142.93.47.5 - IPInfo

基本信息:

城市(city): London

省份(region): England

国家(country): United Kingdom

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.47.124	attack	4922/tcp 2859/tcp 22992/tcp... [2020-08-07/10-04]188pkt,106pt.(tcp)	2020-10-06 04:11:34
142.93.47.124	attackspam	4922/tcp 2859/tcp 22992/tcp... [2020-08-07/10-04]188pkt,106pt.(tcp)	2020-10-05 20:10:06
142.93.47.124	attackbots	4922/tcp 2859/tcp 22992/tcp... [2020-08-07/10-04]188pkt,106pt.(tcp)	2020-10-05 12:02:45
142.93.47.124	attackspam	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: african.land.	2020-10-04 07:28:51
142.93.47.124	attackbotsspam	8986/tcp 32222/tcp 7000/tcp... [2020-08-07/10-02]177pkt,96pt.(tcp)	2020-10-03 23:44:09
142.93.47.124	attack	8986/tcp 32222/tcp 7000/tcp... [2020-08-07/10-02]177pkt,96pt.(tcp)	2020-10-03 15:28:31
142.93.47.124	attack	Unauthorized connection attempt detected from IP address 142.93.47.124 to port 7022 [T]	2020-08-16 19:21:54
142.93.47.124	attackbotsspam	Unauthorized connection attempt detected from IP address 142.93.47.124 to port 10022 [T]	2020-08-14 20:14:39
142.93.47.124	attackspambots	8042/tcp 3388/tcp 2244/tcp... [2020-07-30/08-13]51pkt,24pt.(tcp)	2020-08-13 23:39:55
142.93.47.124	attackbotsspam	Port Scan detected from 142.93.47.124 (GB/United Kingdom/England/London/african.land). 4 hits in the last 270 seconds	2020-08-08 21:15:46
142.93.47.124	attack	Fail2Ban Ban Triggered	2020-08-08 07:08:21
142.93.47.171	attack	xmlrpc attack	2020-05-10 05:55:35
142.93.47.171	attackbots	142.93.47.171 - - \[08/May/2020:14:27:26 +0200\] "POST /wp-login.php HTTP/1.0" 200 6963 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.47.171 - - \[08/May/2020:14:27:27 +0200\] "POST /wp-login.php HTTP/1.0" 200 6785 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.47.171 - - \[08/May/2020:14:27:28 +0200\] "POST /wp-login.php HTTP/1.0" 200 6783 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-05-08 20:51:25
142.93.47.171	attack	WordPress wp-login brute force :: 142.93.47.171 0.072 BYPASS [08/Apr/2020:10:19:00 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-08 18:53:56
142.93.47.171	attack	142.93.47.171 - - [01/Apr/2020:07:03:22 +0200] "GET /wp-login.php HTTP/1.1" 200 5702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.47.171 - - [01/Apr/2020:07:03:24 +0200] "POST /wp-login.php HTTP/1.1" 200 6601 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.47.171 - - [01/Apr/2020:07:03:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-01 14:10:12

