42.159.92.93 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai Blue Cloud Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jun 4 03:11:45 dns1 sshd[31706]: Failed password for root from 42.159.92.93 port 56014 ssh2 Jun 4 03:14:58 dns1 sshd[31869]: Failed password for root from 42.159.92.93 port 46274 ssh2	2020-06-04 20:04:56
attack	Jun 2 15:36:45 vps647732 sshd[30013]: Failed password for root from 42.159.92.93 port 46236 ssh2 ...	2020-06-03 02:57:50
attack	May 31 23:06:52 piServer sshd[17617]: Failed password for root from 42.159.92.93 port 38398 ssh2 May 31 23:09:05 piServer sshd[17784]: Failed password for root from 42.159.92.93 port 40550 ssh2 ...	2020-06-01 06:43:48
attackbotsspam	Invalid user oracle from 42.159.92.93 port 59522	2020-05-29 14:07:35
attackspambots	2020-05-13T12:27:54.094536abusebot-2.cloudsearch.cf sshd[5605]: Invalid user providencia from 42.159.92.93 port 41576 2020-05-13T12:27:54.103137abusebot-2.cloudsearch.cf sshd[5605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.92.93 2020-05-13T12:27:54.094536abusebot-2.cloudsearch.cf sshd[5605]: Invalid user providencia from 42.159.92.93 port 41576 2020-05-13T12:27:55.786440abusebot-2.cloudsearch.cf sshd[5605]: Failed password for invalid user providencia from 42.159.92.93 port 41576 ssh2 2020-05-13T12:35:11.391327abusebot-2.cloudsearch.cf sshd[5667]: Invalid user arkserver from 42.159.92.93 port 40616 2020-05-13T12:35:11.396652abusebot-2.cloudsearch.cf sshd[5667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.92.93 2020-05-13T12:35:11.391327abusebot-2.cloudsearch.cf sshd[5667]: Invalid user arkserver from 42.159.92.93 port 40616 2020-05-13T12:35:13.070072abusebot-2.cloudsearch.cf sshd[56 ...	2020-05-14 01:10:44
attackspam	Invalid user techuser from 42.159.92.93 port 36884	2020-04-19 13:44:06
attack	Apr 17 13:28:26 localhost sshd\[29064\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.92.93 user=root Apr 17 13:28:27 localhost sshd\[29064\]: Failed password for root from 42.159.92.93 port 40368 ssh2 Apr 17 13:33:00 localhost sshd\[29396\]: Invalid user sftpuser from 42.159.92.93 Apr 17 13:33:00 localhost sshd\[29396\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.92.93 Apr 17 13:33:02 localhost sshd\[29396\]: Failed password for invalid user sftpuser from 42.159.92.93 port 45650 ssh2 ...	2020-04-17 19:33:33
attackbotsspam	Mar 26 11:00:53 NPSTNNYC01T sshd[29953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.92.93 Mar 26 11:00:56 NPSTNNYC01T sshd[29953]: Failed password for invalid user butthead from 42.159.92.93 port 48182 ssh2 Mar 26 11:03:15 NPSTNNYC01T sshd[30143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.92.93 ...	2020-03-26 23:30:26
attackspambots	Mar 22 04:54:17 nextcloud sshd\[30791\]: Invalid user robert from 42.159.92.93 Mar 22 04:54:17 nextcloud sshd\[30791\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.92.93 Mar 22 04:54:19 nextcloud sshd\[30791\]: Failed password for invalid user robert from 42.159.92.93 port 57482 ssh2	2020-03-22 15:31:56
attackspambots	Mar 8 12:01:47 hosting sshd[13584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.92.93 user=root Mar 8 12:01:49 hosting sshd[13584]: Failed password for root from 42.159.92.93 port 43768 ssh2 Mar 8 12:18:34 hosting sshd[14999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.92.93 user=root Mar 8 12:18:36 hosting sshd[14999]: Failed password for root from 42.159.92.93 port 50604 ssh2 ...	2020-03-08 17:33:37
attack	Feb 20 13:47:13 auw2 sshd\[5665\]: Invalid user sinusbot from 42.159.92.93 Feb 20 13:47:13 auw2 sshd\[5665\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.92.93 Feb 20 13:47:15 auw2 sshd\[5665\]: Failed password for invalid user sinusbot from 42.159.92.93 port 49816 ssh2 Feb 20 13:52:12 auw2 sshd\[6085\]: Invalid user zhugf from 42.159.92.93 Feb 20 13:52:12 auw2 sshd\[6085\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.92.93	2020-02-21 08:21:09
attackspam	Feb 20 01:56:14 vps46666688 sshd[6322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.92.93 Feb 20 01:56:16 vps46666688 sshd[6322]: Failed password for invalid user at from 42.159.92.93 port 36038 ssh2 ...	2020-02-20 13:54:06
attackspambots	Feb 11 21:32:22 mockhub sshd[613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.92.93 Feb 11 21:32:23 mockhub sshd[613]: Failed password for invalid user sicily from 42.159.92.93 port 60336 ssh2 ...	2020-02-12 19:07:35

