142.93.34.169 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	142.93.34.169 - - [24/Aug/2020:05:43:57 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [24/Aug/2020:05:43:58 +0100] "POST /wp-login.php HTTP/1.1" 200 1949 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [24/Aug/2020:05:43:59 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-24 14:39:17
attackbots	Attempt to hack Wordpress Login, XMLRPC or other login	2020-08-19 19:16:09
attack	142.93.34.169 - - [17/Aug/2020:12:22:30 +0100] "POST /wp-login.php HTTP/1.1" 200 1967 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [17/Aug/2020:12:22:30 +0100] "POST /wp-login.php HTTP/1.1" 200 1994 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [17/Aug/2020:12:22:31 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-17 19:27:58
attack	142.93.34.169 - - [16/Aug/2020:05:56:38 +0200] "POST /wp-login.php HTTP/1.0" 200 4749 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-16 12:49:08
attackspam	142.93.34.169 - - [15/Aug/2020:17:16:14 +0200] "POST /xmlrpc.php HTTP/1.1" 403 9492 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [15/Aug/2020:17:27:12 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-15 23:58:52
attack	142.93.34.169 - - [08/Aug/2020:18:36:43 +0100] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [08/Aug/2020:18:36:44 +0100] "POST /wp-login.php HTTP/1.1" 200 1685 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [08/Aug/2020:18:36:44 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-09 03:40:27
attackbotsspam	142.93.34.169 - - \[30/Jul/2020:06:33:42 +0200\] "POST /wp-login.php HTTP/1.0" 200 4128 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - \[30/Jul/2020:06:33:43 +0200\] "POST /wp-login.php HTTP/1.0" 200 3955 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - \[30/Jul/2020:06:33:44 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-07-30 16:52:11

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.34.237	attackbots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-01 18:50:53
142.93.34.237	attack	scans 2 times in preceeding hours on the ports (in chronological order) 2812 2812	2020-09-20 22:48:04
142.93.34.237	attackbotsspam	(sshd) Failed SSH login from 142.93.34.237 (GB/United Kingdom/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 20 02:32:21 optimus sshd[18174]: Invalid user postgres from 142.93.34.237 Sep 20 02:32:21 optimus sshd[18174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Sep 20 02:32:23 optimus sshd[18174]: Failed password for invalid user postgres from 142.93.34.237 port 53744 ssh2 Sep 20 02:34:07 optimus sshd[19447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 user=root Sep 20 02:34:09 optimus sshd[19447]: Failed password for root from 142.93.34.237 port 47652 ssh2	2020-09-20 14:39:11
142.93.34.237	attackbots	[ssh] SSH attack	2020-09-20 06:38:03
142.93.34.237	attack	Sep 9 08:23:48 root sshd[32474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 ...	2020-09-09 20:18:07
142.93.34.237	attackbots	Port scan denied	2020-09-09 14:15:06
142.93.34.237	attackspam	(sshd) Failed SSH login from 142.93.34.237 (GB/United Kingdom/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 8 17:44:52 server2 sshd[5793]: Invalid user opc from 142.93.34.237 Sep 8 17:44:52 server2 sshd[5793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Sep 8 17:44:54 server2 sshd[5793]: Failed password for invalid user opc from 142.93.34.237 port 48194 ssh2 Sep 8 17:50:46 server2 sshd[9000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 user=root Sep 8 17:50:48 server2 sshd[9000]: Failed password for root from 142.93.34.237 port 45140 ssh2	2020-09-09 06:26:28
142.93.34.237	attackspambots	TCP port : 5290	2020-09-02 22:11:05
142.93.34.237	attackbotsspam	Port scan denied	2020-09-02 14:01:13
142.93.34.237	attackspambots	Invalid user mongo from 142.93.34.237 port 43272	2020-09-02 07:02:07
142.93.34.237	attackspam	Aug 30 07:54:05 lukav-desktop sshd\[20305\]: Invalid user sftp from 142.93.34.237 Aug 30 07:54:05 lukav-desktop sshd\[20305\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Aug 30 07:54:08 lukav-desktop sshd\[20305\]: Failed password for invalid user sftp from 142.93.34.237 port 39110 ssh2 Aug 30 07:58:01 lukav-desktop sshd\[20345\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 user=root Aug 30 07:58:03 lukav-desktop sshd\[20345\]: Failed password for root from 142.93.34.237 port 47702 ssh2	2020-08-30 13:11:32
142.93.34.237	attackbotsspam	Invalid user demo from 142.93.34.237 port 45858	2020-08-22 06:25:00
142.93.34.237	attack	Aug 18 12:30:05 vps-51d81928 sshd[708386]: Failed password for invalid user yuxin from 142.93.34.237 port 47050 ssh2 Aug 18 12:34:05 vps-51d81928 sshd[708526]: Invalid user josh from 142.93.34.237 port 55404 Aug 18 12:34:05 vps-51d81928 sshd[708526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Aug 18 12:34:05 vps-51d81928 sshd[708526]: Invalid user josh from 142.93.34.237 port 55404 Aug 18 12:34:07 vps-51d81928 sshd[708526]: Failed password for invalid user josh from 142.93.34.237 port 55404 ssh2 ...	2020-08-18 22:29:14
142.93.34.237	attackbots	Aug 16 15:33:50 srv-ubuntu-dev3 sshd[98774]: Invalid user admin from 142.93.34.237 Aug 16 15:33:50 srv-ubuntu-dev3 sshd[98774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Aug 16 15:33:50 srv-ubuntu-dev3 sshd[98774]: Invalid user admin from 142.93.34.237 Aug 16 15:33:52 srv-ubuntu-dev3 sshd[98774]: Failed password for invalid user admin from 142.93.34.237 port 33782 ssh2 Aug 16 15:37:46 srv-ubuntu-dev3 sshd[99361]: Invalid user alisa from 142.93.34.237 Aug 16 15:37:46 srv-ubuntu-dev3 sshd[99361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Aug 16 15:37:46 srv-ubuntu-dev3 sshd[99361]: Invalid user alisa from 142.93.34.237 Aug 16 15:37:49 srv-ubuntu-dev3 sshd[99361]: Failed password for invalid user alisa from 142.93.34.237 port 40892 ssh2 Aug 16 15:41:28 srv-ubuntu-dev3 sshd[99816]: Invalid user lb from 142.93.34.237 ...	2020-08-16 22:47:59
142.93.34.237	attackspam	Aug 16 05:57:02 cosmoit sshd[28443]: Failed password for root from 142.93.34.237 port 60122 ssh2	2020-08-16 12:07:43

