142.93.203.108

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Sep 7 05:19:59 xeon sshd[49331]: Invalid user web from 142.93.203.108	2019-09-07 12:33:29
attackspam	Aug 30 21:57:04 SilenceServices sshd[21823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 30 21:57:06 SilenceServices sshd[21823]: Failed password for invalid user farid from 142.93.203.108 port 52008 ssh2 Aug 30 22:01:13 SilenceServices sshd[24957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108	2019-08-31 04:02:57
attackbots	Aug 28 07:30:26 plex sshd[11387]: Invalid user ataque from 142.93.203.108 port 55922	2019-08-28 13:43:27
attack	Aug 22 12:31:34 tdfoods sshd\[26915\]: Invalid user reseller from 142.93.203.108 Aug 22 12:31:34 tdfoods sshd\[26915\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 22 12:31:36 tdfoods sshd\[26915\]: Failed password for invalid user reseller from 142.93.203.108 port 48002 ssh2 Aug 22 12:35:47 tdfoods sshd\[27287\]: Invalid user frappe from 142.93.203.108 Aug 22 12:35:47 tdfoods sshd\[27287\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108	2019-08-23 06:52:35
attackbotsspam	Aug 16 16:47:46 web8 sshd\[26499\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 user=root Aug 16 16:47:48 web8 sshd\[26499\]: Failed password for root from 142.93.203.108 port 47294 ssh2 Aug 16 16:52:12 web8 sshd\[28613\]: Invalid user test from 142.93.203.108 Aug 16 16:52:12 web8 sshd\[28613\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 16 16:52:15 web8 sshd\[28613\]: Failed password for invalid user test from 142.93.203.108 port 39268 ssh2	2019-08-17 01:08:40
attackbotsspam	Aug 16 12:44:18 web8 sshd\[973\]: Invalid user julia from 142.93.203.108 Aug 16 12:44:18 web8 sshd\[973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 16 12:44:20 web8 sshd\[973\]: Failed password for invalid user julia from 142.93.203.108 port 44798 ssh2 Aug 16 12:48:30 web8 sshd\[3286\]: Invalid user tex from 142.93.203.108 Aug 16 12:48:30 web8 sshd\[3286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108	2019-08-16 20:49:16
attackbots	Aug 15 17:35:52 areeb-Workstation sshd\[5879\]: Invalid user raluca from 142.93.203.108 Aug 15 17:35:52 areeb-Workstation sshd\[5879\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 15 17:35:55 areeb-Workstation sshd\[5879\]: Failed password for invalid user raluca from 142.93.203.108 port 33366 ssh2 ...	2019-08-15 22:37:37
attackbots	2019-08-07T21:24:10.892843abusebot-5.cloudsearch.cf sshd\[10597\]: Invalid user testftp from 142.93.203.108 port 37494	2019-08-08 05:37:38
attack	Jul 31 13:04:20 localhost sshd\[57973\]: Invalid user user from 142.93.203.108 port 58846 Jul 31 13:04:20 localhost sshd\[57973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ...	2019-07-31 20:05:02
attackspambots	Failed password for invalid user rainbow from 142.93.203.108 port 45518 ssh2 Invalid user donut from 142.93.203.108 port 41380 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Failed password for invalid user donut from 142.93.203.108 port 41380 ssh2 Invalid user xmlrpc from 142.93.203.108 port 37342	2019-07-31 08:58:24
attack	Jul 19 07:58:18 debian sshd\[1295\]: Invalid user username from 142.93.203.108 port 56784 Jul 19 07:58:18 debian sshd\[1295\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ...	2019-07-19 14:59:35
attack	Jul 19 05:09:31 debian sshd\[30750\]: Invalid user dev from 142.93.203.108 port 37548 Jul 19 05:09:31 debian sshd\[30750\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ...	2019-07-19 12:14:39
attackspam	2019-07-18T11:34:39.876859abusebot-5.cloudsearch.cf sshd\[6523\]: Invalid user deploy2 from 142.93.203.108 port 50198	2019-07-18 19:35:35
attackbots	Jul 17 10:04:17 work-partkepr sshd\[9551\]: Invalid user charles from 142.93.203.108 port 58626 Jul 17 10:04:17 work-partkepr sshd\[9551\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ...	2019-07-17 18:59:27
attackbots	Jun 29 15:33:46 vtv3 sshd\[28568\]: Invalid user postgres from 142.93.203.108 port 43092 Jun 29 15:33:46 vtv3 sshd\[28568\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jun 29 15:33:48 vtv3 sshd\[28568\]: Failed password for invalid user postgres from 142.93.203.108 port 43092 ssh2 Jun 29 15:36:18 vtv3 sshd\[30076\]: Invalid user psimiyu from 142.93.203.108 port 41704 Jun 29 15:36:18 vtv3 sshd\[30076\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jun 29 15:47:41 vtv3 sshd\[3147\]: Invalid user fog from 142.93.203.108 port 48196 Jun 29 15:47:41 vtv3 sshd\[3147\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jun 29 15:47:44 vtv3 sshd\[3147\]: Failed password for invalid user fog from 142.93.203.108 port 48196 ssh2 Jun 29 15:49:23 vtv3 sshd\[3846\]: Invalid user creosote from 142.93.203.108 port 37024 Jun 29 15:49:23 vtv3 sshd\[38	2019-07-17 07:11:22
attackbots	Jul 12 15:18:00 s64-1 sshd[9319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jul 12 15:18:02 s64-1 sshd[9319]: Failed password for invalid user neel from 142.93.203.108 port 41592 ssh2 Jul 12 15:23:15 s64-1 sshd[9346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ...	2019-07-12 21:24:51
attackbots	Jul 12 02:27:07 s64-1 sshd[1867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jul 12 02:27:08 s64-1 sshd[1867]: Failed password for invalid user indigo from 142.93.203.108 port 55696 ssh2 Jul 12 02:32:12 s64-1 sshd[1908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ...	2019-07-12 08:43:03
attack	Jul 7 22:54:08 penfold sshd[18298]: Invalid user hvisage from 142.93.203.108 port 49194 Jul 7 22:54:08 penfold sshd[18298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jul 7 22:54:11 penfold sshd[18298]: Failed password for invalid user hvisage from 142.93.203.108 port 49194 ssh2 Jul 7 22:54:11 penfold sshd[18298]: Received disconnect from 142.93.203.108 port 49194:11: Bye Bye [preauth] Jul 7 22:54:11 penfold sshd[18298]: Disconnected from 142.93.203.108 port 49194 [preauth] Jul 7 22:57:04 penfold sshd[18410]: Invalid user chef from 142.93.203.108 port 54854 Jul 7 22:57:04 penfold sshd[18410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Jul 7 22:57:06 penfold sshd[18410]: Failed password for invalid user chef from 142.93.203.108 port 54854 ssh2 Jul 9 20:00:11 penfold sshd[27418]: Invalid user ts3bot from 142.93.203.108 port 37582 Jul 9 20:00:........ -------------------------------	2019-07-10 22:00:44
attack	2019-06-29T19:01:24.120016abusebot-8.cloudsearch.cf sshd\[31905\]: Invalid user frontdesk from 142.93.203.108 port 54514	2019-06-30 05:22:19

