80.93.126.30 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Ukraine

运营商(isp): EuroTransTelecom Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	unauthorized connection attempt	2020-02-07 18:42:29

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.93.126.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5045
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.93.126.30.			IN	A

;; AUTHORITY SECTION:
.			314	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020700 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 07 18:42:23 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

30.126.93.80.in-addr.arpa domain name pointer cibina-akim.ett.ua.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
30.126.93.80.in-addr.arpa	name = cibina-akim.ett.ua.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
179.180.204.122	attack	Automatic report - Port Scan Attack	2019-11-10 06:27:22
150.95.54.138	attackbots	150.95.54.138 - - \[09/Nov/2019:21:22:49 +0100\] "POST /wp-login.php HTTP/1.0" 200 4474 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 150.95.54.138 - - \[09/Nov/2019:21:22:53 +0100\] "POST /wp-login.php HTTP/1.0" 200 4287 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 150.95.54.138 - - \[09/Nov/2019:21:22:54 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-10 06:01:14
220.133.119.62	attackbotsspam	Automatic report - Port Scan Attack	2019-11-10 06:21:02
108.60.254.169	attackbotsspam	19/11/9@11:13:31: FAIL: IoT-Telnet address from=108.60.254.169 ...	2019-11-10 06:02:06
212.216.126.148	attackspambots	SSH-bruteforce attempts	2019-11-10 06:08:43
212.47.246.150	attackspambots	Nov 9 17:08:58 localhost sshd\[1549\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.47.246.150 user=root Nov 9 17:09:00 localhost sshd\[1549\]: Failed password for root from 212.47.246.150 port 37300 ssh2 Nov 9 17:12:44 localhost sshd\[1770\]: Invalid user temp1 from 212.47.246.150 Nov 9 17:12:44 localhost sshd\[1770\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.47.246.150 Nov 9 17:12:47 localhost sshd\[1770\]: Failed password for invalid user temp1 from 212.47.246.150 port 46702 ssh2 ...	2019-11-10 06:23:14
45.55.177.170	attackspambots	Nov 9 22:10:12 web8 sshd\[6716\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.177.170 user=root Nov 9 22:10:14 web8 sshd\[6716\]: Failed password for root from 45.55.177.170 port 39840 ssh2 Nov 9 22:13:44 web8 sshd\[8423\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.177.170 user=root Nov 9 22:13:47 web8 sshd\[8423\]: Failed password for root from 45.55.177.170 port 49898 ssh2 Nov 9 22:17:20 web8 sshd\[10498\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.177.170 user=root	2019-11-10 06:18:46
185.176.27.250	attackbotsspam	Nov 9 22:28:32 mc1 kernel: \[4621200.091254\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.250 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=64774 PROTO=TCP SPT=44060 DPT=3295 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 9 22:31:36 mc1 kernel: \[4621384.603080\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.250 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=58549 PROTO=TCP SPT=44060 DPT=3848 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 9 22:32:15 mc1 kernel: \[4621423.633303\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.250 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=45919 PROTO=TCP SPT=44060 DPT=3805 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-10 06:18:23
182.61.48.209	attackspam	2019-11-09T23:08:28.315368lon01.zurich-datacenter.net sshd\[23575\]: Invalid user galaxy123 from 182.61.48.209 port 40648 2019-11-09T23:08:28.321194lon01.zurich-datacenter.net sshd\[23575\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.48.209 2019-11-09T23:08:30.409513lon01.zurich-datacenter.net sshd\[23575\]: Failed password for invalid user galaxy123 from 182.61.48.209 port 40648 ssh2 2019-11-09T23:13:00.865748lon01.zurich-datacenter.net sshd\[23660\]: Invalid user password from 182.61.48.209 port 50020 2019-11-09T23:13:00.872353lon01.zurich-datacenter.net sshd\[23660\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.48.209 ...	2019-11-10 06:15:50
79.101.63.194	attack	Autoban 79.101.63.194 AUTH/CONNECT	2019-11-10 06:16:08
166.152.131.144	attack	Spam emails were sent from this SMTP server. Some of this kind of spam emails attempted to camouflage the SMTP servers with 27.85.176.228 (a KDDI's legitimate server). The URLs in the spam messages were such as : - http :// ds85e6a.xyz/asint/ura-ac02/prof.php?pid=1 (61.14.210.110) - http :// ds85e6a.xyz/asint/stop/ The spammer used the following domains for the email addresses in the sites.: - mlstp.0ch.biz (The domain "0ch.biz" used "ns01.kix.ad.jp" and "ns02" for the name servers. Its registrant was "MEDIAWARS CO.,Ltd.". Its registrar was "IDC Frontier Inc.".) - lover-amazing.com (Its registrar was "GMO Internet, Inc.".)	2019-11-10 06:26:41
94.23.215.90	attackspam	Automatic report - Banned IP Access	2019-11-10 05:55:11
104.206.128.10	attackbots	104.206.128.10 was recorded 5 times by 4 hosts attempting to connect to the following ports: 3306,5900,21,5432. Incident counter (4h, 24h, all-time): 5, 7, 39	2019-11-10 05:58:09
129.204.95.39	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/129.204.95.39/ CN - 1H : (125) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN45090 IP : 129.204.95.39 CIDR : 129.204.64.0/18 PREFIX COUNT : 1788 UNIQUE IP COUNT : 2600192 ATTACKS DETECTED ASN45090 : 1H - 1 3H - 1 6H - 1 12H - 2 24H - 4 DateTime : 2019-11-09 17:13:39 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-11-10 05:57:43
172.81.240.97	attackspam	Nov 10 03:49:03 itv-usvr-02 sshd[14144]: Invalid user barbara from 172.81.240.97 port 36854 Nov 10 03:49:03 itv-usvr-02 sshd[14144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.240.97 Nov 10 03:49:03 itv-usvr-02 sshd[14144]: Invalid user barbara from 172.81.240.97 port 36854 Nov 10 03:49:04 itv-usvr-02 sshd[14144]: Failed password for invalid user barbara from 172.81.240.97 port 36854 ssh2 Nov 10 03:52:20 itv-usvr-02 sshd[14165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.240.97 user=root Nov 10 03:52:22 itv-usvr-02 sshd[14165]: Failed password for root from 172.81.240.97 port 40124 ssh2	2019-11-10 06:21:51

最近上报的IP列表

124.123.104.251	121.231.215.225	114.38.3.162	86.108.10.118
1.168.123.130	218.27.216.253	189.63.146.84	180.125.115.173
177.180.163.120	177.158.101.161	176.205.113.196	175.212.31.238
173.163.40.86	113.22.24.70	112.206.181.91	92.81.201.16
87.228.41.118	87.139.143.191	82.142.167.186	76.172.36.187