142.93.34.169 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	142.93.34.169 - - [24/Aug/2020:05:43:57 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [24/Aug/2020:05:43:58 +0100] "POST /wp-login.php HTTP/1.1" 200 1949 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [24/Aug/2020:05:43:59 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-24 14:39:17
attackbots	Attempt to hack Wordpress Login, XMLRPC or other login	2020-08-19 19:16:09
attack	142.93.34.169 - - [17/Aug/2020:12:22:30 +0100] "POST /wp-login.php HTTP/1.1" 200 1967 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [17/Aug/2020:12:22:30 +0100] "POST /wp-login.php HTTP/1.1" 200 1994 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [17/Aug/2020:12:22:31 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-17 19:27:58
attack	142.93.34.169 - - [16/Aug/2020:05:56:38 +0200] "POST /wp-login.php HTTP/1.0" 200 4749 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-16 12:49:08
attackspam	142.93.34.169 - - [15/Aug/2020:17:16:14 +0200] "POST /xmlrpc.php HTTP/1.1" 403 9492 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [15/Aug/2020:17:27:12 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-15 23:58:52
attack	142.93.34.169 - - [08/Aug/2020:18:36:43 +0100] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [08/Aug/2020:18:36:44 +0100] "POST /wp-login.php HTTP/1.1" 200 1685 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [08/Aug/2020:18:36:44 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-09 03:40:27
attackbotsspam	142.93.34.169 - - \[30/Jul/2020:06:33:42 +0200\] "POST /wp-login.php HTTP/1.0" 200 4128 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - \[30/Jul/2020:06:33:43 +0200\] "POST /wp-login.php HTTP/1.0" 200 3955 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - \[30/Jul/2020:06:33:44 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-07-30 16:52:11

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.34.237	attackbots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-01 18:50:53
142.93.34.237	attack	scans 2 times in preceeding hours on the ports (in chronological order) 2812 2812	2020-09-20 22:48:04
142.93.34.237	attackbotsspam	(sshd) Failed SSH login from 142.93.34.237 (GB/United Kingdom/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 20 02:32:21 optimus sshd[18174]: Invalid user postgres from 142.93.34.237 Sep 20 02:32:21 optimus sshd[18174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Sep 20 02:32:23 optimus sshd[18174]: Failed password for invalid user postgres from 142.93.34.237 port 53744 ssh2 Sep 20 02:34:07 optimus sshd[19447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 user=root Sep 20 02:34:09 optimus sshd[19447]: Failed password for root from 142.93.34.237 port 47652 ssh2	2020-09-20 14:39:11
142.93.34.237	attackbots	[ssh] SSH attack	2020-09-20 06:38:03
142.93.34.237	attack	Sep 9 08:23:48 root sshd[32474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 ...	2020-09-09 20:18:07
142.93.34.237	attackbots	Port scan denied	2020-09-09 14:15:06
142.93.34.237	attackspam	(sshd) Failed SSH login from 142.93.34.237 (GB/United Kingdom/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 8 17:44:52 server2 sshd[5793]: Invalid user opc from 142.93.34.237 Sep 8 17:44:52 server2 sshd[5793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Sep 8 17:44:54 server2 sshd[5793]: Failed password for invalid user opc from 142.93.34.237 port 48194 ssh2 Sep 8 17:50:46 server2 sshd[9000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 user=root Sep 8 17:50:48 server2 sshd[9000]: Failed password for root from 142.93.34.237 port 45140 ssh2	2020-09-09 06:26:28
142.93.34.237	attackspambots	TCP port : 5290	2020-09-02 22:11:05
142.93.34.237	attackbotsspam	Port scan denied	2020-09-02 14:01:13
142.93.34.237	attackspambots	Invalid user mongo from 142.93.34.237 port 43272	2020-09-02 07:02:07
142.93.34.237	attackspam	Aug 30 07:54:05 lukav-desktop sshd\[20305\]: Invalid user sftp from 142.93.34.237 Aug 30 07:54:05 lukav-desktop sshd\[20305\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Aug 30 07:54:08 lukav-desktop sshd\[20305\]: Failed password for invalid user sftp from 142.93.34.237 port 39110 ssh2 Aug 30 07:58:01 lukav-desktop sshd\[20345\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 user=root Aug 30 07:58:03 lukav-desktop sshd\[20345\]: Failed password for root from 142.93.34.237 port 47702 ssh2	2020-08-30 13:11:32
142.93.34.237	attackbotsspam	Invalid user demo from 142.93.34.237 port 45858	2020-08-22 06:25:00
142.93.34.237	attack	Aug 18 12:30:05 vps-51d81928 sshd[708386]: Failed password for invalid user yuxin from 142.93.34.237 port 47050 ssh2 Aug 18 12:34:05 vps-51d81928 sshd[708526]: Invalid user josh from 142.93.34.237 port 55404 Aug 18 12:34:05 vps-51d81928 sshd[708526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Aug 18 12:34:05 vps-51d81928 sshd[708526]: Invalid user josh from 142.93.34.237 port 55404 Aug 18 12:34:07 vps-51d81928 sshd[708526]: Failed password for invalid user josh from 142.93.34.237 port 55404 ssh2 ...	2020-08-18 22:29:14
142.93.34.237	attackbots	Aug 16 15:33:50 srv-ubuntu-dev3 sshd[98774]: Invalid user admin from 142.93.34.237 Aug 16 15:33:50 srv-ubuntu-dev3 sshd[98774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Aug 16 15:33:50 srv-ubuntu-dev3 sshd[98774]: Invalid user admin from 142.93.34.237 Aug 16 15:33:52 srv-ubuntu-dev3 sshd[98774]: Failed password for invalid user admin from 142.93.34.237 port 33782 ssh2 Aug 16 15:37:46 srv-ubuntu-dev3 sshd[99361]: Invalid user alisa from 142.93.34.237 Aug 16 15:37:46 srv-ubuntu-dev3 sshd[99361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Aug 16 15:37:46 srv-ubuntu-dev3 sshd[99361]: Invalid user alisa from 142.93.34.237 Aug 16 15:37:49 srv-ubuntu-dev3 sshd[99361]: Failed password for invalid user alisa from 142.93.34.237 port 40892 ssh2 Aug 16 15:41:28 srv-ubuntu-dev3 sshd[99816]: Invalid user lb from 142.93.34.237 ...	2020-08-16 22:47:59
142.93.34.237	attackspam	Aug 16 05:57:02 cosmoit sshd[28443]: Failed password for root from 142.93.34.237 port 60122 ssh2	2020-08-16 12:07:43

