142.93.140.240

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	142.93.140.240 - - [14/Jun/2020:14:48:50 +0200] "GET /wp-login.php HTTP/1.1" 200 6433 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.140.240 - - [14/Jun/2020:14:48:52 +0200] "POST /wp-login.php HTTP/1.1" 200 6684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.140.240 - - [14/Jun/2020:14:48:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-14 22:55:32
attackbots	Automatic report - XMLRPC Attack	2020-05-09 05:56:23
attackbots	Attempt to hack Wordpress Login, XMLRPC or other login	2020-05-04 01:48:07

类型

评论内容

时间

attack

142.93.140.240 - - [14/Jun/2020:14:48:50 +0200] "GET /wp-login.php HTTP/1.1" 200 6433 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
142.93.140.240 - - [14/Jun/2020:14:48:52 +0200] "POST /wp-login.php HTTP/1.1" 200 6684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
142.93.140.240 - - [14/Jun/2020:14:48:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"

2020-06-14 22:55:32

attackbots

Automatic report - XMLRPC Attack

2020-05-09 05:56:23

attackbots

Attempt to hack Wordpress Login, XMLRPC or other login

2020-05-04 01:48:07

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.140.242	attack	2020-06-17T00:03:36.067695mail.standpoint.com.ua sshd[31174]: Invalid user silvio from 142.93.140.242 port 43750 2020-06-17T00:03:36.070299mail.standpoint.com.ua sshd[31174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 2020-06-17T00:03:36.067695mail.standpoint.com.ua sshd[31174]: Invalid user silvio from 142.93.140.242 port 43750 2020-06-17T00:03:37.535152mail.standpoint.com.ua sshd[31174]: Failed password for invalid user silvio from 142.93.140.242 port 43750 ssh2 2020-06-17T00:06:56.112872mail.standpoint.com.ua sshd[31629]: Invalid user teamspeak3 from 142.93.140.242 port 45070 ...	2020-06-17 05:46:46
142.93.140.214	attackspambots	Jun 15 18:54:18 php1 sshd\[21780\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.214 user=root Jun 15 18:54:20 php1 sshd\[21780\]: Failed password for root from 142.93.140.214 port 35010 ssh2 Jun 15 18:57:30 php1 sshd\[21985\]: Invalid user lia from 142.93.140.214 Jun 15 18:57:30 php1 sshd\[21985\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.214 Jun 15 18:57:32 php1 sshd\[21985\]: Failed password for invalid user lia from 142.93.140.214 port 36260 ssh2	2020-06-16 13:11:36
142.93.140.242	attack	$f2bV_matches	2020-06-13 04:30:44
142.93.140.242	attack	Jun 12 08:32:17 web1 sshd[32760]: Invalid user aogola from 142.93.140.242 port 37724 Jun 12 08:32:17 web1 sshd[32760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 Jun 12 08:32:17 web1 sshd[32760]: Invalid user aogola from 142.93.140.242 port 37724 Jun 12 08:32:19 web1 sshd[32760]: Failed password for invalid user aogola from 142.93.140.242 port 37724 ssh2 Jun 12 08:37:35 web1 sshd[1569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 user=root Jun 12 08:37:37 web1 sshd[1569]: Failed password for root from 142.93.140.242 port 51662 ssh2 Jun 12 08:39:32 web1 sshd[2032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 user=root Jun 12 08:39:34 web1 sshd[2032]: Failed password for root from 142.93.140.242 port 59994 ssh2 Jun 12 08:41:29 web1 sshd[2548]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 t ...	2020-06-12 07:37:49
142.93.140.242	attackbots	May 22 04:46:57 gw1 sshd[10458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 May 22 04:46:59 gw1 sshd[10458]: Failed password for invalid user gtx from 142.93.140.242 port 44392 ssh2 ...	2020-05-22 08:12:56
142.93.140.242	attackspam	May 15 21:33:44 ws22vmsma01 sshd[5973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 May 15 21:33:46 ws22vmsma01 sshd[5973]: Failed password for invalid user test from 142.93.140.242 port 32810 ssh2 ...	2020-05-16 20:09:41
142.93.140.242	attackbotsspam	May 15 08:54:57 ns382633 sshd\[24679\]: Invalid user yarn from 142.93.140.242 port 54916 May 15 08:54:57 ns382633 sshd\[24679\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 May 15 08:54:58 ns382633 sshd\[24679\]: Failed password for invalid user yarn from 142.93.140.242 port 54916 ssh2 May 15 08:59:36 ns382633 sshd\[25584\]: Invalid user hang from 142.93.140.242 port 42012 May 15 08:59:36 ns382633 sshd\[25584\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242	2020-05-15 18:39:12
142.93.140.242	attack	May 13 08:10:04 OPSO sshd\[9009\]: Invalid user weblogic from 142.93.140.242 port 45790 May 13 08:10:04 OPSO sshd\[9009\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 May 13 08:10:06 OPSO sshd\[9009\]: Failed password for invalid user weblogic from 142.93.140.242 port 45790 ssh2 May 13 08:13:37 OPSO sshd\[9825\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 user=admin May 13 08:13:38 OPSO sshd\[9825\]: Failed password for admin from 142.93.140.242 port 53730 ssh2	2020-05-13 19:03:38
142.93.140.242	attack	May 11 09:21:42 onepixel sshd[2975521]: Invalid user student02 from 142.93.140.242 port 33052 May 11 09:21:42 onepixel sshd[2975521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 May 11 09:21:42 onepixel sshd[2975521]: Invalid user student02 from 142.93.140.242 port 33052 May 11 09:21:44 onepixel sshd[2975521]: Failed password for invalid user student02 from 142.93.140.242 port 33052 ssh2 May 11 09:25:21 onepixel sshd[2975940]: Invalid user jeremy from 142.93.140.242 port 41636	2020-05-11 19:12:59
142.93.140.242	attackbotsspam	May 8 14:12:08 electroncash sshd[33246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 May 8 14:12:08 electroncash sshd[33246]: Invalid user asd from 142.93.140.242 port 54534 May 8 14:12:10 electroncash sshd[33246]: Failed password for invalid user asd from 142.93.140.242 port 54534 ssh2 May 8 14:15:53 electroncash sshd[34290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 user=root May 8 14:15:55 electroncash sshd[34290]: Failed password for root from 142.93.140.242 port 35814 ssh2 ...	2020-05-08 20:26:23
142.93.140.242	attackspam	Apr 29 13:57:10 ns382633 sshd\[19948\]: Invalid user regina from 142.93.140.242 port 37402 Apr 29 13:57:10 ns382633 sshd\[19948\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 Apr 29 13:57:12 ns382633 sshd\[19948\]: Failed password for invalid user regina from 142.93.140.242 port 37402 ssh2 Apr 29 14:07:45 ns382633 sshd\[21935\]: Invalid user email from 142.93.140.242 port 54264 Apr 29 14:07:45 ns382633 sshd\[21935\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242	2020-04-29 22:18:07
142.93.140.242	attack	no	2020-04-24 21:51:20
142.93.140.242	attackbotsspam	Apr 20 03:41:19 XXX sshd[17298]: Invalid user by from 142.93.140.242 port 37598	2020-04-20 12:12:24
142.93.140.242	attackbots	k+ssh-bruteforce	2020-04-01 16:34:36
142.93.140.242	attack	Invalid user sysadmin from 142.93.140.242 port 49706	2020-03-29 14:43:42