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.203.168	attackspambots	142.93.203.168 - - [11/Jun/2020:08:51:59 +0200] "GET /wp-login.php HTTP/1.1" 200 5861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.203.168 - - [11/Jun/2020:08:52:00 +0200] "POST /wp-login.php HTTP/1.1" 200 6166 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.203.168 - - [11/Jun/2020:08:52:02 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-11 16:13:57
142.93.203.168	attackspam	142.93.203.168 has been banned for [WebApp Attack] ...	2020-06-03 12:03:47
142.93.203.168	attackspambots	May 24 22:31:20 wordpress wordpress(www.ruhnke.cloud)[98824]: Blocked authentication attempt for admin from ::ffff:142.93.203.168	2020-05-25 05:28:38
142.93.203.168	attackspambots	Automatic report - XMLRPC Attack	2020-05-24 15:31:32
142.93.203.168	attackbots	142.93.203.168 - - \[10/May/2020:15:02:39 +0200\] "POST /wp-login.php HTTP/1.0" 200 6052 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.203.168 - - \[10/May/2020:15:02:41 +0200\] "POST /wp-login.php HTTP/1.0" 200 5872 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.203.168 - - \[10/May/2020:15:02:43 +0200\] "POST /wp-login.php HTTP/1.0" 200 5865 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-05-10 21:56:29

