142.93.99.56 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	142.93.99.56 - - [25/Sep/2020:03:17:12 +0200] "GET /wp-login.php HTTP/1.1" 200 9184 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [25/Sep/2020:03:17:13 +0200] "POST /wp-login.php HTTP/1.1" 200 9435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [25/Sep/2020:03:17:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-25 10:08:11
attackspam	142.93.99.56 - - [31/Aug/2020:14:01:20 +0200] "POST /xmlrpc.php HTTP/1.1" 403 13511 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [31/Aug/2020:14:27:59 +0200] "POST /xmlrpc.php HTTP/1.1" 403 8487 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-01 04:56:20
attackspambots	142.93.99.56 - - [31/Aug/2020:07:49:26 +0100] "POST /wp-login.php HTTP/1.1" 200 1885 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [31/Aug/2020:07:49:27 +0100] "POST /wp-login.php HTTP/1.1" 200 1868 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [31/Aug/2020:07:49:27 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-31 15:00:36
attack	142.93.99.56 - - [29/Aug/2020:10:41:06 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1867 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [29/Aug/2020:10:41:07 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [29/Aug/2020:10:41:07 +0100] "POST /wp/xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-29 18:38:00
attack	MYH,DEF GET /wp-login.php	2020-08-15 14:22:39
attack	WordPress login Brute force / Web App Attack on client site.	2020-08-13 07:15:48
attackbots	142.93.99.56 - - [06/Aug/2020:07:18:46 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [06/Aug/2020:07:18:47 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [06/Aug/2020:07:18:47 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-06 19:40:55
attackspam	142.93.99.56 - - [30/Jul/2020:11:44:16 +0100] "POST /wp-login.php HTTP/1.1" 200 2345 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [30/Jul/2020:11:44:17 +0100] "POST /wp-login.php HTTP/1.1" 200 2350 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [30/Jul/2020:11:44:21 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-30 19:40:47
attackspambots	142.93.99.56 - - [10/Jun/2020:08:05:20 +0200] "GET /wp-login.php HTTP/1.1" 200 5861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [10/Jun/2020:08:05:21 +0200] "POST /wp-login.php HTTP/1.1" 200 6112 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [10/Jun/2020:08:05:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-10 14:27:16
attackspam	142.93.99.56 - - \[22/May/2020:09:01:38 +0200\] "POST /wp-login.php HTTP/1.0" 200 6400 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - \[22/May/2020:09:01:39 +0200\] "POST /wp-login.php HTTP/1.0" 200 6412 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - \[22/May/2020:09:01:39 +0200\] "POST /wp-login.php HTTP/1.0" 200 6404 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-05-22 15:37:44
attack	142.93.99.56 - - [02/May/2020:13:54:15 +0200] "GET /wp-login.php HTTP/1.1" 200 5702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [02/May/2020:13:54:16 +0200] "POST /wp-login.php HTTP/1.1" 200 5953 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [02/May/2020:13:54:16 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-02 19:54:27
attackbotsspam	142.93.99.56 - - [01/May/2020:23:12:32 +0300] "POST /wp-login.php HTTP/1.1" 200 2173 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-02 07:10:56
attackbotsspam	DATE:2020-04-29 05:57:57, IP:142.93.99.56, PORT:3306 - MySQL/MariaDB brute force auth on a honeypot server (epe-dc)	2020-04-29 14:55:18
attack	142.93.99.56 - - [18/Mar/2020:15:46:24 +0100] "GET /wp-login.php HTTP/1.1" 200 6582 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [18/Mar/2020:15:46:24 +0100] "POST /wp-login.php HTTP/1.1" 200 7361 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - [18/Mar/2020:15:46:25 +0100] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-19 05:51:31
