142.93.126.68 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Oct 17 05:57:59 vpn01 sshd[16879]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.126.68 Oct 17 05:58:01 vpn01 sshd[16879]: Failed password for invalid user zxzczvzbznzm from 142.93.126.68 port 32848 ssh2 ...	2019-10-17 12:02:47

类型

评论内容

时间

attackspam

Oct 17 05:57:59 vpn01 sshd[16879]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.126.68
Oct 17 05:58:01 vpn01 sshd[16879]: Failed password for invalid user zxzczvzbznzm from 142.93.126.68 port 32848 ssh2
...

2019-10-17 12:02:47

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.126.181	attackspam	142.93.126.181 - - [12/Oct/2020:15:05:43 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [12/Oct/2020:15:05:44 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [12/Oct/2020:15:05:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-12 22:35:27
142.93.126.181	attack	CF RAY ID: 5de8a8b66915f059 IP Class: noRecord URI: /wp-login.php	2020-10-08 00:35:00
142.93.126.181	attack	142.93.126.181 - - [07/Oct/2020:09:22:48 +0100] "POST /wp-login.php HTTP/1.1" 200 2491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [07/Oct/2020:09:22:51 +0100] "POST /wp-login.php HTTP/1.1" 200 2431 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [07/Oct/2020:09:22:55 +0100] "POST /wp-login.php HTTP/1.1" 200 2475 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-07 16:42:39
142.93.126.181	attackbotsspam	142.93.126.181 - - [30/Sep/2020:21:53:08 +0100] "POST /wp-login.php HTTP/1.1" 200 1908 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [30/Sep/2020:21:53:09 +0100] "POST /wp-login.php HTTP/1.1" 200 1856 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [30/Sep/2020:21:53:11 +0100] "POST /wp-login.php HTTP/1.1" 200 1835 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-01 05:23:50
142.93.126.181	attackspambots	142.93.126.181 - - [30/Sep/2020:14:26:47 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [30/Sep/2020:14:26:48 +0200] "POST /wp-login.php HTTP/1.1" 200 2698 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [30/Sep/2020:14:26:48 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [30/Sep/2020:14:26:48 +0200] "POST /wp-login.php HTTP/1.1" 200 2697 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [30/Sep/2020:14:26:48 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [30/Sep/2020:14:26:49 +0200] "POST /wp-login.php HTTP/1.1" 200 2696 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/201001 ...	2020-09-30 21:40:41
142.93.126.181	attackspambots	142.93.126.181 - - [30/Sep/2020:06:14:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2223 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [30/Sep/2020:06:14:41 +0100] "POST /wp-login.php HTTP/1.1" 200 2207 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [30/Sep/2020:06:14:43 +0100] "POST /wp-login.php HTTP/1.1" 200 2204 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-30 14:12:46
142.93.126.181	attackbots	142.93.126.181 - - [23/Aug/2020:07:48:09 +0100] "POST /wp-login.php HTTP/1.1" 200 2448 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [23/Aug/2020:07:48:11 +0100] "POST /wp-login.php HTTP/1.1" 200 2428 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [23/Aug/2020:07:48:13 +0100] "POST /wp-login.php HTTP/1.1" 200 2428 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-23 19:36:28
142.93.126.181	attackbotsspam	142.93.126.181 - - [18/Aug/2020:14:34:42 +0200] "GET /wp-login.php HTTP/1.1" 200 8775 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [18/Aug/2020:14:34:43 +0200] "POST /wp-login.php HTTP/1.1" 200 9026 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [18/Aug/2020:14:34:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-18 21:52:07
142.93.126.181	attack	142.93.126.181 - - [04/Aug/2020:10:54:39 +0100] "POST /wp-login.php HTTP/1.1" 200 1875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [04/Aug/2020:10:54:42 +0100] "POST /wp-login.php HTTP/1.1" 200 1860 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [04/Aug/2020:10:54:45 +0100] "POST /wp-login.php HTTP/1.1" 200 1857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-04 22:59:07
142.93.126.181	attackspambots	142.93.126.181 - - [27/Jul/2020:08:23:31 +0200] "GET /wp-login.php HTTP/1.1" 200 5738 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [27/Jul/2020:08:23:32 +0200] "POST /wp-login.php HTTP/1.1" 200 5989 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [27/Jul/2020:08:23:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-27 19:09:32
142.93.126.181	attack	Automatic report - Banned IP Access	2020-07-20 06:31:47
142.93.126.181	attack	php vulnerability probing	2020-07-12 19:04:46
142.93.126.181	attackspambots	142.93.126.181 - - [10/Jul/2020:08:06:30 +0200] "POST /xmlrpc.php HTTP/1.1" 403 79810 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.126.181 - - [10/Jul/2020:08:25:41 +0200] "POST /xmlrpc.php HTTP/1.1" 403 12787 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-10 20:34:52
142.93.126.181	attackbots	xmlrpc attack	2020-06-29 05:35:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.126.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57447
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.126.68.			IN	A

