142.93.203.108

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Sep 7 05:19:59 xeon sshd[49331]: Invalid user web from 142.93.203.108	2019-09-07 12:33:29
attackspam	Aug 30 21:57:04 SilenceServices sshd[21823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 30 21:57:06 SilenceServices sshd[21823]: Failed password for invalid user farid from 142.93.203.108 port 52008 ssh2 Aug 30 22:01:13 SilenceServices sshd[24957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108	2019-08-31 04:02:57
attackbots	Aug 28 07:30:26 plex sshd[11387]: Invalid user ataque from 142.93.203.108 port 55922	2019-08-28 13:43:27
attack	Aug 22 12:31:34 tdfoods sshd\[26915\]: Invalid user reseller from 142.93.203.108 Aug 22 12:31:34 tdfoods sshd\[26915\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 22 12:31:36 tdfoods sshd\[26915\]: Failed password for invalid user reseller from 142.93.203.108 port 48002 ssh2 Aug 22 12:35:47 tdfoods sshd\[27287\]: Invalid user frappe from 142.93.203.108 Aug 22 12:35:47 tdfoods sshd\[27287\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108	2019-08-23 06:52:35
attackbotsspam	Aug 16 16:47:46 web8 sshd\[26499\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 user=root Aug 16 16:47:48 web8 sshd\[26499\]: Failed password for root from 142.93.203.108 port 47294 ssh2 Aug 16 16:52:12 web8 sshd\[28613\]: Invalid user test from 142.93.203.108 Aug 16 16:52:12 web8 sshd\[28613\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 16 16:52:15 web8 sshd\[28613\]: Failed password for invalid user test from 142.93.203.108 port 39268 ssh2	2019-08-17 01:08:40
attackbotsspam	Aug 16 12:44:18 web8 sshd\[973\]: Invalid user julia from 142.93.203.108 Aug 16 12:44:18 web8 sshd\[973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 16 12:44:20 web8 sshd\[973\]: Failed password for invalid user julia from 142.93.203.108 port 44798 ssh2 Aug 16 12:48:30 web8 sshd\[3286\]: Invalid user tex from 142.93.203.108 Aug 16 12:48:30 web8 sshd\[3286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108	2019-08-16 20:49:16
attackbots	Aug 15 17:35:52 areeb-Workstation sshd\[5879\]: Invalid user raluca from 142.93.203.108 Aug 15 17:35:52 areeb-Workstation sshd\[5879\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 15 17:35:55 areeb-Workstation sshd\[5879\]: Failed password for invalid user raluca from 142.93.203.108 port 33366 ssh2 ...	2019-08-15 22:37:37
attackbots	2019-08-07T21:24:10.892843abusebot-5.cloudsearch.cf sshd\[10597\]: Invalid user testftp from 142.93.203.108 port 37494	2019-08-08 05:37:38
attack	Jul 31 13:04:20 localhost sshd\[57973\]: Invalid user user from 142.93.203.108 port 58846 Jul 31 13:04:20 localhost sshd\[57973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ...	2019-07-31 20:05:02
attackspambots	Failed password for invalid user rainbow from 142.93.203.108 port 45518 ssh2 Invalid user donut from 142.93.203.108 port 41380 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Failed password for invalid user donut from 142.93.203.108 port 41380 ssh2 Invalid user xmlrpc from 142.93.203.108 port 37342	2019-07-31 08:58:24
attack	Jul 19 07:58:18 debian sshd\[1295\]: Invalid user username from 142.93.203.108 port 56784 Jul 19 07:58:18 debian sshd\[1295\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ...	2019-07-19 14:59:35
attack	Jul 19 05:09:31 debian sshd\[30750\]: Invalid user dev from 142.93.203.108 port 37548 Jul 19 05:09:31 debian sshd\[30750\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ...	2019-07-19 12:14:39
attackspam	2019-07-18T11:34:39.876859abusebot-5.cloudsearch.cf sshd\[6523\]: Invalid user deploy2 from 142.93.203.108 port 50198	2019-07-18 19:35:35
attackbots	Jul 17 10:04:17 work-partkepr sshd\[9551\]: Invalid user charles from 142.93.203.108 port 58626 Jul 17 10:04:17 work-partkepr sshd\[9551\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ...	2019-07-17 18:59:27
attackbots	Jun 29 15:33:46 vtv3 sshd\[28568\]: Invalid user postgres from 142.93.203.108 port 43092 Jun 29 15:33:46 vtv3 sshd\[28568\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jun 29 15:33:48 vtv3 sshd\[28568\]: Failed password for invalid user postgres from 142.93.203.108 port 43092 ssh2 Jun 29 15:36:18 vtv3 sshd\[30076\]: Invalid user psimiyu from 142.93.203.108 port 41704 Jun 29 15:36:18 vtv3 sshd\[30076\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jun 29 15:47:41 vtv3 sshd\[3147\]: Invalid user fog from 142.93.203.108 port 48196 Jun 29 15:47:41 vtv3 sshd\[3147\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jun 29 15:47:44 vtv3 sshd\[3147\]: Failed password for invalid user fog from 142.93.203.108 port 48196 ssh2 Jun 29 15:49:23 vtv3 sshd\[3846\]: Invalid user creosote from 142.93.203.108 port 37024 Jun 29 15:49:23 vtv3 sshd\[38	2019-07-17 07:11:22
attackbots	Jul 12 15:18:00 s64-1 sshd[9319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jul 12 15:18:02 s64-1 sshd[9319]: Failed password for invalid user neel from 142.93.203.108 port 41592 ssh2 Jul 12 15:23:15 s64-1 sshd[9346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ...	2019-07-12 21:24:51
attackbots	Jul 12 02:27:07 s64-1 sshd[1867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jul 12 02:27:08 s64-1 sshd[1867]: Failed password for invalid user indigo from 142.93.203.108 port 55696 ssh2 Jul 12 02:32:12 s64-1 sshd[1908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ...	2019-07-12 08:43:03
attack	Jul 7 22:54:08 penfold sshd[18298]: Invalid user hvisage from 142.93.203.108 port 49194 Jul 7 22:54:08 penfold sshd[18298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jul 7 22:54:11 penfold sshd[18298]: Failed password for invalid user hvisage from 142.93.203.108 port 49194 ssh2 Jul 7 22:54:11 penfold sshd[18298]: Received disconnect from 142.93.203.108 port 49194:11: Bye Bye [preauth] Jul 7 22:54:11 penfold sshd[18298]: Disconnected from 142.93.203.108 port 49194 [preauth] Jul 7 22:57:04 penfold sshd[18410]: Invalid user chef from 142.93.203.108 port 54854 Jul 7 22:57:04 penfold sshd[18410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jul 7 22:57:06 penfold sshd[18410]: Failed password for invalid user chef from 142.93.203.108 port 54854 ssh2 Jul 9 20:00:11 penfold sshd[27418]: Invalid user ts3bot from 142.93.203.108 port 37582 Jul 9 20:00:........ -------------------------------	2019-07-10 22:00:44
attack	2019-06-29T19:01:24.120016abusebot-8.cloudsearch.cf sshd\[31905\]: Invalid user frontdesk from 142.93.203.108 port 54514	2019-06-30 05:22:19

