142.93.18.7 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	xmlrpc attack	2020-08-27 15:23:21
attackspambots	142.93.18.7 - - [18/Aug/2020:22:45:42 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [18/Aug/2020:22:45:47 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [18/Aug/2020:22:45:54 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [18/Aug/2020:22:45:55 +0200] "POST /wp-login.php HTTP/1.1" 200 2030 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [18/Aug/2020:22:45:55 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [18/Aug/2020:22:45:56 +0200] "POST /wp-login.php HTTP/1.1" 200 2030 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-19 06:15:24
attack	WordPress wp-login brute force :: 142.93.18.7 0.168 BYPASS [17/Aug/2020:04:50:01 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2573 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-17 17:50:55
attack	www.fahrschule-mihm.de 142.93.18.7 [09/Aug/2020:14:14:23 +0200] "POST /wp-login.php HTTP/1.1" 200 5994 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.fahrschule-mihm.de 142.93.18.7 [09/Aug/2020:14:14:24 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4072 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-09 21:30:56
attackspam	script '/var/www/html/wp-login.php' not found or unable to stat	2020-08-08 18:38:47
attackbots	142.93.18.7 - - [13/Jul/2020:14:23:19 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [13/Jul/2020:14:23:21 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [13/Jul/2020:14:23:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-13 21:35:53
attackspam	WordPress login Brute force / Web App Attack on client site.	2020-07-06 22:08:31
attack	CMS (WordPress or Joomla) login attempt.	2020-06-14 22:17:42
attackspam	Automatic report - XMLRPC Attack	2020-06-10 17:21:04
attack	xmlrpc attack	2020-05-06 02:19:44
attackbotsspam	142.93.18.7 - - [22/Mar/2020:07:11:51 +0100] "GET /wp-login.php HTTP/1.1" 200 6463 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [22/Mar/2020:07:11:58 +0100] "POST /wp-login.php HTTP/1.1" 200 7362 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [22/Mar/2020:07:12:00 +0100] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-22 14:19:45
attackbotsspam	xmlrpc attack	2020-03-19 08:34:45
attack	Automatic report - XMLRPC Attack	2020-03-08 21:22:17
attackbotsspam	Automatic report - XMLRPC Attack	2020-03-06 21:15:38
attackbots	Wordpress login scanning	2020-02-23 02:26:59
attackbotsspam	WordPress wp-login brute force :: 142.93.18.7 0.092 - [17/Feb/2020:13:35:42 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1806 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-02-18 02:24:43
attackbotsspam	Automatic report - Banned IP Access	2020-02-11 18:36:36
attackbotsspam	Sniffing for wp-login	2019-12-09 13:09:27
attackspam	Banned for posting to wp-login.php without referer {"log":"eboney","pwd":"12345","wp-submit":"Log In","redirect_to":"http:\/\/ericslifkinrealtor.com\/wp-admin\/","testcookie":"1"}	2019-11-15 13:07:29
attackbotsspam	142.93.18.7 - - [07/Nov/2019:15:48:10 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [07/Nov/2019:15:48:10 +0100] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [07/Nov/2019:15:48:16 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [07/Nov/2019:15:48:16 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [07/Nov/2019:15:48:21 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.7 - - [07/Nov/2019:15:48:22 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-11-07 23:27:32
attackbotsspam	WordPress wp-login brute force :: 142.93.18.7 0.072 BYPASS [29/Oct/2019:07:19:39 0000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 1525 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-29 16:04:20

