93.180.14.13 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Russian Federation

运营商(isp): Federal State Educational Institution of Higher Professional Education M.V.Lomonosov Moscow State University

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): University/College/School

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	fail2ban	2019-09-06 08:23:17

相同子网IP讨论:

IP	类型	评论内容	时间
93.180.147.97	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/93.180.147.97/ BA - 1H : (1) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BA NAME ASN : ASN198252 IP : 93.180.147.97 CIDR : 93.180.144.0/21 PREFIX COUNT : 47 UNIQUE IP COUNT : 36096 WYKRYTE ATAKI Z ASN198252 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-14 21:56:09 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-10-15 06:06:47

类型

评论内容

时间

93.180.147.97

attackbotsspam

IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/93.180.147.97/ 
 BA - 1H : (1)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : BA 
 NAME ASN : ASN198252 
 
 IP : 93.180.147.97 
 
 CIDR : 93.180.144.0/21 
 
 PREFIX COUNT : 47 
 
 UNIQUE IP COUNT : 36096 
 
 
 WYKRYTE ATAKI Z ASN198252 :  
  1H - 1 
  3H - 1 
  6H - 1 
 12H - 1 
 24H - 1 
 
 DateTime : 2019-10-14 21:56:09 
 
 INFO :  HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN  - data recovery

2019-10-15 06:06:47

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 93.180.14.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37608
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;93.180.14.13.			IN	A

;; AUTHORITY SECTION:
.			2772	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090501 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Sep 06 08:23:12 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 13.14.180.93.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 13.14.180.93.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
92.222.136.169	attackspambots	Jan 4 16:17:16 h2177944 sshd\[5340\]: Failed password for invalid user methodis from 92.222.136.169 port 60672 ssh2 Jan 4 17:18:14 h2177944 sshd\[7572\]: Invalid user gedds from 92.222.136.169 port 42222 Jan 4 17:18:14 h2177944 sshd\[7572\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.136.169 Jan 4 17:18:16 h2177944 sshd\[7572\]: Failed password for invalid user gedds from 92.222.136.169 port 42222 ssh2 ...	2020-01-05 00:55:04
45.136.108.116	attackbotsspam	Jan 4 16:05:55 h2177944 kernel: \[1348943.474177\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.116 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=15354 PROTO=TCP SPT=57394 DPT=50105 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 4 16:21:04 h2177944 kernel: \[1349852.208495\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.116 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=40154 PROTO=TCP SPT=57394 DPT=2424 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 4 16:21:04 h2177944 kernel: \[1349852.208510\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.116 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=40154 PROTO=TCP SPT=57394 DPT=2424 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 4 16:29:22 h2177944 kernel: \[1350349.915105\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.116 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=41219 PROTO=TCP SPT=57394 DPT=9025 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 4 16:29:22 h2177944 kernel: \[1350349.915118\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.116 DST=85.214	2020-01-05 00:33:22
109.248.212.158	attack	[portscan] Port scan	2020-01-05 00:37:53
91.223.136.238	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-05 00:57:11
103.216.216.115	attackbots	Unauthorized connection attempt detected from IP address 103.216.216.115 to port 1433 [J]	2020-01-05 00:35:23
81.198.64.100	attackbots	Honeypot attack, port: 23, PTR: PTR record not found	2020-01-05 00:51:10
14.215.165.133	attackspambots	Unauthorized connection attempt detected from IP address 14.215.165.133 to port 2220 [J]	2020-01-05 00:15:52
185.248.13.226	attack	port scan and connect, tcp 80 (http)	2020-01-05 00:56:32
220.121.97.43	attack	proto=tcp . spt=57790 . dpt=3389 . src=220.121.97.43 . dst=xx.xx.4.1 . (Found on CINS badguys Jan 04) (247)	2020-01-05 00:38:45
95.243.136.198	attackspam	Unauthorized connection attempt detected from IP address 95.243.136.198 to port 2220 [J]	2020-01-05 00:19:50
58.56.145.134	attack	Jan 4 13:12:25 www_kotimaassa_fi sshd[15056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.56.145.134 Jan 4 13:12:27 www_kotimaassa_fi sshd[15056]: Failed password for invalid user admin from 58.56.145.134 port 53626 ssh2 ...	2020-01-05 00:18:54
189.57.140.10	attack	Jan 4 14:28:02 124388 sshd[3908]: Invalid user qcd from 189.57.140.10 port 45280 Jan 4 14:28:02 124388 sshd[3908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.57.140.10 Jan 4 14:28:02 124388 sshd[3908]: Invalid user qcd from 189.57.140.10 port 45280 Jan 4 14:28:04 124388 sshd[3908]: Failed password for invalid user qcd from 189.57.140.10 port 45280 ssh2 Jan 4 14:30:10 124388 sshd[3928]: Invalid user hadoop from 189.57.140.10 port 54207	2020-01-05 00:21:39
69.94.158.95	attack	Jan 4 15:03:23 grey postfix/smtpd\[5563\]: NOQUEUE: reject: RCPT from cheap.swingthelamp.com\[69.94.158.95\]: 554 5.7.1 Service unavailable\; Client host \[69.94.158.95\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[69.94.158.95\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-05 00:58:20
171.229.243.118	attackspambots	Unauthorized connection attempt detected from IP address 171.229.243.118 to port 23 [J]	2020-01-05 00:53:48
18.219.255.76	attackbotsspam	IP: 18.219.255.76 Ports affected World Wide Web HTTP (80) Abuse Confidence rating 38% ASN Details AS16509 Amazon.com Inc. United States (US) CIDR 18.216.0.0/13 Log Date: 4/01/2020 2:06:33 PM UTC	2020-01-05 00:17:37

最近上报的IP列表

201.208.240.128	38.122.39.74	91.204.227.89	189.240.82.54
51.75.58.97	103.84.63.6	166.115.23.152	190.78.184.231
220.165.145.251	89.210.45.91	190.95.50.108	182.244.206.226
174.193.254.64	2.0.42.144	210.90.53.195	88.249.106.18
106.51.0.199	123.198.197.183	123.21.0.180	37.113.128.52