142.93.152.219

基本信息:

城市(city): Toronto

省份(region): Ontario

国家(country): Canada

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	php WP PHPmyadamin ABUSE blocked for 12h	2020-06-12 13:09:09
attackspambots	142.93.152.219 - - [26/May/2020:17:54:14 +0200] "GET /wp-login.php HTTP/1.1" 200 6614 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.152.219 - - [26/May/2020:17:54:17 +0200] "POST /wp-login.php HTTP/1.1" 200 6865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.152.219 - - [26/May/2020:17:54:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-27 02:44:14
attack	WordPress login Brute force / Web App Attack on client site.	2020-05-22 20:24:29
attackbots	142.93.152.219 - - \[26/Apr/2020:01:41:41 +0200\] "POST /wp-login.php HTTP/1.0" 200 6533 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.93.152.219 - - \[26/Apr/2020:01:41:44 +0200\] "POST /wp-login.php HTTP/1.0" 200 6370 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.93.152.219 - - \[26/Apr/2020:01:41:45 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-04-26 08:21:37
attackbots	WordPress wp-login brute force :: 142.93.152.219 0.072 BYPASS [08/Apr/2020:12:37:07 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-09 03:19:06
attackspam	$f2bV_matches	2020-04-03 07:06:04

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.152.19	attack	142.93.152.19 - - [29/Sep/2020:20:28:21 +0200] "POST /wp-login.php HTTP/1.0" 200 4794 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-30 02:56:16
142.93.152.19	attackbotsspam	Automatic report - Banned IP Access	2020-09-29 18:58:55
142.93.152.19	attack	142.93.152.19 - - [16/Sep/2020:06:00:16 +0100] "POST /wp-login.php HTTP/1.1" 200 1885 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.152.19 - - [16/Sep/2020:06:00:18 +0100] "POST /wp-login.php HTTP/1.1" 200 1910 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.152.19 - - [16/Sep/2020:06:00:18 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-16 22:02:45
142.93.152.19	attackbotsspam	142.93.152.19 - - [16/Sep/2020:06:00:16 +0100] "POST /wp-login.php HTTP/1.1" 200 1885 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.152.19 - - [16/Sep/2020:06:00:18 +0100] "POST /wp-login.php HTTP/1.1" 200 1910 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.152.19 - - [16/Sep/2020:06:00:18 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-16 14:32:18
142.93.152.19	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-16 06:21:52
142.93.152.19	attackspam	/blog/wp-login.php	2020-08-18 06:53:03
142.93.152.19	attack	142.93.152.19 - - [07/Aug/2020:04:57:59 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.152.19 - - [07/Aug/2020:04:58:01 +0100] "POST /wp-login.php HTTP/1.1" 200 1970 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.152.19 - - [07/Aug/2020:04:58:02 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-07 12:55:58
142.93.152.19	attackbots	Automatic report - XMLRPC Attack	2020-07-21 16:00:21
142.93.152.19	attackbotsspam	C1,WP GET /wp-login.php	2020-07-06 17:35:50
142.93.152.19	attackspambots	142.93.152.19 - - [27/May/2020:05:47:34 +0200] "GET /wp-login.php HTTP/1.1" 200 6287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.152.19 - - [27/May/2020:05:47:37 +0200] "POST /wp-login.php HTTP/1.1" 200 6517 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.152.19 - - [27/May/2020:05:47:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-27 19:30:51
142.93.152.19	attackbotsspam	142.93.152.19 - - \[15/May/2020:05:54:05 +0200\] "POST /wp-login.php HTTP/1.1" 200 10017 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.93.152.19 - - \[15/May/2020:05:54:06 +0200\] "POST /wp-login.php HTTP/1.1" 200 9821 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2020-05-15 15:21:09
142.93.152.100	attackspambots	1577229961 - 12/25/2019 00:26:01 Host: 142.93.152.100/142.93.152.100 Port: 8080 TCP Blocked	2019-12-25 09:01:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.152.219
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27703
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.152.219.			IN	A

;; AUTHORITY SECTION:
.			514	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040202 1800 900 604800 86400