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.18.147	attack	Scan port	2023-10-20 12:45:18
142.93.18.147	attack	Scan port	2023-10-14 19:25:24
142.93.187.179	attackspam	port	2020-10-04 02:23:34
142.93.187.179	attackspam	Fail2Ban Ban Triggered	2020-10-03 18:10:02
142.93.18.203	attack	142.93.18.203 - - [30/Sep/2020:20:39:21 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.203 - - [30/Sep/2020:20:39:22 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.203 - - [30/Sep/2020:20:39:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-01 03:13:29
142.93.18.203	attack	142.93.18.203 - - [30/Sep/2020:05:19:30 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.203 - - [30/Sep/2020:05:19:31 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.203 - - [30/Sep/2020:05:19:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-30 19:28:22
142.93.18.203	attackbots	142.93.18.203 - - [23/Sep/2020:05:20:14 +0200] "POST /xmlrpc.php HTTP/1.1" 403 16732 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.203 - - [23/Sep/2020:05:48:05 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-23 20:49:08
142.93.18.203	attack	142.93.18.203 - - [23/Sep/2020:05:20:14 +0200] "POST /xmlrpc.php HTTP/1.1" 403 16732 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.203 - - [23/Sep/2020:05:48:05 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-23 13:09:51
142.93.18.203	attackspam	142.93.18.203 - - [22/Sep/2020:20:53:08 +0100] "POST /wp-login.php HTTP/1.1" 200 2213 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.203 - - [22/Sep/2020:20:53:15 +0100] "POST /wp-login.php HTTP/1.1" 200 2191 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.18.203 - - [22/Sep/2020:20:53:15 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-23 04:57:03
142.93.183.128	attackspambots	TCP port : 8443	2020-09-17 19:46:55
142.93.186.206	attackspam	" "	2020-09-16 12:16:49
142.93.186.206	attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-16 04:05:54
142.93.182.7	attackbots	142.93.182.7 - - [10/Sep/2020:17:24:11 +0100] "POST /wp-login.php HTTP/1.1" 200 4399 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.182.7 - - [10/Sep/2020:17:24:16 +0100] "POST /wp-login.php HTTP/1.1" 200 4399 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.182.7 - - [10/Sep/2020:17:24:16 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-11 03:33:57
142.93.182.7	attackbots	142.93.182.7 - - [10/Sep/2020:11:58:08 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.182.7 - - [10/Sep/2020:11:58:09 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.182.7 - - [10/Sep/2020:11:58:10 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-10 19:04:34
142.93.186.206	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-30 18:38:43

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.18.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5312
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.18.7.			IN	A

