142.93.140.240

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	142.93.140.240 - - [14/Jun/2020:14:48:50 +0200] "GET /wp-login.php HTTP/1.1" 200 6433 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.140.240 - - [14/Jun/2020:14:48:52 +0200] "POST /wp-login.php HTTP/1.1" 200 6684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.140.240 - - [14/Jun/2020:14:48:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-14 22:55:32
attackbots	Automatic report - XMLRPC Attack	2020-05-09 05:56:23
attackbots	Attempt to hack Wordpress Login, XMLRPC or other login	2020-05-04 01:48:07

类型

评论内容

时间

attack

142.93.140.240 - - [14/Jun/2020:14:48:50 +0200] "GET /wp-login.php HTTP/1.1" 200 6433 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
142.93.140.240 - - [14/Jun/2020:14:48:52 +0200] "POST /wp-login.php HTTP/1.1" 200 6684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
142.93.140.240 - - [14/Jun/2020:14:48:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"

2020-06-14 22:55:32

attackbots

Automatic report - XMLRPC Attack

2020-05-09 05:56:23

attackbots

Attempt to hack Wordpress Login, XMLRPC or other login

2020-05-04 01:48:07

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.140.242	attack	2020-06-17T00:03:36.067695mail.standpoint.com.ua sshd[31174]: Invalid user silvio from 142.93.140.242 port 43750 2020-06-17T00:03:36.070299mail.standpoint.com.ua sshd[31174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 2020-06-17T00:03:36.067695mail.standpoint.com.ua sshd[31174]: Invalid user silvio from 142.93.140.242 port 43750 2020-06-17T00:03:37.535152mail.standpoint.com.ua sshd[31174]: Failed password for invalid user silvio from 142.93.140.242 port 43750 ssh2 2020-06-17T00:06:56.112872mail.standpoint.com.ua sshd[31629]: Invalid user teamspeak3 from 142.93.140.242 port 45070 ...	2020-06-17 05:46:46
142.93.140.214	attackspambots	Jun 15 18:54:18 php1 sshd\[21780\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.214 user=root Jun 15 18:54:20 php1 sshd\[21780\]: Failed password for root from 142.93.140.214 port 35010 ssh2 Jun 15 18:57:30 php1 sshd\[21985\]: Invalid user lia from 142.93.140.214 Jun 15 18:57:30 php1 sshd\[21985\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.214 Jun 15 18:57:32 php1 sshd\[21985\]: Failed password for invalid user lia from 142.93.140.214 port 36260 ssh2	2020-06-16 13:11:36
142.93.140.242	attack	$f2bV_matches	2020-06-13 04:30:44
142.93.140.242	attack	Jun 12 08:32:17 web1 sshd[32760]: Invalid user aogola from 142.93.140.242 port 37724 Jun 12 08:32:17 web1 sshd[32760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 Jun 12 08:32:17 web1 sshd[32760]: Invalid user aogola from 142.93.140.242 port 37724 Jun 12 08:32:19 web1 sshd[32760]: Failed password for invalid user aogola from 142.93.140.242 port 37724 ssh2 Jun 12 08:37:35 web1 sshd[1569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 user=root Jun 12 08:37:37 web1 sshd[1569]: Failed password for root from 142.93.140.242 port 51662 ssh2 Jun 12 08:39:32 web1 sshd[2032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 user=root Jun 12 08:39:34 web1 sshd[2032]: Failed password for root from 142.93.140.242 port 59994 ssh2 Jun 12 08:41:29 web1 sshd[2548]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 t ...	2020-06-12 07:37:49
142.93.140.242	attackbots	May 22 04:46:57 gw1 sshd[10458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 May 22 04:46:59 gw1 sshd[10458]: Failed password for invalid user gtx from 142.93.140.242 port 44392 ssh2 ...	2020-05-22 08:12:56
