142.93.203.239

基本信息:

城市(city): North Bergen

省份(region): New Jersey

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.203.168	attackspambots	142.93.203.168 - - [11/Jun/2020:08:51:59 +0200] "GET /wp-login.php HTTP/1.1" 200 5861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.203.168 - - [11/Jun/2020:08:52:00 +0200] "POST /wp-login.php HTTP/1.1" 200 6166 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.203.168 - - [11/Jun/2020:08:52:02 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-11 16:13:57
142.93.203.168	attackspam	142.93.203.168 has been banned for [WebApp Attack] ...	2020-06-03 12:03:47
142.93.203.168	attackspambots	May 24 22:31:20 wordpress wordpress(www.ruhnke.cloud)[98824]: Blocked authentication attempt for admin from ::ffff:142.93.203.168	2020-05-25 05:28:38
142.93.203.168	attackspambots	Automatic report - XMLRPC Attack	2020-05-24 15:31:32
142.93.203.168	attackbots	142.93.203.168 - - \[10/May/2020:15:02:39 +0200\] "POST /wp-login.php HTTP/1.0" 200 6052 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.93.203.168 - - \[10/May/2020:15:02:41 +0200\] "POST /wp-login.php HTTP/1.0" 200 5872 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.93.203.168 - - \[10/May/2020:15:02:43 +0200\] "POST /wp-login.php HTTP/1.0" 200 5865 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-10 21:56:29
142.93.203.108	attackspam	Sep 7 05:19:59 xeon sshd[49331]: Invalid user web from 142.93.203.108	2019-09-07 12:33:29
142.93.203.108	attackspam	Aug 30 21:57:04 SilenceServices sshd[21823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 30 21:57:06 SilenceServices sshd[21823]: Failed password for invalid user farid from 142.93.203.108 port 52008 ssh2 Aug 30 22:01:13 SilenceServices sshd[24957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108	2019-08-31 04:02:57
142.93.203.108	attackbots	Aug 28 07:30:26 plex sshd[11387]: Invalid user ataque from 142.93.203.108 port 55922	2019-08-28 13:43:27
142.93.203.108	attack	Aug 22 12:31:34 tdfoods sshd\[26915\]: Invalid user reseller from 142.93.203.108 Aug 22 12:31:34 tdfoods sshd\[26915\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 22 12:31:36 tdfoods sshd\[26915\]: Failed password for invalid user reseller from 142.93.203.108 port 48002 ssh2 Aug 22 12:35:47 tdfoods sshd\[27287\]: Invalid user frappe from 142.93.203.108 Aug 22 12:35:47 tdfoods sshd\[27287\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108	2019-08-23 06:52:35
142.93.203.108	attackbotsspam	Aug 16 16:47:46 web8 sshd\[26499\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 user=root Aug 16 16:47:48 web8 sshd\[26499\]: Failed password for root from 142.93.203.108 port 47294 ssh2 Aug 16 16:52:12 web8 sshd\[28613\]: Invalid user test from 142.93.203.108 Aug 16 16:52:12 web8 sshd\[28613\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 16 16:52:15 web8 sshd\[28613\]: Failed password for invalid user test from 142.93.203.108 port 39268 ssh2	2019-08-17 01:08:40
142.93.203.108	attackbotsspam	Aug 16 12:44:18 web8 sshd\[973\]: Invalid user julia from 142.93.203.108 Aug 16 12:44:18 web8 sshd\[973\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 16 12:44:20 web8 sshd\[973\]: Failed password for invalid user julia from 142.93.203.108 port 44798 ssh2 Aug 16 12:48:30 web8 sshd\[3286\]: Invalid user tex from 142.93.203.108 Aug 16 12:48:30 web8 sshd\[3286\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108	2019-08-16 20:49:16
142.93.203.108	attackbots	Aug 15 17:35:52 areeb-Workstation sshd\[5879\]: Invalid user raluca from 142.93.203.108 Aug 15 17:35:52 areeb-Workstation sshd\[5879\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Aug 15 17:35:55 areeb-Workstation sshd\[5879\]: Failed password for invalid user raluca from 142.93.203.108 port 33366 ssh2 ...	2019-08-15 22:37:37
142.93.203.108	attackbots	2019-08-07T21:24:10.892843abusebot-5.cloudsearch.cf sshd\[10597\]: Invalid user testftp from 142.93.203.108 port 37494	2019-08-08 05:37:38
142.93.203.108	attack	Jul 31 13:04:20 localhost sshd\[57973\]: Invalid user user from 142.93.203.108 port 58846 Jul 31 13:04:20 localhost sshd\[57973\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 ...	2019-07-31 20:05:02
142.93.203.108	attackspambots	Failed password for invalid user rainbow from 142.93.203.108 port 45518 ssh2 Invalid user donut from 142.93.203.108 port 41380 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108 Failed password for invalid user donut from 142.93.203.108 port 41380 ssh2 Invalid user xmlrpc from 142.93.203.108 port 37342	2019-07-31 08:58:24

