142.93.191.184

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	(sshd) Failed SSH login from 142.93.191.184 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 31 20:05:33 amsweb01 sshd[21296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.184 user=root Jul 31 20:05:34 amsweb01 sshd[21296]: Failed password for root from 142.93.191.184 port 44188 ssh2 Jul 31 20:06:24 amsweb01 sshd[21435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.184 user=root Jul 31 20:06:27 amsweb01 sshd[21435]: Failed password for root from 142.93.191.184 port 54752 ssh2 Jul 31 20:06:55 amsweb01 sshd[21456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.184 user=root	2020-08-01 04:33:37
attack	Jul 28 14:17:59 ip-172-31-62-245 sshd\[18704\]: Invalid user lihb from 142.93.191.184\ Jul 28 14:18:01 ip-172-31-62-245 sshd\[18704\]: Failed password for invalid user lihb from 142.93.191.184 port 39804 ssh2\ Jul 28 14:21:58 ip-172-31-62-245 sshd\[18742\]: Invalid user benmunyaradzi from 142.93.191.184\ Jul 28 14:22:01 ip-172-31-62-245 sshd\[18742\]: Failed password for invalid user benmunyaradzi from 142.93.191.184 port 51956 ssh2\ Jul 28 14:25:58 ip-172-31-62-245 sshd\[18783\]: Invalid user xuanbohan from 142.93.191.184\	2020-07-28 22:43:26
attackspambots	2020-07-25T01:27:10.534312sd-86998 sshd[4354]: Invalid user internat from 142.93.191.184 port 58138 2020-07-25T01:27:10.536561sd-86998 sshd[4354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.184 2020-07-25T01:27:10.534312sd-86998 sshd[4354]: Invalid user internat from 142.93.191.184 port 58138 2020-07-25T01:27:12.731867sd-86998 sshd[4354]: Failed password for invalid user internat from 142.93.191.184 port 58138 ssh2 2020-07-25T01:30:48.784708sd-86998 sshd[4796]: Invalid user afr from 142.93.191.184 port 38214 ...	2020-07-25 08:35:21
attackspam	$f2bV_matches	2020-07-18 23:51:38
attackbotsspam	2020-07-12T09:53:35.406050shield sshd\[4479\]: Invalid user shachunyang from 142.93.191.184 port 52816 2020-07-12T09:53:35.415102shield sshd\[4479\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.184 2020-07-12T09:53:37.578255shield sshd\[4479\]: Failed password for invalid user shachunyang from 142.93.191.184 port 52816 ssh2 2020-07-12T09:55:38.911903shield sshd\[4763\]: Invalid user zhoubao from 142.93.191.184 port 32890 2020-07-12T09:55:38.920206shield sshd\[4763\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.184	2020-07-12 18:03:26
attack	Jun 24 07:04:13 santamaria sshd\[15380\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.184 user=root Jun 24 07:04:16 santamaria sshd\[15380\]: Failed password for root from 142.93.191.184 port 49914 ssh2 Jun 24 07:07:33 santamaria sshd\[15414\]: Invalid user vboxadmin from 142.93.191.184 Jun 24 07:07:33 santamaria sshd\[15414\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.184 ...	2020-06-24 13:42:45

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.191.61	attack	Oct 07 08:17:47 host sshd[9746]: Invalid user admin from 142.93.191.61 port 44214	2020-10-12 04:43:28
142.93.191.61	attackspam	Oct 07 08:17:47 host sshd[9746]: Invalid user admin from 142.93.191.61 port 44214	2020-10-11 20:47:06
142.93.191.61	attackspambots	Unauthorized connection attempt detected from IP address 142.93.191.61 to port 8088 [T]	2020-10-11 12:43:30
142.93.191.61	attackbots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-10-10T21:40:21Z and 2020-10-10T21:41:02Z	2020-10-11 06:06:24
142.93.191.61	attack	[4905:Oct 6 09:37:06 j320955 sshd[31708]: Did not receive identification string from 142.93.191.61 port 44164 6168:Oct 7 00:50:31 j320955 sshd[4155]: Did not receive identification string from 142.93.191.61 port 41210 6348:Oct 7 02:59:20 j320955 sshd[9301]: Did not receive identification string from 142.93.191.61 port 53738 6349:Oct 7 02:59:25 j320955 sshd[9304]: Received disconnect from 142.93.191.61 port 60782:11: Normal Shutdown, Thank you for playing [preauth] 6350:Oct 7 02:59:25 j320955 sshd[9304]: Disconnected from authenticating user r.r 142.93.191.61 port 60782 [preauth] 6351:Oct 7 02:59:29 j320955 sshd[9306]: Received disconnect from 142.93.191.61 port 35742:11: Normal Shutdown, Thank you for playing [preauth] 6352:Oct 7 02:59:29 j320955 sshd[9306]: Disconnected from authenticating user r.r 142.93.191.61 port 35742 [preauth] 6353:Oct 7 02:59:32 j320955 sshd[9308]: Received disconnect from 142.93.191.61 port 38964:11: Normal Shutdown, Thank you for playin........ ------------------------------	2020-10-08 05:48:57
142.93.191.61	attackbots	Oct 7 07:54:57 hidden sshd[8037]: Failed password for hidden from 142.93.191.61 port 41234 ssh2 Oct 7 07:54:58 hidden sshd[8041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.191.61 user=root Oct 7 07:55:00 hidden sshd[8041]: Failed password for hidden from 142.93.191.61 port 44400 ssh2	2020-10-07 14:04:30
142.93.191.50	attackspam	Scanning random ports - tries to find possible vulnerable services	2019-09-01 16:35:09
142.93.191.137	attackspam	Jul 10 16:27:39 XXX sshd[63636]: Invalid user admin from 142.93.191.137 port 54608	2019-07-11 01:36:07

