142.93.34.169 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	142.93.34.169 - - [24/Aug/2020:05:43:57 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [24/Aug/2020:05:43:58 +0100] "POST /wp-login.php HTTP/1.1" 200 1949 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [24/Aug/2020:05:43:59 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-24 14:39:17
attackbots	Attempt to hack Wordpress Login, XMLRPC or other login	2020-08-19 19:16:09
attack	142.93.34.169 - - [17/Aug/2020:12:22:30 +0100] "POST /wp-login.php HTTP/1.1" 200 1967 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [17/Aug/2020:12:22:30 +0100] "POST /wp-login.php HTTP/1.1" 200 1994 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [17/Aug/2020:12:22:31 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-17 19:27:58
attack	142.93.34.169 - - [16/Aug/2020:05:56:38 +0200] "POST /wp-login.php HTTP/1.0" 200 4749 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-16 12:49:08
attackspam	142.93.34.169 - - [15/Aug/2020:17:16:14 +0200] "POST /xmlrpc.php HTTP/1.1" 403 9492 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [15/Aug/2020:17:27:12 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-15 23:58:52
attack	142.93.34.169 - - [08/Aug/2020:18:36:43 +0100] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [08/Aug/2020:18:36:44 +0100] "POST /wp-login.php HTTP/1.1" 200 1685 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [08/Aug/2020:18:36:44 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-09 03:40:27
attackbotsspam	142.93.34.169 - - \[30/Jul/2020:06:33:42 +0200\] "POST /wp-login.php HTTP/1.0" 200 4128 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - \[30/Jul/2020:06:33:43 +0200\] "POST /wp-login.php HTTP/1.0" 200 3955 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - \[30/Jul/2020:06:33:44 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-07-30 16:52:11

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.34.237	attackbots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-01 18:50:53
142.93.34.237	attack	scans 2 times in preceeding hours on the ports (in chronological order) 2812 2812	2020-09-20 22:48:04
142.93.34.237	attackbotsspam	(sshd) Failed SSH login from 142.93.34.237 (GB/United Kingdom/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 20 02:32:21 optimus sshd[18174]: Invalid user postgres from 142.93.34.237 Sep 20 02:32:21 optimus sshd[18174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Sep 20 02:32:23 optimus sshd[18174]: Failed password for invalid user postgres from 142.93.34.237 port 53744 ssh2 Sep 20 02:34:07 optimus sshd[19447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 user=root Sep 20 02:34:09 optimus sshd[19447]: Failed password for root from 142.93.34.237 port 47652 ssh2	2020-09-20 14:39:11
142.93.34.237	attackbots	[ssh] SSH attack	2020-09-20 06:38:03
142.93.34.237	attack	Sep 9 08:23:48 root sshd[32474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 ...	2020-09-09 20:18:07
142.93.34.237	attackbots	Port scan denied	2020-09-09 14:15:06