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.203.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19119
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.203.239.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Mar 30 04:11:34 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 239.203.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 239.203.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
5.59.137.138	attackbotsspam	20/8/21@08:45:53: FAIL: Alarm-Network address from=5.59.137.138 ...	2020-08-22 02:44:45
192.241.209.169	attackspambots	firewall-block, port(s): 1400/tcp	2020-08-22 03:07:50
206.189.121.29	attackbots	206.189.121.29 - - [21/Aug/2020:20:28:52 +0200] "GET /wp-login.php HTTP/1.1" 200 8775 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 206.189.121.29 - - [21/Aug/2020:20:28:58 +0200] "POST /wp-login.php HTTP/1.1" 200 9026 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 206.189.121.29 - - [21/Aug/2020:20:28:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-22 03:05:02
138.68.233.112	attack	138.68.233.112 - - [21/Aug/2020:18:11:28 +0100] "POST /wp-login.php HTTP/1.1" 200 1905 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.233.112 - - [21/Aug/2020:18:11:33 +0100] "POST /wp-login.php HTTP/1.1" 200 1890 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.233.112 - - [21/Aug/2020:18:11:38 +0100] "POST /wp-login.php HTTP/1.1" 200 1887 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-22 02:41:52
189.7.217.23	attackspambots	Aug 21 21:25:07 gw1 sshd[8394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.7.217.23 Aug 21 21:25:09 gw1 sshd[8394]: Failed password for invalid user kakuta from 189.7.217.23 port 56018 ssh2 ...	2020-08-22 02:57:58
162.142.125.25	attackspam	Icarus honeypot on github	2020-08-22 02:59:09
106.51.137.107	attackbotsspam	Unauthorized connection attempt from IP address 106.51.137.107 on Port 445(SMB)	2020-08-22 03:10:22
85.95.178.149	attack	$f2bV_matches	2020-08-22 02:55:14
97.64.37.162	attackbots	Aug 21 14:37:16 IngegnereFirenze sshd[21609]: User root from 97.64.37.162 not allowed because not listed in AllowUsers ...	2020-08-22 02:39:08
195.154.42.43	attackbots	Aug 21 20:32:21 buvik sshd[25807]: Invalid user co from 195.154.42.43 Aug 21 20:32:21 buvik sshd[25807]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.154.42.43 Aug 21 20:32:23 buvik sshd[25807]: Failed password for invalid user co from 195.154.42.43 port 48192 ssh2 ...	2020-08-22 02:36:49
112.85.42.181	attack	Aug 21 20:37:08 dev0-dcde-rnet sshd[9906]: Failed password for root from 112.85.42.181 port 44037 ssh2 Aug 21 20:37:18 dev0-dcde-rnet sshd[9906]: Failed password for root from 112.85.42.181 port 44037 ssh2 Aug 21 20:37:21 dev0-dcde-rnet sshd[9906]: Failed password for root from 112.85.42.181 port 44037 ssh2 Aug 21 20:37:21 dev0-dcde-rnet sshd[9906]: error: maximum authentication attempts exceeded for root from 112.85.42.181 port 44037 ssh2 [preauth]	2020-08-22 02:40:59
68.41.142.120	attack	Aug 21 13:39:38 django-0 sshd[7318]: Invalid user osvaldo from 68.41.142.120 ...	2020-08-22 02:34:12
49.149.110.86	attack	Unauthorized connection attempt from IP address 49.149.110.86 on Port 445(SMB)	2020-08-22 02:44:27
5.150.247.132	attackspam	srvr1: (mod_security) mod_security (id:942100) triggered by 5.150.247.132 (SE/-/h-247-132.A328.priv.bahnhof.se): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:01:42 [error] 482759#0: 840084 [client 5.150.247.132] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801130283.685144"] [ref ""], client: 5.150.247.132, [redacted] request: "GET /forum/viewthread.php?thread_id=1122%29+OR+UPDATEXML%285947%2CCONCAT%280x2e%2C0x4d4554334764%2C%28SELECT+%28ELT%282836%3D2836%2C1%29%29%29%2C0x4d4554334764%29%2C5431%29%23+jEfb HTTP/1.1" [redacted]	2020-08-22 03:04:50
140.143.244.91	attackspambots	frenzy	2020-08-22 02:43:24

最近上报的IP列表

46.201.147.192	119.161.98.132	71.6.146.130	27.214.220.67
219.246.191.183	71.6.142.81	31.40.155.194	200.32.12.87
182.76.21.138	136.255.144.2	37.79.58.178	165.227.166.144
77.247.109.73	77.125.71.221	69.133.10.55	180.66.58.111
164.132.107.245	159.213.95.62	70.35.141.234	69.122.129.217