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.191.184
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29295
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.191.184.			IN	A

;; AUTHORITY SECTION:
.			267	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062400 1800 900 604800 86400

;; Query time: 92 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 24 13:42:40 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 184.191.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 184.191.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
85.144.226.170	attackspam	Aug 7 20:48:10 pornomens sshd\[1320\]: Invalid user webportal from 85.144.226.170 port 57102 Aug 7 20:48:10 pornomens sshd\[1320\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.144.226.170 Aug 7 20:48:12 pornomens sshd\[1320\]: Failed password for invalid user webportal from 85.144.226.170 port 57102 ssh2 ...	2019-08-08 08:17:20
41.205.112.246	attack	SSH/22 MH Probe, BF, Hack -	2019-08-08 08:01:37
94.25.168.143	attackbotsspam	Unauthorized connection attempt from IP address 94.25.168.143 on Port 445(SMB)	2019-08-08 08:05:24
170.246.198.69	attackspam	Honeypot attack, port: 23, PTR: 170-246-198-069.henet.com.br.	2019-08-08 07:47:05
71.6.233.126	attackbotsspam	firewall-block, port(s): 9527/tcp	2019-08-08 08:09:45
82.3.26.225	attackspambots	Aug 7 20:34:11 hosting sshd[6597]: Invalid user usuario1 from 82.3.26.225 port 37766 ...	2019-08-08 07:36:36
133.167.73.30	attackspambots	2019-08-07T14:56:31.201337WS-Zach sshd[18275]: Invalid user minecraft from 133.167.73.30 port 47670 2019-08-07T14:56:31.205857WS-Zach sshd[18275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=133.167.73.30 2019-08-07T14:56:31.201337WS-Zach sshd[18275]: Invalid user minecraft from 133.167.73.30 port 47670 2019-08-07T14:56:33.316934WS-Zach sshd[18275]: Failed password for invalid user minecraft from 133.167.73.30 port 47670 ssh2 2019-08-07T15:02:50.001070WS-Zach sshd[19058]: User root from 133.167.73.30 not allowed because none of user's groups are listed in AllowGroups ...	2019-08-08 07:54:38
119.145.61.168	attackbotsspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-08-08 07:49:21
23.129.64.162	attackbots	2019-08-07T23:27:15.799072abusebot-6.cloudsearch.cf sshd\[22674\]: Invalid user administrator from 23.129.64.162 port 58511	2019-08-08 08:20:38
163.172.190.185	attack	Aug 7 20:47:29 srv206 sshd[30406]: Invalid user wp from 163.172.190.185 Aug 7 20:47:29 srv206 sshd[30406]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=la-apps.de Aug 7 20:47:29 srv206 sshd[30406]: Invalid user wp from 163.172.190.185 Aug 7 20:47:31 srv206 sshd[30406]: Failed password for invalid user wp from 163.172.190.185 port 40102 ssh2 ...	2019-08-08 08:18:20
37.49.225.224	attack	Aug 8 00:28:54 vps65 postfix/smtpd\[24371\]: warning: unknown\[37.49.225.224\]: SASL LOGIN authentication failed: authentication failure Aug 8 00:28:57 vps65 postfix/smtpd\[24371\]: warning: unknown\[37.49.225.224\]: SASL LOGIN authentication failed: authentication failure Aug 8 00:28:59 vps65 postfix/smtpd\[24371\]: warning: unknown\[37.49.225.224\]: SASL LOGIN authentication failed: authentication failure ...	2019-08-08 08:11:55
202.29.57.103	attackbotsspam	08/07/2019-18:00:48.343569 202.29.57.103 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-08 08:15:37
88.99.134.86	attackbotsspam	Unauthorized connection attempt from IP address 88.99.134.86 on Port 445(SMB)	2019-08-08 08:04:03
50.67.178.164	attackbotsspam	2019-08-08T00:33:11.648522enmeeting.mahidol.ac.th sshd\[10570\]: Invalid user noah from 50.67.178.164 port 53190 2019-08-08T00:33:11.662508enmeeting.mahidol.ac.th sshd\[10570\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=s0106ac202e1dbfb3.va.shawcable.net 2019-08-08T00:33:13.903216enmeeting.mahidol.ac.th sshd\[10570\]: Failed password for invalid user noah from 50.67.178.164 port 53190 ssh2 ...	2019-08-08 08:13:38
164.132.98.75	attackbotsspam	Aug 8 01:39:16 Proxmox sshd\[15216\]: Invalid user kristen from 164.132.98.75 port 53273 Aug 8 01:39:16 Proxmox sshd\[15216\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.98.75 Aug 8 01:39:18 Proxmox sshd\[15216\]: Failed password for invalid user kristen from 164.132.98.75 port 53273 ssh2	2019-08-08 08:22:24

最近上报的IP列表

139.8.56.163	1.179.153.245	4.14.30.156	240.122.31.245
192.241.207.147	103.31.109.54	189.130.215.115	178.216.209.40
49.206.25.209	42.51.13.2	182.75.141.146	202.90.133.142
217.182.76.77	117.50.63.241	189.149.255.221	202.168.64.99
26.53.7.90	233.41.225.60	69.194.129.165	81.215.214.145