相同子网IP讨论:

IP	类型	评论内容	时间
42.159.92.147	attack	Sep 21 04:08:18 xtremcommunity sshd\[311665\]: Invalid user pi from 42.159.92.147 port 53334 Sep 21 04:08:18 xtremcommunity sshd\[311665\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.92.147 Sep 21 04:08:20 xtremcommunity sshd\[311665\]: Failed password for invalid user pi from 42.159.92.147 port 53334 ssh2 Sep 21 04:11:40 xtremcommunity sshd\[311781\]: Invalid user tom from 42.159.92.147 port 51392 Sep 21 04:11:40 xtremcommunity sshd\[311781\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.92.147 ...	2019-09-21 20:50:18
42.159.92.147	attackspam	2019-09-14T11:14:35.693859abusebot-2.cloudsearch.cf sshd\[13003\]: Invalid user nexthink from 42.159.92.147 port 53496	2019-09-14 19:26:55
42.159.92.147	attack	2019-09-11T13:38:18.180074abusebot-4.cloudsearch.cf sshd\[21784\]: Invalid user hadoop from 42.159.92.147 port 39960	2019-09-11 23:32:22
42.159.92.147	attackspambots	$f2bV_matches	2019-08-02 16:56:40

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.159.92.93
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53764
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.159.92.93.			IN	A

;; AUTHORITY SECTION:
.			126	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021200 1800 900 604800 86400

