142.93.34.169 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	142.93.34.169 - - [24/Aug/2020:05:43:57 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [24/Aug/2020:05:43:58 +0100] "POST /wp-login.php HTTP/1.1" 200 1949 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [24/Aug/2020:05:43:59 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-24 14:39:17
attackbots	Attempt to hack Wordpress Login, XMLRPC or other login	2020-08-19 19:16:09
attack	142.93.34.169 - - [17/Aug/2020:12:22:30 +0100] "POST /wp-login.php HTTP/1.1" 200 1967 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [17/Aug/2020:12:22:30 +0100] "POST /wp-login.php HTTP/1.1" 200 1994 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [17/Aug/2020:12:22:31 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-17 19:27:58
attack	142.93.34.169 - - [16/Aug/2020:05:56:38 +0200] "POST /wp-login.php HTTP/1.0" 200 4749 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-16 12:49:08
attackspam	142.93.34.169 - - [15/Aug/2020:17:16:14 +0200] "POST /xmlrpc.php HTTP/1.1" 403 9492 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [15/Aug/2020:17:27:12 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-15 23:58:52
attack	142.93.34.169 - - [08/Aug/2020:18:36:43 +0100] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [08/Aug/2020:18:36:44 +0100] "POST /wp-login.php HTTP/1.1" 200 1685 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [08/Aug/2020:18:36:44 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-09 03:40:27
attackbotsspam	142.93.34.169 - - \[30/Jul/2020:06:33:42 +0200\] "POST /wp-login.php HTTP/1.0" 200 4128 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.93.34.169 - - \[30/Jul/2020:06:33:43 +0200\] "POST /wp-login.php HTTP/1.0" 200 3955 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.93.34.169 - - \[30/Jul/2020:06:33:44 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-07-30 16:52:11

