46.101.142.99 - IPInfo

基本信息:

城市(city): Frankfurt am Main

省份(region): Hesse

国家(country): Germany

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Oct 1 02:49:46 server sshd\[18236\]: Invalid user test from 46.101.142.99 port 60340 Oct 1 02:49:46 server sshd\[18236\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99 Oct 1 02:49:49 server sshd\[18236\]: Failed password for invalid user test from 46.101.142.99 port 60340 ssh2 Oct 1 02:54:37 server sshd\[16890\]: Invalid user a4abroad from 46.101.142.99 port 53296 Oct 1 02:54:37 server sshd\[16890\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99	2019-10-01 08:20:05
attackspambots	Sep 29 18:25:09 plusreed sshd[28778]: Invalid user ic from 46.101.142.99 ...	2019-09-30 06:32:40
attackbots	Sep 29 07:00:02 www sshd\[48631\]: Failed password for root from 46.101.142.99 port 40994 ssh2Sep 29 07:04:49 www sshd\[48882\]: Invalid user influxdb from 46.101.142.99Sep 29 07:04:51 www sshd\[48882\]: Failed password for invalid user influxdb from 46.101.142.99 port 51952 ssh2 ...	2019-09-29 12:14:15
attackspambots	Sep 22 05:01:21 localhost sshd\[130290\]: Invalid user indigo from 46.101.142.99 port 43602 Sep 22 05:01:21 localhost sshd\[130290\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99 Sep 22 05:01:23 localhost sshd\[130290\]: Failed password for invalid user indigo from 46.101.142.99 port 43602 ssh2 Sep 22 05:06:29 localhost sshd\[130430\]: Invalid user alex from 46.101.142.99 port 38900 Sep 22 05:06:29 localhost sshd\[130430\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99 ...	2019-09-22 13:07:03
attackspam	Sep 20 01:42:24 rpi sshd[19927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99 Sep 20 01:42:26 rpi sshd[19927]: Failed password for invalid user elizabeth from 46.101.142.99 port 57382 ssh2	2019-09-20 08:01:09
attack	Sep 16 15:47:12 markkoudstaal sshd[26251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99 Sep 16 15:47:14 markkoudstaal sshd[26251]: Failed password for invalid user stack from 46.101.142.99 port 35368 ssh2 Sep 16 15:52:36 markkoudstaal sshd[26815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99	2019-09-16 21:54:34
attack	Sep 16 05:29:37 hcbbdb sshd\[6268\]: Invalid user postgresql from 46.101.142.99 Sep 16 05:29:37 hcbbdb sshd\[6268\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99 Sep 16 05:29:39 hcbbdb sshd\[6268\]: Failed password for invalid user postgresql from 46.101.142.99 port 59854 ssh2 Sep 16 05:36:45 hcbbdb sshd\[7069\]: Invalid user admin from 46.101.142.99 Sep 16 05:36:45 hcbbdb sshd\[7069\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99	2019-09-16 13:57:05
attackbots	ssh failed login	2019-09-14 04:58:29
attack	Sep 13 01:30:57 meumeu sshd[8360]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99 Sep 13 01:30:59 meumeu sshd[8360]: Failed password for invalid user oracle from 46.101.142.99 port 60268 ssh2 Sep 13 01:38:55 meumeu sshd[9237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99 ...	2019-09-13 07:50:09
attackspambots	Sep 11 01:23:56 php1 sshd\[24094\]: Invalid user student from 46.101.142.99 Sep 11 01:23:56 php1 sshd\[24094\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99 Sep 11 01:23:58 php1 sshd\[24094\]: Failed password for invalid user student from 46.101.142.99 port 47466 ssh2 Sep 11 01:24:49 php1 sshd\[24217\]: Invalid user nagios from 46.101.142.99 Sep 11 01:24:49 php1 sshd\[24217\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99	2019-09-11 19:33:05
attackspam	$f2bV_matches	2019-09-08 12:35:30
attack	Sep 7 01:35:05 php2 sshd\[23918\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99 user=mysql Sep 7 01:35:08 php2 sshd\[23918\]: Failed password for mysql from 46.101.142.99 port 36058 ssh2 Sep 7 01:39:07 php2 sshd\[24386\]: Invalid user tom from 46.101.142.99 Sep 7 01:39:07 php2 sshd\[24386\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99 Sep 7 01:39:08 php2 sshd\[24386\]: Failed password for invalid user tom from 46.101.142.99 port 50744 ssh2	2019-09-07 19:40:08
attack	Sep 5 17:57:44 php1 sshd\[12343\]: Invalid user test from 46.101.142.99 Sep 5 17:57:44 php1 sshd\[12343\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99 Sep 5 17:57:46 php1 sshd\[12343\]: Failed password for invalid user test from 46.101.142.99 port 46062 ssh2 Sep 5 18:03:34 php1 sshd\[12912\]: Invalid user oracle from 46.101.142.99 Sep 5 18:03:34 php1 sshd\[12912\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99	2019-09-06 12:08:02
attackbotsspam	Aug 31 20:42:13 xtremcommunity sshd\[3422\]: Invalid user ubuntu from 46.101.142.99 port 48226 Aug 31 20:42:13 xtremcommunity sshd\[3422\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99 Aug 31 20:42:15 xtremcommunity sshd\[3422\]: Failed password for invalid user ubuntu from 46.101.142.99 port 48226 ssh2 Aug 31 20:51:24 xtremcommunity sshd\[3698\]: Invalid user nagios from 46.101.142.99 port 44278 Aug 31 20:51:24 xtremcommunity sshd\[3698\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99 ...	2019-09-01 08:56:16
attack	Jul 7 02:14:25 server01 sshd\[4719\]: Invalid user maria from 46.101.142.99 Jul 7 02:14:25 server01 sshd\[4719\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.99 Jul 7 02:14:27 server01 sshd\[4719\]: Failed password for invalid user maria from 46.101.142.99 port 37214 ssh2 ...	2019-07-07 07:57:21

