142.93.205.83 - IPInfo

基本信息:

城市(city): North Bergen

省份(region): New Jersey

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Triggered by Fail2Ban at Ares web server	2019-07-27 03:55:02

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.205.81	attackbotsspam	Aug 16 05:53:39 db sshd[21085]: User root from 142.93.205.81 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 15:33:10
142.93.205.21	attackspam	2020-01-13T04:50:09Z - RDP login failed multiple times. (142.93.205.21)	2020-01-13 16:49:45

类型

评论内容

时间

142.93.205.81

attackbotsspam

Aug 16 05:53:39 db sshd[21085]: User root from 142.93.205.81 not allowed because none of user's groups are listed in AllowGroups
...

2020-08-16 15:33:10

142.93.205.21

attackspam

2020-01-13T04:50:09Z - RDP login failed multiple times. (142.93.205.21)

2020-01-13 16:49:45

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.205.83
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64957
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.205.83.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 27 03:54:57 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 83.205.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 83.205.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
94.23.215.90	attackspam	Dec 22 07:51:44 zeus sshd[5734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.215.90 Dec 22 07:51:45 zeus sshd[5734]: Failed password for invalid user kb from 94.23.215.90 port 52910 ssh2 Dec 22 07:57:35 zeus sshd[5900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.215.90 Dec 22 07:57:37 zeus sshd[5900]: Failed password for invalid user bhandia from 94.23.215.90 port 49628 ssh2	2019-12-22 20:21:06
109.131.130.178	attack	Dec 20 08:52:12 de sshd[20243]: User r.r from 109.131.130.178 not allowed because not listed in AllowUsers Dec 20 08:52:12 de sshd[20243]: Failed password for invalid user r.r from 109.131.130.178 port 33056 ssh2 Dec 20 08:52:40 de sshd[20251]: User r.r from 109.131.130.178 not allowed because not listed in AllowUsers Dec 20 08:52:40 de sshd[20251]: Failed password for invalid user r.r from 109.131.130.178 port 59894 ssh2 Dec 20 08:52:52 de sshd[20253]: Invalid user marhta from 109.131.130.178 Dec 20 08:52:52 de sshd[20253]: Failed password for invalid user marhta from 109.131.130.178 port 60912 ssh2 Dec 20 08:53:05 de sshd[20257]: Invalid user enigmatic from 109.131.130.178 Dec 20 08:53:05 de sshd[20257]: Failed password for invalid user enigmatic from 109.131.130.178 port 34124 ssh2 Dec 20 08:53:18 de sshd[20261]: Invalid user ivans from 109.131.130.178 Dec 20 08:53:18 de sshd[20261]: Failed password for invalid user ivans from 109.131.130.178 port 35134 ssh2 Dec 20 08........ ------------------------------	2019-12-22 20:26:07
54.38.139.210	attackspam	Dec 22 08:09:37 XXXXXX sshd[31872]: Invalid user schnackenberg from 54.38.139.210 port 42716	2019-12-22 20:27:00
104.236.250.88	attackbotsspam	Dec 22 09:10:10 OPSO sshd\[7569\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.250.88 user=root Dec 22 09:10:11 OPSO sshd\[7569\]: Failed password for root from 104.236.250.88 port 57254 ssh2 Dec 22 09:15:29 OPSO sshd\[8651\]: Invalid user 123 from 104.236.250.88 port 33504 Dec 22 09:15:29 OPSO sshd\[8651\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.250.88 Dec 22 09:15:30 OPSO sshd\[8651\]: Failed password for invalid user 123 from 104.236.250.88 port 33504 ssh2	2019-12-22 20:12:05
106.12.23.128	attackbots	Dec 22 00:59:58 tdfoods sshd\[9444\]: Invalid user msr from 106.12.23.128 Dec 22 00:59:58 tdfoods sshd\[9444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.23.128 Dec 22 01:00:00 tdfoods sshd\[9444\]: Failed password for invalid user msr from 106.12.23.128 port 54358 ssh2 Dec 22 01:08:26 tdfoods sshd\[10195\]: Invalid user bip from 106.12.23.128 Dec 22 01:08:26 tdfoods sshd\[10195\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.23.128	2019-12-22 20:04:19
35.240.217.103	attackbotsspam	Dec 22 11:56:00 ArkNodeAT sshd\[21435\]: Invalid user named from 35.240.217.103 Dec 22 11:56:00 ArkNodeAT sshd\[21435\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.240.217.103 Dec 22 11:56:02 ArkNodeAT sshd\[21435\]: Failed password for invalid user named from 35.240.217.103 port 45332 ssh2	2019-12-22 20:00:44
