142.93.48.191 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	11109/tcp 4545/tcp 12805/tcp... [2020-08-30/09-25]50pkt,17pt.(tcp)	2020-09-26 02:54:00
attackspam	TCP ports : 4545 / 11109	2020-09-25 18:39:21
attackspambots	2020-09-15T15:12:08.262284sorsha.thespaminator.com sshd[16347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.191 user=root 2020-09-15T15:12:10.495909sorsha.thespaminator.com sshd[16347]: Failed password for root from 142.93.48.191 port 56048 ssh2 ...	2020-09-16 03:26:42
attack	17418/tcp 17103/tcp 18405/tcp... [2020-08-30/09-15]31pkt,11pt.(tcp)	2020-09-15 19:30:33
attack	SSH Scan	2020-08-31 16:34:29
attackspambots	Attempted connection to port 18720.	2020-08-31 07:25:08
attack	Aug 30 14:31:11 buvik sshd[1558]: Failed password for root from 142.93.48.191 port 43900 ssh2 Aug 30 14:34:52 buvik sshd[2031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.191 user=root Aug 30 14:34:54 buvik sshd[2031]: Failed password for root from 142.93.48.191 port 45650 ssh2 ...	2020-08-30 21:03:12
attackbotsspam	"$f2bV_matches"	2020-08-28 04:24:22
attackbots	Aug 25 16:56:16 OPSO sshd\[7232\]: Invalid user ftpu from 142.93.48.191 port 39276 Aug 25 16:56:16 OPSO sshd\[7232\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.191 Aug 25 16:56:18 OPSO sshd\[7232\]: Failed password for invalid user ftpu from 142.93.48.191 port 39276 ssh2 Aug 25 17:00:30 OPSO sshd\[8411\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.191 user=root Aug 25 17:00:32 OPSO sshd\[8411\]: Failed password for root from 142.93.48.191 port 46392 ssh2	2020-08-25 23:06:20

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.48.155	attackbotsspam	Jul 4 14:10:59 prox sshd[6702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 Jul 4 14:11:00 prox sshd[6702]: Failed password for invalid user king from 142.93.48.155 port 40008 ssh2	2020-07-05 00:10:52
142.93.48.155	attack	2020-06-16T12:20:32.770817abusebot-5.cloudsearch.cf sshd[15081]: Invalid user vid from 142.93.48.155 port 35614 2020-06-16T12:20:32.775990abusebot-5.cloudsearch.cf sshd[15081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 2020-06-16T12:20:32.770817abusebot-5.cloudsearch.cf sshd[15081]: Invalid user vid from 142.93.48.155 port 35614 2020-06-16T12:20:34.762014abusebot-5.cloudsearch.cf sshd[15081]: Failed password for invalid user vid from 142.93.48.155 port 35614 ssh2 2020-06-16T12:25:36.762081abusebot-5.cloudsearch.cf sshd[15130]: Invalid user sunil from 142.93.48.155 port 57490 2020-06-16T12:25:36.767796abusebot-5.cloudsearch.cf sshd[15130]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 2020-06-16T12:25:36.762081abusebot-5.cloudsearch.cf sshd[15130]: Invalid user sunil from 142.93.48.155 port 57490 2020-06-16T12:25:38.823563abusebot-5.cloudsearch.cf sshd[15130]: Failed passw ...	2020-06-17 01:26:45
142.93.48.155	attackspam	Jun 10 10:59:35 game-panel sshd[17497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 Jun 10 10:59:37 game-panel sshd[17497]: Failed password for invalid user wei from 142.93.48.155 port 49882 ssh2 Jun 10 11:02:52 game-panel sshd[17638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155	2020-06-10 19:24:40
142.93.48.155	attackspambots	2020-06-05T05:03:25.385185shield sshd\[15299\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 user=root 2020-06-05T05:03:27.495544shield sshd\[15299\]: Failed password for root from 142.93.48.155 port 59510 ssh2 2020-06-05T05:06:49.229893shield sshd\[17291\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 user=root 2020-06-05T05:06:51.343897shield sshd\[17291\]: Failed password for root from 142.93.48.155 port 34986 ssh2 2020-06-05T05:10:13.555304shield sshd\[18612\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 user=root	2020-06-05 14:30:07
142.93.48.155	attack	Jun 4 08:25:14 sip sshd[534135]: Failed password for root from 142.93.48.155 port 49300 ssh2 Jun 4 08:28:30 sip sshd[534191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 user=root Jun 4 08:28:33 sip sshd[534191]: Failed password for root from 142.93.48.155 port 53670 ssh2 ...	2020-06-04 14:39:29
142.93.48.155	attack	May 25 14:47:09 sshgateway sshd\[16075\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 user=root May 25 14:47:10 sshgateway sshd\[16075\]: Failed password for root from 142.93.48.155 port 43496 ssh2 May 25 14:50:10 sshgateway sshd\[16112\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.48.155 user=root	2020-05-26 00:09:32
142.93.48.216	attack	Automatic report - XMLRPC Attack	2020-04-27 05:58:59
142.93.48.216	attack	Automatic report - XMLRPC Attack	2020-03-30 06:29:42
142.93.48.39	attack	ZTE Router Exploit Scanner	2020-03-25 13:00:39
142.93.48.216	attackspam	CMS (WordPress or Joomla) login attempt.	2020-03-22 12:00:28
142.93.48.106	attackspam	(mod_security) mod_security (id:230011) triggered by 142.93.48.106 (US/United States/dev1.gaslamp.media): 5 in the last 3600 secs	2020-03-18 08:19:52
142.93.48.216	attackspambots	WordPress login Brute force / Web App Attack on client site.	2020-02-08 09:59:21
142.93.48.216	attackbots	xmlrpc attack	2020-01-24 06:00:00
142.93.48.216	attackbots	Automatic report - XMLRPC Attack	2020-01-02 08:52:40

