142.93.211.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	18355/tcp 17655/tcp 23164/tcp... [2020-06-29/08-30]30pkt,11pt.(tcp)	2020-08-31 04:47:16
attackbotsspam	TCP (SYN) 142.93.211.52:55428 -> port 17655, len 44	2020-07-09 19:46:23
attackbots	TCP (SYN) 142.93.211.52:40846 -> port 10, len 44	2020-07-07 23:42:41
attackspambots	Jun 16 05:54:36 debian-2gb-nbg1-2 kernel: \[14538380.792052\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=142.93.211.52 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=56604 PROTO=TCP SPT=52723 DPT=4151 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-16 12:51:47
attackbotsspam	trying to access non-authorized port	2020-06-12 04:00:52
attack	scans 2 times in preceeding hours on the ports (in chronological order) 21305 21305	2020-06-10 21:42:06
attackspam	Jun 1 16:18:42 home sshd[20537]: Failed password for root from 142.93.211.52 port 59430 ssh2 Jun 1 16:23:05 home sshd[20983]: Failed password for root from 142.93.211.52 port 36398 ssh2 ...	2020-06-01 23:12:03
attack	TCP (SYN) 142.93.211.52:58017 -> port 8175, len 44	2020-05-28 14:43:26
attackbotsspam	Invalid user kte from 142.93.211.52 port 38458	2020-05-24 07:10:11
attack	TCP (SYN) 142.93.211.52:57215 -> port 27278, len 44	2020-05-16 01:36:57
attackbotsspam	(sshd) Failed SSH login from 142.93.211.52 (IN/India/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 8 19:27:53 amsweb01 sshd[15559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 user=root May 8 19:27:56 amsweb01 sshd[15559]: Failed password for root from 142.93.211.52 port 58452 ssh2 May 8 19:34:04 amsweb01 sshd[16191]: Invalid user test from 142.93.211.52 port 54878 May 8 19:34:06 amsweb01 sshd[16191]: Failed password for invalid user test from 142.93.211.52 port 54878 ssh2 May 8 19:38:45 amsweb01 sshd[16590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 user=root	2020-05-09 03:26:00
attackspambots	Port scan(s) denied	2020-05-06 15:20:05
attackspam	Apr 13 14:36:43 debian-2gb-nbg1-2 kernel: \[9040397.859994\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=142.93.211.52 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=9007 PROTO=TCP SPT=50147 DPT=13294 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-13 22:02:17
attackbotsspam	Apr 6 20:27:39 dev0-dcde-rnet sshd[21615]: Failed password for root from 142.93.211.52 port 58686 ssh2 Apr 6 20:28:43 dev0-dcde-rnet sshd[21617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 Apr 6 20:28:46 dev0-dcde-rnet sshd[21617]: Failed password for invalid user wp from 142.93.211.52 port 44374 ssh2	2020-04-07 02:46:23
attack	$f2bV_matches	2020-03-21 15:21:26
attackspam	Mar 18 09:42:53 plusreed sshd[21598]: Invalid user testftp from 142.93.211.52 ...	2020-03-18 22:09:49
attack	Invalid user angel from 142.93.211.52 port 60046	2020-03-14 02:29:31
attackbots	Mar 12 09:44:24 work-partkepr sshd\[9549\]: Invalid user factorio from 142.93.211.52 port 50022 Mar 12 09:44:24 work-partkepr sshd\[9549\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 ...	2020-03-12 20:21:03
attackspambots	Mar 10 20:32:37 cp sshd[2891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52	2020-03-11 07:13:49
attack	Mar 1 19:36:49 MK-Soft-VM7 sshd[9797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 Mar 1 19:36:51 MK-Soft-VM7 sshd[9797]: Failed password for invalid user teamspeakbot from 142.93.211.52 port 40888 ssh2 ...	2020-03-02 04:17:17