142.93.140.242	attackspam	May 15 21:33:44 ws22vmsma01 sshd[5973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 May 15 21:33:46 ws22vmsma01 sshd[5973]: Failed password for invalid user test from 142.93.140.242 port 32810 ssh2 ...	2020-05-16 20:09:41
142.93.140.242	attackbotsspam	May 15 08:54:57 ns382633 sshd\[24679\]: Invalid user yarn from 142.93.140.242 port 54916 May 15 08:54:57 ns382633 sshd\[24679\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 May 15 08:54:58 ns382633 sshd\[24679\]: Failed password for invalid user yarn from 142.93.140.242 port 54916 ssh2 May 15 08:59:36 ns382633 sshd\[25584\]: Invalid user hang from 142.93.140.242 port 42012 May 15 08:59:36 ns382633 sshd\[25584\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242	2020-05-15 18:39:12
142.93.140.242	attack	May 13 08:10:04 OPSO sshd\[9009\]: Invalid user weblogic from 142.93.140.242 port 45790 May 13 08:10:04 OPSO sshd\[9009\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 May 13 08:10:06 OPSO sshd\[9009\]: Failed password for invalid user weblogic from 142.93.140.242 port 45790 ssh2 May 13 08:13:37 OPSO sshd\[9825\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 user=admin May 13 08:13:38 OPSO sshd\[9825\]: Failed password for admin from 142.93.140.242 port 53730 ssh2	2020-05-13 19:03:38
142.93.140.242	attack	May 11 09:21:42 onepixel sshd[2975521]: Invalid user student02 from 142.93.140.242 port 33052 May 11 09:21:42 onepixel sshd[2975521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 May 11 09:21:42 onepixel sshd[2975521]: Invalid user student02 from 142.93.140.242 port 33052 May 11 09:21:44 onepixel sshd[2975521]: Failed password for invalid user student02 from 142.93.140.242 port 33052 ssh2 May 11 09:25:21 onepixel sshd[2975940]: Invalid user jeremy from 142.93.140.242 port 41636	2020-05-11 19:12:59
142.93.140.242	attackbotsspam	May 8 14:12:08 electroncash sshd[33246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 May 8 14:12:08 electroncash sshd[33246]: Invalid user asd from 142.93.140.242 port 54534 May 8 14:12:10 electroncash sshd[33246]: Failed password for invalid user asd from 142.93.140.242 port 54534 ssh2 May 8 14:15:53 electroncash sshd[34290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 user=root May 8 14:15:55 electroncash sshd[34290]: Failed password for root from 142.93.140.242 port 35814 ssh2 ...	2020-05-08 20:26:23
142.93.140.242	attackspam	Apr 29 13:57:10 ns382633 sshd\[19948\]: Invalid user regina from 142.93.140.242 port 37402 Apr 29 13:57:10 ns382633 sshd\[19948\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 Apr 29 13:57:12 ns382633 sshd\[19948\]: Failed password for invalid user regina from 142.93.140.242 port 37402 ssh2 Apr 29 14:07:45 ns382633 sshd\[21935\]: Invalid user email from 142.93.140.242 port 54264 Apr 29 14:07:45 ns382633 sshd\[21935\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242	2020-04-29 22:18:07
142.93.140.242	attack	no	2020-04-24 21:51:20
142.93.140.242	attackbotsspam	Apr 20 03:41:19 XXX sshd[17298]: Invalid user by from 142.93.140.242 port 37598	2020-04-20 12:12:24
142.93.140.242	attackbots	k+ssh-bruteforce	2020-04-01 16:34:36
142.93.140.242	attack	Invalid user sysadmin from 142.93.140.242 port 49706	2020-03-29 14:43:42

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.140.240
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25087
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.140.240.			IN	A

