143.142.93.127

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America (the)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 143.142.93.127
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31369
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;143.142.93.127.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021102 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 12 08:52:53 CST 2025
;; MSG SIZE  rcvd: 107

HOST信息:

Host 127.93.142.143.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

server can't find 143.142.93.127.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
90.165.121.197	attack	srvr1: (mod_security) mod_security (id:942100) triggered by 90.165.121.197 (ES/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:00:49 [error] 482759#0: 840006 [client 90.165.121.197] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801124945.635360"] [ref ""], client: 90.165.121.197, [redacted] request: "GET /forum/viewthread.php?thread_id=1122+AND+JSON_KEYS%28%28SELECT+CONVERT%28%28SELECT+CONCAT%280x61784c354d72%2C%28SELECT+%28ELT%282836%3D2836%2C1%29%29%29%2C0x61784c354d72%29%29+USING+utf8%29%29%29%23+EnOK HTTP/1.1" [redacted]	2020-08-22 03:52:31
91.143.40.98	attackspam	Icarus honeypot on github	2020-08-22 03:46:52
79.124.3.98	attackspambots	DATE:2020-08-21 17:49:45, IP:79.124.3.98, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-08-22 03:39:24
46.28.75.214	attackspambots	srvr1: (mod_security) mod_security (id:942100) triggered by 46.28.75.214 (IR/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:01:12 [error] 482759#0: 840059 [client 46.28.75.214] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801127287.039729"] [ref ""], client: 46.28.75.214, [redacted] request: "GET /forum/viewthread.php?thread_id=1122+OR+EXP%28~%28SELECT+%2A+FROM+%28SELECT+CONCAT%280x4b657a527a51%2C%28SELECT+%28ELT%282836%3D2836%2C1%29%29%29%2C0x4b657a527a51%2C0x78%29%29x%29%29--+CqbC HTTP/1.1" [redacted]	2020-08-22 03:30:29
120.7.210.138	attack	CN CN/China/- Failures: 20 ftpd	2020-08-22 03:46:26
221.124.2.164	attackbots	Brute forcing RDP port 3389	2020-08-22 03:26:04
222.186.175.167	attackbotsspam	Aug 21 19:27:39 email sshd\[6611\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.167 user=root Aug 21 19:27:40 email sshd\[6611\]: Failed password for root from 222.186.175.167 port 21978 ssh2 Aug 21 19:27:58 email sshd\[6690\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.167 user=root Aug 21 19:28:00 email sshd\[6690\]: Failed password for root from 222.186.175.167 port 18630 ssh2 Aug 21 19:28:09 email sshd\[6690\]: Failed password for root from 222.186.175.167 port 18630 ssh2 ...	2020-08-22 03:31:33
217.115.87.170	attackbots	1598011281 - 08/21/2020 14:01:21 Host: 217.115.87.170/217.115.87.170 Port: 445 TCP Blocked	2020-08-22 03:29:41
85.105.142.73	attack	Unauthorized connection attempt from IP address 85.105.142.73 on Port 445(SMB)	2020-08-22 03:19:08
120.11.17.17	attack	SP-Scan 8080 detected 2020.08.17 19:49:32 8080 blocked until 2020.10.06 12:52:19	2020-08-22 03:50:35
190.186.170.83	attack	Aug 21 19:41:35 plex-server sshd[1084327]: Invalid user cdj from 190.186.170.83 port 36088 Aug 21 19:41:35 plex-server sshd[1084327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.186.170.83 Aug 21 19:41:35 plex-server sshd[1084327]: Invalid user cdj from 190.186.170.83 port 36088 Aug 21 19:41:37 plex-server sshd[1084327]: Failed password for invalid user cdj from 190.186.170.83 port 36088 ssh2 Aug 21 19:45:16 plex-server sshd[1085945]: Invalid user cperez from 190.186.170.83 port 60018 ...	2020-08-22 03:53:21
14.98.44.238	attack	Unauthorized connection attempt from IP address 14.98.44.238 on Port 445(SMB)	2020-08-22 03:17:02
174.138.20.163	attack	Aug 21 19:03:19 email sshd\[2609\]: Invalid user 0 from 174.138.20.163 Aug 21 19:03:19 email sshd\[2609\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.163 Aug 21 19:03:20 email sshd\[2610\]: Invalid user 0 from 174.138.20.163 Aug 21 19:03:20 email sshd\[2610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.20.163 Aug 21 19:03:22 email sshd\[2609\]: Failed password for invalid user 0 from 174.138.20.163 port 39114 ssh2 ...	2020-08-22 03:25:35
95.24.186.70	attackspambots	Tried to find non-existing directory/file on the server	2020-08-22 03:38:33
109.224.45.138	attack	srvr1: (mod_security) mod_security (id:942100) triggered by 109.224.45.138 (IQ/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:00:51 [error] 482759#0: 840009 [client 109.224.45.138] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801125151.900127"] [ref ""], client: 109.224.45.138, [redacted] request: "GET /forum/viewthread.php?thread_id=1122+OR+UPDATEXML%285947%2CCONCAT%280x2e%2C0x36554448764a%2C%28SELECT+%28ELT%282836%3D2836%2C1%29%29%29%2C0x36554448764a%29%2C5431%29 HTTP/1.1" [redacted]	2020-08-22 03:51:23

最近上报的IP列表

129.171.81.27	223.29.216.72	191.122.4.87	89.152.65.52
107.116.162.191	163.17.146.111	141.159.151.17	91.100.57.105
2.55.127.26	104.131.59.73	216.89.100.52	116.244.63.182
230.163.130.28	229.38.210.70	234.236.15.126	179.247.91.213
75.24.39.182	25.126.161.199	217.88.158.77	23.12.10.210