城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): DigitalOcean LLC
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): Data Center/Web Hosting/Transit
| 类型 | 评论内容 | 时间 |
|---|---|---|
| attackspam | Sep 7 05:19:59 xeon sshd[49331]: Invalid user web from 142.93.203.108 |
2019-09-07 12:33:29 |
| attackspam | Aug 30 21:57:04 SilenceServices sshd[21823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 30 21:57:06 SilenceServices sshd[21823]: Failed password for invalid user farid from 142.93.203.108 port 52008 ssh2 Aug 30 22:01:13 SilenceServices sshd[24957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 |
2019-08-31 04:02:57 |
| attackbots | Aug 28 07:30:26 plex sshd[11387]: Invalid user ataque from 142.93.203.108 port 55922 |
2019-08-28 13:43:27 |
| attack | Aug 22 12:31:34 tdfoods sshd\[26915\]: Invalid user reseller from 142.93.203.108 Aug 22 12:31:34 tdfoods sshd\[26915\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 22 12:31:36 tdfoods sshd\[26915\]: Failed password for invalid user reseller from 142.93.203.108 port 48002 ssh2 Aug 22 12:35:47 tdfoods sshd\[27287\]: Invalid user frappe from 142.93.203.108 Aug 22 12:35:47 tdfoods sshd\[27287\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 |
2019-08-23 06:52:35 |
| attackbotsspam | Aug 16 16:47:46 web8 sshd\[26499\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 user=root Aug 16 16:47:48 web8 sshd\[26499\]: Failed password for root from 142.93.203.108 port 47294 ssh2 Aug 16 16:52:12 web8 sshd\[28613\]: Invalid user test from 142.93.203.108 Aug 16 16:52:12 web8 sshd\[28613\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 16 16:52:15 web8 sshd\[28613\]: Failed password for invalid user test from 142.93.203.108 port 39268 ssh2 |
2019-08-17 01:08:40 |
| attackbotsspam | Aug 16 12:44:18 web8 sshd\[973\]: Invalid user julia from 142.93.203.108 Aug 16 12:44:18 web8 sshd\[973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 16 12:44:20 web8 sshd\[973\]: Failed password for invalid user julia from 142.93.203.108 port 44798 ssh2 Aug 16 12:48:30 web8 sshd\[3286\]: Invalid user tex from 142.93.203.108 Aug 16 12:48:30 web8 sshd\[3286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 |
2019-08-16 20:49:16 |
| attackbots | Aug 15 17:35:52 areeb-Workstation sshd\[5879\]: Invalid user raluca from 142.93.203.108 Aug 15 17:35:52 areeb-Workstation sshd\[5879\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 15 17:35:55 areeb-Workstation sshd\[5879\]: Failed password for invalid user raluca from 142.93.203.108 port 33366 ssh2 ... |
2019-08-15 22:37:37 |
| attackbots | 2019-08-07T21:24:10.892843abusebot-5.cloudsearch.cf sshd\[10597\]: Invalid user testftp from 142.93.203.108 port 37494 |
2019-08-08 05:37:38 |
| attack | Jul 31 13:04:20 localhost sshd\[57973\]: Invalid user user from 142.93.203.108 port 58846 Jul 31 13:04:20 localhost sshd\[57973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ... |
2019-07-31 20:05:02 |
| attackspambots | Failed password for invalid user rainbow from 142.93.203.108 port 45518 ssh2 Invalid user donut from 142.93.203.108 port 41380 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Failed password for invalid user donut from 142.93.203.108 port 41380 ssh2 Invalid user xmlrpc from 142.93.203.108 port 37342 |
2019-07-31 08:58:24 |
| attack | Jul 19 07:58:18 debian sshd\[1295\]: Invalid user username from 142.93.203.108 port 56784 Jul 19 07:58:18 debian sshd\[1295\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ... |
2019-07-19 14:59:35 |
| attack | Jul 19 05:09:31 debian sshd\[30750\]: Invalid user dev from 142.93.203.108 port 37548 Jul 19 05:09:31 debian sshd\[30750\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ... |
2019-07-19 12:14:39 |
| attackspam | 2019-07-18T11:34:39.876859abusebot-5.cloudsearch.cf sshd\[6523\]: Invalid user deploy2 from 142.93.203.108 port 50198 |
2019-07-18 19:35:35 |
