142.93.18.7 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	xmlrpc attack	2020-08-27 15:23:21
attackspambots	142.93.18.7 - - [18/Aug/2020:22:45:42 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [18/Aug/2020:22:45:47 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [18/Aug/2020:22:45:54 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [18/Aug/2020:22:45:55 +0200] "POST /wp-login.php HTTP/1.1" 200 2030 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [18/Aug/2020:22:45:55 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [18/Aug/2020:22:45:56 +0200] "POST /wp-login.php HTTP/1.1" 200 2030 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-19 06:15:24
attack	WordPress wp-login brute force :: 142.93.18.7 0.168 BYPASS [17/Aug/2020:04:50:01 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2573 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-17 17:50:55
attack	www.fahrschule-mihm.de 142.93.18.7 [09/Aug/2020:14:14:23 +0200] "POST /wp-login.php HTTP/1.1" 200 5994 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.fahrschule-mihm.de 142.93.18.7 [09/Aug/2020:14:14:24 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4072 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-09 21:30:56
attackspam	script '/var/www/html/wp-login.php' not found or unable to stat	2020-08-08 18:38:47
attackbots	142.93.18.7 - - [13/Jul/2020:14:23:19 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [13/Jul/2020:14:23:21 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [13/Jul/2020:14:23:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-13 21:35:53
attackspam	WordPress login Brute force / Web App Attack on client site.	2020-07-06 22:08:31
attack	CMS (WordPress or Joomla) login attempt.	2020-06-14 22:17:42
attackspam	Automatic report - XMLRPC Attack	2020-06-10 17:21:04
attack	xmlrpc attack	2020-05-06 02:19:44
attackbotsspam	142.93.18.7 - - [22/Mar/2020:07:11:51 +0100] "GET /wp-login.php HTTP/1.1" 200 6463 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [22/Mar/2020:07:11:58 +0100] "POST /wp-login.php HTTP/1.1" 200 7362 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [22/Mar/2020:07:12:00 +0100] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-22 14:19:45
attackbotsspam	xmlrpc attack	2020-03-19 08:34:45
attack	Automatic report - XMLRPC Attack	2020-03-08 21:22:17
attackbotsspam	Automatic report - XMLRPC Attack	2020-03-06 21:15:38
attackbots	Wordpress login scanning	2020-02-23 02:26:59
attackbotsspam	WordPress wp-login brute force :: 142.93.18.7 0.092 - [17/Feb/2020:13:35:42 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1806 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-02-18 02:24:43
attackbotsspam	Automatic report - Banned IP Access	2020-02-11 18:36:36
attackbotsspam	Sniffing for wp-login	2019-12-09 13:09:27
attackspam	Banned for posting to wp-login.php without referer {"log":"eboney","pwd":"12345","wp-submit":"Log In","redirect_to":"http:\/\/ericslifkinrealtor.com\/wp-admin\/","testcookie":"1"}	2019-11-15 13:07:29
attackbotsspam	142.93.18.7 - - [07/Nov/2019:15:48:10 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [07/Nov/2019:15:48:10 +0100] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [07/Nov/2019:15:48:16 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [07/Nov/2019:15:48:16 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [07/Nov/2019:15:48:21 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [07/Nov/2019:15:48:22 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-11-07 23:27:32
attackbotsspam	WordPress wp-login brute force :: 142.93.18.7 0.072 BYPASS [29/Oct/2019:07:19:39 0000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 1525 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-29 16:04:20