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.203.168	attackspambots	142.93.203.168 - - [11/Jun/2020:08:51:59 +0200] "GET /wp-login.php HTTP/1.1" 200 5861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.203.168 - - [11/Jun/2020:08:52:00 +0200] "POST /wp-login.php HTTP/1.1" 200 6166 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.203.168 - - [11/Jun/2020:08:52:02 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-11 16:13:57
142.93.203.168	attackspam	142.93.203.168 has been banned for [WebApp Attack] ...	2020-06-03 12:03:47
142.93.203.168	attackspambots	May 24 22:31:20 wordpress wordpress(www.ruhnke.cloud)[98824]: Blocked authentication attempt for admin from ::ffff:142.93.203.168	2020-05-25 05:28:38
142.93.203.168	attackspambots	Automatic report - XMLRPC Attack	2020-05-24 15:31:32
142.93.203.168	attackbots	142.93.203.168 - - \[10/May/2020:15:02:39 +0200\] "POST /wp-login.php HTTP/1.0" 200 6052 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.203.168 - - \[10/May/2020:15:02:41 +0200\] "POST /wp-login.php HTTP/1.0" 200 5872 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.203.168 - - \[10/May/2020:15:02:43 +0200\] "POST /wp-login.php HTTP/1.0" 200 5865 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-05-10 21:56:29

