142.93.216.193

基本信息:

城市(city): Bengaluru

省份(region): Karnataka

国家(country): India

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH bruteforce (Triggered fail2ban)	2020-03-17 06:42:03

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.216.97	attackspam	SSH Brute Force	2020-09-23 23:16:31
142.93.216.97	attackbotsspam	Sep 22 20:18:56 hanapaa sshd\[16387\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 user=root Sep 22 20:18:58 hanapaa sshd\[16387\]: Failed password for root from 142.93.216.97 port 50322 ssh2 Sep 22 20:23:20 hanapaa sshd\[16719\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 user=root Sep 22 20:23:22 hanapaa sshd\[16719\]: Failed password for root from 142.93.216.97 port 59966 ssh2 Sep 22 20:27:54 hanapaa sshd\[17100\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 user=root	2020-09-23 15:30:35
142.93.216.97	attack	Sep 23 01:15:21 piServer sshd[2469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 Sep 23 01:15:23 piServer sshd[2469]: Failed password for invalid user ahmed from 142.93.216.97 port 55418 ssh2 Sep 23 01:19:37 piServer sshd[3087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 ...	2020-09-23 07:23:48
142.93.216.97	attack	Sep 16 14:22:44 pornomens sshd\[5538\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 user=root Sep 16 14:22:46 pornomens sshd\[5538\]: Failed password for root from 142.93.216.97 port 47298 ssh2 Sep 16 14:28:13 pornomens sshd\[5606\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 user=root ...	2020-09-17 01:59:29
142.93.216.97	attack	SSH Brute Force	2020-09-16 18:16:28
142.93.216.68	attackspam	2020-08-28T04:05:16.766901hostname sshd[18188]: Invalid user evelyn from 142.93.216.68 port 36100 2020-08-28T04:05:19.147483hostname sshd[18188]: Failed password for invalid user evelyn from 142.93.216.68 port 36100 ssh2 2020-08-28T04:09:12.331442hostname sshd[19739]: Invalid user pieter from 142.93.216.68 port 41426 ...	2020-08-28 05:14:22
142.93.216.68	attack	Aug 20 08:32:38 ny01 sshd[19239]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.68 Aug 20 08:32:40 ny01 sshd[19239]: Failed password for invalid user kafka from 142.93.216.68 port 33572 ssh2 Aug 20 08:34:52 ny01 sshd[19543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.68	2020-08-20 20:52:15
142.93.216.68	attackbotsspam	Aug 20 05:58:16 vmd26974 sshd[15433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.68 Aug 20 05:58:18 vmd26974 sshd[15433]: Failed password for invalid user hdis_mng from 142.93.216.68 port 45634 ssh2 ...	2020-08-20 13:43:49
142.93.216.97	attackspambots	2020-08-18T07:53:53.127152ks3355764 sshd[6863]: Failed password for invalid user wenbin from 142.93.216.97 port 45812 ssh2 2020-08-18T09:54:05.641164ks3355764 sshd[8179]: Invalid user kr from 142.93.216.97 port 51930 ...	2020-08-18 17:14:32
142.93.216.97	attack	Aug 17 18:03:39 dhoomketu sshd[2427134]: Failed password for invalid user benjamin from 142.93.216.97 port 60924 ssh2 Aug 17 18:08:16 dhoomketu sshd[2427270]: Invalid user ubuntu from 142.93.216.97 port 44228 Aug 17 18:08:16 dhoomketu sshd[2427270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 Aug 17 18:08:16 dhoomketu sshd[2427270]: Invalid user ubuntu from 142.93.216.97 port 44228 Aug 17 18:08:18 dhoomketu sshd[2427270]: Failed password for invalid user ubuntu from 142.93.216.97 port 44228 ssh2 ...	2020-08-17 20:49:20
142.93.216.97	attackbots	Bruteforce detected by fail2ban	2020-08-13 16:50:17
142.93.216.97	attackbots	Aug 12 15:45:54 vmd36147 sshd[12017]: Failed password for root from 142.93.216.97 port 37176 ssh2 Aug 12 15:50:37 vmd36147 sshd[22589]: Failed password for root from 142.93.216.97 port 47474 ssh2 ...	2020-08-13 00:25:38
142.93.216.97	attack	2020-08-11T01:59:39.0186481495-001 sshd[65383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 user=root 2020-08-11T01:59:41.6033341495-001 sshd[65383]: Failed password for root from 142.93.216.97 port 54248 ssh2 2020-08-11T02:01:58.0350441495-001 sshd[65495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 user=root 2020-08-11T02:01:59.8371401495-001 sshd[65495]: Failed password for root from 142.93.216.97 port 59724 ssh2 2020-08-11T02:04:22.9198341495-001 sshd[408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 user=root 2020-08-11T02:04:24.4910341495-001 sshd[408]: Failed password for root from 142.93.216.97 port 37046 ssh2 ...	2020-08-11 18:06:24
142.93.216.68	attackbotsspam	Aug 4 20:32:04 OPSO sshd\[9456\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.68 user=root Aug 4 20:32:07 OPSO sshd\[9456\]: Failed password for root from 142.93.216.68 port 47110 ssh2 Aug 4 20:36:27 OPSO sshd\[10618\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.68 user=root Aug 4 20:36:29 OPSO sshd\[10618\]: Failed password for root from 142.93.216.68 port 58406 ssh2 Aug 4 20:40:54 OPSO sshd\[11464\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.68 user=root	2020-08-05 05:30:58
142.93.216.157	attack	Lines containing failures of 142.93.216.157 Aug 2 07:14:21 linuxrulz sshd[12011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.157 user=r.r Aug 2 07:14:23 linuxrulz sshd[12011]: Failed password for r.r from 142.93.216.157 port 54234 ssh2 Aug 2 07:14:24 linuxrulz sshd[12011]: Received disconnect from 142.93.216.157 port 54234:11: Bye Bye [preauth] Aug 2 07:14:24 linuxrulz sshd[12011]: Disconnected from authenticating user r.r 142.93.216.157 port 54234 [preauth] Aug 2 07:26:49 linuxrulz sshd[13828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.157 user=r.r Aug 2 07:26:51 linuxrulz sshd[13828]: Failed password for r.r from 142.93.216.157 port 42002 ssh2 Aug 2 07:26:52 linuxrulz sshd[13828]: Received disconnect from 142.93.216.157 port 42002:11: Bye Bye [preauth] Aug 2 07:26:52 linuxrulz sshd[13828]: Disconnected from authenticating user r.r 142.93.216.157 po........ ------------------------------	2020-08-03 03:11:46