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.34.169
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46484
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.34.169.			IN	A

;; AUTHORITY SECTION:
.			527	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020073000 1800 900 604800 86400

;; Query time: 74 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 30 16:52:02 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 169.34.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 169.34.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
93.115.241.194	attackspam	Automated report - ssh fail2ban: Aug 27 18:13:55 wrong password, user=root, port=44654, ssh2 Aug 27 18:13:59 wrong password, user=root, port=44654, ssh2 Aug 27 18:14:03 wrong password, user=root, port=44654, ssh2 Aug 27 18:14:07 wrong password, user=root, port=44654, ssh2	2019-08-28 03:12:05
120.52.152.17	attackbotsspam	firewall-block, port(s): 3283/tcp, 3333/tcp	2019-08-28 03:34:42
181.30.26.40	attackbotsspam	Aug 27 11:08:15 game-panel sshd[31120]: Failed password for root from 181.30.26.40 port 60348 ssh2 Aug 27 11:13:24 game-panel sshd[31346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.30.26.40 Aug 27 11:13:27 game-panel sshd[31346]: Failed password for invalid user c1 from 181.30.26.40 port 48482 ssh2	2019-08-28 03:18:42
202.120.7.24	attackbots	[Aegis] @ 2019-08-27 16:21:45 0100 -> SSH insecure connection attempt (scan).	2019-08-28 03:10:57
1.1.230.122	attack	Unauthorized connection attempt from IP address 1.1.230.122 on Port 445(SMB)	2019-08-28 03:09:30
1.198.30.108	attack	Unauthorized connection attempt from IP address 1.198.30.108 on Port 445(SMB)	2019-08-28 03:19:57
128.199.118.27	attackspambots	2019-08-27T12:54:06.634221abusebot.cloudsearch.cf sshd\[28421\]: Invalid user dark from 128.199.118.27 port 34528	2019-08-28 03:05:14
184.64.13.67	attackbots	Aug 27 00:45:10 hcbb sshd\[31032\]: Invalid user openstack from 184.64.13.67 Aug 27 00:45:10 hcbb sshd\[31032\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=s010650e549cedc71.cg.shawcable.net Aug 27 00:45:11 hcbb sshd\[31032\]: Failed password for invalid user openstack from 184.64.13.67 port 44852 ssh2 Aug 27 00:49:32 hcbb sshd\[31450\]: Invalid user toor from 184.64.13.67 Aug 27 00:49:32 hcbb sshd\[31450\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=s010650e549cedc71.cg.shawcable.net	2019-08-28 03:36:06
187.216.222.202	attackbots	Unauthorized connection attempt from IP address 187.216.222.202 on Port 445(SMB)	2019-08-28 03:25:31
104.248.116.140	attackspam	2019-08-27T12:48:48.940822abusebot-2.cloudsearch.cf sshd\[21153\]: Invalid user admin from 104.248.116.140 port 50376	2019-08-28 03:23:17
77.250.254.91	attackspambots	Invalid user sit from 77.250.254.91 port 60392 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.250.254.91 Failed password for invalid user sit from 77.250.254.91 port 60392 ssh2 Invalid user factorio from 77.250.254.91 port 50044 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.250.254.91	2019-08-28 03:19:40
23.129.64.216	attackspambots	Automated report - ssh fail2ban: Aug 27 20:28:38 wrong password, user=root, port=15801, ssh2 Aug 27 20:28:42 wrong password, user=root, port=15801, ssh2 Aug 27 20:28:45 wrong password, user=root, port=15801, ssh2 Aug 27 20:28:49 wrong password, user=root, port=15801, ssh2	2019-08-28 03:15:22
185.220.102.8	attack	Invalid user abuse from 185.220.102.8 port 37867	2019-08-28 03:34:08
14.247.172.54	attackspam	Unauthorized connection attempt from IP address 14.247.172.54 on Port 445(SMB)	2019-08-28 03:03:19
201.69.117.126	attack	Automatic report - Port Scan Attack	2019-08-28 03:23:52

最近上报的IP列表

3.137.172.1	95.163.255.122	95.163.255.220	103.99.2.125
55.197.191.11	51.210.13.215	95.46.164.54	64.227.90.153
187.183.241.147	180.126.170.186	45.168.175.33	193.27.228.172
43.80.115.23	222.239.212.227	82.103.122.122	104.37.31.46
178.44.134.246	75.143.249.12	36.90.222.101	221.2.213.84