142.93.66.71 - IPInfo

基本信息:

城市(city): Clifton

省份(region): New Jersey

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.66.165	attackbots	MYH,DEF GET /wp-login.php	2020-10-03 06:22:50
142.93.66.165	attack	142.93.66.165 - - [02/Oct/2020:07:28:05 +0000] "POST /wp-login.php HTTP/1.1" 200 2077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:08 +0000] "POST /wp-login.php HTTP/1.1" 200 2055 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:10 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:12 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:14 +0000] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"	2020-10-03 01:50:22
142.93.66.165	attackspam	142.93.66.165 - - [02/Oct/2020:07:28:05 +0000] "POST /wp-login.php HTTP/1.1" 200 2077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:08 +0000] "POST /wp-login.php HTTP/1.1" 200 2055 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:10 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:12 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:14 +0000] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"	2020-10-02 22:18:34
142.93.66.165	attack	142.93.66.165 - - [02/Oct/2020:07:28:05 +0000] "POST /wp-login.php HTTP/1.1" 200 2077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:08 +0000] "POST /wp-login.php HTTP/1.1" 200 2055 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:10 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:12 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:14 +0000] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"	2020-10-02 18:51:05
142.93.66.165	attackbots	CMS (WordPress or Joomla) login attempt.	2020-10-02 15:26:09
142.93.66.165	attackspambots	php WP PHPmyadamin ABUSE blocked for 12h	2020-09-12 23:21:36
142.93.66.165	attack	142.93.66.165 - - [11/Sep/2020:23:30:54 +0100] "POST /wp-login.php HTTP/1.1" 200 1874 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.66.165 - - [11/Sep/2020:23:30:55 +0100] "POST /wp-login.php HTTP/1.1" 200 1858 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.66.165 - - [11/Sep/2020:23:30:56 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-12 15:26:12
142.93.66.165	attackbotsspam	142.93.66.165 - - [11/Sep/2020:23:30:54 +0100] "POST /wp-login.php HTTP/1.1" 200 1874 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.66.165 - - [11/Sep/2020:23:30:55 +0100] "POST /wp-login.php HTTP/1.1" 200 1858 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.66.165 - - [11/Sep/2020:23:30:56 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-12 07:12:00
142.93.66.165	attack	142.93.66.165 - - [09/Sep/2020:09:29:03 +0200] "GET /wp-login.php HTTP/1.1" 200 9184 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.66.165 - - [09/Sep/2020:09:29:04 +0200] "POST /wp-login.php HTTP/1.1" 200 9435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.66.165 - - [09/Sep/2020:09:29:05 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-09 16:02:19
142.93.66.165	attackspambots	Automatic report - XMLRPC Attack	2020-09-09 08:12:08
142.93.66.165	attackbots	xmlrpc attack	2020-09-01 17:06:11
142.93.66.165	attackbots	142.93.66.165 - - [31/Aug/2020:20:17:14 +0200] "POST /wp-login.php HTTP/1.0" 200 4747 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-01 02:25:34
142.93.66.165	attackbotsspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-08-28 14:33:59
142.93.66.165	attack	142.93.66.165 - - [23/Aug/2020:07:45:33 +0200] "GET /wp-login.php HTTP/1.1" 200 8691 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.66.165 - - [23/Aug/2020:07:45:36 +0200] "POST /wp-login.php HTTP/1.1" 200 8921 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.66.165 - - [23/Aug/2020:07:45:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-23 14:25:36
142.93.66.165	attackspambots	142.93.66.165 - - [12/Aug/2020:22:32:34 +0100] "POST /wp-login.php HTTP/1.1" 200 2080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.66.165 - - [12/Aug/2020:22:32:35 +0100] "POST /wp-login.php HTTP/1.1" 200 2059 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.66.165 - - [12/Aug/2020:22:32:37 +0100] "POST /wp-login.php HTTP/1.1" 200 2062 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-13 07:02:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.66.71
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20023
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;142.93.66.71.			IN	A