| attackbots | Jul 17 10:04:17 work-partkepr sshd\[9551\]: Invalid user charles from 142.93.203.108 port 58626 Jul 17 10:04:17 work-partkepr sshd\[9551\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ... |
2019-07-17 18:59:27 |
| attackbots | Jun 29 15:33:46 vtv3 sshd\[28568\]: Invalid user postgres from 142.93.203.108 port 43092 Jun 29 15:33:46 vtv3 sshd\[28568\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jun 29 15:33:48 vtv3 sshd\[28568\]: Failed password for invalid user postgres from 142.93.203.108 port 43092 ssh2 Jun 29 15:36:18 vtv3 sshd\[30076\]: Invalid user psimiyu from 142.93.203.108 port 41704 Jun 29 15:36:18 vtv3 sshd\[30076\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jun 29 15:47:41 vtv3 sshd\[3147\]: Invalid user fog from 142.93.203.108 port 48196 Jun 29 15:47:41 vtv3 sshd\[3147\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jun 29 15:47:44 vtv3 sshd\[3147\]: Failed password for invalid user fog from 142.93.203.108 port 48196 ssh2 Jun 29 15:49:23 vtv3 sshd\[3846\]: Invalid user creosote from 142.93.203.108 port 37024 Jun 29 15:49:23 vtv3 sshd\[38 |
2019-07-17 07:11:22 |
| attackbots | Jul 12 15:18:00 s64-1 sshd[9319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jul 12 15:18:02 s64-1 sshd[9319]: Failed password for invalid user neel from 142.93.203.108 port 41592 ssh2 Jul 12 15:23:15 s64-1 sshd[9346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ... |
2019-07-12 21:24:51 |
| attackbots | Jul 12 02:27:07 s64-1 sshd[1867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jul 12 02:27:08 s64-1 sshd[1867]: Failed password for invalid user indigo from 142.93.203.108 port 55696 ssh2 Jul 12 02:32:12 s64-1 sshd[1908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ... |
2019-07-12 08:43:03 |
| attack | Jul 7 22:54:08 penfold sshd[18298]: Invalid user hvisage from 142.93.203.108 port 49194 Jul 7 22:54:08 penfold sshd[18298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jul 7 22:54:11 penfold sshd[18298]: Failed password for invalid user hvisage from 142.93.203.108 port 49194 ssh2 Jul 7 22:54:11 penfold sshd[18298]: Received disconnect from 142.93.203.108 port 49194:11: Bye Bye [preauth] Jul 7 22:54:11 penfold sshd[18298]: Disconnected from 142.93.203.108 port 49194 [preauth] Jul 7 22:57:04 penfold sshd[18410]: Invalid user chef from 142.93.203.108 port 54854 Jul 7 22:57:04 penfold sshd[18410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jul 7 22:57:06 penfold sshd[18410]: Failed password for invalid user chef from 142.93.203.108 port 54854 ssh2 Jul 9 20:00:11 penfold sshd[27418]: Invalid user ts3bot from 142.93.203.108 port 37582 Jul 9 20:00:........ ------------------------------- |
2019-07-10 22:00:44 |
| attack | 2019-06-29T19:01:24.120016abusebot-8.cloudsearch.cf sshd\[31905\]: Invalid user frontdesk from 142.93.203.108 port 54514 |
2019-06-30 05:22:19 |
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 142.93.203.168 | attackspambots | 142.93.203.168 - - [11/Jun/2020:08:51:59 +0200] "GET /wp-login.php HTTP/1.1" 200 5861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.203.168 - - [11/Jun/2020:08:52:00 +0200] "POST /wp-login.php HTTP/1.1" 200 6166 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.203.168 - - [11/Jun/2020:08:52:02 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-06-11 16:13:57 |
| 142.93.203.168 | attackspam | 142.93.203.168 has been banned for [WebApp Attack] ... |
2020-06-03 12:03:47 |
| 142.93.203.168 | attackspambots | May 24 22:31:20 wordpress wordpress(www.ruhnke.cloud)[98824]: Blocked authentication attempt for admin from ::ffff:142.93.203.168 |
2020-05-25 05:28:38 |
| 142.93.203.168 | attackspambots | Automatic report - XMLRPC Attack |
2020-05-24 15:31:32 |
| 142.93.203.168 | attackbots | 142.93.203.168 - - \[10/May/2020:15:02:39 +0200\] "POST /wp-login.php HTTP/1.0" 200 6052 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.203.168 - - \[10/May/2020:15:02:41 +0200\] "POST /wp-login.php HTTP/1.0" 200 5872 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.203.168 - - \[10/May/2020:15:02:43 +0200\] "POST /wp-login.php HTTP/1.0" 200 5865 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2020-05-10 21:56:29 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.203.108
