142.93.3.219 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	/new_license.php.suspected?check=1	2019-06-21 21:39:37

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.38.61	attack	2020-10-04T22:17:03.096869ollin.zadara.org sshd[228319]: User root from 142.93.38.61 not allowed because not listed in AllowUsers 2020-10-04T22:17:04.630811ollin.zadara.org sshd[228319]: Failed password for invalid user root from 142.93.38.61 port 35560 ssh2 ...	2020-10-05 03:31:22
142.93.38.61	attackspam	Oct 4 05:53:17 serwer sshd\[12235\]: Invalid user carlos from 142.93.38.61 port 35074 Oct 4 05:53:17 serwer sshd\[12235\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.38.61 Oct 4 05:53:19 serwer sshd\[12235\]: Failed password for invalid user carlos from 142.93.38.61 port 35074 ssh2 ...	2020-10-04 19:18:49
142.93.34.237	attackbots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-01 18:50:53
142.93.37.178	attackbotsspam	Scan or attack attempt on email service.	2020-09-26 03:20:11
142.93.37.178	attack	Scan or attack attempt on email service.	2020-09-25 19:11:06
142.93.35.169	attack	142.93.35.169 - - [23/Sep/2020:12:34:19 +0100] "POST /wp-login.php HTTP/1.1" 200 2354 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.35.169 - - [23/Sep/2020:12:34:20 +0100] "POST /wp-login.php HTTP/1.1" 200 2394 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.35.169 - - [23/Sep/2020:12:34:20 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-23 20:23:00
142.93.35.169	attackbots	142.93.35.169 - - [23/Sep/2020:03:20:18 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.35.169 - - [23/Sep/2020:03:34:25 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-23 12:46:31
142.93.35.169	attackspambots	Automatic report - XMLRPC Attack	2020-09-23 04:31:15
142.93.35.169	attackbotsspam	Automatic report - XMLRPC Attack	2020-09-21 00:35:31
142.93.34.237	attack	scans 2 times in preceeding hours on the ports (in chronological order) 2812 2812	2020-09-20 22:48:04
142.93.35.169	attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-09-20 16:28:10
142.93.34.237	attackbotsspam	(sshd) Failed SSH login from 142.93.34.237 (GB/United Kingdom/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 20 02:32:21 optimus sshd[18174]: Invalid user postgres from 142.93.34.237 Sep 20 02:32:21 optimus sshd[18174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Sep 20 02:32:23 optimus sshd[18174]: Failed password for invalid user postgres from 142.93.34.237 port 53744 ssh2 Sep 20 02:34:07 optimus sshd[19447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 user=root Sep 20 02:34:09 optimus sshd[19447]: Failed password for root from 142.93.34.237 port 47652 ssh2	2020-09-20 14:39:11
142.93.34.237	attackbots	[ssh] SSH attack	2020-09-20 06:38:03
142.93.35.169	attackbotsspam	xmlrpc attack	2020-09-12 02:21:01
142.93.35.169	attackspam	xmlrpc attack	2020-09-11 18:13:57