142.93.34.237	attackspam	(sshd) Failed SSH login from 142.93.34.237 (GB/United Kingdom/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 8 17:44:52 server2 sshd[5793]: Invalid user opc from 142.93.34.237 Sep 8 17:44:52 server2 sshd[5793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Sep 8 17:44:54 server2 sshd[5793]: Failed password for invalid user opc from 142.93.34.237 port 48194 ssh2 Sep 8 17:50:46 server2 sshd[9000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 user=root Sep 8 17:50:48 server2 sshd[9000]: Failed password for root from 142.93.34.237 port 45140 ssh2	2020-09-09 06:26:28
142.93.34.237	attackspambots	TCP port : 5290	2020-09-02 22:11:05
142.93.34.237	attackbotsspam	Port scan denied	2020-09-02 14:01:13
142.93.34.237	attackspambots	Invalid user mongo from 142.93.34.237 port 43272	2020-09-02 07:02:07
142.93.34.237	attackspam	Aug 30 07:54:05 lukav-desktop sshd\[20305\]: Invalid user sftp from 142.93.34.237 Aug 30 07:54:05 lukav-desktop sshd\[20305\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Aug 30 07:54:08 lukav-desktop sshd\[20305\]: Failed password for invalid user sftp from 142.93.34.237 port 39110 ssh2 Aug 30 07:58:01 lukav-desktop sshd\[20345\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 user=root Aug 30 07:58:03 lukav-desktop sshd\[20345\]: Failed password for root from 142.93.34.237 port 47702 ssh2	2020-08-30 13:11:32
142.93.34.237	attackbotsspam	Invalid user demo from 142.93.34.237 port 45858	2020-08-22 06:25:00
142.93.34.237	attack	Aug 18 12:30:05 vps-51d81928 sshd[708386]: Failed password for invalid user yuxin from 142.93.34.237 port 47050 ssh2 Aug 18 12:34:05 vps-51d81928 sshd[708526]: Invalid user josh from 142.93.34.237 port 55404 Aug 18 12:34:05 vps-51d81928 sshd[708526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Aug 18 12:34:05 vps-51d81928 sshd[708526]: Invalid user josh from 142.93.34.237 port 55404 Aug 18 12:34:07 vps-51d81928 sshd[708526]: Failed password for invalid user josh from 142.93.34.237 port 55404 ssh2 ...	2020-08-18 22:29:14
142.93.34.237	attackbots	Aug 16 15:33:50 srv-ubuntu-dev3 sshd[98774]: Invalid user admin from 142.93.34.237 Aug 16 15:33:50 srv-ubuntu-dev3 sshd[98774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Aug 16 15:33:50 srv-ubuntu-dev3 sshd[98774]: Invalid user admin from 142.93.34.237 Aug 16 15:33:52 srv-ubuntu-dev3 sshd[98774]: Failed password for invalid user admin from 142.93.34.237 port 33782 ssh2 Aug 16 15:37:46 srv-ubuntu-dev3 sshd[99361]: Invalid user alisa from 142.93.34.237 Aug 16 15:37:46 srv-ubuntu-dev3 sshd[99361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Aug 16 15:37:46 srv-ubuntu-dev3 sshd[99361]: Invalid user alisa from 142.93.34.237 Aug 16 15:37:49 srv-ubuntu-dev3 sshd[99361]: Failed password for invalid user alisa from 142.93.34.237 port 40892 ssh2 Aug 16 15:41:28 srv-ubuntu-dev3 sshd[99816]: Invalid user lb from 142.93.34.237 ...	2020-08-16 22:47:59
142.93.34.237	attackspam	Aug 16 05:57:02 cosmoit sshd[28443]: Failed password for root from 142.93.34.237 port 60122 ssh2	2020-08-16 12:07:43