attack	142.93.99.56 - - \[16/Mar/2020:06:54:07 +0100\] "POST /wp-login.php HTTP/1.0" 200 6997 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - \[16/Mar/2020:06:54:08 +0100\] "POST /wp-login.php HTTP/1.0" 200 6864 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.99.56 - - \[16/Mar/2020:06:54:09 +0100\] "POST /wp-login.php HTTP/1.0" 200 6860 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-03-16 20:28:34
attack	Automatic report - XMLRPC Attack	2020-03-05 15:45:07
attackspambots	WordPress login Brute force / Web App Attack on client site.	2020-01-08 15:32:52
attackspam	Automatic report - XMLRPC Attack	2019-12-25 02:26:07
attackbotsspam	Automatic report - XMLRPC Attack	2019-12-23 22:40:28
attackspambots	WordPress wp-login brute force :: 142.93.99.56 0.172 BYPASS [12/Nov/2019:06:38:25 0000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 1561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-11-12 14:52:49
attackbots	xmlrpc attack	2019-10-29 14:44:14
attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2019-10-17 15:06:06
attack	Automatic report - XMLRPC Attack	2019-10-11 00:58:16
attackspam	villaromeo.de 142.93.99.56 \[03/Oct/2019:17:22:04 +0200\] "POST /wp-login.php HTTP/1.1" 200 2061 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" villaromeo.de 142.93.99.56 \[03/Oct/2019:17:22:04 +0200\] "POST /wp-login.php HTTP/1.1" 200 2025 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-10-04 00:08:26
attackspam	[munged]::443 142.93.99.56 - - [23/Sep/2019:01:19:12 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 142.93.99.56 - - [23/Sep/2019:01:19:15 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 142.93.99.56 - - [23/Sep/2019:01:19:18 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 142.93.99.56 - - [23/Sep/2019:01:19:22 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 142.93.99.56 - - [23/Sep/2019:01:19:25 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 142.93.99.56 - - [23/Sep/2019:01:19:27 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Li	2019-09-23 08:59:51

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.99.114	attackbotsspam	Automatic report - Banned IP Access	2020-10-12 06:35:13
142.93.99.114	attackbots	142.93.99.114 - - [11/Oct/2020:11:02:38 +0100] "POST /wp-login.php HTTP/1.1" 200 2731 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.114 - - [11/Oct/2020:11:02:41 +0100] "POST /wp-login.php HTTP/1.1" 200 2802 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.99.114 - - [11/Oct/2020:11:02:41 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-11 22:45:21
142.93.99.114	attack	Automatic report - XMLRPC Attack	2020-10-11 14:41:32
142.93.99.114	attackspam	Automatic report - XMLRPC Attack	2020-10-11 08:04:01
142.93.99.114	attackspam	php WP PHPmyadamin ABUSE blocked for 12h	2020-10-08 05:12:12
142.93.99.114	attackbots	Automatic report - Banned IP Access	2020-10-07 21:35:16
142.93.99.114	attackspam	Oct 7 05:17:33 b-vps wordpress(gpfans.cz)[32076]: Authentication attempt for unknown user buchtic from 142.93.99.114 ...	2020-10-07 13:22:42

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.99.56
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37310
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.99.56.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091100 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Sep 11 18:04:42 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 56.99.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 56.99.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
112.85.42.229	attackspambots	May 9 03:17:41 melroy-server sshd[10281]: Failed password for root from 112.85.42.229 port 23490 ssh2 May 9 03:17:43 melroy-server sshd[10281]: Failed password for root from 112.85.42.229 port 23490 ssh2 ...	2020-05-09 16:07:47