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.48.191
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24962
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.48.191.			IN	A

;; AUTHORITY SECTION:
.			521	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082500 1800 900 604800 86400

;; Query time: 30 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Aug 25 23:06:11 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

191.48.93.142.in-addr.arpa domain name pointer ubuntu-yoursite.app.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
191.48.93.142.in-addr.arpa	name = ubuntu-yoursite.app.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
91.232.96.106	attack	2020-06-09T05:54:45+02:00 exim[16903]: [1\53] 1jiVLY-0004Od-1z H=(oval.bahisgir.com) [91.232.96.106] F= rejected after DATA: This message scored 104.5 spam points.	2020-06-09 14:18:07
218.92.0.158	attackspam	2020-06-09T08:20:47.084100rocketchat.forhosting.nl sshd[3991]: Failed password for root from 218.92.0.158 port 5870 ssh2 2020-06-09T08:20:50.468486rocketchat.forhosting.nl sshd[3991]: Failed password for root from 218.92.0.158 port 5870 ssh2 2020-06-09T08:20:54.008042rocketchat.forhosting.nl sshd[3991]: Failed password for root from 218.92.0.158 port 5870 ssh2 ...	2020-06-09 14:43:43
34.92.68.172	attack	Jun 9 06:51:31 nextcloud sshd\[27602\]: Invalid user shclient from 34.92.68.172 Jun 9 06:51:31 nextcloud sshd\[27602\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.92.68.172 Jun 9 06:51:33 nextcloud sshd\[27602\]: Failed password for invalid user shclient from 34.92.68.172 port 53762 ssh2	2020-06-09 14:35:09
162.248.52.82	attackspambots	2020-06-09T03:51:05.459148shield sshd\[7202\]: Invalid user ishii from 162.248.52.82 port 46796 2020-06-09T03:51:05.462836shield sshd\[7202\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.248.52.82 2020-06-09T03:51:07.626764shield sshd\[7202\]: Failed password for invalid user ishii from 162.248.52.82 port 46796 ssh2 2020-06-09T03:54:22.051002shield sshd\[8356\]: Invalid user ao from 162.248.52.82 port 49458 2020-06-09T03:54:22.054680shield sshd\[8356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.248.52.82	2020-06-09 14:50:17
190.193.39.63	attackspam	Jun 9 05:07:31 h2646465 sshd[14697]: Invalid user zhengye from 190.193.39.63 Jun 9 05:07:31 h2646465 sshd[14697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.193.39.63 Jun 9 05:07:31 h2646465 sshd[14697]: Invalid user zhengye from 190.193.39.63 Jun 9 05:07:34 h2646465 sshd[14697]: Failed password for invalid user zhengye from 190.193.39.63 port 59742 ssh2 Jun 9 05:50:21 h2646465 sshd[17667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.193.39.63 user=root Jun 9 05:50:23 h2646465 sshd[17667]: Failed password for root from 190.193.39.63 port 35674 ssh2 Jun 9 05:54:39 h2646465 sshd[17824]: Invalid user redadmin from 190.193.39.63 Jun 9 05:54:39 h2646465 sshd[17824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.193.39.63 Jun 9 05:54:39 h2646465 sshd[17824]: Invalid user redadmin from 190.193.39.63 Jun 9 05:54:40 h2646465 sshd[17824]: Failed password for invalid u	2020-06-09 14:35:55