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.34.237	attackbots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-01 18:50:53
142.93.34.237	attack	scans 2 times in preceeding hours on the ports (in chronological order) 2812 2812	2020-09-20 22:48:04
142.93.34.237	attackbotsspam	(sshd) Failed SSH login from 142.93.34.237 (GB/United Kingdom/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 20 02:32:21 optimus sshd[18174]: Invalid user postgres from 142.93.34.237 Sep 20 02:32:21 optimus sshd[18174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Sep 20 02:32:23 optimus sshd[18174]: Failed password for invalid user postgres from 142.93.34.237 port 53744 ssh2 Sep 20 02:34:07 optimus sshd[19447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 user=root Sep 20 02:34:09 optimus sshd[19447]: Failed password for root from 142.93.34.237 port 47652 ssh2	2020-09-20 14:39:11
142.93.34.237	attackbots	[ssh] SSH attack	2020-09-20 06:38:03
142.93.34.237	attack	Sep 9 08:23:48 root sshd[32474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 ...	2020-09-09 20:18:07
142.93.34.237	attackbots	Port scan denied	2020-09-09 14:15:06
142.93.34.237	attackspam	(sshd) Failed SSH login from 142.93.34.237 (GB/United Kingdom/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 8 17:44:52 server2 sshd[5793]: Invalid user opc from 142.93.34.237 Sep 8 17:44:52 server2 sshd[5793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Sep 8 17:44:54 server2 sshd[5793]: Failed password for invalid user opc from 142.93.34.237 port 48194 ssh2 Sep 8 17:50:46 server2 sshd[9000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 user=root Sep 8 17:50:48 server2 sshd[9000]: Failed password for root from 142.93.34.237 port 45140 ssh2	2020-09-09 06:26:28
142.93.34.237	attackspambots	TCP port : 5290	2020-09-02 22:11:05
142.93.34.237	attackbotsspam	Port scan denied	2020-09-02 14:01:13
142.93.34.237	attackspambots	Invalid user mongo from 142.93.34.237 port 43272	2020-09-02 07:02:07
142.93.34.237	attackspam	Aug 30 07:54:05 lukav-desktop sshd\[20305\]: Invalid user sftp from 142.93.34.237 Aug 30 07:54:05 lukav-desktop sshd\[20305\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Aug 30 07:54:08 lukav-desktop sshd\[20305\]: Failed password for invalid user sftp from 142.93.34.237 port 39110 ssh2 Aug 30 07:58:01 lukav-desktop sshd\[20345\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 user=root Aug 30 07:58:03 lukav-desktop sshd\[20345\]: Failed password for root from 142.93.34.237 port 47702 ssh2	2020-08-30 13:11:32
142.93.34.237	attackbotsspam	Invalid user demo from 142.93.34.237 port 45858	2020-08-22 06:25:00
142.93.34.237	attack	Aug 18 12:30:05 vps-51d81928 sshd[708386]: Failed password for invalid user yuxin from 142.93.34.237 port 47050 ssh2 Aug 18 12:34:05 vps-51d81928 sshd[708526]: Invalid user josh from 142.93.34.237 port 55404 Aug 18 12:34:05 vps-51d81928 sshd[708526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Aug 18 12:34:05 vps-51d81928 sshd[708526]: Invalid user josh from 142.93.34.237 port 55404 Aug 18 12:34:07 vps-51d81928 sshd[708526]: Failed password for invalid user josh from 142.93.34.237 port 55404 ssh2 ...	2020-08-18 22:29:14
142.93.34.237	attackbots	Aug 16 15:33:50 srv-ubuntu-dev3 sshd[98774]: Invalid user admin from 142.93.34.237 Aug 16 15:33:50 srv-ubuntu-dev3 sshd[98774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Aug 16 15:33:50 srv-ubuntu-dev3 sshd[98774]: Invalid user admin from 142.93.34.237 Aug 16 15:33:52 srv-ubuntu-dev3 sshd[98774]: Failed password for invalid user admin from 142.93.34.237 port 33782 ssh2 Aug 16 15:37:46 srv-ubuntu-dev3 sshd[99361]: Invalid user alisa from 142.93.34.237 Aug 16 15:37:46 srv-ubuntu-dev3 sshd[99361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Aug 16 15:37:46 srv-ubuntu-dev3 sshd[99361]: Invalid user alisa from 142.93.34.237 Aug 16 15:37:49 srv-ubuntu-dev3 sshd[99361]: Failed password for invalid user alisa from 142.93.34.237 port 40892 ssh2 Aug 16 15:41:28 srv-ubuntu-dev3 sshd[99816]: Invalid user lb from 142.93.34.237 ...	2020-08-16 22:47:59
142.93.34.237	attackspam	Aug 16 05:57:02 cosmoit sshd[28443]: Failed password for root from 142.93.34.237 port 60122 ssh2	2020-08-16 12:07:43

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.34.169
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46484
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.34.169.			IN	A

;; AUTHORITY SECTION:
.			527	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020073000 1800 900 604800 86400