;; AUTHORITY SECTION:
.			530	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022070300 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jul 03 16:04:10 CST 2022
;; MSG SIZE  rcvd: 105

HOST信息:

Host 71.66.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 71.66.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
162.247.73.192	attackbots	Sep 4 13:59:21 bouncer sshd\[31985\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.247.73.192 user=root Sep 4 13:59:23 bouncer sshd\[31985\]: Failed password for root from 162.247.73.192 port 43196 ssh2 Sep 4 13:59:26 bouncer sshd\[31985\]: Failed password for root from 162.247.73.192 port 43196 ssh2 ...	2019-09-04 20:14:08
149.129.242.80	attack	Sep 4 11:41:46 mail1 sshd\[11265\]: Invalid user mock from 149.129.242.80 port 34382 Sep 4 11:41:46 mail1 sshd\[11265\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.242.80 Sep 4 11:41:48 mail1 sshd\[11265\]: Failed password for invalid user mock from 149.129.242.80 port 34382 ssh2 Sep 4 11:54:44 mail1 sshd\[17094\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.242.80 user=root Sep 4 11:54:46 mail1 sshd\[17094\]: Failed password for root from 149.129.242.80 port 42726 ssh2 ...	2019-09-04 20:31:06
120.0.139.225	attackspam	8081/tcp 37215/tcp... [2019-08-16/09-04]6pkt,2pt.(tcp)	2019-09-04 20:09:18
5.160.219.228	attackspambots	Sep 3 17:35:42 php1 sshd\[3730\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.160.219.228 user=root Sep 3 17:35:44 php1 sshd\[3730\]: Failed password for root from 5.160.219.228 port 49288 ssh2 Sep 3 17:40:23 php1 sshd\[4277\]: Invalid user aaaa from 5.160.219.228 Sep 3 17:40:23 php1 sshd\[4277\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.160.219.228 Sep 3 17:40:26 php1 sshd\[4277\]: Failed password for invalid user aaaa from 5.160.219.228 port 36798 ssh2	2019-09-04 20:15:43
122.176.44.163	attackspambots	Sep 4 04:09:44 *** sshd[6265]: Invalid user cniac from 122.176.44.163	2019-09-04 20:06:00
117.188.196.209	attack	Sep406:32:16server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[forum-wbp]Sep406:32:23server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[www]Sep406:32:30server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[www]Sep406:32:35server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[www]Sep406:32:40server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[forum-wbp]Sep406:32:45server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[forum-wbp]Sep406:32:52server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[forum-wbp]Sep406:32:58server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[www]Sep406:33:06server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[www]Sep406:33:11server4pure-ftpd:\(\?@117.188.196.209\)[WARNING]Authenticationfailedforuser[forum-wbp]	2019-09-04 19:59:59
200.121.199.228	attack	Sep406:27:38server4pure-ftpd:\(\?@120.194.35.178\)[WARNING]Authenticationfailedforuser[www]Sep406:27:56server4pure-ftpd:\(\?@120.194.35.178\)[WARNING]Authenticationfailedforuser[www]Sep406:32:07server4pure-ftpd:\(\?@200.121.199.228\)[WARNING]Authenticationfailedforuser[www]Sep406:32:12server4pure-ftpd:\(\?@200.121.199.228\)[WARNING]Authenticationfailedforuser[www]Sep405:51:45server4pure-ftpd:\(\?@220.173.30.77\)[WARNING]Authenticationfailedforuser[www]Sep405:52:24server4pure-ftpd:\(\?@220.173.30.77\)[WARNING]Authenticationfailedforuser[www]Sep405:51:50server4pure-ftpd:\(\?@220.173.30.77\)[WARNING]Authenticationfailedforuser[www]Sep405:52:08server4pure-ftpd:\(\?@220.173.30.77\)[WARNING]Authenticationfailedforuser[www]Sep406:27:51server4pure-ftpd:\(\?@120.194.35.178\)[WARNING]Authenticationfailedforuser[www]Sep406:28:02server4pure-ftpd:\(\?@120.194.35.178\)[WARNING]Authenticationfailedforuser[www]IPAddressesBlocked:120.194.35.178\(CN/China/-\)	2019-09-04 20:00:36
