142.93.48.155 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jul 4 14:10:59 prox sshd[6702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 Jul 4 14:11:00 prox sshd[6702]: Failed password for invalid user king from 142.93.48.155 port 40008 ssh2	2020-07-05 00:10:52
attack	2020-06-16T12:20:32.770817abusebot-5.cloudsearch.cf sshd[15081]: Invalid user vid from 142.93.48.155 port 35614 2020-06-16T12:20:32.775990abusebot-5.cloudsearch.cf sshd[15081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 2020-06-16T12:20:32.770817abusebot-5.cloudsearch.cf sshd[15081]: Invalid user vid from 142.93.48.155 port 35614 2020-06-16T12:20:34.762014abusebot-5.cloudsearch.cf sshd[15081]: Failed password for invalid user vid from 142.93.48.155 port 35614 ssh2 2020-06-16T12:25:36.762081abusebot-5.cloudsearch.cf sshd[15130]: Invalid user sunil from 142.93.48.155 port 57490 2020-06-16T12:25:36.767796abusebot-5.cloudsearch.cf sshd[15130]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 2020-06-16T12:25:36.762081abusebot-5.cloudsearch.cf sshd[15130]: Invalid user sunil from 142.93.48.155 port 57490 2020-06-16T12:25:38.823563abusebot-5.cloudsearch.cf sshd[15130]: Failed passw ...	2020-06-17 01:26:45
attackspam	Jun 10 10:59:35 game-panel sshd[17497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 Jun 10 10:59:37 game-panel sshd[17497]: Failed password for invalid user wei from 142.93.48.155 port 49882 ssh2 Jun 10 11:02:52 game-panel sshd[17638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155	2020-06-10 19:24:40
attackspambots	2020-06-05T05:03:25.385185shield sshd\[15299\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 user=root 2020-06-05T05:03:27.495544shield sshd\[15299\]: Failed password for root from 142.93.48.155 port 59510 ssh2 2020-06-05T05:06:49.229893shield sshd\[17291\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 user=root 2020-06-05T05:06:51.343897shield sshd\[17291\]: Failed password for root from 142.93.48.155 port 34986 ssh2 2020-06-05T05:10:13.555304shield sshd\[18612\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 user=root	2020-06-05 14:30:07
attack	Jun 4 08:25:14 sip sshd[534135]: Failed password for root from 142.93.48.155 port 49300 ssh2 Jun 4 08:28:30 sip sshd[534191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 user=root Jun 4 08:28:33 sip sshd[534191]: Failed password for root from 142.93.48.155 port 53670 ssh2 ...	2020-06-04 14:39:29
attack	May 25 14:47:09 sshgateway sshd\[16075\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 user=root May 25 14:47:10 sshgateway sshd\[16075\]: Failed password for root from 142.93.48.155 port 43496 ssh2 May 25 14:50:10 sshgateway sshd\[16112\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 user=root	2020-05-26 00:09:32

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.48.191	attack	11109/tcp 4545/tcp 12805/tcp... [2020-08-30/09-25]50pkt,17pt.(tcp)	2020-09-26 02:54:00
142.93.48.191	attackspam	TCP ports : 4545 / 11109	2020-09-25 18:39:21
142.93.48.191	attackspambots	2020-09-15T15:12:08.262284sorsha.thespaminator.com sshd[16347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.191 user=root 2020-09-15T15:12:10.495909sorsha.thespaminator.com sshd[16347]: Failed password for root from 142.93.48.191 port 56048 ssh2 ...	2020-09-16 03:26:42
142.93.48.191	attack	17418/tcp 17103/tcp 18405/tcp... [2020-08-30/09-15]31pkt,11pt.(tcp)	2020-09-15 19:30:33
142.93.48.191	attack	SSH Scan	2020-08-31 16:34:29
142.93.48.191	attackspambots	Attempted connection to port 18720.	2020-08-31 07:25:08
142.93.48.191	attack	Aug 30 14:31:11 buvik sshd[1558]: Failed password for root from 142.93.48.191 port 43900 ssh2 Aug 30 14:34:52 buvik sshd[2031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.191 user=root Aug 30 14:34:54 buvik sshd[2031]: Failed password for root from 142.93.48.191 port 45650 ssh2 ...	2020-08-30 21:03:12
142.93.48.191	attackbotsspam	"$f2bV_matches"	2020-08-28 04:24:22
142.93.48.191	attackbots	Aug 25 16:56:16 OPSO sshd\[7232\]: Invalid user ftpu from 142.93.48.191 port 39276 Aug 25 16:56:16 OPSO sshd\[7232\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.191 Aug 25 16:56:18 OPSO sshd\[7232\]: Failed password for invalid user ftpu from 142.93.48.191 port 39276 ssh2 Aug 25 17:00:30 OPSO sshd\[8411\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.191 user=root Aug 25 17:00:32 OPSO sshd\[8411\]: Failed password for root from 142.93.48.191 port 46392 ssh2	2020-08-25 23:06:20
142.93.48.216	attack	Automatic report - XMLRPC Attack	2020-04-27 05:58:59
142.93.48.216	attack	Automatic report - XMLRPC Attack	2020-03-30 06:29:42
142.93.48.39	attack	ZTE Router Exploit Scanner	2020-03-25 13:00:39
142.93.48.216	attackspam	CMS (WordPress or Joomla) login attempt.	2020-03-22 12:00:28
142.93.48.106	attackspam	(mod_security) mod_security (id:230011) triggered by 142.93.48.106 (US/United States/dev1.gaslamp.media): 5 in the last 3600 secs	2020-03-18 08:19:52
142.93.48.216	attackspambots	WordPress login Brute force / Web App Attack on client site.	2020-02-08 09:59:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.48.155
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25018
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.48.155.			IN	A

