142.93.237.140

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Oct 10 21:19:20 friendsofhawaii sshd\[8439\]: Invalid user Visitateur-123 from 142.93.237.140 Oct 10 21:19:20 friendsofhawaii sshd\[8439\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.140 Oct 10 21:19:23 friendsofhawaii sshd\[8439\]: Failed password for invalid user Visitateur-123 from 142.93.237.140 port 56042 ssh2 Oct 10 21:23:20 friendsofhawaii sshd\[8755\]: Invalid user 123@P@ssword from 142.93.237.140 Oct 10 21:23:20 friendsofhawaii sshd\[8755\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.140	2019-10-11 19:39:43
attackbots	Oct 8 22:02:32 vtv3 sshd\[19313\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.140 user=root Oct 8 22:02:35 vtv3 sshd\[19313\]: Failed password for root from 142.93.237.140 port 42976 ssh2 Oct 8 22:05:59 vtv3 sshd\[21496\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.140 user=root Oct 8 22:06:00 vtv3 sshd\[21496\]: Failed password for root from 142.93.237.140 port 55286 ssh2 Oct 8 22:09:27 vtv3 sshd\[23444\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.140 user=root Oct 8 22:20:30 vtv3 sshd\[30627\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.140 user=root Oct 8 22:20:31 vtv3 sshd\[30627\]: Failed password for root from 142.93.237.140 port 48066 ssh2 Oct 8 22:24:08 vtv3 sshd\[378\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rh	2019-10-09 05:24:53
attackbotsspam	$f2bV_matches	2019-09-26 23:12:39
attackbots	Sep 23 07:53:49 mail sshd\[27062\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.140 Sep 23 07:53:50 mail sshd\[27062\]: Failed password for invalid user kbecker from 142.93.237.140 port 44586 ssh2 Sep 23 07:57:59 mail sshd\[27516\]: Invalid user dk from 142.93.237.140 port 57674 Sep 23 07:57:59 mail sshd\[27516\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.140 Sep 23 07:58:02 mail sshd\[27516\]: Failed password for invalid user dk from 142.93.237.140 port 57674 ssh2	2019-09-23 14:11:40
attackspam	Sep 17 00:58:26 SilenceServices sshd[20905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.140 Sep 17 00:58:28 SilenceServices sshd[20905]: Failed password for invalid user columbia from 142.93.237.140 port 50202 ssh2 Sep 17 01:02:30 SilenceServices sshd[22458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.140	2019-09-17 08:59:33
attackspambots	2019-09-11T10:50:51.194137abusebot-6.cloudsearch.cf sshd\[14439\]: Invalid user user1 from 142.93.237.140 port 42648	2019-09-11 19:06:06
attackspambots	Aug 16 14:52:02 php2 sshd\[16284\]: Invalid user byu123 from 142.93.237.140 Aug 16 14:52:02 php2 sshd\[16284\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.140 Aug 16 14:52:04 php2 sshd\[16284\]: Failed password for invalid user byu123 from 142.93.237.140 port 56344 ssh2 Aug 16 14:56:17 php2 sshd\[17003\]: Invalid user torr1ent from 142.93.237.140 Aug 16 14:56:17 php2 sshd\[17003\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.140	2019-08-17 11:11:23
attackspambots	Aug 3 20:15:14 www sshd\[53793\]: Invalid user maurta from 142.93.237.140Aug 3 20:15:16 www sshd\[53793\]: Failed password for invalid user maurta from 142.93.237.140 port 59140 ssh2Aug 3 20:19:16 www sshd\[53946\]: Invalid user yang from 142.93.237.140 ...	2019-08-04 08:31:54

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.237.57	attack	Multiport scan 2 ports : 1583 27080	2020-10-12 21:16:28
142.93.237.57	attack	1089/tcp 5984/tcp [2020-10-11]2pkt	2020-10-12 12:46:46
142.93.237.233	attackbotsspam	Jul 3 06:10:52 server sshd\[22469\]: Invalid user globe from 142.93.237.233 Jul 3 06:10:52 server sshd\[22469\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.233 Jul 3 06:10:54 server sshd\[22469\]: Failed password for invalid user globe from 142.93.237.233 port 51934 ssh2 ...	2019-07-12 04:51:33
142.93.237.233	attackspam	$f2bV_matches	2019-07-11 19:30:17
142.93.237.233	attackbots	Jul 9 16:23:30 srv-4 sshd\[20460\]: Invalid user ls from 142.93.237.233 Jul 9 16:23:30 srv-4 sshd\[20460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.233 Jul 9 16:23:32 srv-4 sshd\[20460\]: Failed password for invalid user ls from 142.93.237.233 port 47210 ssh2 ...	2019-07-10 06:26:14
142.93.237.233	attackspambots	Invalid user silas from 142.93.237.233 port 44572 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.233 Failed password for invalid user silas from 142.93.237.233 port 44572 ssh2 Invalid user crv from 142.93.237.233 port 43922 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.237.233	2019-07-07 10:03:21

