142.93.193.47 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	[2020-04-19 00:39:26] NOTICE[1170][C-00001f74] chan_sip.c: Call from '' (142.93.193.47:54507) to extension '901146406820514' rejected because extension not found in context 'public'. [2020-04-19 00:39:26] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-19T00:39:26.132-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="901146406820514",SessionID="0x7f6c08341c08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/142.93.193.47/54507",ACLName="no_extension_match" [2020-04-19 00:40:20] NOTICE[1170][C-00001f75] chan_sip.c: Call from '' (142.93.193.47:57474) to extension '801146406820514' rejected because extension not found in context 'public'. [2020-04-19 00:40:20] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-19T00:40:20.233-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="801146406820514",SessionID="0x7f6c08341c08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/ ...	2020-04-19 12:55:23

类型

评论内容

时间

attack

[2020-04-19 00:39:26] NOTICE[1170][C-00001f74] chan_sip.c: Call from '' (142.93.193.47:54507) to extension '901146406820514' rejected because extension not found in context 'public'.
[2020-04-19 00:39:26] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-19T00:39:26.132-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="901146406820514",SessionID="0x7f6c08341c08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/142.93.193.47/54507",ACLName="no_extension_match"
[2020-04-19 00:40:20] NOTICE[1170][C-00001f75] chan_sip.c: Call from '' (142.93.193.47:57474) to extension '801146406820514' rejected because extension not found in context 'public'.
[2020-04-19 00:40:20] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-19T00:40:20.233-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="801146406820514",SessionID="0x7f6c08341c08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/
...

2020-04-19 12:55:23

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.193.63	attackspam	142.93.193.63 - - \[13/Oct/2020:12:44:47 +0200\] "POST /wp-login.php HTTP/1.0" 200 5983 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - \[13/Oct/2020:12:44:48 +0200\] "POST /wp-login.php HTTP/1.0" 200 5815 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - \[13/Oct/2020:12:44:49 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-10-13 20:52:16
142.93.193.63	attack	142.93.193.63 - - [13/Oct/2020:02:53:30 +0100] "POST /wp-login.php HTTP/1.1" 200 2548 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [13/Oct/2020:02:53:32 +0100] "POST /wp-login.php HTTP/1.1" 200 2529 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [13/Oct/2020:02:53:32 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-13 12:21:48
142.93.193.63	attack	142.93.193.63 - - [12/Oct/2020:22:49:59 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [12/Oct/2020:22:50:00 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [12/Oct/2020:22:50:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-13 05:11:14
142.93.193.63	attackspambots	142.93.193.63 - - [12/Oct/2020:00:28:27 +0100] "POST /wp-login.php HTTP/1.1" 200 2503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [12/Oct/2020:00:28:29 +0100] "POST /wp-login.php HTTP/1.1" 200 2479 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [12/Oct/2020:00:28:31 +0100] "POST /wp-login.php HTTP/1.1" 200 2519 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-12 07:55:49
142.93.193.63	attackspambots	142.93.193.63 - - [10/Oct/2020:23:36:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2302 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [10/Oct/2020:23:36:41 +0100] "POST /wp-login.php HTTP/1.1" 200 2238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [10/Oct/2020:23:36:43 +0100] "POST /wp-login.php HTTP/1.1" 200 2282 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-12 00:13:01
142.93.193.63	attack	142.93.193.63 - - [10/Oct/2020:23:36:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2302 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [10/Oct/2020:23:36:41 +0100] "POST /wp-login.php HTTP/1.1" 200 2238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [10/Oct/2020:23:36:43 +0100] "POST /wp-login.php HTTP/1.1" 200 2282 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-11 16:11:20
142.93.193.63	attackspambots	142.93.193.63 - - [10/Oct/2020:23:36:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2302 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [10/Oct/2020:23:36:41 +0100] "POST /wp-login.php HTTP/1.1" 200 2238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [10/Oct/2020:23:36:43 +0100] "POST /wp-login.php HTTP/1.1" 200 2282 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-11 09:30:22
142.93.193.63	attack	Trolling for resource vulnerabilities	2020-10-03 03:28:53
142.93.193.63	attackbotsspam	Trolling for resource vulnerabilities	2020-10-03 02:18:53
142.93.193.63	attack	142.93.193.63 - - [02/Oct/2020:09:22:58 +0100] "POST /wp-login.php HTTP/1.1" 200 2598 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [02/Oct/2020:09:23:00 +0100] "POST /wp-login.php HTTP/1.1" 200 2540 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [02/Oct/2020:09:23:01 +0100] "POST /wp-login.php HTTP/1.1" 200 2583 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-02 22:47:40
142.93.193.63	attackspam	142.93.193.63 - - [02/Oct/2020:09:22:58 +0100] "POST /wp-login.php HTTP/1.1" 200 2598 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [02/Oct/2020:09:23:00 +0100] "POST /wp-login.php HTTP/1.1" 200 2540 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [02/Oct/2020:09:23:01 +0100] "POST /wp-login.php HTTP/1.1" 200 2583 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-02 19:19:00
142.93.193.63	attackbots	142.93.193.63 - - [02/Oct/2020:06:06:25 +0100] "POST /wp-login.php HTTP/1.1" 200 2426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [02/Oct/2020:06:06:26 +0100] "POST /wp-login.php HTTP/1.1" 200 2443 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [02/Oct/2020:06:06:27 +0100] "POST /wp-login.php HTTP/1.1" 200 2441 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-02 15:54:41
142.93.193.63	attack	142.93.193.63 - - [02/Oct/2020:02:38:46 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [02/Oct/2020:02:38:47 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [02/Oct/2020:02:38:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-02 12:09:24
142.93.193.63	attack	142.93.193.63 - - [19/Sep/2020:17:35:57 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [19/Sep/2020:17:42:16 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15713 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-20 01:54:01
142.93.193.63	attackspambots	142.93.193.63 - - [19/Sep/2020:07:59:14 +0000] "POST /wp-login.php HTTP/1.1" 200 2075 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.193.63 - - [19/Sep/2020:07:59:16 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.193.63 - - [19/Sep/2020:07:59:19 +0000] "POST /wp-login.php HTTP/1.1" 200 2049 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.193.63 - - [19/Sep/2020:07:59:21 +0000] "POST /wp-login.php HTTP/1.1" 200 2049 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.193.63 - - [19/Sep/2020:07:59:22 +0000] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"	2020-09-19 17:44:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.193.47
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19409
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.193.47.			IN	A