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.203.108
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5931
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.203.108.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 30 05:22:14 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 108.203.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 108.203.93.142.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
118.170.108.207	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-29 21:08:43
139.198.122.90	attack	2019-08-29T11:00:44.922321abusebot-2.cloudsearch.cf sshd\[32743\]: Invalid user marius from 139.198.122.90 port 48376	2019-08-29 20:37:55
103.26.41.241	attack	Aug 29 13:32:01 cp sshd[18106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.26.41.241	2019-08-29 21:04:46
167.71.200.201	attackbotsspam	Aug 29 14:31:30 MK-Soft-Root1 sshd\[527\]: Invalid user infa from 167.71.200.201 port 56553 Aug 29 14:31:30 MK-Soft-Root1 sshd\[527\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.200.201 Aug 29 14:31:32 MK-Soft-Root1 sshd\[527\]: Failed password for invalid user infa from 167.71.200.201 port 56553 ssh2 ...	2019-08-29 20:33:54
209.97.161.124	attack	Aug 29 13:09:44 XXX sshd[62814]: Invalid user ys from 209.97.161.124 port 59306	2019-08-29 21:17:29
202.83.162.130	attackspam	Automatic report - Port Scan Attack	2019-08-29 21:18:10
152.249.245.68	attack	Aug 29 02:55:33 hanapaa sshd\[26262\]: Invalid user nagios from 152.249.245.68 Aug 29 02:55:33 hanapaa sshd\[26262\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.249.245.68 Aug 29 02:55:35 hanapaa sshd\[26262\]: Failed password for invalid user nagios from 152.249.245.68 port 40304 ssh2 Aug 29 03:01:09 hanapaa sshd\[26679\]: Invalid user smg from 152.249.245.68 Aug 29 03:01:09 hanapaa sshd\[26679\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.249.245.68	2019-08-29 21:06:48
14.204.136.125	attackbotsspam	2019-08-29T11:26:51.408027centos sshd\[15667\]: Invalid user test from 14.204.136.125 port 48645 2019-08-29T11:26:51.414239centos sshd\[15667\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.204.136.125 2019-08-29T11:26:53.943830centos sshd\[15667\]: Failed password for invalid user test from 14.204.136.125 port 48645 ssh2	2019-08-29 20:33:24
208.102.113.11	attackbotsspam	Aug 29 14:30:46 srv1-bit sshd[25301]: Invalid user parol from 208.102.113.11 Aug 29 14:39:25 srv1-bit sshd[2821]: User root from dsl-208-102-113-11.fuse.net not allowed because not listed in AllowUsers ...	2019-08-29 21:12:19
181.36.197.68	attack	Invalid user it2 from 181.36.197.68 port 43120	2019-08-29 21:22:12
178.62.79.227	attack	$f2bV_matches	2019-08-29 20:53:53
118.169.242.232	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-29 21:03:57
101.187.63.113	attackspambots	Aug 29 13:47:35 mail sshd\[13555\]: Invalid user jenkins from 101.187.63.113 Aug 29 13:47:35 mail sshd\[13555\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.187.63.113 Aug 29 13:47:38 mail sshd\[13555\]: Failed password for invalid user jenkins from 101.187.63.113 port 52691 ssh2 ...	2019-08-29 20:45:53
118.165.101.25	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-29 20:59:16
81.22.45.203	attackbotsspam	08/29/2019-07:16:07.442192 81.22.45.203 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-29 20:35:13

最近上报的IP列表

66.70.145.172	159.0.76.230	114.34.203.92	87.110.219.209
55.65.196.89	157.251.198.55	73.20.138.89	27.255.79.137
47.87.172.168	27.8.96.136	224.32.8.77	48.237.117.140
233.67.165.84	132.58.198.169	206.137.189.170	215.218.103.255
189.91.3.195	28.237.3.196	67.0.232.149	94.23.223.165