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.237.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63600
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.237.140.			IN	A

;; AUTHORITY SECTION:
.			1848	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072900 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 29 17:48:57 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 140.237.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 140.237.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.180.223	attackbots	Failed password for root from 222.186.180.223 port 51294 ssh2 Failed password for root from 222.186.180.223 port 51294 ssh2 Failed password for root from 222.186.180.223 port 51294 ssh2 Failed password for root from 222.186.180.223 port 51294 ssh2	2020-09-22 05:58:35
51.38.70.175	attackbots	Sep 21 23:50:39 jane sshd[32529]: Failed password for root from 51.38.70.175 port 33970 ssh2 ...	2020-09-22 06:01:11
5.62.143.204	attackspam	Sep 21 15:09:50 askasleikir sshd[13756]: Failed password for invalid user edo from 5.62.143.204 port 59480 ssh2	2020-09-22 06:24:06
45.143.221.8	attack	firewall-block, port(s): 5060/udp	2020-09-22 06:23:45
170.130.187.46	attack	TCP (SYN) 170.130.187.46:55857 -> port 5900, len 44	2020-09-22 06:09:16
103.130.213.150	attackspambots	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-09-22 05:58:57
13.68.101.242	attackbotsspam	IP 13.68.101.242 attacked honeypot on port: 3389 at 9/21/2020 10:03:00 AM	2020-09-22 06:07:13
190.111.151.194	attack	20 attempts against mh-ssh on rose	2020-09-22 06:14:04
72.167.222.102	attackspam	72.167.222.102 - - \[22/Sep/2020:00:16:15 +0200\] "POST /wp-login.php HTTP/1.0" 200 8660 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 72.167.222.102 - - \[22/Sep/2020:00:16:17 +0200\] "POST /wp-login.php HTTP/1.0" 200 8527 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 72.167.222.102 - - \[22/Sep/2020:00:16:19 +0200\] "POST /wp-login.php HTTP/1.0" 200 8523 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-09-22 06:32:08
165.22.101.100	attackbotsspam	165.22.101.100 - - \[21/Sep/2020:23:20:09 +0200\] "POST /wp-login.php HTTP/1.0" 200 4128 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 165.22.101.100 - - \[21/Sep/2020:23:20:12 +0200\] "POST /wp-login.php HTTP/1.0" 200 3955 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 165.22.101.100 - - \[21/Sep/2020:23:20:13 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-09-22 06:17:53
47.91.44.93	attack	SSH Honeypot -> SSH Bruteforce / Login	2020-09-22 06:16:35
186.188.149.60	attackspambots	Sep 21 17:01:34 ssh2 sshd[36032]: Invalid user pi from 186.188.149.60 port 49458 Sep 21 17:01:34 ssh2 sshd[36032]: Failed password for invalid user pi from 186.188.149.60 port 49458 ssh2 Sep 21 17:01:35 ssh2 sshd[36032]: Connection closed by invalid user pi 186.188.149.60 port 49458 [preauth] ...	2020-09-22 06:24:30
80.6.35.239	attackspambots	80.6.35.239 - - [21/Sep/2020:18:31:16 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 80.6.35.239 - - [21/Sep/2020:18:31:16 +0100] "POST /wp-login.php HTTP/1.1" 200 7659 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 80.6.35.239 - - [21/Sep/2020:18:41:54 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" ...	2020-09-22 06:11:15
34.64.218.102	attack	34.64.218.102 - - [21/Sep/2020:19:13:50 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.64.218.102 - - [21/Sep/2020:19:13:53 +0100] "POST /wp-login.php HTTP/1.1" 200 1929 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.64.218.102 - - [21/Sep/2020:19:13:54 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-22 06:25:13
101.78.149.142	attackspambots	(sshd) Failed SSH login from 101.78.149.142 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 21 14:32:11 optimus sshd[10507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.149.142 user=root Sep 21 14:32:13 optimus sshd[10507]: Failed password for root from 101.78.149.142 port 55904 ssh2 Sep 21 14:36:05 optimus sshd[14234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.149.142 user=root Sep 21 14:36:07 optimus sshd[14234]: Failed password for root from 101.78.149.142 port 37964 ssh2 Sep 21 14:39:58 optimus sshd[17980]: Invalid user hadoop from 101.78.149.142	2020-09-22 06:10:33

最近上报的IP列表

103.38.215.150	29.109.112.21	48.161.95.81	223.158.15.48
76.222.114.36	180.49.29.236	138.174.224.94	223.244.250.99
163.172.36.149	119.92.140.39	109.242.193.148	160.16.95.154
93.177.66.166	42.118.70.6	188.128.242.115	61.154.196.178
165.227.172.10	97.113.253.245	159.65.12.183	98.140.155.90