142.93.211.234

基本信息:

城市(city): Bengaluru

省份(region): Karnataka

国家(country): India

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Invalid user admin from 142.93.211.234 port 42578	2019-06-25 14:29:33
attackbots	Invalid user admin from 142.93.211.234 port 42578	2019-06-25 02:58:24
attackbots	Invalid user admin from 142.93.211.234 port 42578	2019-06-24 14:09:43

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.211.36	attackspambots	Oct 12 00:25:27 hidden sshd[869]: Failed password for hidden from 142.93.211.36 port 56534 ssh2 Oct 12 00:28:28 hidden sshd[1320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.36 user=root Oct 12 00:28:30 hidden sshd[1320]: Failed password for hidden from 142.93.211.36 port 40212 ssh2	2020-10-12 07:11:11
142.93.211.36	attackspam	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-10-11 23:23:00
142.93.211.36	attack	Fail2Ban	2020-10-11 15:21:45
142.93.211.36	attackspambots	Port probing on unauthorized port 22	2020-10-11 08:40:42
142.93.211.192	attack	Aug 31 22:18:26 srv-ubuntu-dev3 sshd[127298]: Invalid user wow from 142.93.211.192 Aug 31 22:18:26 srv-ubuntu-dev3 sshd[127298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.192 Aug 31 22:18:26 srv-ubuntu-dev3 sshd[127298]: Invalid user wow from 142.93.211.192 Aug 31 22:18:29 srv-ubuntu-dev3 sshd[127298]: Failed password for invalid user wow from 142.93.211.192 port 39680 ssh2 Aug 31 22:22:18 srv-ubuntu-dev3 sshd[127737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.192 user=root Aug 31 22:22:20 srv-ubuntu-dev3 sshd[127737]: Failed password for root from 142.93.211.192 port 45048 ssh2 Aug 31 22:26:06 srv-ubuntu-dev3 sshd[128146]: Invalid user tomcat2 from 142.93.211.192 Aug 31 22:26:06 srv-ubuntu-dev3 sshd[128146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.192 Aug 31 22:26:06 srv-ubuntu-dev3 sshd[128146]: Invalid user tomc ...	2020-09-01 04:59:43
142.93.211.52	attackbotsspam	18355/tcp 17655/tcp 23164/tcp... [2020-06-29/08-30]30pkt,11pt.(tcp)	2020-08-31 04:47:16
142.93.211.36	attackspam	2020-08-26T20:53:13.113962abusebot-5.cloudsearch.cf sshd[5221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=destek.in user=root 2020-08-26T20:53:15.000419abusebot-5.cloudsearch.cf sshd[5221]: Failed password for root from 142.93.211.36 port 33020 ssh2 2020-08-26T20:53:21.008214abusebot-5.cloudsearch.cf sshd[5223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=destek.in user=root 2020-08-26T20:53:22.522677abusebot-5.cloudsearch.cf sshd[5223]: Failed password for root from 142.93.211.36 port 33524 ssh2 2020-08-26T20:53:28.853992abusebot-5.cloudsearch.cf sshd[5225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=destek.in user=root 2020-08-26T20:53:30.800157abusebot-5.cloudsearch.cf sshd[5225]: Failed password for root from 142.93.211.36 port 34016 ssh2 2020-08-26T20:53:36.106838abusebot-5.cloudsearch.cf sshd[5227]: pam_unix(sshd:auth): authentication failure; ...	2020-08-27 06:04:02
142.93.211.44	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-15 22:30:29
142.93.211.52	attackbotsspam	TCP (SYN) 142.93.211.52:55428 -> port 17655, len 44	2020-07-09 19:46:23
142.93.211.52	attackbots	TCP (SYN) 142.93.211.52:40846 -> port 10, len 44	2020-07-07 23:42:41
142.93.211.44	attackbotsspam	Jun 27 23:53:17 plex sshd[11781]: Invalid user user from 142.93.211.44 port 53454	2020-06-28 06:02:49
142.93.211.52	attackspambots	Jun 16 05:54:36 debian-2gb-nbg1-2 kernel: \[14538380.792052\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=142.93.211.52 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=56604 PROTO=TCP SPT=52723 DPT=4151 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-16 12:51:47
142.93.211.44	attackbotsspam	2020-06-15T03:51:59.198676mail.csmailer.org sshd[15765]: Failed password for root from 142.93.211.44 port 48402 ssh2 2020-06-15T03:55:36.484497mail.csmailer.org sshd[16119]: Invalid user sammy from 142.93.211.44 port 45372 2020-06-15T03:55:36.487297mail.csmailer.org sshd[16119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.44 2020-06-15T03:55:36.484497mail.csmailer.org sshd[16119]: Invalid user sammy from 142.93.211.44 port 45372 2020-06-15T03:55:38.813385mail.csmailer.org sshd[16119]: Failed password for invalid user sammy from 142.93.211.44 port 45372 ssh2 ...	2020-06-15 13:06:14
142.93.211.44	attackspambots	Jun 12 19:42:20 hpm sshd\[6948\]: Invalid user 123456 from 142.93.211.44 Jun 12 19:42:20 hpm sshd\[6948\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.44 Jun 12 19:42:22 hpm sshd\[6948\]: Failed password for invalid user 123456 from 142.93.211.44 port 41572 ssh2 Jun 12 19:43:23 hpm sshd\[7050\]: Invalid user zjcl123 from 142.93.211.44 Jun 12 19:43:23 hpm sshd\[7050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.44	2020-06-13 14:05:30
142.93.211.52	attackbotsspam	trying to access non-authorized port	2020-06-12 04:00:52