178.216.248.36	attackspam	Dec 22 09:44:17 server sshd\[1339\]: Invalid user web from 178.216.248.36 Dec 22 09:44:17 server sshd\[1339\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.216.248.36 Dec 22 09:44:19 server sshd\[1339\]: Failed password for invalid user web from 178.216.248.36 port 50420 ssh2 Dec 22 09:59:59 server sshd\[5617\]: Invalid user minecrafttest from 178.216.248.36 Dec 22 09:59:59 server sshd\[5617\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.216.248.36 ...	2019-12-22 20:23:18
207.154.229.50	attackbots	Dec 22 08:17:07 unicornsoft sshd\[12352\]: User root from 207.154.229.50 not allowed because not listed in AllowUsers Dec 22 08:17:07 unicornsoft sshd\[12352\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.229.50 user=root Dec 22 08:17:09 unicornsoft sshd\[12352\]: Failed password for invalid user root from 207.154.229.50 port 57730 ssh2	2019-12-22 20:34:56
139.59.84.55	attackbotsspam	Dec 22 10:18:48 vserver sshd\[619\]: Invalid user zwiebel from 139.59.84.55Dec 22 10:18:50 vserver sshd\[619\]: Failed password for invalid user zwiebel from 139.59.84.55 port 44076 ssh2Dec 22 10:24:37 vserver sshd\[658\]: Invalid user jt from 139.59.84.55Dec 22 10:24:39 vserver sshd\[658\]: Failed password for invalid user jt from 139.59.84.55 port 48012 ssh2 ...	2019-12-22 20:05:54
222.186.175.154	attackspambots	Dec 22 13:18:03 dcd-gentoo sshd[6105]: User root from 222.186.175.154 not allowed because none of user's groups are listed in AllowGroups Dec 22 13:18:05 dcd-gentoo sshd[6105]: error: PAM: Authentication failure for illegal user root from 222.186.175.154 Dec 22 13:18:03 dcd-gentoo sshd[6105]: User root from 222.186.175.154 not allowed because none of user's groups are listed in AllowGroups Dec 22 13:18:05 dcd-gentoo sshd[6105]: error: PAM: Authentication failure for illegal user root from 222.186.175.154 Dec 22 13:18:03 dcd-gentoo sshd[6105]: User root from 222.186.175.154 not allowed because none of user's groups are listed in AllowGroups Dec 22 13:18:05 dcd-gentoo sshd[6105]: error: PAM: Authentication failure for illegal user root from 222.186.175.154 Dec 22 13:18:05 dcd-gentoo sshd[6105]: Failed keyboard-interactive/pam for invalid user root from 222.186.175.154 port 47756 ssh2 ...	2019-12-22 20:19:29
40.89.176.60	attackbots	/var/log/messages:Dec 20 01:19:29 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1576804769.282:52050): pid=4231 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=4232 suid=74 rport=46580 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=40.89.176.60 terminal=? res=success' /var/log/messages:Dec 20 01:19:29 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1576804769.285:52051): pid=4231 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=4232 suid=74 rport=46580 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=40.89.176.60 terminal=? res=success' /var/log/messages:Dec 20 01:19:29 sanyalnet-cloud-vps fail2ban.filter[1551]: INFO [sshd] Found 40.89........ -------------------------------	2019-12-22 20:03:26
179.99.30.70	attackbotsspam	Dec 22 15:41:47 areeb-Workstation sshd[14805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.99.30.70 Dec 22 15:41:49 areeb-Workstation sshd[14805]: Failed password for invalid user familiadis from 179.99.30.70 port 36525 ssh2 ...	2019-12-22 20:32:24
185.22.143.232	attackspambots	Dec 20 10:18:35 kmh-mb-001 sshd[27221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.22.143.232 user=r.r Dec 20 10:18:36 kmh-mb-001 sshd[27221]: Failed password for r.r from 185.22.143.232 port 46685 ssh2 Dec 20 10:18:36 kmh-mb-001 sshd[27221]: Received disconnect from 185.22.143.232 port 46685:11: Bye Bye [preauth] Dec 20 10:18:36 kmh-mb-001 sshd[27221]: Disconnected from 185.22.143.232 port 46685 [preauth] Dec 20 10:32:02 kmh-mb-001 sshd[28975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.22.143.232 user=r.r Dec 20 10:32:05 kmh-mb-001 sshd[28975]: Failed password for r.r from 185.22.143.232 port 37612 ssh2 Dec 20 10:32:05 kmh-mb-001 sshd[28975]: Received disconnect from 185.22.143.232 port 37612:11: Bye Bye [preauth] Dec 20 10:32:05 kmh-mb-001 sshd[28975]: Disconnected from 185.22.143.232 port 37612 [preauth] Dec 20 10:39:35 kmh-mb-001 sshd[29977]: Invalid user tetsu from ........ -------------------------------	2019-12-22 20:37:58
41.159.18.20	attack	SSH Brute-Forcing (server2)	2019-12-22 20:31:04
159.203.201.67	attackbotsspam	Portscan or hack attempt detected by psad/fwsnort	2019-12-22 20:05:40

最近上报的IP列表

182.169.141.157	33.38.42.241	61.34.215.71	223.17.250.11
174.115.80.147	180.40.183.231	242.89.239.42	180.226.121.193
149.220.197.61	3.94.172.121	39.119.186.238	206.144.68.36
134.124.189.118	46.248.182.96	124.75.51.164	111.10.29.84
103.217.104.90	183.42.213.135	51.77.222.232	23.252.165.161