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.203.108
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5931
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.203.108.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 30 05:22:14 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 108.203.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 108.203.93.142.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
219.157.140.238	attackspambots	[portscan] tcp/23 [TELNET] [scan/connect: 4 time(s)] in spfbl.net:'listed' *(RWIN=29040)(10151156)	2019-10-16 01:03:13
216.218.206.94	attack	[portscan] udp/500 [isakmp] *(RWIN=-)(10151156)	2019-10-16 01:03:31
46.107.87.248	attackbotsspam	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=51071)(10151156)	2019-10-16 01:01:32
202.29.221.102	attackspam	[portscan] tcp/1433 [MsSQL] in sorbs:'listed [web], [http], [socks], [misc]' in spfbl.net:'listed' *(RWIN=1024)(10151156)	2019-10-16 01:20:15
14.162.225.40	attack	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=30564)(10151156)	2019-10-16 01:37:28
42.61.163.60	attackbots	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=1445)(10151156)	2019-10-16 01:16:36
117.1.91.130	attackbotsspam	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=13548)(10151156)	2019-10-16 01:28:16
45.32.161.153	attackspambots	[portscan] tcp/21 [FTP] [portscan] tcp/22 [SSH] [scan/connect: 2 time(s)] *(RWIN=1024)(10151156)	2019-10-16 01:16:18
222.252.216.200	attackbots	[portscan] tcp/1433 [MsSQL] in sorbs:'listed [web]' in spfbl.net:'listed' *(RWIN=8192)(10151156)	2019-10-16 01:18:26
193.93.253.53	attackspambots	15.10.2019 14:25:36 - FTP-Server Bruteforce - Detected by FTP-Monster (https://www.elinox.de/FTP-Monster)	2019-10-16 01:39:38
107.175.131.117	attackspambots	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=65535)(10151156)	2019-10-16 01:29:28
35.194.4.89	attack	[portscan] tcp/21 [FTP] [scan/connect: 5 time(s)] in blocklist.de:'listed [ftp]' in spfbl.net:'listed' *(RWIN=28400)(10151156)	2019-10-16 01:17:07
104.199.94.190	attack	UTC: 2019-10-14 port: 465/tcp	2019-10-16 01:30:21
183.82.55.61	attack	[portscan] tcp/1433 [MsSQL] in gbudb.net:'listed' *(RWIN=1024)(10151156)	2019-10-16 01:07:37
113.88.14.170	attackspambots	[portscan] tcp/1433 [MsSQL] in spfbl.net:'listed' *(RWIN=1024)(10151156)	2019-10-16 01:11:45

最近上报的IP列表

66.70.145.172	159.0.76.230	114.34.203.92	87.110.219.209
55.65.196.89	157.251.198.55	73.20.138.89	27.255.79.137
47.87.172.168	27.8.96.136	224.32.8.77	48.237.117.140
233.67.165.84	132.58.198.169	206.137.189.170	215.218.103.255
189.91.3.195	28.237.3.196	67.0.232.149	94.23.223.165