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5931
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.203.108. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019062901 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 30 05:22:14 CST 2019
;; MSG SIZE rcvd: 118
Host 108.203.93.142.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 67.207.67.2
Address: 67.207.67.2#53
** server can't find 108.203.93.142.in-addr.arpa: NXDOMAIN
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 152.136.210.84 | attackspambots | $f2bV_matches |
2020-08-10 03:18:19 |
| 177.154.237.125 | attackspambots | Aug 9 13:55:06 mail.srvfarm.net postfix/smtpd[781673]: warning: unknown[177.154.237.125]: SASL PLAIN authentication failed: Aug 9 13:55:06 mail.srvfarm.net postfix/smtpd[781673]: lost connection after AUTH from unknown[177.154.237.125] Aug 9 13:55:38 mail.srvfarm.net postfix/smtps/smtpd[783087]: warning: unknown[177.154.237.125]: SASL PLAIN authentication failed: Aug 9 13:55:38 mail.srvfarm.net postfix/smtps/smtpd[783087]: lost connection after AUTH from unknown[177.154.237.125] Aug 9 14:01:11 mail.srvfarm.net postfix/smtps/smtpd[784370]: warning: unknown[177.154.237.125]: SASL PLAIN authentication failed: |
2020-08-10 03:30:00 |
| 177.54.250.185 | attackspambots | Aug 9 13:56:28 mail.srvfarm.net postfix/smtpd[781679]: warning: unknown[177.54.250.185]: SASL PLAIN authentication failed: Aug 9 13:56:28 mail.srvfarm.net postfix/smtpd[781679]: lost connection after AUTH from unknown[177.54.250.185] Aug 9 14:00:08 mail.srvfarm.net postfix/smtpd[781673]: warning: unknown[177.54.250.185]: SASL PLAIN authentication failed: Aug 9 14:00:09 mail.srvfarm.net postfix/smtpd[781673]: lost connection after AUTH from unknown[177.54.250.185] Aug 9 14:02:29 mail.srvfarm.net postfix/smtps/smtpd[783783]: warning: unknown[177.54.250.185]: SASL PLAIN authentication failed: |
2020-08-10 03:30:40 |
| 179.107.11.134 | attack | Aug 9 13:50:37 mail.srvfarm.net postfix/smtps/smtpd[783095]: warning: unknown[179.107.11.134]: SASL PLAIN authentication failed: Aug 9 13:50:37 mail.srvfarm.net postfix/smtps/smtpd[783095]: lost connection after AUTH from unknown[179.107.11.134] Aug 9 13:53:50 mail.srvfarm.net postfix/smtps/smtpd[779757]: warning: unknown[179.107.11.134]: SASL PLAIN authentication failed: Aug 9 13:53:50 mail.srvfarm.net postfix/smtps/smtpd[779757]: lost connection after AUTH from unknown[179.107.11.134] Aug 9 13:58:46 mail.srvfarm.net postfix/smtps/smtpd[783094]: warning: unknown[179.107.11.134]: SASL PLAIN authentication failed: |
2020-08-10 03:29:34 |
| 58.17.243.132 | attackbots | Aug 9 14:42:43 localhost sshd\[32194\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.17.243.132 user=root Aug 9 14:42:44 localhost sshd\[32194\]: Failed password for root from 58.17.243.132 port 57211 ssh2 Aug 9 14:55:01 localhost sshd\[32411\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.17.243.132 user=root ... |
2020-08-10 03:28:30 |
| 121.122.119.40 | attack | Lines containing failures of 121.122.119.40 Aug 8 07:57:59 ghostnameioc sshd[10600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.122.119.40 user=r.r Aug 8 07:58:00 ghostnameioc sshd[10600]: Failed password for r.r from 121.122.119.40 port 38217 ssh2 Aug 8 07:58:01 ghostnameioc sshd[10600]: Received disconnect from 121.122.119.40 port 38217:11: Bye Bye [preauth] Aug 8 07:58:01 ghostnameioc sshd[10600]: Disconnected from authenticating user r.r 121.122.119.40 port 38217 [preauth] Aug 8 08:02:19 ghostnameioc sshd[10709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.122.119.40 user=r.r Aug 8 08:02:21 ghostnameioc sshd[10709]: Failed password for r.r from 121.122.119.40 port 36868 ssh2 Aug 8 08:02:22 ghostnameioc sshd[10709]: Received disconnect from 121.122.119.40 port 36868:11: Bye Bye [preauth] Aug 8 08:02:22 ghostnameioc sshd[10709]: Disconnected from authenticating us........ ------------------------------ |