相同子网IP讨论:

IP	类型	评论内容	时间
46.101.142.17	attackbots	Oct 9 08:04:18 rb06 sshd[5227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.17 user=r.r Oct 9 08:04:19 rb06 sshd[5227]: Failed password for r.r from 46.101.142.17 port 39902 ssh2 Oct 9 08:04:19 rb06 sshd[5227]: Received disconnect from 46.101.142.17: 11: Bye Bye [preauth] Oct 9 08:23:57 rb06 sshd[15483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.17 user=r.r Oct 9 08:24:00 rb06 sshd[15483]: Failed password for r.r from 46.101.142.17 port 54320 ssh2 Oct 9 08:24:00 rb06 sshd[15483]: Received disconnect from 46.101.142.17: 11: Bye Bye [preauth] Oct 9 08:27:37 rb06 sshd[15809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.17 user=r.r Oct 9 08:27:39 rb06 sshd[15809]: Failed password for r.r from 46.101.142.17 port 39172 ssh2 Oct 9 08:27:39 rb06 sshd[15809]: Received disconnect from 46.101.142.17: 11: ........ -------------------------------	2019-10-14 02:15:36
46.101.142.17	attackbots	Oct 9 08:04:18 rb06 sshd[5227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.17 user=r.r Oct 9 08:04:19 rb06 sshd[5227]: Failed password for r.r from 46.101.142.17 port 39902 ssh2 Oct 9 08:04:19 rb06 sshd[5227]: Received disconnect from 46.101.142.17: 11: Bye Bye [preauth] Oct 9 08:23:57 rb06 sshd[15483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.17 user=r.r Oct 9 08:24:00 rb06 sshd[15483]: Failed password for r.r from 46.101.142.17 port 54320 ssh2 Oct 9 08:24:00 rb06 sshd[15483]: Received disconnect from 46.101.142.17: 11: Bye Bye [preauth] Oct 9 08:27:37 rb06 sshd[15809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.17 user=r.r Oct 9 08:27:39 rb06 sshd[15809]: Failed password for r.r from 46.101.142.17 port 39172 ssh2 Oct 9 08:27:39 rb06 sshd[15809]: Received disconnect from 46.101.142.17: 11: ........ -------------------------------	2019-10-13 02:56:43
46.101.142.17	attackspam	Oct 9 08:04:18 rb06 sshd[5227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.17 user=r.r Oct 9 08:04:19 rb06 sshd[5227]: Failed password for r.r from 46.101.142.17 port 39902 ssh2 Oct 9 08:04:19 rb06 sshd[5227]: Received disconnect from 46.101.142.17: 11: Bye Bye [preauth] Oct 9 08:23:57 rb06 sshd[15483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.17 user=r.r Oct 9 08:24:00 rb06 sshd[15483]: Failed password for r.r from 46.101.142.17 port 54320 ssh2 Oct 9 08:24:00 rb06 sshd[15483]: Received disconnect from 46.101.142.17: 11: Bye Bye [preauth] Oct 9 08:27:37 rb06 sshd[15809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.17 user=r.r Oct 9 08:27:39 rb06 sshd[15809]: Failed password for r.r from 46.101.142.17 port 39172 ssh2 Oct 9 08:27:39 rb06 sshd[15809]: Received disconnect from 46.101.142.17: 11: ........ -------------------------------	2019-10-11 23:21:18
46.101.142.17	attack	Oct 10 17:31:04 localhost sshd\[2097\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.17 user=root Oct 10 17:31:06 localhost sshd\[2097\]: Failed password for root from 46.101.142.17 port 57866 ssh2 Oct 10 17:40:06 localhost sshd\[2267\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.142.17 user=root ...	2019-10-11 03:41:22
46.101.142.238	attack	WordPress (CMS) attack attempts. Date: 2019 Jul 30. 23:17:54 Source IP: 46.101.142.238 Portion of the log(s): 46.101.142.238 - [30/Jul/2019:23:17:53 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 46.101.142.238 - [30/Jul/2019:23:17:53 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 46.101.142.238 - [30/Jul/2019:23:17:53 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 46.101.142.238 - [30/Jul/2019:23:17:53 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 46.101.142.238 - [30/Jul/2019:23:17:53 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-31 07:31:53
46.101.142.238	attack	C1,DEF GET /wp-login.php	2019-07-23 19:51:56
46.101.142.238	attackbots	Automatic report - Banned IP Access	2019-07-22 17:19:44
46.101.142.238	attackspam	Automatic report - Web App Attack	2019-07-05 23:05:45