;; AUTHORITY SECTION:
.			368	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101601 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 17 12:02:44 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 68.126.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 68.126.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
13.94.229.227	attack	Sep 23 22:09:06 theomazars sshd[11155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.94.229.227 user=root Sep 23 22:09:07 theomazars sshd[11155]: Failed password for root from 13.94.229.227 port 43942 ssh2	2020-09-24 05:07:01
138.91.78.42	attackbotsspam	(sshd) Failed SSH login from 138.91.78.42 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 23 16:34:52 optimus sshd[22359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.91.78.42 user=root Sep 23 16:34:52 optimus sshd[22358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.91.78.42 user=root Sep 23 16:34:52 optimus sshd[22360]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.91.78.42 user=root Sep 23 16:34:52 optimus sshd[22361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.91.78.42 user=root Sep 23 16:34:52 optimus sshd[22357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.91.78.42 user=root	2020-09-24 04:39:22
106.12.201.16	attack	Sep 23 19:39:28 mout sshd[5449]: Invalid user pavel from 106.12.201.16 port 36534	2020-09-24 04:38:22
52.167.42.55	attack	$f2bV_matches	2020-09-24 05:06:36
122.51.171.165	attackspam	(sshd) Failed SSH login from 122.51.171.165 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 23 13:40:01 cvps sshd[12971]: Invalid user user7 from 122.51.171.165 Sep 23 13:40:01 cvps sshd[12971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.171.165 Sep 23 13:40:03 cvps sshd[12971]: Failed password for invalid user user7 from 122.51.171.165 port 34292 ssh2 Sep 23 13:44:10 cvps sshd[14336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.171.165 user=root Sep 23 13:44:12 cvps sshd[14336]: Failed password for root from 122.51.171.165 port 47494 ssh2	2020-09-24 04:49:37
13.71.39.228	attackspambots	SSH invalid-user multiple login try	2020-09-24 04:38:35
45.95.168.89	attackspam	Sep 23 17:03:56 aragorn sshd[22328]: Invalid user ubnt from 45.95.168.89 Sep 23 17:03:57 aragorn sshd[22330]: Invalid user admin from 45.95.168.89 Sep 23 17:03:59 aragorn sshd[22334]: Invalid user 1234 from 45.95.168.89 Sep 23 17:04:00 aragorn sshd[22336]: Invalid user usuario from 45.95.168.89 ...	2020-09-24 05:05:39
47.28.240.57	attackspam	fail2ban	2020-09-24 04:41:17
218.92.0.168	attackspambots	2020-09-23T22:43:31.129967vps773228.ovh.net sshd[19432]: Failed password for root from 218.92.0.168 port 16662 ssh2 2020-09-23T22:43:34.520264vps773228.ovh.net sshd[19432]: Failed password for root from 218.92.0.168 port 16662 ssh2 2020-09-23T22:43:37.654066vps773228.ovh.net sshd[19432]: Failed password for root from 218.92.0.168 port 16662 ssh2 2020-09-23T22:43:37.657000vps773228.ovh.net sshd[19432]: error: maximum authentication attempts exceeded for root from 218.92.0.168 port 16662 ssh2 [preauth] 2020-09-23T22:43:37.657040vps773228.ovh.net sshd[19432]: Disconnecting: Too many authentication failures [preauth] ...	2020-09-24 04:43:53
184.105.247.194	attack	Trying ports that it shouldn't be.	2020-09-24 04:51:13
41.188.169.250	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-23T16:56:00Z and 2020-09-23T17:05:04Z	2020-09-24 04:52:55
40.85.163.238	attackspambots	Sep 23 16:26:57 ws22vmsma01 sshd[179061]: Failed password for root from 40.85.163.238 port 61034 ssh2 Sep 23 16:31:37 ws22vmsma01 sshd[199843]: Failed password for root from 40.85.163.238 port 50910 ssh2 ...	2020-09-24 05:01:56
190.13.130.242	attackbotsspam	Unauthorised access (Sep 23) SRC=190.13.130.242 LEN=40 TOS=0x10 PREC=0x40 TTL=237 ID=3827 TCP DPT=139 WINDOW=1024 SYN Unauthorised access (Sep 22) SRC=190.13.130.242 LEN=40 TOS=0x10 PREC=0x40 TTL=237 ID=8805 TCP DPT=139 WINDOW=1024 SYN Unauthorised access (Sep 21) SRC=190.13.130.242 LEN=40 TOS=0x10 PREC=0x40 TTL=237 ID=36064 TCP DPT=139 WINDOW=1024 SYN	2020-09-24 04:50:50
3.92.4.27	attackbots	Lines containing failures of 3.92.4.27 Sep 23 18:13:59 kmh-vmh-001-fsn03 sshd[5791]: Invalid user jenkins from 3.92.4.27 port 53580 Sep 23 18:13:59 kmh-vmh-001-fsn03 sshd[5791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.92.4.27 Sep 23 18:14:01 kmh-vmh-001-fsn03 sshd[5791]: Failed password for invalid user jenkins from 3.92.4.27 port 53580 ssh2 Sep 23 18:14:04 kmh-vmh-001-fsn03 sshd[5791]: Received disconnect from 3.92.4.27 port 53580:11: Bye Bye [preauth] Sep 23 18:14:04 kmh-vmh-001-fsn03 sshd[5791]: Disconnected from invalid user jenkins 3.92.4.27 port 53580 [preauth] Sep 23 18:37:26 kmh-vmh-001-fsn03 sshd[23904]: Invalid user oscar from 3.92.4.27 port 46060 Sep 23 18:37:26 kmh-vmh-001-fsn03 sshd[23904]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.92.4.27 Sep 23 18:37:28 kmh-vmh-001-fsn03 sshd[23904]: Failed password for invalid user oscar from 3.92.4.27 port 46060 ssh2 Sep 2........ ------------------------------	2020-09-24 04:37:39
113.31.107.34	attack	SSHD brute force attack detected from [113.31.107.34]	2020-09-24 05:08:14

最近上报的IP列表

77.222.41.100	102.171.124.173	32.195.35.140	56.1.216.192
114.192.108.203	147.175.52.18	202.227.188.89	201.179.39.93
199.220.128.117	223.150.8.208	218.26.102.243	27.5.129.159
183.234.170.101	109.61.225.83	124.195.201.233	22.109.220.229
110.36.220.62	35.224.67.90	208.90.107.64	76.14.148.4