193.93.62.13 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Latvia

运营商(isp): SIA IT Services

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	TCP (SYN) 193.93.62.13:45636 -> port 3370, len 44	2020-08-15 03:48:08
attack	TCP (SYN) 193.93.62.13:45636 -> port 3395, len 44	2020-08-13 03:53:20
attack	Port Scan ...	2020-08-02 17:17:31
attackspam	trying to access non-authorized port	2020-08-01 15:04:27
attackbots	07/19/2020-03:55:24.697484 193.93.62.13 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-07-19 16:36:47

相同子网IP讨论:

IP	类型	评论内容	时间
193.93.62.130	attackbotsspam	RDP Bruteforce	2020-09-23 02:58:17
193.93.62.130	attackbotsspam	RDP Bruteforce	2020-09-22 19:06:48
193.93.62.130	attack	RDP brute force attack detected by fail2ban	2020-09-15 21:07:44
193.93.62.130	attackbotsspam	RDP Bruteforce	2020-09-15 13:05:14
193.93.62.130	attackspambots	RDP Bruteforce	2020-09-15 05:14:21
193.93.62.16	attackbotsspam	port scan and connect, tcp 5000 (upnp)	2020-09-12 03:28:36
193.93.62.16	attackspambots	port scan and connect, tcp 5000 (upnp)	2020-09-11 19:30:56
193.93.62.130	attackspambots	Icarus honeypot on github	2020-08-31 12:37:37
193.93.62.130	attack	RDP Brute-Force (honeypot 13)	2020-08-16 18:58:45
193.93.62.25	attackbots	Brute forcing RDP port 3389	2020-08-01 22:13:34
193.93.62.84	attackbots	RDP brute forcing (r)	2020-07-13 12:18:08
193.93.62.61	attackspambots	SmallBizIT.US 8 packets to tcp(4002,5090,8811,9090,9933,9955,10010,33390)	2020-07-04 00:48:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 193.93.62.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12594
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;193.93.62.13.			IN	A

