142.93.191.184

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	(sshd) Failed SSH login from 142.93.191.184 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 31 20:05:33 amsweb01 sshd[21296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.184 user=root Jul 31 20:05:34 amsweb01 sshd[21296]: Failed password for root from 142.93.191.184 port 44188 ssh2 Jul 31 20:06:24 amsweb01 sshd[21435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.184 user=root Jul 31 20:06:27 amsweb01 sshd[21435]: Failed password for root from 142.93.191.184 port 54752 ssh2 Jul 31 20:06:55 amsweb01 sshd[21456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.184 user=root	2020-08-01 04:33:37
attack	Jul 28 14:17:59 ip-172-31-62-245 sshd\[18704\]: Invalid user lihb from 142.93.191.184\ Jul 28 14:18:01 ip-172-31-62-245 sshd\[18704\]: Failed password for invalid user lihb from 142.93.191.184 port 39804 ssh2\ Jul 28 14:21:58 ip-172-31-62-245 sshd\[18742\]: Invalid user benmunyaradzi from 142.93.191.184\ Jul 28 14:22:01 ip-172-31-62-245 sshd\[18742\]: Failed password for invalid user benmunyaradzi from 142.93.191.184 port 51956 ssh2\ Jul 28 14:25:58 ip-172-31-62-245 sshd\[18783\]: Invalid user xuanbohan from 142.93.191.184\	2020-07-28 22:43:26
attackspambots	2020-07-25T01:27:10.534312sd-86998 sshd[4354]: Invalid user internat from 142.93.191.184 port 58138 2020-07-25T01:27:10.536561sd-86998 sshd[4354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.184 2020-07-25T01:27:10.534312sd-86998 sshd[4354]: Invalid user internat from 142.93.191.184 port 58138 2020-07-25T01:27:12.731867sd-86998 sshd[4354]: Failed password for invalid user internat from 142.93.191.184 port 58138 ssh2 2020-07-25T01:30:48.784708sd-86998 sshd[4796]: Invalid user afr from 142.93.191.184 port 38214 ...	2020-07-25 08:35:21
attackspam	$f2bV_matches	2020-07-18 23:51:38
attackbotsspam	2020-07-12T09:53:35.406050shield sshd\[4479\]: Invalid user shachunyang from 142.93.191.184 port 52816 2020-07-12T09:53:35.415102shield sshd\[4479\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.184 2020-07-12T09:53:37.578255shield sshd\[4479\]: Failed password for invalid user shachunyang from 142.93.191.184 port 52816 ssh2 2020-07-12T09:55:38.911903shield sshd\[4763\]: Invalid user zhoubao from 142.93.191.184 port 32890 2020-07-12T09:55:38.920206shield sshd\[4763\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.184	2020-07-12 18:03:26
attack	Jun 24 07:04:13 santamaria sshd\[15380\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.184 user=root Jun 24 07:04:16 santamaria sshd\[15380\]: Failed password for root from 142.93.191.184 port 49914 ssh2 Jun 24 07:07:33 santamaria sshd\[15414\]: Invalid user vboxadmin from 142.93.191.184 Jun 24 07:07:33 santamaria sshd\[15414\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.184 ...	2020-06-24 13:42:45

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.191.61	attack	Oct 07 08:17:47 host sshd[9746]: Invalid user admin from 142.93.191.61 port 44214	2020-10-12 04:43:28
142.93.191.61	attackspam	Oct 07 08:17:47 host sshd[9746]: Invalid user admin from 142.93.191.61 port 44214	2020-10-11 20:47:06
142.93.191.61	attackspambots	Unauthorized connection attempt detected from IP address 142.93.191.61 to port 8088 [T]	2020-10-11 12:43:30
142.93.191.61	attackbots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-10-10T21:40:21Z and 2020-10-10T21:41:02Z	2020-10-11 06:06:24
142.93.191.61	attack	[4905:Oct 6 09:37:06 j320955 sshd[31708]: Did not receive identification string from 142.93.191.61 port 44164 6168:Oct 7 00:50:31 j320955 sshd[4155]: Did not receive identification string from 142.93.191.61 port 41210 6348:Oct 7 02:59:20 j320955 sshd[9301]: Did not receive identification string from 142.93.191.61 port 53738 6349:Oct 7 02:59:25 j320955 sshd[9304]: Received disconnect from 142.93.191.61 port 60782:11: Normal Shutdown, Thank you for playing [preauth] 6350:Oct 7 02:59:25 j320955 sshd[9304]: Disconnected from authenticating user r.r 142.93.191.61 port 60782 [preauth] 6351:Oct 7 02:59:29 j320955 sshd[9306]: Received disconnect from 142.93.191.61 port 35742:11: Normal Shutdown, Thank you for playing [preauth] 6352:Oct 7 02:59:29 j320955 sshd[9306]: Disconnected from authenticating user r.r 142.93.191.61 port 35742 [preauth] 6353:Oct 7 02:59:32 j320955 sshd[9308]: Received disconnect from 142.93.191.61 port 38964:11: Normal Shutdown, Thank you for playin........ ------------------------------	2020-10-08 05:48:57
142.93.191.61	attackbots	Oct 7 07:54:57 hidden sshd[8037]: Failed password for hidden from 142.93.191.61 port 41234 ssh2 Oct 7 07:54:58 hidden sshd[8041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.61 user=root Oct 7 07:55:00 hidden sshd[8041]: Failed password for hidden from 142.93.191.61 port 44400 ssh2	2020-10-07 14:04:30
142.93.191.50	attackspam	Scanning random ports - tries to find possible vulnerable services	2019-09-01 16:35:09
142.93.191.137	attackspam	Jul 10 16:27:39 XXX sshd[63636]: Invalid user admin from 142.93.191.137 port 54608	2019-07-11 01:36:07