attackbotsspam	Feb 28 11:51:56 web1 sshd\[14010\]: Invalid user newuser from 142.93.211.52 Feb 28 11:51:56 web1 sshd\[14010\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 Feb 28 11:51:58 web1 sshd\[14010\]: Failed password for invalid user newuser from 142.93.211.52 port 48318 ssh2 Feb 28 11:59:42 web1 sshd\[14743\]: Invalid user nagios from 142.93.211.52 Feb 28 11:59:42 web1 sshd\[14743\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52	2020-02-29 06:12:42
attackbots	Feb 7 23:15:39 silence02 sshd[12820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 Feb 7 23:15:40 silence02 sshd[12820]: Failed password for invalid user gcx from 142.93.211.52 port 42340 ssh2 Feb 7 23:19:07 silence02 sshd[13140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52	2020-02-08 06:39:31
attackspam	Feb 2 00:35:42 MK-Soft-Root2 sshd[15856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 Feb 2 00:35:43 MK-Soft-Root2 sshd[15856]: Failed password for invalid user test from 142.93.211.52 port 45620 ssh2 ...	2020-02-02 07:41:12
attackspambots	Feb 1 20:04:07 lnxmysql61 sshd[24204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52	2020-02-02 03:50:46
attack	Jan 26 07:52:14 MK-Soft-Root2 sshd[30865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 Jan 26 07:52:17 MK-Soft-Root2 sshd[30865]: Failed password for invalid user system from 142.93.211.52 port 52342 ssh2 ...	2020-01-26 14:59:46
attackbotsspam	Unauthorized connection attempt detected from IP address 142.93.211.52 to port 2220 [J]	2020-01-23 11:39:50
attackspam	Unauthorized connection attempt detected from IP address 142.93.211.52 to port 2220 [J]	2020-01-22 23:24:29
attackbotsspam	Jan 20 15:09:51 vpn01 sshd[24668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 Jan 20 15:09:52 vpn01 sshd[24668]: Failed password for invalid user admin from 142.93.211.52 port 52022 ssh2 ...	2020-01-20 22:33:04
attackbots	Invalid user karina from 142.93.211.52 port 55084	2020-01-18 23:34:10
attackspambots	Unauthorized connection attempt detected from IP address 142.93.211.52 to port 2220 [J]	2020-01-18 02:59:40

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.211.36	attackspambots	Oct 12 00:25:27 hidden sshd[869]: Failed password for hidden from 142.93.211.36 port 56534 ssh2 Oct 12 00:28:28 hidden sshd[1320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.36 user=root Oct 12 00:28:30 hidden sshd[1320]: Failed password for hidden from 142.93.211.36 port 40212 ssh2	2020-10-12 07:11:11
142.93.211.36	attackspam	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-10-11 23:23:00
142.93.211.36	attack	Fail2Ban	2020-10-11 15:21:45
142.93.211.36	attackspambots	Port probing on unauthorized port 22	2020-10-11 08:40:42
142.93.211.192	attack	Aug 31 22:18:26 srv-ubuntu-dev3 sshd[127298]: Invalid user wow from 142.93.211.192 Aug 31 22:18:26 srv-ubuntu-dev3 sshd[127298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.192 Aug 31 22:18:26 srv-ubuntu-dev3 sshd[127298]: Invalid user wow from 142.93.211.192 Aug 31 22:18:29 srv-ubuntu-dev3 sshd[127298]: Failed password for invalid user wow from 142.93.211.192 port 39680 ssh2 Aug 31 22:22:18 srv-ubuntu-dev3 sshd[127737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.192 user=root Aug 31 22:22:20 srv-ubuntu-dev3 sshd[127737]: Failed password for root from 142.93.211.192 port 45048 ssh2 Aug 31 22:26:06 srv-ubuntu-dev3 sshd[128146]: Invalid user tomcat2 from 142.93.211.192 Aug 31 22:26:06 srv-ubuntu-dev3 sshd[128146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.192 Aug 31 22:26:06 srv-ubuntu-dev3 sshd[128146]: Invalid user tomc ...	2020-09-01 04:59:43