;; AUTHORITY SECTION:
.			574	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071900 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jul 19 16:36:44 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 13.62.93.193.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 13.62.93.193.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
203.252.139.180	attackbots	Apr 19 14:21:53 sshd\[24752\]: Invalid user jw from 203.252.139.180Apr 19 14:21:55 sshd\[24752\]: Failed password for invalid user jw from 203.252.139.180 port 60998 ssh2 ...	2020-04-19 23:02:41
159.203.36.154	attackbotsspam	"fail2ban match"	2020-04-19 23:16:42
183.220.146.250	attack	Apr 19 12:02:18 *** sshd[12775]: User root from 183.220.146.250 not allowed because not listed in AllowUsers	2020-04-19 23:27:20
69.229.6.31	attack	Triggered by Fail2Ban at Ares web server	2020-04-19 22:58:29
62.234.190.206	attackspam	Apr 19 14:26:40 vps sshd[781892]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.190.206 Apr 19 14:26:42 vps sshd[781892]: Failed password for invalid user admin from 62.234.190.206 port 46204 ssh2 Apr 19 14:32:37 vps sshd[809524]: Invalid user admin2 from 62.234.190.206 port 53300 Apr 19 14:32:37 vps sshd[809524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.190.206 Apr 19 14:32:39 vps sshd[809524]: Failed password for invalid user admin2 from 62.234.190.206 port 53300 ssh2 ...	2020-04-19 23:11:43
68.183.239.46	attackbotsspam	Lines containing failures of 68.183.239.46 Apr 19 13:40:49 shared06 sshd[893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.239.46 user=r.r Apr 19 13:40:51 shared06 sshd[893]: Failed password for r.r from 68.183.239.46 port 59368 ssh2 Apr 19 13:40:51 shared06 sshd[893]: Received disconnect from 68.183.239.46 port 59368:11: Bye Bye [preauth] Apr 19 13:40:51 shared06 sshd[893]: Disconnected from authenticating user r.r 68.183.239.46 port 59368 [preauth] Apr 19 13:53:47 shared06 sshd[5783]: Invalid user postgres from 68.183.239.46 port 55290 Apr 19 13:53:47 shared06 sshd[5783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.239.46 Apr 19 13:53:48 shared06 sshd[5783]: Failed password for invalid user postgres from 68.183.239.46 port 55290 ssh2 Apr 19 13:53:49 shared06 sshd[5783]: Received disconnect from 68.183.239.46 port 55290:11: Bye Bye [preauth] Apr 19 13:53:49 shared06 ss........ ------------------------------	2020-04-19 23:35:38
77.40.2.144	attackbots	$f2bV_matches	2020-04-19 23:05:15
116.98.178.50	attackspambots	Unauthorized connection attempt from IP address 116.98.178.50 on Port 445(SMB)	2020-04-19 23:36:04
217.182.95.16	attackspambots	SSH brutforce	2020-04-19 22:59:08
116.105.215.232	attackspambots	$f2bV_matches	2020-04-19 22:55:36
170.210.83.116	attackbotsspam	2020-04-19T11:57:37.280954shield sshd\[9931\]: Invalid user wt from 170.210.83.116 port 55082 2020-04-19T11:57:37.284894shield sshd\[9931\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.210.83.116 2020-04-19T11:57:39.362612shield sshd\[9931\]: Failed password for invalid user wt from 170.210.83.116 port 55082 ssh2 2020-04-19T12:02:59.097635shield sshd\[10775\]: Invalid user admin from 170.210.83.116 port 45342 2020-04-19T12:02:59.101470shield sshd\[10775\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.210.83.116	2020-04-19 22:56:16
80.28.211.131	attack	Apr 19 15:22:42 ms-srv sshd[12447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.28.211.131 Apr 19 15:22:44 ms-srv sshd[12447]: Failed password for invalid user mt from 80.28.211.131 port 46300 ssh2	2020-04-19 23:12:37
46.229.168.141	attackbots	Malicious Traffic/Form Submission	2020-04-19 23:29:45
103.145.12.41	attackspam	[2020-04-19 11:26:17] NOTICE[1170] chan_sip.c: Registration from '"3003" ' failed for '103.145.12.41:6084' - Wrong password [2020-04-19 11:26:17] SECURITY[1184] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-04-19T11:26:17.682-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3003",SessionID="0x7f6c0817f3c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.41/6084",Challenge="49bb6d58",ReceivedChallenge="49bb6d58",ReceivedHash="83b93849226133b8849d583e6b2398ce" [2020-04-19 11:26:17] NOTICE[1170] chan_sip.c: Registration from '"3003" ' failed for '103.145.12.41:6084' - Wrong password [2020-04-19 11:26:17] SECURITY[1184] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-04-19T11:26:17.793-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3003",SessionID="0x7f6c08341c08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/10 ...	2020-04-19 23:33:22
101.91.200.186	attack	Apr 19 15:43:09 Ubuntu-1404-trusty-64-minimal sshd\[22033\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.91.200.186 user=root Apr 19 15:43:11 Ubuntu-1404-trusty-64-minimal sshd\[22033\]: Failed password for root from 101.91.200.186 port 54658 ssh2 Apr 19 15:52:55 Ubuntu-1404-trusty-64-minimal sshd\[28332\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.91.200.186 user=root Apr 19 15:52:57 Ubuntu-1404-trusty-64-minimal sshd\[28332\]: Failed password for root from 101.91.200.186 port 52252 ssh2 Apr 19 15:54:26 Ubuntu-1404-trusty-64-minimal sshd\[29100\]: Invalid user admin from 101.91.200.186	2020-04-19 23:14:42

最近上报的IP列表

103.1.176.6	195.154.63.222	3.21.159.50	79.212.91.51
103.18.79.58	35.92.38.54	235.194.62.178	193.233.154.91
197.53.132.248	109.236.51.206	73.33.50.0	212.102.33.73
105.234.166.30	95.216.19.204	185.200.34.80	15.69.76.83
79.150.31.131	143.92.32.114	188.166.157.39	111.199.175.122