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.216.193
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32966
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.216.193.			IN	A

;; AUTHORITY SECTION:
.			447	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031601 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 17 06:42:00 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 193.216.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 193.216.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
112.199.95.227	attackspambots	Honeypot attack, port: 445, PTR: 227.95.199.112.clbrz.static.inet.eastern-tele.com.	2019-12-24 18:24:06
188.136.170.132	attackbots	1577173818 - 12/24/2019 08:50:18 Host: 188.136.170.132/188.136.170.132 Port: 445 TCP Blocked	2019-12-24 18:45:12
202.152.60.50	attack	Unauthorized connection attempt from IP address 202.152.60.50 on Port 445(SMB)	2019-12-24 18:35:19
51.77.137.211	attackbotsspam	ssh failed login	2019-12-24 18:41:55
211.75.207.37	attackbots	Honeypot attack, port: 445, PTR: 211-75-207-37.HINET-IP.hinet.net.	2019-12-24 18:37:15
27.106.64.182	attack	Unauthorised access (Dec 24) SRC=27.106.64.182 LEN=52 TTL=113 ID=9302 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-24 18:30:49
218.24.106.222	attackspambots	Invalid user test from 218.24.106.222 port 60965	2019-12-24 18:46:23
49.235.39.217	attack	2019-12-24T09:58:31.310057shield sshd\[28971\]: Invalid user leo from 49.235.39.217 port 37780 2019-12-24T09:58:31.314094shield sshd\[28971\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.39.217 2019-12-24T09:58:33.523065shield sshd\[28971\]: Failed password for invalid user leo from 49.235.39.217 port 37780 ssh2 2019-12-24T10:02:33.610695shield sshd\[29221\]: Invalid user yearsley from 49.235.39.217 port 39178 2019-12-24T10:02:33.615188shield sshd\[29221\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.39.217	2019-12-24 18:19:55
2.190.67.95	attackbotsspam	Automatic report - Port Scan Attack	2019-12-24 18:29:09
218.92.0.155	attackbots	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.155 user=root Failed password for root from 218.92.0.155 port 12239 ssh2 Failed password for root from 218.92.0.155 port 12239 ssh2 Failed password for root from 218.92.0.155 port 12239 ssh2 Failed password for root from 218.92.0.155 port 12239 ssh2	2019-12-24 18:29:58
220.141.6.41	attackspam	Unauthorized connection attempt from IP address 220.141.6.41 on Port 445(SMB)	2019-12-24 18:46:07
139.59.248.5	attackspambots	SSH/22 MH Probe, BF, Hack -	2019-12-24 18:29:27
167.114.226.137	attack	Dec 24 10:59:08 localhost sshd\[22506\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.226.137 user=root Dec 24 10:59:09 localhost sshd\[22506\]: Failed password for root from 167.114.226.137 port 33543 ssh2 Dec 24 11:01:39 localhost sshd\[22957\]: Invalid user maunder from 167.114.226.137 port 56387	2019-12-24 18:06:45
122.114.157.184	attackbots	SSH/22 MH Probe, BF, Hack -	2019-12-24 18:38:11
206.189.90.215	attackspambots	206.189.90.215 - - \[24/Dec/2019:10:28:16 +0100\] "POST /wp-login.php HTTP/1.0" 200 6597 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 206.189.90.215 - - \[24/Dec/2019:10:28:19 +0100\] "POST /wp-login.php HTTP/1.0" 200 6410 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 206.189.90.215 - - \[24/Dec/2019:10:28:20 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-12-24 18:22:06

最近上报的IP列表

27.105.227.223	92.12.132.59	188.233.37.178	131.38.219.120
197.40.244.78	200.93.9.68	217.198.60.53	173.13.152.105
123.198.190.2	181.59.55.81	188.36.32.222	86.28.186.177
24.182.195.164	77.42.88.248	210.2.223.28	46.52.87.185
218.42.231.133	27.77.21.66	36.67.175.75	184.22.210.199