;; Query time: 39 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 12 19:07:28 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 93.92.159.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 93.92.159.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
190.96.131.204	attack	Honeypot attack, port: 445, PTR: 190-96-131-204.telebucaramanga.net.co.	2020-02-05 06:07:15
189.222.211.104	attackspambots	Honeypot attack, port: 445, PTR: 189.222.211.104.dsl.dyn.telnor.net.	2020-02-05 05:56:24
179.191.224.126	attackbotsspam	Feb 4 20:44:44 web8 sshd\[29495\]: Invalid user saniah from 179.191.224.126 Feb 4 20:44:44 web8 sshd\[29495\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.191.224.126 Feb 4 20:44:45 web8 sshd\[29495\]: Failed password for invalid user saniah from 179.191.224.126 port 51358 ssh2 Feb 4 20:47:54 web8 sshd\[31171\]: Invalid user rizky from 179.191.224.126 Feb 4 20:47:54 web8 sshd\[31171\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.191.224.126	2020-02-05 05:56:46
195.69.222.169	attackbots	Feb 4 11:22:07 auw2 sshd\[10388\]: Invalid user ident from 195.69.222.169 Feb 4 11:22:07 auw2 sshd\[10388\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.69.222.169 Feb 4 11:22:09 auw2 sshd\[10388\]: Failed password for invalid user ident from 195.69.222.169 port 34376 ssh2 Feb 4 11:25:22 auw2 sshd\[10695\]: Invalid user oracle9 from 195.69.222.169 Feb 4 11:25:22 auw2 sshd\[10695\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.69.222.169	2020-02-05 05:40:30
46.229.168.145	attackbots	Malicious Traffic/Form Submission	2020-02-05 05:54:40
103.141.46.154	attackbots	Feb 4 11:10:18 hpm sshd\[23568\]: Invalid user demo from 103.141.46.154 Feb 4 11:10:18 hpm sshd\[23568\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.141.46.154 Feb 4 11:10:20 hpm sshd\[23568\]: Failed password for invalid user demo from 103.141.46.154 port 38880 ssh2 Feb 4 11:17:35 hpm sshd\[24374\]: Invalid user admin from 103.141.46.154 Feb 4 11:17:35 hpm sshd\[24374\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.141.46.154	2020-02-05 05:23:26
104.131.190.193	attackbotsspam	Feb 4 21:09:34 icinga sshd[29666]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.190.193 Feb 4 21:09:36 icinga sshd[29666]: Failed password for invalid user docserver from 104.131.190.193 port 46478 ssh2 Feb 4 21:19:59 icinga sshd[40394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.190.193 ...	2020-02-05 05:47:04
123.10.128.228	attackbots	Unauthorized connection attempt detected from IP address 123.10.128.228 to port 8080 [J]	2020-02-05 06:08:59
203.147.81.117	attackspam	(imapd) Failed IMAP login from 203.147.81.117 (NC/New Caledonia/host-203-147-81-117.h34.canl.nc): 1 in the last 3600 secs	2020-02-05 05:50:57
185.220.100.255	attack	Unauthorized connection attempt detected from IP address 185.220.100.255 to port 443 [J]	2020-02-05 05:34:28
222.186.31.166	attackbots	Feb 4 22:41:49 dcd-gentoo sshd[27634]: User root from 222.186.31.166 not allowed because none of user's groups are listed in AllowGroups Feb 4 22:41:52 dcd-gentoo sshd[27634]: error: PAM: Authentication failure for illegal user root from 222.186.31.166 Feb 4 22:41:49 dcd-gentoo sshd[27634]: User root from 222.186.31.166 not allowed because none of user's groups are listed in AllowGroups Feb 4 22:41:52 dcd-gentoo sshd[27634]: error: PAM: Authentication failure for illegal user root from 222.186.31.166 Feb 4 22:41:49 dcd-gentoo sshd[27634]: User root from 222.186.31.166 not allowed because none of user's groups are listed in AllowGroups Feb 4 22:41:52 dcd-gentoo sshd[27634]: error: PAM: Authentication failure for illegal user root from 222.186.31.166 Feb 4 22:41:52 dcd-gentoo sshd[27634]: Failed keyboard-interactive/pam for invalid user root from 222.186.31.166 port 19167 ssh2 ...	2020-02-05 05:49:11
14.45.114.39	attackbots	Unauthorized connection attempt detected from IP address 14.45.114.39 to port 4567 [J]	2020-02-05 06:06:05
122.51.188.20	attack	Unauthorized connection attempt detected from IP address 122.51.188.20 to port 2220 [J]	2020-02-05 05:54:15
180.76.138.132	attackbotsspam	SSH invalid-user multiple login try	2020-02-05 05:42:54
129.211.10.228	attackbots	Feb 4 22:20:13 MK-Soft-Root2 sshd[16803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.10.228 Feb 4 22:20:15 MK-Soft-Root2 sshd[16803]: Failed password for invalid user wut from 129.211.10.228 port 30320 ssh2 ...	2020-02-05 06:03:17

最近上报的IP列表

210.66.64.136	96.125.162.70	106.197.195.189	20.255.186.16
137.211.81.178	85.255.8.100	183.102.82.85	45.50.222.46
1.238.238.220	54.121.23.90	128.186.7.142	117.196.18.32
59.127.17.3	49.206.27.215	123.24.41.108	189.212.117.15
201.131.177.8	81.171.26.136	59.126.149.233	31.133.97.24