142.93.124.56 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	142.93.124.56 - - [09/Jul/2020:21:21:27 +0100] "POST /wp-login.php HTTP/1.1" 200 2433 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.124.56 - - [09/Jul/2020:21:21:29 +0100] "POST /wp-login.php HTTP/1.1" 200 2399 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.124.56 - - [09/Jul/2020:21:21:30 +0100] "POST /wp-login.php HTTP/1.1" 200 2412 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-10 04:37:39
attackbots	142.93.124.56 - - [25/Jun/2020:15:01:11 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.124.56 - - [25/Jun/2020:15:01:12 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.124.56 - - [25/Jun/2020:15:01:13 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-25 21:11:26
attackspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-06-20 13:14:53
attackspam	WordPress login Brute force / Web App Attack on client site.	2020-05-04 16:05:07

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.124.210	attackbots	142.93.124.210 - - [08/Aug/2020:20:07:24 +0200] "GET /wp-login.php HTTP/1.1" 200 5738 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.124.210 - - [08/Aug/2020:20:07:25 +0200] "POST /wp-login.php HTTP/1.1" 200 5989 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.124.210 - - [08/Aug/2020:20:07:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-09 02:27:25
142.93.124.210	attackbotsspam	142.93.124.210 - - [12/Jul/2020:06:01:41 +0200] "GET /wp-login.php HTTP/1.1" 301 247 "http://[hidden]/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-12 14:59:49
142.93.124.210	attackbotsspam	WordPress brute-force	2020-07-10 23:39:01
142.93.124.210	attack	retro-gamer.club 142.93.124.210 [10/Jul/2020:07:10:28 +0200] "POST /wp-login.php HTTP/1.1" 200 6064 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" retro-gamer.club 142.93.124.210 [10/Jul/2020:07:10:30 +0200] "POST /wp-login.php HTTP/1.1" 200 6034 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-10 14:54:27
142.93.124.210	attackspam	C1,WP GET /wp-login.php	2020-07-05 08:16:41
142.93.124.210	attackbotsspam	HTTP DDOS	2020-06-20 13:12:46
142.93.124.210	attack	Automatic report - XMLRPC Attack	2020-06-14 21:37:59
142.93.124.210	attack	Automatic report - XMLRPC Attack	2020-06-08 22:39:04
142.93.124.210	attackbots	php WP PHPmyadamin ABUSE blocked for 12h	2020-05-14 03:12:53
142.93.124.101	attackbots	2019-11-2105:53:03dovecot_plainauthenticatorfailedfor\(ibmddl1a9ojz7mynpd\)[46.101.211.107]:47974:535Incorrectauthenticationdata\(set_id=bruno.rosenberger@inerta.eu\)2019-11-2105:54:26dovecot_plainauthenticatorfailedfor\(yp87fjx1jqw5sjjkf7cl\)[167.71.187.63]:58664:535Incorrectauthenticationdata\(set_id=bruno.rosenberger@inerta.eu\)2019-11-2105:53:56dovecot_plainauthenticatorfailedfor\(uscyrhzenjrqyf1udiav9\)[201.184.250.170]:54909:535Incorrectauthenticationdata\(set_id=bruno.rosenberger@inerta.eu\)2019-11-2105:54:05dovecot_plainauthenticatorfailedfor\(opbrfi3xg2m1dah2o0itlvnk3b5g\)[142.93.114.237]:41078:535Incorrectauthenticationdata\(set_id=bruno.rosenberger@inerta.eu\)2019-11-2105:53:20dovecot_plainauthenticatorfailedfor\(usjqom42pa6gyzl7me57l4d1se\)[142.93.117.214]:58826:535Incorrectauthenticationdata\(set_id=bruno.rosenberger@inerta.eu\)2019-11-2105:54:57dovecot_plainauthenticatorfailedforppp-119-76-173-7.revip17.asianet.co.th\(doc2q3l9608311zw5\)[119.76.173.7]:53434:535Incorrectauthenticationdata\(set_id	2019-11-21 14:10:22

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.124.56
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11858
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.124.56.			IN	A