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.47.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1024
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.47.5.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 06 04:03:05 +08 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 5.47.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 5.47.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
77.247.110.22	attack	08/21/2019-12:50:28.478302 77.247.110.22 Protocol: 17 ET CINS Active Threat Intelligence Poor Reputation IP group 75	2019-08-22 01:42:26
104.0.143.234	attackbotsspam	Aug 21 18:21:01 mail sshd\[14386\]: Failed password for invalid user drschwan from 104.0.143.234 port 56194 ssh2 Aug 21 18:44:22 mail sshd\[15128\]: Invalid user jaquilante from 104.0.143.234 port 52177 ...	2019-08-22 01:56:11
165.227.1.117	attack	Aug 21 12:20:25 ny01 sshd[30304]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.1.117 Aug 21 12:20:27 ny01 sshd[30304]: Failed password for invalid user mamige from 165.227.1.117 port 55658 ssh2 Aug 21 12:24:34 ny01 sshd[30678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.1.117	2019-08-22 00:59:43
95.5.139.50	attack	Automatic report - Port Scan Attack	2019-08-22 01:59:15
189.8.68.56	attackbotsspam	Aug 21 19:29:27 yabzik sshd[24319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.8.68.56 Aug 21 19:29:29 yabzik sshd[24319]: Failed password for invalid user apache from 189.8.68.56 port 37750 ssh2 Aug 21 19:34:32 yabzik sshd[26058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.8.68.56	2019-08-22 01:36:16
107.213.136.221	attackbots	Aug 21 19:49:52 pornomens sshd\[12772\]: Invalid user reception2 from 107.213.136.221 port 53136 Aug 21 19:49:52 pornomens sshd\[12772\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.213.136.221 Aug 21 19:49:54 pornomens sshd\[12772\]: Failed password for invalid user reception2 from 107.213.136.221 port 53136 ssh2 ...	2019-08-22 01:58:05
114.7.120.10	attack	Aug 21 19:13:54 minden010 sshd[15459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.7.120.10 Aug 21 19:13:56 minden010 sshd[15459]: Failed password for invalid user viola from 114.7.120.10 port 33239 ssh2 Aug 21 19:19:12 minden010 sshd[17433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.7.120.10 ...	2019-08-22 02:07:57
198.98.57.58	attack	[portscan] Port scan	2019-08-22 01:45:52
178.124.176.185	attackspambots	[munged]::443 178.124.176.185 - - [21/Aug/2019:13:39:50 +0200] "POST /[munged]: HTTP/1.1" 200 9039 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 178.124.176.185 - - [21/Aug/2019:13:39:51 +0200] "POST /[munged]: HTTP/1.1" 200 4378 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 178.124.176.185 - - [21/Aug/2019:13:39:52 +0200] "POST /[munged]: HTTP/1.1" 200 4378 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 178.124.176.185 - - [21/Aug/2019:13:39:53 +0200] "POST /[munged]: HTTP/1.1" 200 4378 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 178.124.176.185 - - [21/Aug/2019:13:39:53 +0200] "POST /[munged]: HTTP/1.1" 200 4378 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 178.124.176.185 - - [21/Aug/20	2019-08-22 01:34:04
178.62.215.66	attackbotsspam	Aug 21 17:39:22 mail sshd\[13177\]: Failed password for invalid user sl from 178.62.215.66 port 36862 ssh2 Aug 21 17:55:41 mail sshd\[13658\]: Invalid user sysadmin from 178.62.215.66 port 56668 ...	2019-08-22 00:57:06
92.118.161.33	attack	IP: 92.118.161.33 ASN: AS36351 SoftLayer Technologies Inc. Port: IMAP over TLS protocol 993 Found in one or more Blacklists Date: 21/08/2019 12:25:57 PM UTC	2019-08-22 01:13:47
77.247.108.77	attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-08-22 01:27:43
121.67.246.139	attackbotsspam	Aug 21 07:37:23 hcbb sshd\[12174\]: Invalid user duckie from 121.67.246.139 Aug 21 07:37:23 hcbb sshd\[12174\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.67.246.139 Aug 21 07:37:25 hcbb sshd\[12174\]: Failed password for invalid user duckie from 121.67.246.139 port 58696 ssh2 Aug 21 07:42:17 hcbb sshd\[12690\]: Invalid user zq from 121.67.246.139 Aug 21 07:42:17 hcbb sshd\[12690\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.67.246.139	2019-08-22 01:44:05
129.213.153.229	attackspam	Aug 21 06:44:43 php1 sshd\[13940\]: Invalid user admin from 129.213.153.229 Aug 21 06:44:43 php1 sshd\[13940\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.153.229 Aug 21 06:44:45 php1 sshd\[13940\]: Failed password for invalid user admin from 129.213.153.229 port 59374 ssh2 Aug 21 06:52:54 php1 sshd\[14711\]: Invalid user awong from 129.213.153.229 Aug 21 06:52:54 php1 sshd\[14711\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.153.229	2019-08-22 00:54:10
103.125.86.241	attackbots	Aug 21 08:47:56 localhost kernel: [129491.109087] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=103.125.86.241 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=57 ID=3512 PROTO=TCP SPT=80 DPT=35360 WINDOW=16384 RES=0x00 ACK URGP=0 Aug 21 08:47:56 localhost kernel: [129491.109127] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=103.125.86.241 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=57 ID=3512 PROTO=TCP SPT=80 DPT=35360 SEQ=498137829 ACK=498137829 WINDOW=16384 RES=0x00 ACK URGP=0 Aug 21 08:57:14 localhost kernel: [130049.737412] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=103.125.86.241 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=57 ID=63246 PROTO=TCP SPT=80 DPT=30584 WINDOW=16384 RES=0x00 ACK URGP=0 Aug 21 08:57:14 localhost kernel: [130049.737434] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=103.125.86.241 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=	2019-08-22 01:06:26

最近上报的IP列表

139.199.164.21	134.175.27.130	118.24.111.126	118.24.99.163
114.34.30.113	103.23.100.183	62.175.170.9	51.68.127.28
45.55.225.152	41.228.12.149	41.175.230.43	34.73.182.101
74.70.201.53	38.135.122.124	77.232.160.22	49.156.54.146
128.14.136.78	118.24.26.7	108.35.176.202	202.57.50.59