;; Query time: 49 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 03 07:06:00 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 219.152.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 219.152.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
221.7.213.133	attackbotsspam	2020-10-10T21:35:32.985969shield sshd\[27213\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.7.213.133 user=root 2020-10-10T21:35:34.778655shield sshd\[27213\]: Failed password for root from 221.7.213.133 port 33766 ssh2 2020-10-10T21:39:15.276937shield sshd\[27656\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.7.213.133 user=root 2020-10-10T21:39:17.684913shield sshd\[27656\]: Failed password for root from 221.7.213.133 port 50127 ssh2 2020-10-10T21:43:02.593166shield sshd\[28142\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.7.213.133 user=root	2020-10-11 05:53:56
114.204.218.154	attackspam	Brute%20Force%20SSH	2020-10-11 05:56:36
137.74.219.114	attackspam	Oct 10 23:09:45 vm0 sshd[3678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.219.114 Oct 10 23:09:47 vm0 sshd[3678]: Failed password for invalid user ghost2 from 137.74.219.114 port 58908 ssh2 ...	2020-10-11 05:55:40
51.83.74.126	attackspam	SSH Brute Force	2020-10-11 05:52:25
142.93.223.118	attackbotsspam	Oct 10 21:27:55 plex-server sshd[3588434]: Invalid user test001 from 142.93.223.118 port 46208 Oct 10 21:27:55 plex-server sshd[3588434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.223.118 Oct 10 21:27:55 plex-server sshd[3588434]: Invalid user test001 from 142.93.223.118 port 46208 Oct 10 21:27:56 plex-server sshd[3588434]: Failed password for invalid user test001 from 142.93.223.118 port 46208 ssh2 Oct 10 21:31:46 plex-server sshd[3591113]: Invalid user mdpi from 142.93.223.118 port 50738 ...	2020-10-11 05:34:04
128.199.202.206	attackspambots	SSH Brute Force	2020-10-11 05:35:03
112.85.42.81	attackspambots	Oct 10 23:38:17 pve1 sshd[29988]: Failed password for root from 112.85.42.81 port 40832 ssh2 Oct 10 23:38:22 pve1 sshd[29988]: Failed password for root from 112.85.42.81 port 40832 ssh2 ...	2020-10-11 05:48:20
103.243.252.244	attackbotsspam	TCP (SYN) 103.243.252.244:53065 -> port 25829, len 44	2020-10-11 05:25:26
106.13.107.196	attackbots	SSH Brute Force	2020-10-11 05:37:58
51.68.122.147	attack	Oct 10 21:39:17 scw-gallant-ride sshd[16413]: Failed password for root from 51.68.122.147 port 56252 ssh2	2020-10-11 05:52:54
183.82.121.34	attack	Oct 10 23:37:14 sd-69548 sshd[358280]: Connection closed by 183.82.121.34 port 42506 [preauth] Oct 10 23:51:49 sd-69548 sshd[359261]: Connection closed by 183.82.121.34 port 54362 [preauth] ...	2020-10-11 05:54:40
59.152.237.118	attackbots	SSH Brute Force	2020-10-11 05:30:14
167.248.133.66	attack	ET DROP Dshield Block Listed Source group 1 - port: 12126 proto: tcp cat: Misc Attackbytes: 60	2020-10-11 05:27:22
36.26.116.136	attackbots	(sshd) Failed SSH login from 36.26.116.136 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 10 17:16:00 optimus sshd[27347]: Invalid user web from 36.26.116.136 Oct 10 17:16:00 optimus sshd[27347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.26.116.136 Oct 10 17:16:02 optimus sshd[27347]: Failed password for invalid user web from 36.26.116.136 port 44528 ssh2 Oct 10 17:29:26 optimus sshd[32611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.26.116.136 user=root Oct 10 17:29:28 optimus sshd[32611]: Failed password for root from 36.26.116.136 port 33270 ssh2	2020-10-11 05:31:12
165.22.68.84	attackspam	SSH auth scanning - multiple failed logins	2020-10-11 05:43:59

最近上报的IP列表

171.252.37.36	60.92.174.120	51.235.184.21	103.129.98.17
24.228.26.127	151.82.252.244	51.7.65.154	41.210.232.158
119.48.185.230	195.7.49.212	177.33.13.60	208.16.82.178
149.28.104.54	158.91.236.40	111.187.25.6	217.128.159.179
72.221.95.213	144.96.195.168	108.106.33.238	67.119.188.59