142.93.51.201 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Mar 22 05:45:19 lvps5-35-247-183 sshd[25957]: Invalid user fake from 142.93.51.201 Mar 22 05:45:19 lvps5-35-247-183 sshd[25957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.51.201 Mar 22 05:45:21 lvps5-35-247-183 sshd[25957]: Failed password for invalid user fake from 142.93.51.201 port 46316 ssh2 Mar 22 05:45:21 lvps5-35-247-183 sshd[25957]: Received disconnect from 142.93.51.201: 11: Bye Bye [preauth] Mar 22 05:45:22 lvps5-35-247-183 sshd[25959]: Invalid user admin from 142.93.51.201 Mar 22 05:45:22 lvps5-35-247-183 sshd[25959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.51.201 Mar 22 05:45:24 lvps5-35-247-183 sshd[25959]: Failed password for invalid user admin from 142.93.51.201 port 52730 ssh2 Mar 22 05:45:24 lvps5-35-247-183 sshd[25959]: Received disconnect from 142.93.51.201: 11: Bye Bye [preauth] Mar 22 05:45:25 lvps5-35-247-183 sshd[25961]: pam_unix(sshd:auth........ -------------------------------	2020-03-22 19:31:28

类型

评论内容

时间

attack

Mar 22 05:45:19 lvps5-35-247-183 sshd[25957]: Invalid user fake from 142.93.51.201
Mar 22 05:45:19 lvps5-35-247-183 sshd[25957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.51.201 
Mar 22 05:45:21 lvps5-35-247-183 sshd[25957]: Failed password for invalid user fake from 142.93.51.201 port 46316 ssh2
Mar 22 05:45:21 lvps5-35-247-183 sshd[25957]: Received disconnect from 142.93.51.201: 11: Bye Bye [preauth]
Mar 22 05:45:22 lvps5-35-247-183 sshd[25959]: Invalid user admin from 142.93.51.201
Mar 22 05:45:22 lvps5-35-247-183 sshd[25959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.51.201 
Mar 22 05:45:24 lvps5-35-247-183 sshd[25959]: Failed password for invalid user admin from 142.93.51.201 port 52730 ssh2
Mar 22 05:45:24 lvps5-35-247-183 sshd[25959]: Received disconnect from 142.93.51.201: 11: Bye Bye [preauth]
Mar 22 05:45:25 lvps5-35-247-183 sshd[25961]: pam_unix(sshd:auth........
-------------------------------

2020-03-22 19:31:28

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.51.33	attackspam	Feb 25 12:00:05 vps sshd\[27885\]: Invalid user root1 from 142.93.51.33 Feb 25 12:00:08 vps sshd\[27901\]: Invalid user root2 from 142.93.51.33 ...	2020-02-25 19:01:35
142.93.51.33	attack	20 attempts against mh-ssh on cell	2020-02-25 05:39:15

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.51.201
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62625
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.51.201.			IN	A