;; AUTHORITY SECTION:
.			392	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050400 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 04 16:05:04 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 56.124.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 56.124.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
27.150.169.223	attackbotsspam	2019-09-27T09:38:51.794767abusebot-8.cloudsearch.cf sshd\[7558\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.150.169.223 user=root	2019-09-27 20:06:58
198.245.50.81	attack	Sep 27 02:11:32 web9 sshd\[9872\]: Invalid user minecraft from 198.245.50.81 Sep 27 02:11:32 web9 sshd\[9872\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.245.50.81 Sep 27 02:11:34 web9 sshd\[9872\]: Failed password for invalid user minecraft from 198.245.50.81 port 49274 ssh2 Sep 27 02:15:56 web9 sshd\[10691\]: Invalid user brasov from 198.245.50.81 Sep 27 02:15:56 web9 sshd\[10691\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.245.50.81	2019-09-27 20:24:12
42.157.131.201	attack	Sep 26 23:03:49 hanapaa sshd\[32154\]: Invalid user adrc from 42.157.131.201 Sep 26 23:03:49 hanapaa sshd\[32154\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 Sep 26 23:03:51 hanapaa sshd\[32154\]: Failed password for invalid user adrc from 42.157.131.201 port 54030 ssh2 Sep 26 23:07:55 hanapaa sshd\[32525\]: Invalid user kai from 42.157.131.201 Sep 26 23:07:55 hanapaa sshd\[32525\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201	2019-09-27 19:53:07
119.29.129.76	attack	PHP DIESCAN Information Disclosure Vulnerability	2019-09-27 20:06:22
218.92.0.200	attackbots	Sep 27 12:24:55 venus sshd\[17631\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.200 user=root Sep 27 12:24:57 venus sshd\[17631\]: Failed password for root from 218.92.0.200 port 57682 ssh2 Sep 27 12:25:00 venus sshd\[17631\]: Failed password for root from 218.92.0.200 port 57682 ssh2 ...	2019-09-27 20:36:02
222.186.30.152	attackbotsspam	2019-09-27T19:37:53.913503enmeeting.mahidol.ac.th sshd\[7573\]: User root from 222.186.30.152 not allowed because not listed in AllowUsers 2019-09-27T19:37:54.276605enmeeting.mahidol.ac.th sshd\[7573\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.152 user=root 2019-09-27T19:37:57.050153enmeeting.mahidol.ac.th sshd\[7573\]: Failed password for invalid user root from 222.186.30.152 port 46631 ssh2 ...	2019-09-27 20:41:35
14.49.38.114	attack	Sep 26 17:58:17 lcdev sshd\[13426\]: Invalid user artwork from 14.49.38.114 Sep 26 17:58:17 lcdev sshd\[13426\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.49.38.114 Sep 26 17:58:19 lcdev sshd\[13426\]: Failed password for invalid user artwork from 14.49.38.114 port 38752 ssh2 Sep 26 18:03:03 lcdev sshd\[13775\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.49.38.114 user=root Sep 26 18:03:05 lcdev sshd\[13775\]: Failed password for root from 14.49.38.114 port 50760 ssh2	2019-09-27 20:16:11
222.186.169.192	attackspam	Sep 27 07:32:48 aat-srv002 sshd[15340]: Failed password for root from 222.186.169.192 port 55982 ssh2 Sep 27 07:32:53 aat-srv002 sshd[15340]: Failed password for root from 222.186.169.192 port 55982 ssh2 Sep 27 07:32:57 aat-srv002 sshd[15340]: Failed password for root from 222.186.169.192 port 55982 ssh2 Sep 27 07:33:01 aat-srv002 sshd[15340]: Failed password for root from 222.186.169.192 port 55982 ssh2 Sep 27 07:33:05 aat-srv002 sshd[15340]: Failed password for root from 222.186.169.192 port 55982 ssh2 Sep 27 07:33:05 aat-srv002 sshd[15340]: error: maximum authentication attempts exceeded for root from 222.186.169.192 port 55982 ssh2 [preauth] ...	2019-09-27 20:37:19
213.6.17.2	attack	Sep 27 07:28:52 mail postfix/smtpd\[30351\]: NOQUEUE: reject: RCPT from unknown\[213.6.17.2\]: 554 5.7.1 Service unavailable\; Client host \[213.6.17.2\] blocked using zen.spamhaus.org\; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/213.6.17.2\; from=\ to=\ proto=ESMTP helo=\	2019-09-27 19:51:18
113.251.61.236	attack	Automated reporting of FTP Brute Force	2019-09-27 20:34:06
151.237.94.16	attackbotsspam	Automatic report - Port Scan Attack	2019-09-27 20:14:49
78.188.122.62	attackspam	email spam	2019-09-27 20:05:11
114.107.224.65	attackspam	Automated reporting of FTP Brute Force	2019-09-27 20:26:25
94.191.70.163	attack	DATE:2019-09-27 09:08:24, IP:94.191.70.163, PORT:ssh SSH brute force auth (thor)	2019-09-27 19:59:35
67.207.92.120	attack	Sep 27 14:33:20 root sshd[1919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.207.92.120 Sep 27 14:33:21 root sshd[1919]: Failed password for invalid user ts3user from 67.207.92.120 port 47990 ssh2 Sep 27 14:37:30 root sshd[1980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.207.92.120 ...	2019-09-27 20:40:36

最近上报的IP列表

193.252.206.209	86.0.219.88	51.81.28.122	213.6.97.230
190.134.80.159	192.64.118.89	180.250.135.11	51.255.16.219
122.51.100.64	2001:41d0:a:2e80::1	180.243.182.221	187.111.52.71
14.207.101.152	190.60.237.114	209.91.194.39	102.46.96.112
138.88.96.2	103.249.51.218	83.30.80.254	88.149.171.5