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 46.101.142.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34287
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;46.101.142.99.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040100 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 01 23:12:09 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 99.142.101.46.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 99.142.101.46.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
118.24.9.152	attack	Ssh brute force	2020-03-02 08:24:21
190.224.126.6	attackbots	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:40:00
192.241.209.238	attackspambots	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:27:47
190.75.16.191	attackbots	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:46:30
192.241.210.245	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:26:12
192.3.34.26	attack	03/01/2020-19:30:09.745099 192.3.34.26 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-03-02 08:37:46
192.3.204.74	attack	03/01/2020-18:45:37.510388 192.3.204.74 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-03-02 08:36:36
192.241.210.136	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:26:56
192.144.226.115	attackspam	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:35:06
190.54.116.42	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:47:59
192.241.206.35	attackspam	Unauthorized connection attempt detected from IP address 192.241.206.35 to port 465 [J]	2020-03-02 08:30:44
192.210.198.178	attackbots	03/01/2020-19:05:40.000536 192.210.198.178 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-03-02 08:33:48
192.3.183.130	attack	Multiport scan : 43 ports scanned 224 259 402 465 754 808 911 999 1004 1036 1761 2004 2017 2082 2370 4418 4492 4493 4494 4500 4550 5005 5554 6112 7005 7831 8002 8294 8443 8877 9900 9988 14004 22666 23389 30900 33921 43000 50005 51000 55444 55555 56789	2020-03-02 08:37:01
190.204.196.128	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2020-03-02 08:41:39
192.241.216.81	attackspam	26/tcp [2020-03-01]1pkt	2020-03-02 08:20:06

最近上报的IP列表

52.23.243.82	40.73.1.172	24.227.36.74	193.201.224.206
52.28.21.116	194.152.206.93	52.8.60.118	121.12.151.250
146.88.35.191	50.241.142.221	71.84.40.123	148.72.23.24
143.0.87.177	209.97.161.46	54.37.129.55	192.99.216.184
117.50.45.122	80.55.131.14	95.160.17.142	115.79.140.146