117.50.99.9	attack	Sep 4 13:49:54 markkoudstaal sshd[24054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.9 Sep 4 13:49:56 markkoudstaal sshd[24054]: Failed password for invalid user support from 117.50.99.9 port 39020 ssh2 Sep 4 13:54:24 markkoudstaal sshd[24478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.9	2019-09-04 20:09:59
83.3.172.122	attackspambots	19/9/4@01:25:32: FAIL: Alarm-Intrusion address from=83.3.172.122 ...	2019-09-04 20:07:04
111.8.122.11	attackspam	Automatic report - Port Scan Attack	2019-09-04 19:59:32
14.177.133.28	attackbotsspam	Sep 4 04:51:14 h2022099 sshd[18624]: Address 14.177.133.28 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Sep 4 04:51:14 h2022099 sshd[18624]: Invalid user admin from 14.177.133.28 Sep 4 04:51:14 h2022099 sshd[18624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.177.133.28 Sep 4 04:51:16 h2022099 sshd[18624]: Failed password for invalid user admin from 14.177.133.28 port 49871 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.177.133.28	2019-09-04 20:43:48
51.255.171.51	attackspambots	Sep 4 05:16:37 minden010 sshd[17992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.171.51 Sep 4 05:16:39 minden010 sshd[17992]: Failed password for invalid user philip from 51.255.171.51 port 48836 ssh2 Sep 4 05:20:54 minden010 sshd[19432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.171.51 ...	2019-09-04 20:04:16
78.155.208.231	attackspam	Sep 3 21:59:07 web9 sshd\[22974\]: Invalid user user6 from 78.155.208.231 Sep 3 21:59:07 web9 sshd\[22974\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.155.208.231 Sep 3 21:59:09 web9 sshd\[22974\]: Failed password for invalid user user6 from 78.155.208.231 port 50344 ssh2 Sep 3 22:08:10 web9 sshd\[25088\]: Invalid user cotiza from 78.155.208.231 Sep 3 22:08:10 web9 sshd\[25088\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.155.208.231	2019-09-04 20:02:11
201.231.58.69	attackbots	Sep 4 12:37:10 xb0 postfix/smtpd[3059]: connect from 69-58-231-201.fibertel.com.ar[201.231.58.69] Sep 4 12:37:11 xb0 postgrey[1206]: action=pass, reason=recipient whhostnameelist, client_name=69-58-231-201.fibertel.com.ar, client_address=201.231.58.69, sender=x@x recipient=x@x Sep 4 12:37:11 xb0 postfix/smtpd[13051]: connect from 69-58-231-201.fibertel.com.ar[201.231.58.69] Sep 4 12:37:12 xb0 postgrey[1206]: action=pass, reason=recipient whhostnameelist, client_name=69-58-231-201.fibertel.com.ar, client_address=201.231.58.69, sender=x@x recipient=x@x Sep 4 12:37:16 xb0 postfix/smtpd[2786]: connect from 69-58-231-201.fibertel.com.ar[201.231.58.69] Sep 4 12:37:17 xb0 postgrey[1206]: action=pass, reason=recipient whhostnameelist, client_name=69-58-231-201.fibertel.com.ar, client_address=201.231.58.69, sender=x@x recipient=x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=201.231.58.69	2019-09-04 20:32:15
115.214.53.40	attack	Caught in portsentry honeypot	2019-09-04 20:10:26

最近上报的IP列表

139.28.176.132	114.97.117.211	149.62.239.100	150.95.27.159
150.95.82.131	151.34.228.137	24.244.92.169	81.88.116.16
154.202.104.21	149.34.242.25	185.236.216.164	87.242.95.254
221.153.167.219	120.24.233.31	172.99.67.12	154.38.118.168
121.158.12.66	106.246.240.90	81.224.139.66	1.197.91.5