142.93.211.36	attackspam	2020-08-26T20:53:13.113962abusebot-5.cloudsearch.cf sshd[5221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=destek.in user=root 2020-08-26T20:53:15.000419abusebot-5.cloudsearch.cf sshd[5221]: Failed password for root from 142.93.211.36 port 33020 ssh2 2020-08-26T20:53:21.008214abusebot-5.cloudsearch.cf sshd[5223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=destek.in user=root 2020-08-26T20:53:22.522677abusebot-5.cloudsearch.cf sshd[5223]: Failed password for root from 142.93.211.36 port 33524 ssh2 2020-08-26T20:53:28.853992abusebot-5.cloudsearch.cf sshd[5225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=destek.in user=root 2020-08-26T20:53:30.800157abusebot-5.cloudsearch.cf sshd[5225]: Failed password for root from 142.93.211.36 port 34016 ssh2 2020-08-26T20:53:36.106838abusebot-5.cloudsearch.cf sshd[5227]: pam_unix(sshd:auth): authentication failure; ...	2020-08-27 06:04:02
142.93.211.44	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-15 22:30:29
142.93.211.44	attackbotsspam	Jun 27 23:53:17 plex sshd[11781]: Invalid user user from 142.93.211.44 port 53454	2020-06-28 06:02:49
142.93.211.44	attackbotsspam	2020-06-15T03:51:59.198676mail.csmailer.org sshd[15765]: Failed password for root from 142.93.211.44 port 48402 ssh2 2020-06-15T03:55:36.484497mail.csmailer.org sshd[16119]: Invalid user sammy from 142.93.211.44 port 45372 2020-06-15T03:55:36.487297mail.csmailer.org sshd[16119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.44 2020-06-15T03:55:36.484497mail.csmailer.org sshd[16119]: Invalid user sammy from 142.93.211.44 port 45372 2020-06-15T03:55:38.813385mail.csmailer.org sshd[16119]: Failed password for invalid user sammy from 142.93.211.44 port 45372 ssh2 ...	2020-06-15 13:06:14
142.93.211.44	attackspambots	Jun 12 19:42:20 hpm sshd\[6948\]: Invalid user 123456 from 142.93.211.44 Jun 12 19:42:20 hpm sshd\[6948\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.44 Jun 12 19:42:22 hpm sshd\[6948\]: Failed password for invalid user 123456 from 142.93.211.44 port 41572 ssh2 Jun 12 19:43:23 hpm sshd\[7050\]: Invalid user zjcl123 from 142.93.211.44 Jun 12 19:43:23 hpm sshd\[7050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.44	2020-06-13 14:05:30
142.93.211.44	attackbots	May 25 22:50:37 eventyay sshd[9631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.44 May 25 22:50:39 eventyay sshd[9631]: Failed password for invalid user college from 142.93.211.44 port 44360 ssh2 May 25 22:55:07 eventyay sshd[9723]: Failed password for root from 142.93.211.44 port 48732 ssh2 ...	2020-05-26 04:56:51
142.93.211.176	attack	$f2bV_matches	2020-05-26 03:58:31
142.93.211.111	attackspambots	05/19/2020-19:43:03.985365 142.93.211.111 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-20 08:43:51
142.93.211.44	attackbotsspam	SSH brute-force: detected 14 distinct usernames within a 24-hour window.	2020-05-11 06:39:54
142.93.211.44	attackbotsspam	May 6 02:21:33 XXX sshd[52445]: Invalid user mysql from 142.93.211.44 port 43788	2020-05-07 08:46:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.211.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21249
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.211.52.			IN	A

;; AUTHORITY SECTION:
.			88	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011700 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 18 02:59:37 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 52.211.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.211.93.142.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