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.211.234
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41813
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.211.234.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 13 18:40:23 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 234.211.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 234.211.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
195.231.0.89	attackbotsspam	ssh brute force	2020-05-13 12:15:29
5.135.158.228	attack	May 12 18:18:28 web1 sshd\[20830\]: Invalid user oem from 5.135.158.228 May 12 18:18:28 web1 sshd\[20830\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.158.228 May 12 18:18:30 web1 sshd\[20830\]: Failed password for invalid user oem from 5.135.158.228 port 50604 ssh2 May 12 18:24:24 web1 sshd\[21295\]: Invalid user gorges from 5.135.158.228 May 12 18:24:24 web1 sshd\[21295\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.158.228	2020-05-13 12:27:46
106.1.94.78	attackbotsspam	May 13 06:00:37 server sshd[5333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.1.94.78 May 13 06:00:38 server sshd[5333]: Failed password for invalid user dev from 106.1.94.78 port 50872 ssh2 May 13 06:03:48 server sshd[5569]: Failed password for root from 106.1.94.78 port 36338 ssh2 ...	2020-05-13 12:13:40
118.24.154.64	attackspam	May 13 05:59:40 mailserver sshd\[29444\]: Invalid user solr from 118.24.154.64 ...	2020-05-13 12:20:22
222.186.180.130	attackspambots	Repeated brute force against a port	2020-05-13 09:53:40
222.186.30.112	attackbots	May 13 06:15:18 plex sshd[27173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.112 user=root May 13 06:15:20 plex sshd[27173]: Failed password for root from 222.186.30.112 port 32864 ssh2	2020-05-13 12:19:01
111.207.63.213	attackbotsspam	May 12 17:57:32 hpm sshd\[3431\]: Invalid user tuan from 111.207.63.213 May 12 17:57:32 hpm sshd\[3431\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.207.63.213 May 12 17:57:34 hpm sshd\[3431\]: Failed password for invalid user tuan from 111.207.63.213 port 48384 ssh2 May 12 17:59:57 hpm sshd\[3667\]: Invalid user submit from 111.207.63.213 May 12 17:59:57 hpm sshd\[3667\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.207.63.213	2020-05-13 12:04:57
167.99.66.158	attackspam	May 13 00:59:19 ws24vmsma01 sshd[38255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.66.158 May 13 00:59:21 ws24vmsma01 sshd[38255]: Failed password for invalid user bent from 167.99.66.158 port 39392 ssh2 ...	2020-05-13 12:35:01
113.21.97.141	attack	Dovecot Invalid User Login Attempt.	2020-05-13 12:16:01
185.147.215.13	attackspambots	\[May 13 14:16:18\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '185.147.215.13:51538' - Wrong password \[May 13 14:16:46\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '185.147.215.13:64713' - Wrong password \[May 13 14:17:12\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '185.147.215.13:59491' - Wrong password \[May 13 14:17:39\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '185.147.215.13:54254' - Wrong password \[May 13 14:18:08\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '185.147.215.13:50731' - Wrong password \[May 13 14:18:34\] NOTICE\[2019\] chan_sip.c: Registration from '\' failed for '185.147.215.13:61422' - Wrong password \[May 13 14:19:01\] NOTICE\[2019\] chan_sip.c: Registration from '\' fail ...	2020-05-13 12:38:56
218.92.0.145	attackspambots	$f2bV_matches	2020-05-13 12:41:31
180.101.221.152	attackbots	Invalid user ernest from 180.101.221.152 port 44090	2020-05-13 12:30:10
73.224.88.169	attackbots	Invalid user snovelor from 73.224.88.169 port 45512	2020-05-13 12:30:41
218.78.48.37	attackbots	May 13 05:59:12 jane sshd[2811]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.78.48.37 May 13 05:59:13 jane sshd[2811]: Failed password for invalid user test from 218.78.48.37 port 40262 ssh2 ...	2020-05-13 12:43:01
192.34.57.113	attack	May 13 03:29:01 XXXXXX sshd[5568]: Invalid user pcap from 192.34.57.113 port 43340	2020-05-13 12:02:49

最近上报的IP列表

155.7.224.152	170.110.15.220	53.14.216.230	99.168.27.50
160.150.133.179	109.185.97.192	36.225.113.223	78.62.19.47
221.123.43.50	90.154.146.85	181.225.220.44	169.48.78.67
18.195.211.60	49.151.47.163	102.160.217.199	36.219.240.133
148.214.149.42	123.129.160.219	213.161.163.226	173.255.234.194