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.191.184
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29295
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.191.184.			IN	A

;; AUTHORITY SECTION:
.			267	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062400 1800 900 604800 86400

;; Query time: 92 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 24 13:42:40 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 184.191.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 184.191.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.206.191.5	attackspambots	(smtpauth) Failed SMTP AUTH login from 103.206.191.5 (HK/Hong Kong/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-05-15 16:44:11 login authenticator failed for (ADMIN) [103.206.191.5]: 535 Incorrect authentication data (set_id=newsletter@sinayar.ir)	2020-05-16 15:15:50
195.54.166.35	attackbots	unautherised login attempt	2020-05-16 15:25:23
222.186.180.41	attackbots	$f2bV_matches	2020-05-16 15:38:26
128.199.84.201	attackbots	May 15 23:41:10 firewall sshd[31343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.84.201 user=root May 15 23:41:12 firewall sshd[31343]: Failed password for root from 128.199.84.201 port 52296 ssh2 May 15 23:45:25 firewall sshd[31452]: Invalid user alumni from 128.199.84.201 ...	2020-05-16 15:08:16
83.97.20.226	attackspam	Port scan denied	2020-05-16 15:30:20
151.236.53.199	attackbotsspam	May 16 00:33:27 XXX sshd[42843]: Invalid user rootuser from 151.236.53.199 port 56378	2020-05-16 14:58:49
61.182.230.41	attackbots	May 16 03:42:32 master sshd[20777]: Failed password for invalid user tomcat from 61.182.230.41 port 54501 ssh2	2020-05-16 15:10:06
186.4.188.3	attack	2020-05-16T01:27:18.636919rocketchat.forhosting.nl sshd[12797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.4.188.3 2020-05-16T01:27:18.634582rocketchat.forhosting.nl sshd[12797]: Invalid user test from 186.4.188.3 port 36958 2020-05-16T01:27:20.530113rocketchat.forhosting.nl sshd[12797]: Failed password for invalid user test from 186.4.188.3 port 36958 ssh2 ...	2020-05-16 14:52:24
178.128.123.111	attack	Invalid user ranger from 178.128.123.111 port 50336	2020-05-16 14:56:38
222.186.169.192	attackbots	2020-05-16T05:48:43.915148afi-git.jinr.ru sshd[10633]: Failed password for root from 222.186.169.192 port 9740 ssh2 2020-05-16T05:48:47.386794afi-git.jinr.ru sshd[10633]: Failed password for root from 222.186.169.192 port 9740 ssh2 2020-05-16T05:48:50.269808afi-git.jinr.ru sshd[10633]: Failed password for root from 222.186.169.192 port 9740 ssh2 2020-05-16T05:48:50.269952afi-git.jinr.ru sshd[10633]: error: maximum authentication attempts exceeded for root from 222.186.169.192 port 9740 ssh2 [preauth] 2020-05-16T05:48:50.269968afi-git.jinr.ru sshd[10633]: Disconnecting: Too many authentication failures [preauth] ...	2020-05-16 15:06:22
87.251.74.194	attack	May 16 04:20:52 debian-2gb-nbg1-2 kernel: \[11854499.160142\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=87.251.74.194 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=34368 PROTO=TCP SPT=43888 DPT=9 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-16 15:10:31
61.160.96.90	attackspambots	May 16 02:55:58 sip sshd[11878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.160.96.90 May 16 02:56:00 sip sshd[11878]: Failed password for invalid user upload from 61.160.96.90 port 1059 ssh2 May 16 02:59:33 sip sshd[13167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.160.96.90	2020-05-16 15:16:56
49.88.112.70	attackspam	5x Failed Password	2020-05-16 15:17:28
42.104.97.238	attackbots	42.104.97.238 - - [15/May/2020:09:33:45 +0200] "GET /wp-login.php HTTP/1.1" 200 6451 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 42.104.97.238 - - [15/May/2020:09:33:46 +0200] "POST /wp-login.php HTTP/1.1" 200 6702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 42.104.97.238 - - [15/May/2020:09:33:47 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-16 15:12:50
193.70.38.187	attack	May 16 04:52:38 ns381471 sshd[27690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.38.187 May 16 04:52:39 ns381471 sshd[27690]: Failed password for invalid user pixel from 193.70.38.187 port 60322 ssh2	2020-05-16 15:22:03

最近上报的IP列表

139.8.56.163	1.179.153.245	4.14.30.156	240.122.31.245
192.241.207.147	103.31.109.54	189.130.215.115	178.216.209.40
49.206.25.209	42.51.13.2	182.75.141.146	202.90.133.142
217.182.76.77	117.50.63.241	189.149.255.221	202.168.64.99
26.53.7.90	233.41.225.60	69.194.129.165	81.215.214.145