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.140.240
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25087
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.140.240.			IN	A

;; AUTHORITY SECTION:
.			549	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050301 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 04 01:48:02 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 240.140.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 240.140.93.142.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
163.53.150.148	attack	brute force attempt on Postfix-auth	2019-07-01 03:16:19
77.247.110.174	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-01 03:17:51
37.228.138.150	attackbots	139/tcp 445/tcp... [2019-05-22/06-30]14pkt,2pt.(tcp)	2019-07-01 03:24:50
188.124.76.209	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-01 03:49:25
187.56.84.150	attackspambots	DATE:2019-06-30_15:16:18, IP:187.56.84.150, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-07-01 03:47:30
27.9.251.248	attackbots	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-01 03:59:39
185.36.81.165	attack	brute force attempt on Postfix-auth	2019-07-01 03:44:03
124.105.111.125	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-07-01 03:41:04
45.125.65.77	attackbotsspam	Rude login attack (13 tries in 1d)	2019-07-01 03:38:08
187.67.100.61	attackbots	Honeypot attack, port: 23, PTR: bb43643d.virtua.com.br.	2019-07-01 03:45:21
192.99.28.247	attackbots	Jun 30 21:39:28 srv206 sshd[14019]: Invalid user user5 from 192.99.28.247 Jun 30 21:39:28 srv206 sshd[14019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.28.247 Jun 30 21:39:28 srv206 sshd[14019]: Invalid user user5 from 192.99.28.247 Jun 30 21:39:30 srv206 sshd[14019]: Failed password for invalid user user5 from 192.99.28.247 port 47233 ssh2 ...	2019-07-01 03:49:07
192.241.223.140	attack	" "	2019-07-01 03:30:37
182.162.101.80	attack	Triggered by Fail2Ban at Ares web server	2019-07-01 03:30:18
193.32.163.182	attack	Jun 30 19:30:01 MK-Soft-VM3 sshd\[9273\]: Invalid user admin from 193.32.163.182 port 57044 Jun 30 19:30:01 MK-Soft-VM3 sshd\[9273\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.32.163.182 Jun 30 19:30:03 MK-Soft-VM3 sshd\[9273\]: Failed password for invalid user admin from 193.32.163.182 port 57044 ssh2 ...	2019-07-01 03:35:32
185.36.81.58	attackbotsspam	Rude login attack (18 tries in 1d)	2019-07-01 03:45:43

最近上报的IP列表

5.182.216.82	198.74.61.188	79.139.1.212	157.100.21.45
201.105.186.113	150.95.148.208	164.132.38.153	114.40.100.242
81.35.50.132	105.166.225.219	104.24.99.241	191.193.49.63
112.26.92.129	79.166.142.224	150.107.7.10	173.232.219.137
160.153.153.149	203.150.113.215	109.95.42.42	83.234.43.1