;; AUTHORITY SECTION:
.			545	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101801 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 19 09:36:37 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 7.18.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 7.18.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
211.252.85.11	attackspam	Aug 31 21:35:27 hcbb sshd\[23951\]: Invalid user play from 211.252.85.11 Aug 31 21:35:27 hcbb sshd\[23951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.252.85.11 Aug 31 21:35:29 hcbb sshd\[23951\]: Failed password for invalid user play from 211.252.85.11 port 51716 ssh2 Aug 31 21:41:00 hcbb sshd\[24490\]: Invalid user frontrow from 211.252.85.11 Aug 31 21:41:00 hcbb sshd\[24490\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.252.85.11	2019-09-01 21:33:23
202.112.237.228	attackbotsspam	Sep 1 11:12:28 minden010 sshd[30523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.112.237.228 Sep 1 11:12:30 minden010 sshd[30523]: Failed password for invalid user support from 202.112.237.228 port 48162 ssh2 Sep 1 11:14:43 minden010 sshd[31238]: Failed password for root from 202.112.237.228 port 39928 ssh2 ...	2019-09-01 21:58:37
43.242.135.130	attack	Sep 1 12:47:01 DAAP sshd[26117]: Invalid user psc from 43.242.135.130 port 60578 Sep 1 12:47:01 DAAP sshd[26117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.242.135.130 Sep 1 12:47:01 DAAP sshd[26117]: Invalid user psc from 43.242.135.130 port 60578 Sep 1 12:47:03 DAAP sshd[26117]: Failed password for invalid user psc from 43.242.135.130 port 60578 ssh2 Sep 1 12:52:05 DAAP sshd[26158]: Invalid user master from 43.242.135.130 port 41530 ...	2019-09-01 21:56:04
39.35.3.243	attackspam	Web App Attack	2019-09-01 21:42:29
41.87.72.102	attackbots	Aug 28 00:14:57 itv-usvr-01 sshd[15601]: Invalid user sou from 41.87.72.102	2019-09-01 21:23:39
106.52.26.30	attackbots	Sep 1 15:53:29 server sshd\[30823\]: Invalid user shao from 106.52.26.30 port 59920 Sep 1 15:53:29 server sshd\[30823\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.26.30 Sep 1 15:53:31 server sshd\[30823\]: Failed password for invalid user shao from 106.52.26.30 port 59920 ssh2 Sep 1 15:57:38 server sshd\[9985\]: User root from 106.52.26.30 not allowed because listed in DenyUsers Sep 1 15:57:38 server sshd\[9985\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.26.30 user=root	2019-09-01 21:16:08
82.64.45.6	attackspambots	Automatic report - Port Scan Attack	2019-09-01 21:53:16
212.85.35.205	attack	Unauthorised access (Sep 1) SRC=212.85.35.205 LEN=48 TTL=243 ID=51659 TCP DPT=3389 WINDOW=65535 SYN	2019-09-01 21:21:48
177.68.148.10	attackspam	Sep 1 14:48:48 cp sshd[11542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.68.148.10	2019-09-01 21:39:07
158.69.113.76	attack	Aug 30 11:33:05 vtv3 sshd\[19014\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.113.76 user=root Aug 30 11:33:07 vtv3 sshd\[19014\]: Failed password for root from 158.69.113.76 port 53152 ssh2 Aug 30 11:33:10 vtv3 sshd\[19014\]: Failed password for root from 158.69.113.76 port 53152 ssh2 Aug 30 11:33:13 vtv3 sshd\[19014\]: Failed password for root from 158.69.113.76 port 53152 ssh2 Aug 30 11:33:15 vtv3 sshd\[19014\]: Failed password for root from 158.69.113.76 port 53152 ssh2 Sep 1 12:14:24 vtv3 sshd\[4928\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.113.76 user=root Sep 1 12:14:26 vtv3 sshd\[4928\]: Failed password for root from 158.69.113.76 port 38868 ssh2 Sep 1 12:14:29 vtv3 sshd\[4928\]: Failed password for root from 158.69.113.76 port 38868 ssh2 Sep 1 12:14:31 vtv3 sshd\[4928\]: Failed password for root from 158.69.113.76 port 38868 ssh2 Sep 1 12:14:34 vtv3 sshd\[4928\]: Failed password f	2019-09-01 21:21:31
76.24.160.205	attack	Sep 1 13:57:37 SilenceServices sshd[10848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.24.160.205 Sep 1 13:57:38 SilenceServices sshd[10848]: Failed password for invalid user gong from 76.24.160.205 port 47660 ssh2 Sep 1 14:02:32 SilenceServices sshd[12816]: Failed password for root from 76.24.160.205 port 36622 ssh2	2019-09-01 21:26:18
89.248.160.193	attackspam	09/01/2019-09:07:29.929538 89.248.160.193 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 100	2019-09-01 21:14:45
139.99.144.191	attack	Sep 1 15:21:40 eventyay sshd[29749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.144.191 Sep 1 15:21:42 eventyay sshd[29749]: Failed password for invalid user abc123 from 139.99.144.191 port 32994 ssh2 Sep 1 15:26:50 eventyay sshd[31057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.144.191 ...	2019-09-01 21:31:04
36.156.24.43	attackbots	SSH Brute Force, server-1 sshd[664]: Failed password for root from 36.156.24.43 port 47488 ssh2	2019-09-01 21:44:10
106.13.56.45	attack	Sep 1 19:33:16 areeb-Workstation sshd[14748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.45 Sep 1 19:33:18 areeb-Workstation sshd[14748]: Failed password for invalid user irwang from 106.13.56.45 port 39140 ssh2 ...	2019-09-01 22:11:09

最近上报的IP列表

182.253.222.200	180.244.9.127	188.166.46.206	202.84.33.211
113.173.101.78	124.109.62.38	118.171.45.37	180.167.134.194
140.114.71.51	222.252.125.184	170.245.173.116	49.207.178.104
114.67.137.15	165.22.254.29	175.214.7.138	45.110.87.82
57.15.151.206	95.60.88.119	195.141.100.121	121.12.191.64