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.34.169
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46484
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.34.169.			IN	A

;; AUTHORITY SECTION:
.			527	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020073000 1800 900 604800 86400

;; Query time: 74 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 30 16:52:02 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 169.34.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 169.34.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
217.182.71.54	attackspambots	2 SSH login attempts.	2020-09-21 17:53:54
112.85.42.173	attackbotsspam	2020-09-21T12:56:58.792514lavrinenko.info sshd[7288]: Failed password for root from 112.85.42.173 port 1219 ssh2 2020-09-21T12:57:03.796193lavrinenko.info sshd[7288]: Failed password for root from 112.85.42.173 port 1219 ssh2 2020-09-21T12:57:09.258959lavrinenko.info sshd[7288]: Failed password for root from 112.85.42.173 port 1219 ssh2 2020-09-21T12:57:14.260325lavrinenko.info sshd[7288]: Failed password for root from 112.85.42.173 port 1219 ssh2 2020-09-21T12:57:14.352924lavrinenko.info sshd[7288]: error: maximum authentication attempts exceeded for root from 112.85.42.173 port 1219 ssh2 [preauth] ...	2020-09-21 18:17:47
142.44.161.132	attackspambots	Sep 21 06:23:29 ws12vmsma01 sshd[56639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.ip-142-44-161.net Sep 21 06:23:29 ws12vmsma01 sshd[56639]: Invalid user user from 142.44.161.132 Sep 21 06:23:31 ws12vmsma01 sshd[56639]: Failed password for invalid user user from 142.44.161.132 port 40676 ssh2 ...	2020-09-21 17:56:45
154.8.232.34	attackbots	SSH Brute Force	2020-09-21 18:24:20
103.98.16.135	attackspam	Sep 21 11:24:44 xeon sshd[2825]: Failed password for invalid user admin from 103.98.16.135 port 56020 ssh2	2020-09-21 18:04:32
218.92.0.208	attackbotsspam	Brute-force attempt banned	2020-09-21 17:48:23
106.53.127.49	attackspambots	ssh brute force	2020-09-21 17:49:12
66.215.205.128	attackbots	SSH Server BruteForce Attack	2020-09-21 17:50:55
195.58.38.143	attackbotsspam	Sep 21 09:48:23 django-0 sshd[22950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.58.38.143 user=root Sep 21 09:48:25 django-0 sshd[22950]: Failed password for root from 195.58.38.143 port 56030 ssh2 ...	2020-09-21 18:23:59
105.112.120.118	attack	Port probing on unauthorized port 445	2020-09-21 17:47:15
113.20.99.51	attack	Listed on zen-spamhaus also barracudaCentral / proto=6 . srcport=47840 . dstport=445 . (2299)	2020-09-21 18:13:21
221.124.94.143	attackspambots	Port probing on unauthorized port 5555	2020-09-21 18:20:47
139.199.119.76	attackbotsspam	Sep 21 07:40:55 vlre-nyc-1 sshd\[20602\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.119.76 user=root Sep 21 07:40:58 vlre-nyc-1 sshd\[20602\]: Failed password for root from 139.199.119.76 port 53472 ssh2 Sep 21 07:42:56 vlre-nyc-1 sshd\[20645\]: Invalid user minecraft from 139.199.119.76 Sep 21 07:42:56 vlre-nyc-1 sshd\[20645\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.119.76 Sep 21 07:42:58 vlre-nyc-1 sshd\[20645\]: Failed password for invalid user minecraft from 139.199.119.76 port 51590 ssh2 ...	2020-09-21 18:24:43
51.158.112.98	attack	Failed password for invalid user ubuntu from 51.158.112.98 port 46792 ssh2 Invalid user administrator from 51.158.112.98 port 57600 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.112.98 Invalid user administrator from 51.158.112.98 port 57600 Failed password for invalid user administrator from 51.158.112.98 port 57600 ssh2	2020-09-21 18:06:11
42.110.167.79	attack	42.110.167.79 - - [20/Sep/2020:18:50:53 +0100] "POST /wp-login.php HTTP/1.1" 200 7652 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 42.110.167.79 - - [20/Sep/2020:18:51:47 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 42.110.167.79 - - [20/Sep/2020:18:51:49 +0100] "POST /wp-login.php HTTP/1.1" 200 7652 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" ...	2020-09-21 17:49:46

最近上报的IP列表

3.137.172.1	95.163.255.122	95.163.255.220	103.99.2.125
55.197.191.11	51.210.13.215	95.46.164.54	64.227.90.153
187.183.241.147	180.126.170.186	45.168.175.33	193.27.228.172
43.80.115.23	222.239.212.227	82.103.122.122	104.37.31.46
178.44.134.246	75.143.249.12	36.90.222.101	221.2.213.84