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.18.147	attack	Scan port	2023-10-20 12:45:18
142.93.18.147	attack	Scan port	2023-10-14 19:25:24
142.93.187.179	attackspam	port	2020-10-04 02:23:34
142.93.187.179	attackspam	Fail2Ban Ban Triggered	2020-10-03 18:10:02
142.93.18.203	attack	142.93.18.203 - - [30/Sep/2020:20:39:21 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.203 - - [30/Sep/2020:20:39:22 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.203 - - [30/Sep/2020:20:39:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-01 03:13:29
142.93.18.203	attack	142.93.18.203 - - [30/Sep/2020:05:19:30 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.203 - - [30/Sep/2020:05:19:31 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.203 - - [30/Sep/2020:05:19:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-30 19:28:22
142.93.18.203	attackbots	142.93.18.203 - - [23/Sep/2020:05:20:14 +0200] "POST /xmlrpc.php HTTP/1.1" 403 16732 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.203 - - [23/Sep/2020:05:48:05 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-23 20:49:08
142.93.18.203	attack	142.93.18.203 - - [23/Sep/2020:05:20:14 +0200] "POST /xmlrpc.php HTTP/1.1" 403 16732 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.203 - - [23/Sep/2020:05:48:05 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-23 13:09:51
142.93.18.203	attackspam	142.93.18.203 - - [22/Sep/2020:20:53:08 +0100] "POST /wp-login.php HTTP/1.1" 200 2213 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.203 - - [22/Sep/2020:20:53:15 +0100] "POST /wp-login.php HTTP/1.1" 200 2191 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.203 - - [22/Sep/2020:20:53:15 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-23 04:57:03
142.93.183.128	attackspambots	TCP port : 8443	2020-09-17 19:46:55
142.93.186.206	attackspam	" "	2020-09-16 12:16:49
142.93.186.206	attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-16 04:05:54
142.93.182.7	attackbots	142.93.182.7 - - [10/Sep/2020:17:24:11 +0100] "POST /wp-login.php HTTP/1.1" 200 4399 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.182.7 - - [10/Sep/2020:17:24:16 +0100] "POST /wp-login.php HTTP/1.1" 200 4399 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.182.7 - - [10/Sep/2020:17:24:16 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-11 03:33:57
142.93.182.7	attackbots	142.93.182.7 - - [10/Sep/2020:11:58:08 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.182.7 - - [10/Sep/2020:11:58:09 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.182.7 - - [10/Sep/2020:11:58:10 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-10 19:04:34
142.93.186.206	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-30 18:38:43

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.18.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5312
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.18.7.			IN	A

;; AUTHORITY SECTION:
.			545	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101801 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 19 09:36:37 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 7.18.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 7.18.93.142.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
212.109.39.180	attack	email spam	2019-12-17 21:19:32
182.61.175.96	attackbotsspam	Dec 17 14:09:40 markkoudstaal sshd[27505]: Failed password for root from 182.61.175.96 port 46936 ssh2 Dec 17 14:16:11 markkoudstaal sshd[28287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.175.96 Dec 17 14:16:13 markkoudstaal sshd[28287]: Failed password for invalid user tipodirect from 182.61.175.96 port 55596 ssh2	2019-12-17 21:27:51
150.107.103.159	attackbotsspam	postfix	2019-12-17 21:32:53
49.88.112.62	attackspambots	--- report --- Dec 17 09:51:15 sshd: Connection from 49.88.112.62 port 26340 Dec 17 09:51:21 sshd: Failed password for root from 49.88.112.62 port 26340 ssh2 Dec 17 09:51:23 sshd: Received disconnect from 49.88.112.62: 11: [preauth]	2019-12-17 21:15:21
59.148.42.146	attackspam	email spam	2019-12-17 21:14:45
212.156.86.226	attackspambots	email spam	2019-12-17 21:19:07
170.254.248.61	attackspambots	email spam	2019-12-17 21:30:52
200.115.157.211	attack	email spam	2019-12-17 21:20:19
138.94.160.154	attackbots	email spam	2019-12-17 21:33:55
50.244.9.1	attackspambots	proto=tcp . spt=52645 . dpt=25 . (Listed on dnsbl-sorbs plus abuseat-org and barracuda) (358)	2019-12-17 21:45:17
61.9.48.99	attackbotsspam	email spam	2019-12-17 21:44:35
193.169.5.14	attackspambots	Minecraft server DDoS attack/proxy	2019-12-17 21:22:17
50.242.100.89	attackbotsspam	proto=tcp . spt=49148 . dpt=25 . (Found on Dark List de Dec 17) (353)	2019-12-17 21:45:45
185.59.122.69	attackspam	email spam	2019-12-17 21:26:02
103.4.146.220	attackspam	email spam	2019-12-17 21:38:29

最近上报的IP列表

182.253.222.200	180.244.9.127	188.166.46.206	202.84.33.211
113.173.101.78	124.109.62.38	118.171.45.37	180.167.134.194
140.114.71.51	222.252.125.184	170.245.173.116	49.207.178.104
114.67.137.15	165.22.254.29	175.214.7.138	45.110.87.82
57.15.151.206	95.60.88.119	195.141.100.121	121.12.191.64