49.88.112.114	attack	Jan 2 13:01:34 auw2 sshd\[25004\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Jan 2 13:01:36 auw2 sshd\[25004\]: Failed password for root from 49.88.112.114 port 64605 ssh2 Jan 2 13:02:41 auw2 sshd\[25081\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Jan 2 13:02:43 auw2 sshd\[25081\]: Failed password for root from 49.88.112.114 port 25858 ssh2 Jan 2 13:07:25 auw2 sshd\[25441\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root	2020-01-03 07:08:11
106.75.21.242	attack	Jan 3 00:06:55 haigwepa sshd[3956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.21.242 Jan 3 00:06:57 haigwepa sshd[3956]: Failed password for invalid user yl from 106.75.21.242 port 55418 ssh2 ...	2020-01-03 07:25:46
78.237.19.53	attackspam	Jan 2 21:40:56 nginx sshd[77414]: Invalid user pi from 78.237.19.53 Jan 2 21:40:56 nginx sshd[77414]: Connection closed by 78.237.19.53 port 35112 [preauth]	2020-01-03 06:58:00
14.98.4.82	attackspam	20 attempts against mh-ssh on echoip.magehost.pro	2020-01-03 07:01:17
106.75.61.203	attackspam	firewall-block, port(s): 13579/tcp	2020-01-03 07:23:54
202.168.64.24	attackspam	Portscan or hack attempt detected by psad/fwsnort	2020-01-03 06:59:01
104.168.246.128	attack	$f2bV_matches	2020-01-03 07:01:40
49.88.112.116	attack	Jan 3 00:28:21 localhost sshd\[7291\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root Jan 3 00:28:23 localhost sshd\[7291\]: Failed password for root from 49.88.112.116 port 34964 ssh2 Jan 3 00:28:25 localhost sshd\[7291\]: Failed password for root from 49.88.112.116 port 34964 ssh2	2020-01-03 07:34:54
206.81.16.240	attackspambots	Jan 3 00:06:48 herz-der-gamer sshd[21561]: Invalid user cxp from 206.81.16.240 port 55108 Jan 3 00:06:48 herz-der-gamer sshd[21561]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.81.16.240 Jan 3 00:06:48 herz-der-gamer sshd[21561]: Invalid user cxp from 206.81.16.240 port 55108 Jan 3 00:06:49 herz-der-gamer sshd[21561]: Failed password for invalid user cxp from 206.81.16.240 port 55108 ssh2 ...	2020-01-03 07:32:45
190.116.41.227	attackbotsspam	Jan 3 00:06:07 sshd[29418]: Failed password for invalid user login from 190.116.41.227 port 60436 ssh2	2020-01-03 07:22:21
181.50.102.55	attackbotsspam	Jan 3 00:12:11 vmanager6029 sshd\[18498\]: Invalid user admin1 from 181.50.102.55 port 5870 Jan 3 00:12:11 vmanager6029 sshd\[18498\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.50.102.55 Jan 3 00:12:13 vmanager6029 sshd\[18498\]: Failed password for invalid user admin1 from 181.50.102.55 port 5870 ssh2	2020-01-03 07:23:32
112.85.42.173	attack	Jan 2 13:27:19 php1 sshd\[25752\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173 user=root Jan 2 13:27:21 php1 sshd\[25752\]: Failed password for root from 112.85.42.173 port 28595 ssh2 Jan 2 13:27:37 php1 sshd\[25776\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173 user=root Jan 2 13:27:39 php1 sshd\[25776\]: Failed password for root from 112.85.42.173 port 59966 ssh2 Jan 2 13:27:59 php1 sshd\[25803\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173 user=root	2020-01-03 07:29:09
103.105.56.39	attack	Invalid user sher from 103.105.56.39 port 53044	2020-01-03 07:04:01
34.215.122.24	attackspambots	01/03/2020-00:22:37.739137 34.215.122.24 Protocol: 6 SURICATA TLS invalid record/traffic	2020-01-03 07:23:05
106.12.102.160	attack	$f2bV_matches	2020-01-03 07:35:17

最近上报的IP列表

188.149.155.92	33.122.75.35	185.249.198.46	93.250.158.149
146.199.171.103	138.201.95.98	107.173.219.101	103.228.183.10
94.9.63.175	77.20.22.120	45.32.28.219	27.76.82.0
5.253.27.243	13.57.133.225	5.145.252.171	5.37.192.201
46.72.53.4	173.12.35.75	160.75.251.196	175.193.177.175