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.34.169
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46484
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.34.169.			IN	A

;; AUTHORITY SECTION:
.			527	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020073000 1800 900 604800 86400

;; Query time: 74 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 30 16:52:02 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 169.34.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 169.34.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
139.59.190.69	attack	Sep 12 09:25:11 hpm sshd\[24133\]: Invalid user vbox from 139.59.190.69 Sep 12 09:25:11 hpm sshd\[24133\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.190.69 Sep 12 09:25:13 hpm sshd\[24133\]: Failed password for invalid user vbox from 139.59.190.69 port 57804 ssh2 Sep 12 09:30:57 hpm sshd\[24681\]: Invalid user admin1 from 139.59.190.69 Sep 12 09:30:57 hpm sshd\[24681\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.190.69	2019-09-13 03:46:33
80.79.71.99	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-12 14:45:01,025 INFO [shellcode_manager] (80.79.71.99) no match, writing hexdump (2ad11fc69c8bf45c45291a91fbcc9472 :1889543) - MS17010 (EternalBlue)	2019-09-13 03:46:01
23.129.64.170	attackbotsspam	Invalid user 1111 from 23.129.64.170 port 30148	2019-09-13 04:14:46
108.179.19.44	attackbotsspam	Brute force RDP, port 3389	2019-09-13 03:41:55
176.227.195.138	attackspam	ThinkPHP Remote Code Execution Vulnerability, PTR: h176-227-195-138.host.redstation.co.uk.	2019-09-13 03:52:06
104.248.117.234	attackspam	Sep 12 21:52:02 vps647732 sshd[10623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.117.234 Sep 12 21:52:04 vps647732 sshd[10623]: Failed password for invalid user webapps from 104.248.117.234 port 43732 ssh2 ...	2019-09-13 03:56:19
128.199.224.215	attack	2019-09-12T19:04:06.787547abusebot-5.cloudsearch.cf sshd\[9605\]: Invalid user amsftp from 128.199.224.215 port 38146	2019-09-13 04:18:37
150.109.170.49	attackbots	60010/tcp 8890/tcp 1610/tcp... [2019-07-16/09-12]11pkt,11pt.(tcp)	2019-09-13 04:04:15
219.91.133.152	attackbots	Sep 12 06:57:48 sachi sshd\[7807\]: Invalid user admin from 219.91.133.152 Sep 12 06:57:48 sachi sshd\[7807\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.91.133.152 Sep 12 06:57:50 sachi sshd\[7807\]: Failed password for invalid user admin from 219.91.133.152 port 36934 ssh2 Sep 12 07:04:29 sachi sshd\[8395\]: Invalid user dbuser from 219.91.133.152 Sep 12 07:04:29 sachi sshd\[8395\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.91.133.152	2019-09-13 04:03:51
177.37.160.195	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-12 14:43:29,836 INFO [shellcode_manager] (177.37.160.195) no match, writing hexdump (45f5ef579da1aec0efd29e07011afce4 :1851432) - SMB (Unknown)	2019-09-13 03:58:39
157.245.10.184	attackspambots	Sep 12 10:03:26 aiointranet sshd\[5317\]: Invalid user 321 from 157.245.10.184 Sep 12 10:03:26 aiointranet sshd\[5317\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.10.184 Sep 12 10:03:27 aiointranet sshd\[5317\]: Failed password for invalid user 321 from 157.245.10.184 port 35366 ssh2 Sep 12 10:09:08 aiointranet sshd\[5843\]: Invalid user 123456 from 157.245.10.184 Sep 12 10:09:08 aiointranet sshd\[5843\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.10.184	2019-09-13 04:12:57
222.186.31.144	attack	Sep 12 21:29:50 minden010 sshd[6404]: Failed password for root from 222.186.31.144 port 20520 ssh2 Sep 12 21:29:53 minden010 sshd[6404]: Failed password for root from 222.186.31.144 port 20520 ssh2 Sep 12 21:29:55 minden010 sshd[6404]: Failed password for root from 222.186.31.144 port 20520 ssh2 ...	2019-09-13 03:40:47
106.13.128.71	attackbotsspam	Sep 12 05:45:28 hiderm sshd\[15448\]: Invalid user sftpuser from 106.13.128.71 Sep 12 05:45:28 hiderm sshd\[15448\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71 Sep 12 05:45:30 hiderm sshd\[15448\]: Failed password for invalid user sftpuser from 106.13.128.71 port 43134 ssh2 Sep 12 05:52:33 hiderm sshd\[16071\]: Invalid user test from 106.13.128.71 Sep 12 05:52:33 hiderm sshd\[16071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.128.71	2019-09-13 04:06:19
51.68.82.218	attack	Sep 12 19:23:23 MK-Soft-VM4 sshd\[18008\]: Invalid user accounts from 51.68.82.218 port 44370 Sep 12 19:23:23 MK-Soft-VM4 sshd\[18008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.82.218 Sep 12 19:23:26 MK-Soft-VM4 sshd\[18008\]: Failed password for invalid user accounts from 51.68.82.218 port 44370 ssh2 ...	2019-09-13 04:07:19
202.120.40.69	attackbots	Sep 12 15:29:40 TORMINT sshd\[21215\]: Invalid user guest from 202.120.40.69 Sep 12 15:29:40 TORMINT sshd\[21215\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.120.40.69 Sep 12 15:29:42 TORMINT sshd\[21215\]: Failed password for invalid user guest from 202.120.40.69 port 54342 ssh2 ...	2019-09-13 04:02:36

最近上报的IP列表

3.137.172.1	95.163.255.122	95.163.255.220	103.99.2.125
55.197.191.11	51.210.13.215	95.46.164.54	64.227.90.153
187.183.241.147	180.126.170.186	45.168.175.33	193.27.228.172
43.80.115.23	222.239.212.227	82.103.122.122	104.37.31.46
178.44.134.246	75.143.249.12	36.90.222.101	221.2.213.84