2020-08-10 03:46:59 |
| 125.32.45.170 | attack | [N10.H1.VM1] Port Scanner Detected Blocked by UFW |
2020-08-10 03:47:28 |
| 5.188.84.95 | attackspambots | fell into ViewStateTrap:paris |
2020-08-10 03:19:35 |
| 42.113.144.32 | attackspam | 1596974751 - 08/09/2020 14:05:51 Host: 42.113.144.32/42.113.144.32 Port: 445 TCP Blocked |
2020-08-10 03:25:02 |
| 212.70.149.67 | attack | 2020-08-09 21:31:00 dovecot_login authenticator failed for \(User\) \[212.70.149.67\]: 535 Incorrect authentication data \(set_id=mia@no-server.de\) 2020-08-09 21:31:00 dovecot_login authenticator failed for \(User\) \[212.70.149.67\]: 535 Incorrect authentication data \(set_id=mia@no-server.de\) 2020-08-09 21:32:45 dovecot_login authenticator failed for \(User\) \[212.70.149.67\]: 535 Incorrect authentication data \(set_id=michaels@no-server.de\) 2020-08-09 21:32:46 dovecot_login authenticator failed for \(User\) \[212.70.149.67\]: 535 Incorrect authentication data \(set_id=michaels@no-server.de\) 2020-08-09 21:34:30 dovecot_login authenticator failed for \(User\) \[212.70.149.67\]: 535 Incorrect authentication data \(set_id=michelle@no-server.de\) 2020-08-09 21:34:32 dovecot_login authenticator failed for \(User\) \[212.70.149.67\]: 535 Incorrect authentication data \(set_id=michelle@no-server.de\) ... |
2020-08-10 03:36:23 |
| 91.237.73.118 | attack | Aug 9 13:48:37 mail.srvfarm.net postfix/smtps/smtpd[776566]: warning: unknown[91.237.73.118]: SASL PLAIN authentication failed: Aug 9 13:48:37 mail.srvfarm.net postfix/smtps/smtpd[776566]: lost connection after AUTH from unknown[91.237.73.118] Aug 9 13:53:15 mail.srvfarm.net postfix/smtps/smtpd[783095]: warning: unknown[91.237.73.118]: SASL PLAIN authentication failed: Aug 9 13:53:15 mail.srvfarm.net postfix/smtps/smtpd[783095]: lost connection after AUTH from unknown[91.237.73.118] Aug 9 13:53:47 mail.srvfarm.net postfix/smtps/smtpd[778249]: warning: unknown[91.237.73.118]: SASL PLAIN authentication failed: |
2020-08-10 03:40:28 |
| 23.101.226.155 | attackspam | Aug 9 20:55:23 web02.agentur-b-2.de postfix/smtps/smtpd[2559208]: warning: unknown[23.101.226.155]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 9 20:57:33 web02.agentur-b-2.de postfix/smtps/smtpd[2559291]: warning: unknown[23.101.226.155]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 9 20:59:46 web02.agentur-b-2.de postfix/smtps/smtpd[2559473]: warning: unknown[23.101.226.155]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 9 21:01:57 web02.agentur-b-2.de postfix/smtps/smtpd[2572033]: warning: unknown[23.101.226.155]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 9 21:04:09 web02.agentur-b-2.de postfix/smtps/smtpd[2572259]: warning: unknown[23.101.226.155]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2020-08-10 03:35:17 |
| 40.84.215.84 | attackbots | 40.84.215.84 - - [09/Aug/2020:20:58:16 +0200] "POST //xmlrpc.php HTTP/1.1" 403 5 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" 40.84.215.84 - - [09/Aug/2020:20:58:18 +0200] "POST //xmlrpc.php HTTP/1.1" 403 5 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" ... |
2020-08-10 03:19:59 |
| 65.49.20.109 | attackspam | [N10.H2.VM2] Port Scanner Detected Blocked by UFW |
2020-08-10 03:17:05 |
| 122.51.243.143 | attackbotsspam | Aug 9 01:59:57 php1 sshd\[30966\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.243.143 user=root Aug 9 01:59:59 php1 sshd\[30966\]: Failed password for root from 122.51.243.143 port 54094 ssh2 Aug 9 02:02:48 php1 sshd\[31156\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.243.143 user=root Aug 9 02:02:49 php1 sshd\[31156\]: Failed password for root from 122.51.243.143 port 56874 ssh2 Aug 9 02:05:44 php1 sshd\[31416\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.243.143 user=root |
2020-08-10 03:39:34 |