;; AUTHORITY SECTION:
.			549	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050301 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 04 01:48:02 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 240.140.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 240.140.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
194.146.50.51	attack	2020-07-05T05:51:14+02:00 exim[25688]: [1\50] 1jrvgM-0006gK-DE H=push.isefardi.com (push.iiswdelhi.com) [194.146.50.51] F= rejected after DATA: This message scored 101.7 spam points.	2020-07-05 16:32:32
49.88.112.72	attack	Jul 5 08:11:56 onepixel sshd[1827493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.72 user=root Jul 5 08:11:59 onepixel sshd[1827493]: Failed password for root from 49.88.112.72 port 57959 ssh2 Jul 5 08:11:56 onepixel sshd[1827493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.72 user=root Jul 5 08:11:59 onepixel sshd[1827493]: Failed password for root from 49.88.112.72 port 57959 ssh2 Jul 5 08:12:02 onepixel sshd[1827493]: Failed password for root from 49.88.112.72 port 57959 ssh2	2020-07-05 16:16:28
106.84.17.157	attackbotsspam	07/04/2020-23:51:44.058960 106.84.17.157 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-07-05 16:41:26
104.198.176.196	attackspambots	Jul 5 08:33:41 vps sshd[23936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.198.176.196 Jul 5 08:33:43 vps sshd[23936]: Failed password for invalid user fangnan from 104.198.176.196 port 47834 ssh2 Jul 5 08:48:15 vps sshd[24782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.198.176.196 ...	2020-07-05 16:22:29
37.187.54.45	attack	2020-07-05T07:38:46.596948vps751288.ovh.net sshd\[25371\]: Invalid user amy from 37.187.54.45 port 35850 2020-07-05T07:38:46.602778vps751288.ovh.net sshd\[25371\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.ip-37-187-54.eu 2020-07-05T07:38:49.017361vps751288.ovh.net sshd\[25371\]: Failed password for invalid user amy from 37.187.54.45 port 35850 ssh2 2020-07-05T07:42:07.565400vps751288.ovh.net sshd\[25413\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.ip-37-187-54.eu user=root 2020-07-05T07:42:09.573009vps751288.ovh.net sshd\[25413\]: Failed password for root from 37.187.54.45 port 34310 ssh2	2020-07-05 16:40:20
41.236.201.23	attackbotsspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-05 16:39:22
137.74.199.180	attackbots	2020-07-05T13:27:10.401399hostname sshd[26432]: Failed password for invalid user ricardo from 137.74.199.180 port 54010 ssh2 2020-07-05T13:30:40.016896hostname sshd[28144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.ip-137-74-199.eu user=root 2020-07-05T13:30:42.459784hostname sshd[28144]: Failed password for root from 137.74.199.180 port 51302 ssh2 ...	2020-07-05 16:44:30
60.167.177.96	attack	$f2bV_matches	2020-07-05 16:25:43
106.13.103.1	attackbots	Jul 5 05:52:04 raspberrypi sshd[17318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.103.1 user=root Jul 5 05:52:06 raspberrypi sshd[17318]: Failed password for invalid user root from 106.13.103.1 port 36766 ssh2 ...	2020-07-05 16:28:12
193.228.91.110	attack	[portscan] tcp/22 [SSH] in blocklist.de:'listed [ssh]' *(RWIN=65535)(07051042)	2020-07-05 16:26:00
178.128.183.90	attackspambots	Invalid user shijie from 178.128.183.90 port 46622	2020-07-05 16:39:52
51.38.231.249	attackbots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-07-05T03:37:47Z and 2020-07-05T03:52:13Z	2020-07-05 16:21:31
217.165.22.147	attackbots	<6 unauthorized SSH connections	2020-07-05 16:18:52
175.24.107.68	attack	Icarus honeypot on github	2020-07-05 16:23:27
223.247.140.89	attackbotsspam	2020-07-04T22:57:31.051146linuxbox-skyline sshd[588433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.247.140.89 user=root 2020-07-04T22:57:32.683645linuxbox-skyline sshd[588433]: Failed password for root from 223.247.140.89 port 54558 ssh2 ...	2020-07-05 16:06:10

最近上报的IP列表

5.182.216.82	198.74.61.188	79.139.1.212	157.100.21.45
201.105.186.113	150.95.148.208	164.132.38.153	114.40.100.242
81.35.50.132	105.166.225.219	104.24.99.241	191.193.49.63
112.26.92.129	79.166.142.224	150.107.7.10	173.232.219.137
160.153.153.149	203.150.113.215	109.95.42.42	83.234.43.1