80.152.147.93 - IPInfo

基本信息:

城市(city): Dortmund

省份(region): North Rhine-Westphalia

国家(country): Germany

运营商(isp): Telekom

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.152.147.93
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27417
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.152.147.93.			IN	A

;; AUTHORITY SECTION:
.			433	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050403 1800 900 604800 86400

;; Query time: 84 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue May 05 06:49:35 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

93.147.152.80.in-addr.arpa domain name pointer mail.gfsysteme.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
93.147.152.80.in-addr.arpa	name = mail.gfsysteme.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
136.232.208.146	attackbots	Feb 13 03:04:48 linuxrulz sshd[9872]: Did not receive identification string from 136.232.208.146 port 57966 Feb 13 03:05:32 linuxrulz sshd[9874]: Invalid user user1 from 136.232.208.146 port 57966 Feb 13 03:05:47 linuxrulz sshd[9874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=136.232.208.146 Feb 13 03:05:49 linuxrulz sshd[9874]: Failed password for invalid user user1 from 136.232.208.146 port 57966 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=136.232.208.146	2020-02-14 00:54:24
49.233.138.118	attackspambots	Feb 13 06:46:50 auw2 sshd\[30771\]: Invalid user sandin from 49.233.138.118 Feb 13 06:46:50 auw2 sshd\[30771\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.138.118 Feb 13 06:46:52 auw2 sshd\[30771\]: Failed password for invalid user sandin from 49.233.138.118 port 42922 ssh2 Feb 13 06:51:27 auw2 sshd\[31203\]: Invalid user cpsrvsid from 49.233.138.118 Feb 13 06:51:27 auw2 sshd\[31203\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.138.118	2020-02-14 00:51:54
111.248.60.46	attack	Mirai and Reaper Exploitation Traffic	2020-02-14 00:43:08
123.122.38.126	attackbotsspam	Lines containing failures of 123.122.38.126 Feb 13 08:20:35 siirappi sshd[5943]: Invalid user beheerder from 123.122.38.126 port 30131 Feb 13 08:20:35 siirappi sshd[5943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.122.38.126 Feb 13 08:20:37 siirappi sshd[5943]: Failed password for invalid user beheerder from 123.122.38.126 port 30131 ssh2 Feb 13 08:20:37 siirappi sshd[5943]: Received disconnect from 123.122.38.126 port 30131:11: Bye Bye [preauth] Feb 13 08:20:37 siirappi sshd[5943]: Disconnected from 123.122.38.126 port 30131 [preauth] Feb 13 09:24:21 siirappi sshd[6991]: Connection closed by 123.122.38.126 port 43892 [preauth] Feb 13 10:31:23 siirappi sshd[8435]: Invalid user mcserv from 123.122.38.126 port 63807 Feb 13 10:31:23 siirappi sshd[8435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.122.38.126 Feb 13 10:31:25 siirappi sshd[8435]: Failed password for invalid user m........ ------------------------------	2020-02-14 01:18:32
222.223.32.227	attackspambots	$lgm	2020-02-14 01:19:17
171.78.217.129	attackbotsspam	Lines containing failures of 171.78.217.129 Feb 13 10:34:20 shared12 sshd[1121]: Did not receive identification string from 171.78.217.129 port 63513 Feb 13 10:34:25 shared12 sshd[1122]: Invalid user support from 171.78.217.129 port 54670 Feb 13 10:34:25 shared12 sshd[1122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.78.217.129 Feb 13 10:34:27 shared12 sshd[1122]: Failed password for invalid user support from 171.78.217.129 port 54670 ssh2 Feb 13 10:34:28 shared12 sshd[1122]: Connection closed by invalid user support 171.78.217.129 port 54670 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=171.78.217.129	2020-02-14 00:49:25
171.239.24.124	attackspambots	Automatic report - Port Scan Attack	2020-02-14 00:53:59
27.72.47.220	attackspambots	Feb 13 10:31:04 nxxxxxxx sshd[24414]: refused connect from 27.72.47.220 (27.= 72.47.220) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=27.72.47.220	2020-02-14 00:35:42
178.128.220.8	attackspam	Automatic report - XMLRPC Attack	2020-02-14 00:55:23
177.189.244.193	attackspambots	Feb 13 14:40:20 srv-ubuntu-dev3 sshd[91627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.189.244.193 user=news Feb 13 14:40:22 srv-ubuntu-dev3 sshd[91627]: Failed password for news from 177.189.244.193 port 42853 ssh2 Feb 13 14:44:03 srv-ubuntu-dev3 sshd[91936]: Invalid user test from 177.189.244.193 Feb 13 14:44:03 srv-ubuntu-dev3 sshd[91936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.189.244.193 Feb 13 14:44:03 srv-ubuntu-dev3 sshd[91936]: Invalid user test from 177.189.244.193 Feb 13 14:44:06 srv-ubuntu-dev3 sshd[91936]: Failed password for invalid user test from 177.189.244.193 port 57065 ssh2 Feb 13 14:47:55 srv-ubuntu-dev3 sshd[92301]: Invalid user manager from 177.189.244.193 Feb 13 14:47:55 srv-ubuntu-dev3 sshd[92301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.189.244.193 Feb 13 14:47:55 srv-ubuntu-dev3 sshd[92301]: Invalid user ma ...	2020-02-14 01:12:50
222.186.175.23	attackspam	Feb 13 18:11:47 vmanager6029 sshd\[2797\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.23 user=root Feb 13 18:11:49 vmanager6029 sshd\[2797\]: Failed password for root from 222.186.175.23 port 58336 ssh2 Feb 13 18:11:51 vmanager6029 sshd\[2797\]: Failed password for root from 222.186.175.23 port 58336 ssh2	2020-02-14 01:12:11
43.240.125.195	attack	Feb 13 17:59:12 legacy sshd[1422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.240.125.195 Feb 13 17:59:14 legacy sshd[1422]: Failed password for invalid user bridget from 43.240.125.195 port 37462 ssh2 Feb 13 18:04:18 legacy sshd[1745]: Failed password for root from 43.240.125.195 port 33662 ssh2 ...	2020-02-14 01:16:36
111.93.156.74	attackbotsspam	Feb 13 17:58:40 MK-Soft-Root2 sshd[18356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.156.74 Feb 13 17:58:42 MK-Soft-Root2 sshd[18356]: Failed password for invalid user sandin from 111.93.156.74 port 37368 ssh2 ...	2020-02-14 01:02:49
141.8.132.9	attackspam	[Thu Feb 13 20:48:12.442472 2020] [:error] [pid 5260:tid 140369236838144] [client 141.8.132.9:42647] [client 141.8.132.9] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XkVTnDu2DnY6B6UC0cpgPQAAAU4"] ...	2020-02-14 00:51:14
181.41.101.134	attackbotsspam	1581601680 - 02/13/2020 14:48:00 Host: 181.41.101.134/181.41.101.134 Port: 445 TCP Blocked	2020-02-14 01:06:34

最近上报的IP列表

153.179.138.175	36.252.118.251	121.130.86.158	214.111.146.199
200.76.29.218	198.69.27.143	182.74.254.27	197.218.47.19
181.12.209.146	181.12.209.91	196.234.236.238	118.47.207.114
65.68.58.49	176.198.205.200	124.143.3.200	212.186.87.79
109.68.214.4	152.200.128.192	187.10.130.23	123.246.58.104