;; Query time: 74 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 30 16:52:02 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 169.34.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 169.34.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.15.115	attackspam	SSH bruteforce	2020-06-20 06:33:01
118.232.214.91	attack	8000/tcp 23/tcp 23/tcp [2020-05-10/06-19]3pkt	2020-06-20 06:56:22
222.186.61.174	attack	Jun 19 23:02:47 haigwepa sshd[9017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.61.174 Jun 19 23:02:49 haigwepa sshd[9017]: Failed password for invalid user developer from 222.186.61.174 port 39900 ssh2 ...	2020-06-20 06:38:59
222.186.180.130	attack	Jun 19 22:57:46 localhost sshd[50057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.130 user=root Jun 19 22:57:48 localhost sshd[50057]: Failed password for root from 222.186.180.130 port 50301 ssh2 Jun 19 22:57:51 localhost sshd[50057]: Failed password for root from 222.186.180.130 port 50301 ssh2 Jun 19 22:57:46 localhost sshd[50057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.130 user=root Jun 19 22:57:48 localhost sshd[50057]: Failed password for root from 222.186.180.130 port 50301 ssh2 Jun 19 22:57:51 localhost sshd[50057]: Failed password for root from 222.186.180.130 port 50301 ssh2 Jun 19 22:57:46 localhost sshd[50057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.130 user=root Jun 19 22:57:48 localhost sshd[50057]: Failed password for root from 222.186.180.130 port 50301 ssh2 Jun 19 22:57:51 localhost sshd[50 ...	2020-06-20 06:59:20
183.249.242.103	attackbotsspam	2020-06-19T15:42:05.658659linuxbox-skyline sshd[9068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.249.242.103 user=root 2020-06-19T15:42:07.753402linuxbox-skyline sshd[9068]: Failed password for root from 183.249.242.103 port 39242 ssh2 ...	2020-06-20 06:38:05
185.143.72.27	attackbots	Jun 20 00:38:51 srv01 postfix/smtpd\[27391\]: warning: unknown\[185.143.72.27\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 20 00:38:57 srv01 postfix/smtpd\[29895\]: warning: unknown\[185.143.72.27\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 20 00:38:58 srv01 postfix/smtpd\[29898\]: warning: unknown\[185.143.72.27\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 20 00:39:05 srv01 postfix/smtpd\[27391\]: warning: unknown\[185.143.72.27\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 20 00:39:42 srv01 postfix/smtpd\[29895\]: warning: unknown\[185.143.72.27\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-20 06:39:48
162.243.137.113	attackbotsspam	1604/udp 4443/tcp 993/tcp... [2020-04-29/06-19]45pkt,36pt.(tcp),4pt.(udp)	2020-06-20 06:35:20
177.125.79.20	attackspam	TCP port 8080: Scan and connection	2020-06-20 06:27:23
114.141.132.88	attackbotsspam	Jun 19 18:38:35 firewall sshd[7979]: Invalid user test from 114.141.132.88 Jun 19 18:38:37 firewall sshd[7979]: Failed password for invalid user test from 114.141.132.88 port 11227 ssh2 Jun 19 18:39:29 firewall sshd[7993]: Invalid user oracle from 114.141.132.88 ...	2020-06-20 06:47:34
198.144.149.253	attack	Web form spam	2020-06-20 06:35:54
144.172.73.43	attackbotsspam	Jun 19 15:36:31 propaganda sshd[43794]: Connection from 144.172.73.43 port 37588 on 10.0.0.160 port 22 rdomain "" Jun 19 15:36:33 propaganda sshd[43794]: Invalid user honey from 144.172.73.43 port 37588	2020-06-20 06:37:25
14.18.54.30	attackbotsspam	$f2bV_matches	2020-06-20 06:45:46
116.94.128.224	attackspam	Attempts against non-existent wp-login	2020-06-20 06:32:08
195.154.176.37	attackspambots	756. On Jun 19 2020 experienced a Brute Force SSH login attempt -> 91 unique times by 195.154.176.37.	2020-06-20 06:21:33
177.68.156.101	attack	2020-06-19T22:49:16.362397shield sshd\[30357\]: Invalid user visitor from 177.68.156.101 port 45219 2020-06-19T22:49:16.367444shield sshd\[30357\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.68.156.101 2020-06-19T22:49:18.181286shield sshd\[30357\]: Failed password for invalid user visitor from 177.68.156.101 port 45219 ssh2 2020-06-19T22:52:13.758424shield sshd\[30772\]: Invalid user xerox from 177.68.156.101 port 54838 2020-06-19T22:52:13.763106shield sshd\[30772\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.68.156.101	2020-06-20 06:57:44

最近上报的IP列表

3.137.172.1	95.163.255.122	95.163.255.220	103.99.2.125
55.197.191.11	51.210.13.215	95.46.164.54	64.227.90.153
187.183.241.147	180.126.170.186	45.168.175.33	193.27.228.172
43.80.115.23	222.239.212.227	82.103.122.122	104.37.31.46
178.44.134.246	75.143.249.12	36.90.222.101	221.2.213.84