51.38.230.59	attackbotsspam	May 9 05:49:53 pkdns2 sshd\[38623\]: Invalid user shinken from 51.38.230.59May 9 05:49:54 pkdns2 sshd\[38625\]: Invalid user shinken from 51.38.230.59May 9 05:49:55 pkdns2 sshd\[38625\]: Failed password for invalid user shinken from 51.38.230.59 port 52822 ssh2May 9 05:49:56 pkdns2 sshd\[38623\]: Failed password for invalid user shinken from 51.38.230.59 port 47574 ssh2May 9 05:50:01 pkdns2 sshd\[38640\]: Invalid user shinken from 51.38.230.59May 9 05:50:03 pkdns2 sshd\[38640\]: Failed password for invalid user shinken from 51.38.230.59 port 58062 ssh2 ...	2020-05-09 16:21:37
51.83.57.157	attack	May 9 02:37:17 ncomp sshd[21866]: Invalid user barbary from 51.83.57.157 May 9 02:37:17 ncomp sshd[21866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.57.157 May 9 02:37:17 ncomp sshd[21866]: Invalid user barbary from 51.83.57.157 May 9 02:37:19 ncomp sshd[21866]: Failed password for invalid user barbary from 51.83.57.157 port 38090 ssh2	2020-05-09 16:51:44
138.68.107.225	attackspam	May 9 04:27:35 PorscheCustomer sshd[15002]: Failed password for root from 138.68.107.225 port 44690 ssh2 May 9 04:31:41 PorscheCustomer sshd[15130]: Failed password for ubuntu from 138.68.107.225 port 54142 ssh2 ...	2020-05-09 16:28:12
77.42.95.157	attackbots	Unauthorized connection attempt detected from IP address 77.42.95.157 to port 23	2020-05-09 16:28:41
41.208.68.4	attackbots	May 8 22:52:48 ny01 sshd[4958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.208.68.4 May 8 22:52:50 ny01 sshd[4958]: Failed password for invalid user aziz from 41.208.68.4 port 52655 ssh2 May 8 22:56:40 ny01 sshd[5870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.208.68.4	2020-05-09 16:09:04
185.156.73.45	attackspam	firewall-block, port(s): 2233/tcp	2020-05-09 16:07:03
123.167.73.224	attackbots	(ftpd) Failed FTP login from 123.167.73.224 (CN/China/-): 10 in the last 300 secs	2020-05-09 16:26:55
58.33.35.82	attack	May 9 02:56:15 onepixel sshd[1751922]: Failed password for root from 58.33.35.82 port 2363 ssh2 May 9 02:58:30 onepixel sshd[1753135]: Invalid user derrick from 58.33.35.82 port 2364 May 9 02:58:30 onepixel sshd[1753135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.33.35.82 May 9 02:58:30 onepixel sshd[1753135]: Invalid user derrick from 58.33.35.82 port 2364 May 9 02:58:31 onepixel sshd[1753135]: Failed password for invalid user derrick from 58.33.35.82 port 2364 ssh2	2020-05-09 16:40:20
124.127.206.4	attackbots	May 9 04:36:16 vps687878 sshd\[15460\]: Failed password for invalid user a from 124.127.206.4 port 38206 ssh2 May 9 04:39:22 vps687878 sshd\[15769\]: Invalid user spec from 124.127.206.4 port 18687 May 9 04:39:22 vps687878 sshd\[15769\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.127.206.4 May 9 04:39:24 vps687878 sshd\[15769\]: Failed password for invalid user spec from 124.127.206.4 port 18687 ssh2 May 9 04:42:39 vps687878 sshd\[16157\]: Invalid user kathleen from 124.127.206.4 port 55669 May 9 04:42:39 vps687878 sshd\[16157\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.127.206.4 ...	2020-05-09 16:06:20
185.216.140.252	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 1755 proto: TCP cat: Misc Attack	2020-05-09 16:20:36
60.250.122.207	attackspambots	23/tcp 23/tcp 23/tcp [2020-03-08/05-07]3pkt	2020-05-09 16:38:33
178.128.14.102	attackbots	SSH Invalid Login	2020-05-09 16:46:28
103.95.207.214	attackbotsspam	May 9 04:42:10 dev sshd\[32090\]: Invalid user marc from 103.95.207.214 port 43273 May 9 04:42:10 dev sshd\[32090\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.95.207.214 May 9 04:42:11 dev sshd\[32090\]: Failed password for invalid user marc from 103.95.207.214 port 43273 ssh2	2020-05-09 16:35:43
198.54.114.94	attack	xmlrpc attack	2020-05-09 16:15:12

最近上报的IP列表

104.128.93.235	83.4.87.185	157.37.187.88	114.88.162.126
193.66.21.170	218.212.233.35	44.230.104.141	77.239.216.100
66.249.65.204	222.186.31.145	49.69.209.16	91.188.245.233
210.81.163.28	50.186.57.20	193.93.193.67	129.225.96.184
124.56.31.203	172.105.0.111	86.105.195.93	179.48.163.115