;; AUTHORITY SECTION:
.			539	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041801 1800 900 604800 86400

;; Query time: 88 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 19 12:55:15 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 47.193.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 47.193.93.142.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
89.248.160.178	attackspam	Fail2Ban Ban Triggered	2020-06-18 17:49:09
106.75.254.144	attackspam	Invalid user chn from 106.75.254.144 port 54068	2020-06-18 17:45:23
39.59.101.59	attack	IP 39.59.101.59 attacked honeypot on port: 8080 at 6/17/2020 8:49:59 PM	2020-06-18 17:50:23
103.233.0.199	attackspam	103.233.0.199 - - \[18/Jun/2020:05:49:06 +0200\] "POST /wp-login.php HTTP/1.0" 200 5993 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 103.233.0.199 - - \[18/Jun/2020:05:49:10 +0200\] "POST /wp-login.php HTTP/1.0" 200 5821 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 103.233.0.199 - - \[18/Jun/2020:05:49:11 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 904 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-06-18 18:20:11
115.233.218.205	attack	Unauthorized connection attempt detected from IP address 115.233.218.205 to port 119 [T]	2020-06-18 18:12:31
112.85.42.238	attackbots	Jun 18 09:24:13 odroid64 sshd\[26034\]: User root from 112.85.42.238 not allowed because not listed in AllowUsers Jun 18 09:24:14 odroid64 sshd\[26034\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.238 user=root ...	2020-06-18 18:08:54
94.23.179.199	attack	Jun 18 07:46:25 vlre-nyc-1 sshd\[30937\]: Invalid user hp from 94.23.179.199 Jun 18 07:46:25 vlre-nyc-1 sshd\[30937\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.179.199 Jun 18 07:46:27 vlre-nyc-1 sshd\[30937\]: Failed password for invalid user hp from 94.23.179.199 port 46408 ssh2 Jun 18 07:49:38 vlre-nyc-1 sshd\[31050\]: Invalid user andreas from 94.23.179.199 Jun 18 07:49:38 vlre-nyc-1 sshd\[31050\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.179.199 ...	2020-06-18 17:57:57
45.148.10.94	attackbotsspam	TCP (SYN) 45.148.10.94:33850 -> port 143, len 44	2020-06-18 18:12:47
182.61.37.144	attackbotsspam	Jun 18 03:56:43 django-0 sshd[8350]: Invalid user deploy from 182.61.37.144 ...	2020-06-18 17:55:04
121.241.244.92	attack	Invalid user 22 from 121.241.244.92 port 49716	2020-06-18 18:15:16
210.56.16.103	attack	firewall-block, port(s): 445/tcp	2020-06-18 17:41:26
178.34.107.88	attack	firewall-block, port(s): 445/tcp	2020-06-18 17:44:00
112.85.42.237	attackspambots	Jun 18 05:26:19 NPSTNNYC01T sshd[24326]: Failed password for root from 112.85.42.237 port 64334 ssh2 Jun 18 05:26:21 NPSTNNYC01T sshd[24326]: Failed password for root from 112.85.42.237 port 64334 ssh2 Jun 18 05:26:23 NPSTNNYC01T sshd[24326]: Failed password for root from 112.85.42.237 port 64334 ssh2 ...	2020-06-18 18:02:55
213.111.245.224	attack	$f2bV_matches	2020-06-18 17:52:55
61.93.240.65	attack	Fail2Ban Ban Triggered	2020-06-18 17:47:04

最近上报的IP列表

106.12.147.216	79.139.18.109	75.192.1.170	85.255.75.229
120.239.94.253	160.5.235.102	116.55.70.133	84.216.238.135
159.100.100.115	155.241.36.148	12.123.48.175	94.189.215.13
255.207.11.24	196.26.2.12	81.195.113.33	190.171.54.66
173.23.198.148	2.89.27.247	145.182.111.148	15.191.143.92