020:05:55:07 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.161.89 - - [09/Aug/2020:05:55:08 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-09 13:00:28
142.93.161.89	attackbots	Automatic report - XMLRPC Attack	2020-07-30 06:20:23
142.93.161.85	attack	Jul 8 14:17:51 debian-2gb-nbg1-2 kernel: \[16469269.799938\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=142.93.161.85 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=37106 PROTO=TCP SPT=45577 DPT=32295 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-08 20:40:21
142.93.161.85	attack	Fail2Ban Ban Triggered	2020-07-05 07:35:59
142.93.161.89	attack	142.93.161.89 - - - [30/Jun/2020:17:25:39 +0200] "GET /wp-login.php HTTP/1.1" 404 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" "-"	2020-07-01 20:17:41
142.93.161.89	attack	142.93.161.89 - - [09/Jun/2020:14:05:00 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.161.89 - - [09/Jun/2020:14:05:22 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-10 00:07:38

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.161.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13719
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.161.20.			IN	A

;; AUTHORITY SECTION:
.			256	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021101 1800 900 604800 86400

;; Query time: 334 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 11 21:59:41 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 20.161.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.161.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
49.88.112.78	attackbotsspam	Sep 5 04:54:06 aat-srv002 sshd[8126]: Failed password for root from 49.88.112.78 port 42028 ssh2 Sep 5 04:54:18 aat-srv002 sshd[8129]: Failed password for root from 49.88.112.78 port 13776 ssh2 Sep 5 04:54:31 aat-srv002 sshd[8131]: Failed password for root from 49.88.112.78 port 61324 ssh2 ...	2019-09-05 17:55:12
103.62.239.77	attackbotsspam	SSH bruteforce (Triggered fail2ban)	2019-09-05 17:28:31
125.165.105.19	attackspam	Unauthorized connection attempt from IP address 125.165.105.19 on Port 445(SMB)	2019-09-05 17:14:51
137.74.47.22	attackbotsspam	Sep 5 10:57:57 ns37 sshd[6682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.47.22 Sep 5 10:57:57 ns37 sshd[6682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.47.22	2019-09-05 17:29:11
118.70.67.101	attack	Unauthorized connection attempt from IP address 118.70.67.101 on Port 445(SMB)	2019-09-05 18:05:06
169.1.10.180	attackspam	Unauthorized connection attempt from IP address 169.1.10.180 on Port 445(SMB)	2019-09-05 18:03:54
167.71.97.212	attackbots	Probing for /secure	2019-09-05 17:24:01
84.120.41.118	attackspam	2019-09-05T09:12:47.913701abusebot-6.cloudsearch.cf sshd\[17978\]: Invalid user sftptest from 84.120.41.118 port 38590	2019-09-05 17:19:44
117.42.29.118	attackspambots	Unauthorized connection attempt from IP address 117.42.29.118 on Port 445(SMB)	2019-09-05 17:29:36
62.210.30.128	attackbots	Sep 4 23:35:50 php1 sshd\[22364\]: Invalid user 1234 from 62.210.30.128 Sep 4 23:35:50 php1 sshd\[22364\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.210.30.128 Sep 4 23:35:52 php1 sshd\[22364\]: Failed password for invalid user 1234 from 62.210.30.128 port 38324 ssh2 Sep 4 23:39:50 php1 sshd\[22870\]: Invalid user 1234 from 62.210.30.128 Sep 4 23:39:50 php1 sshd\[22870\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.210.30.128	2019-09-05 17:45:00
62.234.101.62	attackspambots	Sep 5 10:34:39 ubuntu-2gb-nbg1-dc3-1 sshd[2129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.101.62 Sep 5 10:34:40 ubuntu-2gb-nbg1-dc3-1 sshd[2129]: Failed password for invalid user 1qaz2wsx from 62.234.101.62 port 44296 ssh2 ...	2019-09-05 17:15:14
54.240.14.147	attackspam	Attempt to login to email server on SMTP service on 05-09-2019 09:34:42.	2019-09-05 17:13:16
192.254.207.123	attackspambots	WordPress wp-login brute force :: 192.254.207.123 0.156 BYPASS [05/Sep/2019:18:34:04 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-09-05 17:54:35
139.99.144.191	attack	Sep 5 12:11:50 server sshd\[21292\]: Invalid user dspace@123 from 139.99.144.191 port 34626 Sep 5 12:11:50 server sshd\[21292\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.144.191 Sep 5 12:11:52 server sshd\[21292\]: Failed password for invalid user dspace@123 from 139.99.144.191 port 34626 ssh2 Sep 5 12:17:16 server sshd\[29850\]: Invalid user 123456 from 139.99.144.191 port 49264 Sep 5 12:17:16 server sshd\[29850\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.144.191	2019-09-05 17:25:29
5.135.198.62	attack	Sep 5 05:17:27 xtremcommunity sshd\[18813\]: Invalid user test from 5.135.198.62 port 56868 Sep 5 05:17:27 xtremcommunity sshd\[18813\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.198.62 Sep 5 05:17:28 xtremcommunity sshd\[18813\]: Failed password for invalid user test from 5.135.198.62 port 56868 ssh2 Sep 5 05:21:34 xtremcommunity sshd\[18899\]: Invalid user oracle from 5.135.198.62 port 50505 Sep 5 05:21:34 xtremcommunity sshd\[18899\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.198.62 ...	2019-09-05 17:21:38

最近上报的IP列表

147.108.72.23	45.140.13.124	62.7.232.56	83.239.244.65
226.182.248.199	59.242.245.209	1.2.253.109	93.67.74.96
220.135.50.116	171.243.124.221	171.22.76.93	139.99.116.27
21.90.70.255	25.48.68.65	49.117.193.175	243.130.135.128
64.163.24.217	95.57.113.244	209.154.53.116	182.203.78.168