142.93.204.221

基本信息:

城市(city): North Bergen

省份(region): New Jersey

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Automatic report - Banned IP Access	2020-07-27 23:32:54
attack	142.93.204.221 - - [11/Jul/2020:09:40:03 +0100] "POST /wp-login.php HTTP/1.1" 200 1948 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [11/Jul/2020:09:40:15 +0100] "POST /wp-login.php HTTP/1.1" 200 1890 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [11/Jul/2020:09:40:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1926 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-11 17:00:30
attackbots	Automatic report - WordPress Brute Force	2020-07-10 18:11:55
attackspambots	WordPress login Brute force / Web App Attack on client site.	2020-07-06 17:31:16
attack	142.93.204.221 - - [26/Jun/2020:10:15:14 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Jun/2020:10:15:15 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Jun/2020:10:15:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-26 17:33:37
attack	WordPress (CMS) attack attempts. Date: 2020 Jun 01. 05:25:38 Source IP: 142.93.204.221 Portion of the log(s): 142.93.204.221 - [01/Jun/2020:05:25:20 +0200] "GET /wp-login.php HTTP/1.1" 200 1962 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - [01/Jun/2020:05:25:25 +0200] "POST /wp-login.php HTTP/1.1" 200 2411 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - [01/Jun/2020:05:25:31 +0200] "GET /wp-login.php HTTP/1.1" 200 1962 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - [01/Jun/2020:05:25:32 +0200] "POST /wp-login.php HTTP/1.1" 200 2414 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - [01/Jun/2020:05:25:32 +0200] "POST /xmlrpc.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-01 13:07:34
attackbots	Automatic report - XMLRPC Attack	2020-05-26 10:05:16
attackspambots	xmlrpc attack	2020-05-23 23:23:08
attackbotsspam	wp-login.php	2020-05-20 03:58:29
attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-04-18 20:56:56
attack	142.93.204.221 - - [26/Mar/2020:22:19:52 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:52 +0100] "POST /wp-login.php HTTP/1.1" 200 2297 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:53 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:53 +0100] "POST /wp-login.php HTTP/1.1" 200 2272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:58 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:58 +0100] "POST /wp-login.php HTTP/1.1" 200 2272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-27 06:12:58
attackspam	Unauthorized connection attempt detected, IP banned.	2020-03-25 08:40:53
attack	Wordpress Admin Login attack	2020-02-27 14:53:54
attack	142.93.204.221 - - \[13/Feb/2020:06:40:07 +0100\] "POST /wp-login.php HTTP/1.0" 200 6640 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.93.204.221 - - \[13/Feb/2020:06:40:09 +0100\] "POST /wp-login.php HTTP/1.0" 200 6453 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.93.204.221 - - \[13/Feb/2020:06:40:16 +0100\] "POST /wp-login.php HTTP/1.0" 200 6453 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-02-13 14:55:54
attackbots	WordPress login Brute force / Web App Attack on client site.	2020-02-09 06:57:30
attackspam	$f2bV_matches	2020-02-01 16:10:53
attackspambots	WordPress wp-login brute force :: 142.93.204.221 0.104 BYPASS [21/Jan/2020:21:02:38 0000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 2100 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-01-22 05:50:28
attackspambots	142.93.204.221 - - [28/Dec/2019:06:22:02 +0000] "POST /wp-login.php HTTP/1.1" 200 6393 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [28/Dec/2019:06:22:02 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-12-28 20:20:54
attackbotsspam	Automatic report - XMLRPC Attack	2019-11-10 08:07:18
attackbots	WordPress login Brute force / Web App Attack on client site.	2019-10-26 04:35:40
attackbotsspam	Request to REST API ///wp-json/wp/v2/users/	2019-10-04 02:19:49

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.204.9	attackspambots	Port scan: Attack repeated for 24 hours	2020-07-24 17:32:43
142.93.204.89	attackspam	Apr 3 14:41:45 XXX sshd[39784]: Invalid user ubnt from 142.93.204.89 port 42676	2020-04-03 22:35:37
142.93.204.89	attackspam	SSH Server BruteForce Attack	2020-04-03 14:40:28
142.93.204.235	attackbots	CMS (WordPress or Joomla) login attempt.	2020-03-09 05:19:12
142.93.204.3	attackbots	Jul 4 11:30:21 dedicated sshd[1032]: Invalid user mustang from 142.93.204.3 port 46510	2019-07-04 19:42:21
142.93.204.3	attack	Jun 23 13:18:46 amit sshd\[27571\]: Invalid user admin from 142.93.204.3 Jun 23 13:18:46 amit sshd\[27571\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.204.3 Jun 23 13:18:48 amit sshd\[27571\]: Failed password for invalid user admin from 142.93.204.3 port 46156 ssh2 ...	2019-06-24 00:55:48

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.204.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40001
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.204.221.			IN	A

;; AUTHORITY SECTION:
.			423	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100301 1800 900 604800 86400

;; Query time: 742 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 04 02:19:40 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

221.204.93.142.in-addr.arpa domain name pointer 195645.cloudwaysapps.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
221.204.93.142.in-addr.arpa	name = 195645.cloudwaysapps.com.

Authoritative answers can be found from:

IP	类型	评论内容	时间
41.165.88.130	attackspam	Repeated RDP login failures. Last user: 1005	2020-09-18 23:06:31
77.37.198.123	attackspam	Repeated RDP login failures. Last user: Administrator	2020-09-18 23:13:30
190.81.175.66	attackspambots	Repeated RDP login failures. Last user: Rx1	2020-09-18 23:08:13
217.182.253.249	attack	(sshd) Failed SSH login from 217.182.253.249 (FR/France/vps-73fc7f41.vps.ovh.net): 5 in the last 3600 secs	2020-09-18 22:36:16
103.145.13.36	attackspambots	Port Scan	2020-09-18 23:03:32
162.142.125.16	attackspambots	TCP (SYN) 162.142.125.16:24639 -> port 8090, len 44	2020-09-18 22:37:27
77.43.123.58	attack	Repeated RDP login failures. Last user: Administrator	2020-09-18 23:13:09
192.241.235.51	attack	Port Scan detected! ...	2020-09-18 22:49:06
116.59.25.201	attack	(sshd) Failed SSH login from 116.59.25.201 (TW/Taiwan/116-59-25-201.emome-ip.hinet.net): 5 in the last 3600 secs	2020-09-18 23:10:18
211.103.135.104	attackspam	RDP Bruteforce	2020-09-18 23:07:51
31.156.62.190	attackspambots	Unauthorized connection attempt from IP address 31.156.62.190 on Port 445(SMB)	2020-09-18 22:41:55
49.234.116.74	attack	$f2bV_matches	2020-09-18 22:35:43
139.198.15.41	attackspambots	SSH Bruteforce Attempt on Honeypot	2020-09-18 22:58:10
27.6.88.37	attackspambots	Mirai and Reaper Exploitation Traffic	2020-09-18 22:43:35
46.46.85.97	attackspam	RDP Bruteforce	2020-09-18 23:06:00

最近上报的IP列表

77.175.100.122	153.184.37.28	140.224.103.179	93.102.133.51
222.62.226.1	222.52.117.36	73.201.109.255	114.98.127.23
103.11.201.134	74.208.150.36	193.202.110.21	99.72.14.101
15.106.250.30	68.241.37.76	222.161.209.130	52.230.136.130
101.238.199.84	195.242.192.240	39.199.232.203	66.85.99.168