;; AUTHORITY SECTION:
.			476	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032200 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 22 19:31:18 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 201.51.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 201.51.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
201.249.59.205	attackspam	Nov 21 21:48:36 webhost01 sshd[1730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.249.59.205 Nov 21 21:48:38 webhost01 sshd[1730]: Failed password for invalid user camil from 201.249.59.205 port 41145 ssh2 ...	2019-11-22 05:27:00
152.136.106.94	attackbotsspam	Nov 20 14:03:43 host sshd[14025]: Invalid user k from 152.136.106.94 port 43430 Nov 20 14:03:43 host sshd[14025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.106.94 Nov 20 14:03:46 host sshd[14025]: Failed password for invalid user k from 152.136.106.94 port 43430 ssh2 Nov 20 14:03:46 host sshd[14025]: Received disconnect from 152.136.106.94 port 43430:11: Bye Bye [preauth] Nov 20 14:03:46 host sshd[14025]: Disconnected from invalid user k 152.136.106.94 port 43430 [preauth] Nov 20 14:26:14 host sshd[18020]: Received disconnect from 152.136.106.94 port 43104:11: Bye Bye [preauth] Nov 20 14:26:14 host sshd[18020]: Disconnected from 152.136.106.94 port 43104 [preauth] Nov 20 14:31:18 host sshd[19205]: Invalid user openstack from 152.136.106.94 port 45698 Nov 20 14:31:18 host sshd[19205]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.106.94 Nov 20 14:31:21 host sshd[19205]........ -------------------------------	2019-11-22 05:44:48
167.99.182.30	attackspam	php WP PHPmyadamin ABUSE blocked for 12h	2019-11-22 05:36:33
114.216.203.240	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-22 05:44:26
35.211.103.155	attackspam	35.211.103.155 - - \[21/Nov/2019:16:33:19 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 35.211.103.155 - - \[21/Nov/2019:16:33:19 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-11-22 05:26:12
201.211.210.196	attackbotsspam	" "	2019-11-22 05:43:43
115.179.74.248	attackspam	Nov 20 18:42:03 our-server-hostname postfix/smtpd[5708]: connect from unknown[115.179.74.248] Nov x@x Nov 20 18:42:04 our-server-hostname postfix/smtpd[5708]: lost connection after DATA from unknown[115.179.74.248] Nov 20 18:42:04 our-server-hostname postfix/smtpd[5708]: disconnect from unknown[115.179.74.248] Nov 20 18:43:08 our-server-hostname postfix/smtpd[5244]: connect from unknown[115.179.74.248] Nov x@x Nov 20 18:43:09 our-server-hostname postfix/smtpd[5244]: lost connection after DATA from unknown[115.179.74.248] Nov 20 18:43:09 our-server-hostname postfix/smtpd[5244]: disconnect from unknown[115.179.74.248] Nov 20 19:04:10 our-server-hostname postfix/smtpd[20853]: connect from unknown[115.179.74.248] Nov x@x Nov 20 19:04:11 our-server-hostname postfix/smtpd[20853]: lost connection after DATA from unknown[115.179.74.248] Nov 20 19:04:11 our-server-hostname postfix/smtpd[20853]: disconnect from unknown[115.179.74.248] Nov 20 19:04:30 our-server-hostname postfix/s........ -------------------------------	2019-11-22 05:11:22
220.130.10.13	attack	Nov 21 21:09:45 heissa sshd\[2735\]: Invalid user rx from 220.130.10.13 port 51798 Nov 21 21:09:45 heissa sshd\[2735\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220-130-10-13.hinet-ip.hinet.net Nov 21 21:09:47 heissa sshd\[2735\]: Failed password for invalid user rx from 220.130.10.13 port 51798 ssh2 Nov 21 21:13:37 heissa sshd\[3420\]: Invalid user glivings from 220.130.10.13 port 59306 Nov 21 21:13:37 heissa sshd\[3420\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220-130-10-13.hinet-ip.hinet.net	2019-11-22 05:38:15
114.80.116.184	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-22 05:15:11
115.124.86.106	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-22 05:14:13
180.68.177.15	attack	Nov 21 07:42:17 vtv3 sshd[5043]: Failed password for root from 180.68.177.15 port 57716 ssh2 Nov 21 07:52:55 vtv3 sshd[9162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.68.177.15 Nov 21 07:52:57 vtv3 sshd[9162]: Failed password for invalid user lisa from 180.68.177.15 port 43528 ssh2 Nov 21 07:56:32 vtv3 sshd[10676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.68.177.15 Nov 21 08:07:13 vtv3 sshd[14698]: Failed password for root from 180.68.177.15 port 34494 ssh2 Nov 21 08:10:53 vtv3 sshd[16233]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.68.177.15 Nov 21 08:10:54 vtv3 sshd[16233]: Failed password for invalid user theis from 180.68.177.15 port 39106 ssh2 Nov 21 08:21:38 vtv3 sshd[20372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.68.177.15 Nov 21 08:21:40 vtv3 sshd[20372]: Failed password for invalid user mysql fro	2019-11-22 05:47:36
45.237.116.162	attackbotsspam	Automatic report - Port Scan Attack	2019-11-22 05:42:21
114.64.255.159	attackbots	Nov 19 04:28:19 ns4 sshd[18403]: Invalid user stensaker from 114.64.255.159 Nov 19 04:28:19 ns4 sshd[18403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.64.255.159 Nov 19 04:28:20 ns4 sshd[18403]: Failed password for invalid user stensaker from 114.64.255.159 port 51128 ssh2 Nov 19 04:46:13 ns4 sshd[20921]: Invalid user named from 114.64.255.159 Nov 19 04:46:13 ns4 sshd[20921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.64.255.159 Nov 19 04:46:15 ns4 sshd[20921]: Failed password for invalid user named from 114.64.255.159 port 40694 ssh2 Nov 19 04:52:12 ns4 sshd[21737]: Invalid user zebra1 from 114.64.255.159 Nov 19 04:52:12 ns4 sshd[21737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.64.255.159 Nov 19 04:52:14 ns4 sshd[21737]: Failed password for invalid user zebra1 from 114.64.255.159 port 48426 ssh2 ........ ----------------------------------------------- http	2019-11-22 05:19:54
62.234.124.104	attackspam	Nov 21 15:08:16 * sshd[6911]: Failed password for invalid user fiske from 62.234.124.104 port 45960 ssh2 Nov 21 15:11:35 * sshd[7001]: Failed password for invalid user silvey from 62.234.124.104 port 49256 ssh2 Nov 21 15:15:41 * sshd[7031]: Failed password for invalid user billah from 62.234.124.104 port 52546 ssh2 Nov 21 15:19:06 * sshd[7062]: Failed password for invalid user admin from 62.234.124.104 port 55838 ssh2 Nov 21 15:25:53 * sshd[7204]: Failed password for invalid user test from 62.234.124.104 port 34174 ssh2 Nov 21 15:29:19 * sshd[7230]: Failed password for invalid user abcs from 62.234.124.104 port 37466 ssh2 Nov 21 15:36:16 * sshd[7350]: Failed password for invalid user barreyre from 62.234.124.104 port 44028 ssh2 Nov 21 15:39:41 * sshd[7441]: Failed password for invalid user doyen from 62.234.124.104 port 47324 ssh2 Nov 21 15:53:39 * sshd[7640]: Failed password for invalid user webmaster from 62.234.124.104 port 60442 ssh2 Nov 21 15:57:10 * sshd[7666]: Failed password for in	2019-11-22 05:41:47
182.61.187.39	attackspambots	Nov 21 21:22:56 vmanager6029 sshd\[31863\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.187.39 user=ftp Nov 21 21:22:58 vmanager6029 sshd\[31863\]: Failed password for ftp from 182.61.187.39 port 44893 ssh2 Nov 21 21:26:42 vmanager6029 sshd\[31921\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.187.39 user=root	2019-11-22 05:15:37

最近上报的IP列表

86.123.79.1	114.191.216.72	110.24.35.96	254.196.184.38
191.146.252.12	214.24.221.113	182.127.237.192	238.161.37.195
156.249.215.86	95.198.200.237	153.225.225.62	23.180.126.78
157.85.87.85	69.26.115.13	104.116.238.167	131.160.86.246
25.84.204.251	68.220.159.232	186.154.224.8	129.16.185.46