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.3.219
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29315
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.3.219.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062100 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jun 21 21:39:28 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 219.3.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 219.3.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
175.19.30.46	attackbots	2019-10-10T07:36:27.111596tmaserv sshd\[2048\]: Invalid user 0O9I8U from 175.19.30.46 port 39878 2019-10-10T07:36:27.116461tmaserv sshd\[2048\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.19.30.46 2019-10-10T07:36:29.001980tmaserv sshd\[2048\]: Failed password for invalid user 0O9I8U from 175.19.30.46 port 39878 ssh2 2019-10-10T07:40:34.629781tmaserv sshd\[2069\]: Invalid user 0O9I8U from 175.19.30.46 port 45920 2019-10-10T07:40:34.634422tmaserv sshd\[2069\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.19.30.46 2019-10-10T07:40:36.429963tmaserv sshd\[2069\]: Failed password for invalid user 0O9I8U from 175.19.30.46 port 45920 ssh2 ...	2019-10-10 13:24:44
163.172.144.228	attack	Oct 10 06:11:41 SilenceServices sshd[28396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.144.228 Oct 10 06:11:43 SilenceServices sshd[28396]: Failed password for invalid user p455w0rd@2017 from 163.172.144.228 port 41660 ssh2 Oct 10 06:14:59 SilenceServices sshd[29257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.144.228	2019-10-10 13:07:14
60.221.255.176	attackbots	Oct 10 00:43:28 plusreed sshd[19236]: Invalid user Mouse@123 from 60.221.255.176 ...	2019-10-10 13:00:56
51.254.131.137	attack	$f2bV_matches	2019-10-10 13:29:52
46.101.76.236	attackspambots	Oct 10 06:59:14 MK-Soft-Root2 sshd[14228]: Failed password for root from 46.101.76.236 port 37442 ssh2 ...	2019-10-10 13:16:03
62.234.97.45	attack	Oct 10 06:51:10 www sshd\[80391\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.97.45 user=root Oct 10 06:51:12 www sshd\[80391\]: Failed password for root from 62.234.97.45 port 36380 ssh2 Oct 10 06:55:12 www sshd\[80438\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.97.45 user=root ...	2019-10-10 12:45:15
121.66.224.90	attackbots	Oct 9 18:31:31 php1 sshd\[792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.66.224.90 user=root Oct 9 18:31:32 php1 sshd\[792\]: Failed password for root from 121.66.224.90 port 45386 ssh2 Oct 9 18:36:12 php1 sshd\[1363\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.66.224.90 user=root Oct 9 18:36:15 php1 sshd\[1363\]: Failed password for root from 121.66.224.90 port 56792 ssh2 Oct 9 18:40:51 php1 sshd\[1992\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.66.224.90 user=root	2019-10-10 13:04:08
222.186.180.9	attackspam	Oct 10 07:00:10 rotator sshd\[16692\]: Failed password for root from 222.186.180.9 port 1878 ssh2Oct 10 07:00:13 rotator sshd\[16692\]: Failed password for root from 222.186.180.9 port 1878 ssh2Oct 10 07:00:18 rotator sshd\[16692\]: Failed password for root from 222.186.180.9 port 1878 ssh2Oct 10 07:00:22 rotator sshd\[16692\]: Failed password for root from 222.186.180.9 port 1878 ssh2Oct 10 07:00:27 rotator sshd\[16692\]: Failed password for root from 222.186.180.9 port 1878 ssh2Oct 10 07:00:38 rotator sshd\[17472\]: Failed password for root from 222.186.180.9 port 13970 ssh2 ...	2019-10-10 13:09:33
109.86.244.225	attack	2019-10-09 22:53:58 H=(225.244.86.109.triolan.net) [109.86.244.225]:33774 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3, 127.0.0.11) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-10-09 22:53:59 H=(225.244.86.109.triolan.net) [109.86.244.225]:33774 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.11, 127.0.0.3) (https://www.spamhaus.org/query/ip/109.86.244.225) 2019-10-09 22:53:59 H=(225.244.86.109.triolan.net) [109.86.244.225]:33774 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.11, 127.0.0.3) (https://www.spamhaus.org/query/ip/109.86.244.225) ...	2019-10-10 13:22:49
81.22.45.251	attackspambots	Oct 10 03:49:50 TCP Attack: SRC=81.22.45.251 DST=[Masked] LEN=40 TOS=0x08 PREC=0x20 TTL=240 PROTO=TCP SPT=44505 DPT=5430 WINDOW=1024 RES=0x00 SYN URGP=0	2019-10-10 13:41:19
111.230.13.11	attack	Oct 10 06:45:31 www sshd\[34951\]: Failed password for root from 111.230.13.11 port 49342 ssh2Oct 10 06:49:58 www sshd\[35304\]: Failed password for root from 111.230.13.11 port 54978 ssh2Oct 10 06:54:23 www sshd\[35485\]: Failed password for root from 111.230.13.11 port 60618 ssh2 ...	2019-10-10 13:10:30
138.219.228.96	attackspam	Oct 10 06:53:09 legacy sshd[20155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.219.228.96 Oct 10 06:53:11 legacy sshd[20155]: Failed password for invalid user Holiday@123 from 138.219.228.96 port 38514 ssh2 Oct 10 06:58:09 legacy sshd[20323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.219.228.96 ...	2019-10-10 13:11:33
187.1.57.210	attackspam	Oct 10 10:36:48 areeb-Workstation sshd[4642]: Failed password for root from 187.1.57.210 port 45664 ssh2 ...	2019-10-10 13:12:22
51.77.158.252	attackbotsspam	51.77.158.252 - - [10/Oct/2019:05:54:35 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.77.158.252 - - [10/Oct/2019:05:54:35 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.77.158.252 - - [10/Oct/2019:05:54:36 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.77.158.252 - - [10/Oct/2019:05:54:36 +0200] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.77.158.252 - - [10/Oct/2019:05:54:36 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.77.158.252 - - [10/Oct/2019:05:54:37 +0200] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-10 13:05:27
103.255.216.166	attackspam	Oct 10 06:14:47 andromeda sshd\[51334\]: Invalid user git from 103.255.216.166 port 39856 Oct 10 06:14:47 andromeda sshd\[51334\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.255.216.166 Oct 10 06:14:49 andromeda sshd\[51334\]: Failed password for invalid user git from 103.255.216.166 port 39856 ssh2	2019-10-10 13:03:43

最近上报的IP列表

220.118.124.195	118.96.241.198	175.175.136.255	114.156.2.98
60.209.18.160	46.105.156.149	182.32.170.156	1.1.134.194
41.46.87.228	201.77.171.204	177.8.155.38	217.125.101.178
68.183.60.93	123.178.134.34	61.93.126.108	37.114.164.217
180.253.98.107	101.99.13.137	221.203.125.212	220.245.192.195