;; AUTHORITY SECTION:
.			527	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052500 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue May 26 00:09:21 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 155.48.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 155.48.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
37.49.227.12	attackbots	10/01/2019-06:56:24.204883 37.49.227.12 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-01 15:01:26
51.75.32.141	attackbots	2019-10-01T07:00:24.511399abusebot-3.cloudsearch.cf sshd\[29847\]: Invalid user admin from 51.75.32.141 port 36490	2019-10-01 15:19:55
178.219.29.221	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/178.219.29.221/ PL - 1H : (226) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : PL NAME ASN : ASN50987 IP : 178.219.29.221 CIDR : 178.219.29.0/24 PREFIX COUNT : 15 UNIQUE IP COUNT : 3840 WYKRYTE ATAKI Z ASN50987 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 2 DateTime : 2019-10-01 05:52:22 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-01 14:37:50
115.236.170.78	attack	Oct 1 06:46:46 hcbbdb sshd\[25298\]: Invalid user vcamapp from 115.236.170.78 Oct 1 06:46:46 hcbbdb sshd\[25298\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.236.170.78 Oct 1 06:46:48 hcbbdb sshd\[25298\]: Failed password for invalid user vcamapp from 115.236.170.78 port 59982 ssh2 Oct 1 06:52:07 hcbbdb sshd\[25881\]: Invalid user alumni from 115.236.170.78 Oct 1 06:52:07 hcbbdb sshd\[25881\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.236.170.78	2019-10-01 14:57:21
37.228.132.2	attackbotsspam	Automatic report - Banned IP Access	2019-10-01 15:16:20
190.217.9.210	attackbots	Oct 1 05:52:23 [munged] sshd[756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.217.9.210	2019-10-01 14:39:14
204.12.220.106	attackspam	20 attempts against mh-misbehave-ban on pluto.magehost.pro	2019-10-01 15:09:10
185.216.131.202	attackbots	Chat Spam	2019-10-01 14:37:14
114.40.68.45	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/114.40.68.45/ TW - 1H : (220) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 114.40.68.45 CIDR : 114.40.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 WYKRYTE ATAKI Z ASN3462 : 1H - 19 3H - 47 6H - 60 12H - 90 24H - 152 DateTime : 2019-10-01 05:51:31 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-01 15:19:30
181.48.29.35	attack	Oct 1 07:12:20 vps647732 sshd[7726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.29.35 Oct 1 07:12:22 vps647732 sshd[7726]: Failed password for invalid user isis from 181.48.29.35 port 43238 ssh2 ...	2019-10-01 15:01:50
188.162.43.9	attack	Brute force attack to crack SMTP password (port 25 / 587)	2019-10-01 14:42:56
46.38.144.17	attack	Oct 1 08:41:00 relay postfix/smtpd\[10712\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 08:41:18 relay postfix/smtpd\[24076\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 08:42:17 relay postfix/smtpd\[10709\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 08:42:33 relay postfix/smtpd\[24080\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 08:43:32 relay postfix/smtpd\[10709\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-01 14:45:41
221.150.22.201	attackspambots	Sep 30 20:40:42 auw2 sshd\[30592\]: Invalid user web from 221.150.22.201 Sep 30 20:40:42 auw2 sshd\[30592\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.150.22.201 Sep 30 20:40:45 auw2 sshd\[30592\]: Failed password for invalid user web from 221.150.22.201 port 52124 ssh2 Sep 30 20:45:27 auw2 sshd\[30986\]: Invalid user sales1 from 221.150.22.201 Sep 30 20:45:27 auw2 sshd\[30986\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.150.22.201	2019-10-01 14:48:42
103.89.88.64	attackbots	Rude login attack (2 tries in 1d)	2019-10-01 15:02:43
159.65.112.93	attackbots	Oct 1 05:52:17 srv206 sshd[3761]: Invalid user dtacplayapi from 159.65.112.93 ...	2019-10-01 14:47:22

最近上报的IP列表

178.121.93.125	66.254.15.136	14.242.79.196	185.63.253.236
4.56.44.201	132.214.238.13	14.251.215.183	2.147.45.27
81.218.111.110	14.242.179.50	165.227.72.153	193.107.201.77
2601:6c0:c006:4bd0:ddc7:a230:a4ce:9adf	144.91.87.170	36.99.207.206	200.233.250.50
49.204.183.117	14.248.82.166	224.96.27.198	122.227.189.198