142.93.132.21 - IPInfo

基本信息:

城市(city): Amsterdam

省份(region): North Holland

国家(country): Netherlands

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	...	2020-02-02 04:09:35
attack	465/tcp 587/tcp... [2019-10-11/22]36pkt,3pt.(tcp)	2019-10-23 07:25:56

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.132.221	attackspambots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-09-30 05:51:26
142.93.132.221	attack	Found on CINS badguys / proto=6 . srcport=45085 . dstport=2375 . (745)	2020-09-29 22:02:58
142.93.132.221	attack	Port scanning [2 denied]	2020-09-29 14:19:04
142.93.132.119	attackbots	"Unauthorized connection attempt on SSHD detected"	2020-04-23 03:32:10
142.93.132.119	attackspam	Apr 17 17:51:11 h2034429 sshd[32346]: Invalid user ou from 142.93.132.119 Apr 17 17:51:11 h2034429 sshd[32346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.132.119 Apr 17 17:51:13 h2034429 sshd[32346]: Failed password for invalid user ou from 142.93.132.119 port 42424 ssh2 Apr 17 17:51:13 h2034429 sshd[32346]: Received disconnect from 142.93.132.119 port 42424:11: Bye Bye [preauth] Apr 17 17:51:13 h2034429 sshd[32346]: Disconnected from 142.93.132.119 port 42424 [preauth] Apr 17 18:01:08 h2034429 sshd[32535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.132.119 user=r.r Apr 17 18:01:09 h2034429 sshd[32535]: Failed password for r.r from 142.93.132.119 port 38812 ssh2 Apr 17 18:01:09 h2034429 sshd[32535]: Received disconnect from 142.93.132.119 port 38812:11: Bye Bye [preauth] Apr 17 18:01:09 h2034429 sshd[32535]: Disconnected from 142.93.132.119 port 38812 [preauth] ........ ---------------------------------	2020-04-18 04:24:40
142.93.132.28	attackbotsspam	142.93.132.28 - - [18/Oct/2019:12:41:32 +0300] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" 142.93.132.28 - - [18/Oct/2019:12:41:32 +0300] "GET /xmlrpc.php?rsd HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" 142.93.132.28 - - [18/Oct/2019:12:41:32 +0300] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" 142.93.132.28 - - [18/Oct/2019:12:41:32 +0300] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" ...	2019-10-18 21:44:19
142.93.132.42	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-29 07:31:55

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.132.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24765
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.132.21.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat May 04 02:11:49 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 21.132.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 21.132.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
170.239.108.74	attack	2020-09-09T16:40:32.003186+02:00 sshd[6709]: Failed password for root from 170.239.108.74 port 47165 ssh2	2020-09-09 22:51:47
193.124.129.195	attack	Attempted Email Sync. Password Hacking/Probing.	2020-09-09 22:39:46
207.155.193.201	attack	port scan and connect, tcp 443 (https)	2020-09-09 22:31:21
187.170.246.134	attack	2020-09-09T02:40:33.041049hostname sshd[20001]: Failed password for root from 187.170.246.134 port 35670 ssh2 2020-09-09T02:42:43.064432hostname sshd[20927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.170.246.134 user=root 2020-09-09T02:42:45.377613hostname sshd[20927]: Failed password for root from 187.170.246.134 port 42594 ssh2 ...	2020-09-09 22:48:01
47.99.198.122	attack	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root	2020-09-09 22:34:09
218.92.0.248	attack	Sep 9 12:04:02 vps46666688 sshd[10025]: Failed password for root from 218.92.0.248 port 33694 ssh2 Sep 9 12:04:18 vps46666688 sshd[10025]: error: maximum authentication attempts exceeded for root from 218.92.0.248 port 33694 ssh2 [preauth] ...	2020-09-09 23:10:11
47.47.129.78	attackbotsspam	Attempted Email Sync. Password Hacking/Probing.	2020-09-09 22:46:26
240e:390:1040:1f5b:246:5d43:7e00:189c	attackspambots	Attempted Email Sync. Password Hacking/Probing.	2020-09-09 22:34:28
41.218.197.29	attackspambots	Attempted Email Sync. Password Hacking/Probing.	2020-09-09 22:41:55
51.68.198.113	attack	51.68.198.113 (GB/United Kingdom/-), 7 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 9 09:33:26 jbs1 sshd[12794]: Failed password for root from 51.68.198.113 port 41102 ssh2 Sep 9 09:30:22 jbs1 sshd[11559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.175.126 user=root Sep 9 09:30:24 jbs1 sshd[11559]: Failed password for root from 106.13.175.126 port 35562 ssh2 Sep 9 09:31:05 jbs1 sshd[11912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.192 user=root Sep 9 09:31:08 jbs1 sshd[11912]: Failed password for root from 142.93.211.192 port 38564 ssh2 Sep 9 09:27:35 jbs1 sshd[10504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.167.200.10 user=root Sep 9 09:27:37 jbs1 sshd[10504]: Failed password for root from 109.167.200.10 port 51156 ssh2 IP Addresses Blocked:	2020-09-09 22:54:57
113.200.78.221	attackspam	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-09-09 22:50:33
139.199.14.128	attackspambots	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-09-09 22:40:39
2001:b011:8004:403d:d84a:b9b6:d089:41cf	attack	Attempted Email Sync. Password Hacking/Probing.	2020-09-09 22:37:23
78.106.88.30	attackspam	Attempted Email Sync. Password Hacking/Probing.	2020-09-09 22:46:59
2001:b011:8004:5bc:d84a:b9b6:d089:41cf	attack	Attempted Email Sync. Password Hacking/Probing.	2020-09-09 22:37:43

最近上报的IP列表

77.90.204.171	66.42.43.127	2.95.142.204	91.91.40.90
118.24.214.107	186.221.51.37	66.198.240.9	66.198.240.46
128.15.227.223	186.211.199.118	66.198.240.4	118.24.183.23
169.7.16.84	66.155.58.207	194.4.153.253	162.243.219.96
118.24.176.51	5.124.251.102	66.152.165.66	160.248.5.1