78.128.113.106	attack	Jun 9 07:55:57 web01.agentur-b-2.de postfix/smtps/smtpd[113733]: lost connection after CONNECT from unknown[78.128.113.106] Jun 9 07:56:06 web01.agentur-b-2.de postfix/smtps/smtpd[113744]: warning: unknown[78.128.113.106]: SASL PLAIN authentication failed: Jun 9 07:56:07 web01.agentur-b-2.de postfix/smtps/smtpd[113744]: lost connection after AUTH from unknown[78.128.113.106] Jun 9 07:56:17 web01.agentur-b-2.de postfix/smtps/smtpd[113733]: lost connection after CONNECT from unknown[78.128.113.106] Jun 9 07:56:22 web01.agentur-b-2.de postfix/smtps/smtpd[113744]: lost connection after CONNECT from unknown[78.128.113.106]	2020-06-09 14:38:31
222.186.175.154	attackbotsspam	2020-06-09T08:48:30.342503vps751288.ovh.net sshd\[11513\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root 2020-06-09T08:48:31.878481vps751288.ovh.net sshd\[11513\]: Failed password for root from 222.186.175.154 port 18626 ssh2 2020-06-09T08:48:36.318422vps751288.ovh.net sshd\[11513\]: Failed password for root from 222.186.175.154 port 18626 ssh2 2020-06-09T08:48:40.402306vps751288.ovh.net sshd\[11513\]: Failed password for root from 222.186.175.154 port 18626 ssh2 2020-06-09T08:48:44.189747vps751288.ovh.net sshd\[11513\]: Failed password for root from 222.186.175.154 port 18626 ssh2	2020-06-09 14:54:03
180.71.47.198	attack	Jun 8 19:32:31 eddieflores sshd\[6866\]: Invalid user admin from 180.71.47.198 Jun 8 19:32:31 eddieflores sshd\[6866\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.71.47.198 Jun 8 19:32:33 eddieflores sshd\[6866\]: Failed password for invalid user admin from 180.71.47.198 port 53286 ssh2 Jun 8 19:36:16 eddieflores sshd\[7173\]: Invalid user git from 180.71.47.198 Jun 8 19:36:16 eddieflores sshd\[7173\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.71.47.198	2020-06-09 14:59:56
130.61.217.222	attackbotsspam	Jun 9 06:41:47 ws26vmsma01 sshd[176812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.217.222 Jun 9 06:41:48 ws26vmsma01 sshd[176812]: Failed password for invalid user terry from 130.61.217.222 port 33738 ssh2 ...	2020-06-09 14:57:00
142.93.202.159	attack	Port Scan detected from 142.93.202.159 (US/United States/New Jersey/North Bergen/-). 4 hits in the last 121 seconds	2020-06-09 14:17:45
128.199.103.239	attack	2020-06-09T07:57:57.490582 sshd[22235]: Invalid user ye from 128.199.103.239 port 39232 2020-06-09T07:57:57.506314 sshd[22235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.103.239 2020-06-09T07:57:57.490582 sshd[22235]: Invalid user ye from 128.199.103.239 port 39232 2020-06-09T07:57:59.664738 sshd[22235]: Failed password for invalid user ye from 128.199.103.239 port 39232 ssh2 ...	2020-06-09 14:42:32
37.49.226.157	attackbotsspam	TCP (SYN) 37.49.226.157:54520 -> port 22, len 48	2020-06-09 14:39:39
77.45.85.101	attackbots	Distributed brute force attack	2020-06-09 14:23:09
211.39.149.53	attackspambots	Jun 9 05:45:16 ns382633 sshd\[18552\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.39.149.53 user=root Jun 9 05:45:18 ns382633 sshd\[18552\]: Failed password for root from 211.39.149.53 port 35552 ssh2 Jun 9 05:54:30 ns382633 sshd\[19837\]: Invalid user wangxiaoli from 211.39.149.53 port 55748 Jun 9 05:54:30 ns382633 sshd\[19837\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.39.149.53 Jun 9 05:54:33 ns382633 sshd\[19837\]: Failed password for invalid user wangxiaoli from 211.39.149.53 port 55748 ssh2	2020-06-09 14:38:59
134.209.185.162	attack	" "	2020-06-09 14:29:49

最近上报的IP列表

80.103.90.92	71.174.108.66	244.221.142.81	54.222.35.33
231.111.220.122	108.246.101.213	107.86.68.170	25.83.207.145
157.176.199.44	40.43.116.113	157.59.62.41	97.236.167.185
192.146.231.106	187.245.137.220	177.182.134.145	125.118.103.59
111.229.215.184	202.7.222.72	106.54.220.54	215.176.100.27