142.93.204.221

基本信息:

城市(city): North Bergen

省份(region): New Jersey

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Automatic report - Banned IP Access	2020-07-27 23:32:54
attack	142.93.204.221 - - [11/Jul/2020:09:40:03 +0100] "POST /wp-login.php HTTP/1.1" 200 1948 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [11/Jul/2020:09:40:15 +0100] "POST /wp-login.php HTTP/1.1" 200 1890 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [11/Jul/2020:09:40:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1926 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-11 17:00:30
attackbots	Automatic report - WordPress Brute Force	2020-07-10 18:11:55
attackspambots	WordPress login Brute force / Web App Attack on client site.	2020-07-06 17:31:16
attack	142.93.204.221 - - [26/Jun/2020:10:15:14 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Jun/2020:10:15:15 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Jun/2020:10:15:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-26 17:33:37
attack	WordPress (CMS) attack attempts. Date: 2020 Jun 01. 05:25:38 Source IP: 142.93.204.221 Portion of the log(s): 142.93.204.221 - [01/Jun/2020:05:25:20 +0200] "GET /wp-login.php HTTP/1.1" 200 1962 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - [01/Jun/2020:05:25:25 +0200] "POST /wp-login.php HTTP/1.1" 200 2411 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - [01/Jun/2020:05:25:31 +0200] "GET /wp-login.php HTTP/1.1" 200 1962 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - [01/Jun/2020:05:25:32 +0200] "POST /wp-login.php HTTP/1.1" 200 2414 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - [01/Jun/2020:05:25:32 +0200] "POST /xmlrpc.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-01 13:07:34
attackbots	Automatic report - XMLRPC Attack	2020-05-26 10:05:16
attackspambots	xmlrpc attack	2020-05-23 23:23:08
attackbotsspam	wp-login.php	2020-05-20 03:58:29
attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-04-18 20:56:56
attack	142.93.204.221 - - [26/Mar/2020:22:19:52 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:52 +0100] "POST /wp-login.php HTTP/1.1" 200 2297 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:53 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:53 +0100] "POST /wp-login.php HTTP/1.1" 200 2272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:58 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:58 +0100] "POST /wp-login.php HTTP/1.1" 200 2272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-27 06:12:58
attackspam	Unauthorized connection attempt detected, IP banned.	2020-03-25 08:40:53
attack	Wordpress Admin Login attack	2020-02-27 14:53:54
attack	142.93.204.221 - - \[13/Feb/2020:06:40:07 +0100\] "POST /wp-login.php HTTP/1.0" 200 6640 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.93.204.221 - - \[13/Feb/2020:06:40:09 +0100\] "POST /wp-login.php HTTP/1.0" 200 6453 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.93.204.221 - - \[13/Feb/2020:06:40:16 +0100\] "POST /wp-login.php HTTP/1.0" 200 6453 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-02-13 14:55:54
attackbots	WordPress login Brute force / Web App Attack on client site.	2020-02-09 06:57:30
attackspam	$f2bV_matches	2020-02-01 16:10:53
attackspambots	WordPress wp-login brute force :: 142.93.204.221 0.104 BYPASS [21/Jan/2020:21:02:38 0000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 2100 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-01-22 05:50:28
attackspambots	142.93.204.221 - - [28/Dec/2019:06:22:02 +0000] "POST /wp-login.php HTTP/1.1" 200 6393 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [28/Dec/2019:06:22:02 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-12-28 20:20:54
attackbotsspam	Automatic report - XMLRPC Attack	2019-11-10 08:07:18
attackbots	WordPress login Brute force / Web App Attack on client site.	2019-10-26 04:35:40
attackbotsspam	Request to REST API ///wp-json/wp/v2/users/	2019-10-04 02:19:49

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.204.9	attackspambots	Port scan: Attack repeated for 24 hours	2020-07-24 17:32:43
142.93.204.89	attackspam	Apr 3 14:41:45 XXX sshd[39784]: Invalid user ubnt from 142.93.204.89 port 42676	2020-04-03 22:35:37
142.93.204.89	attackspam	SSH Server BruteForce Attack	2020-04-03 14:40:28
142.93.204.235	attackbots	CMS (WordPress or Joomla) login attempt.	2020-03-09 05:19:12
142.93.204.3	attackbots	Jul 4 11:30:21 dedicated sshd[1032]: Invalid user mustang from 142.93.204.3 port 46510	2019-07-04 19:42:21
142.93.204.3	attack	Jun 23 13:18:46 amit sshd\[27571\]: Invalid user admin from 142.93.204.3 Jun 23 13:18:46 amit sshd\[27571\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.204.3 Jun 23 13:18:48 amit sshd\[27571\]: Failed password for invalid user admin from 142.93.204.3 port 46156 ssh2 ...	2019-06-24 00:55:48

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.204.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40001
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.204.221.			IN	A

;; AUTHORITY SECTION:
.			423	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100301 1800 900 604800 86400

;; Query time: 742 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 04 02:19:40 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

221.204.93.142.in-addr.arpa domain name pointer 195645.cloudwaysapps.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
221.204.93.142.in-addr.arpa	name = 195645.cloudwaysapps.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
52.130.86.7	attackbotsspam	SSH bruteforce	2020-05-10 14:50:50
138.197.21.218	attack	Brute force attempt	2020-05-10 14:47:14
139.170.150.250	attackbots	May 10 05:53:00 163-172-32-151 sshd[9274]: Invalid user ghaith from 139.170.150.250 port 3871 ...	2020-05-10 15:06:54
115.226.89.19	attack	Unauthorised access (May 10) SRC=115.226.89.19 LEN=40 TTL=53 ID=60583 TCP DPT=23 WINDOW=15833 SYN	2020-05-10 15:03:27
195.91.182.76	attackspambots	SSH login attempts.	2020-05-10 14:41:29
175.6.35.82	attackspambots	May 10 01:01:35 NPSTNNYC01T sshd[27512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.6.35.82 May 10 01:01:37 NPSTNNYC01T sshd[27512]: Failed password for invalid user testuser from 175.6.35.82 port 52846 ssh2 May 10 01:05:54 NPSTNNYC01T sshd[28010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.6.35.82 ...	2020-05-10 15:08:09
218.2.220.66	attack	2020-05-10T04:34:20.559963abusebot.cloudsearch.cf sshd[22454]: Invalid user jc from 218.2.220.66 port 56335 2020-05-10T04:34:20.565653abusebot.cloudsearch.cf sshd[22454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.2.220.66 2020-05-10T04:34:20.559963abusebot.cloudsearch.cf sshd[22454]: Invalid user jc from 218.2.220.66 port 56335 2020-05-10T04:34:22.856161abusebot.cloudsearch.cf sshd[22454]: Failed password for invalid user jc from 218.2.220.66 port 56335 ssh2 2020-05-10T04:43:04.130974abusebot.cloudsearch.cf sshd[23066]: Invalid user angelo from 218.2.220.66 port 59512 2020-05-10T04:43:04.137016abusebot.cloudsearch.cf sshd[23066]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.2.220.66 2020-05-10T04:43:04.130974abusebot.cloudsearch.cf sshd[23066]: Invalid user angelo from 218.2.220.66 port 59512 2020-05-10T04:43:06.698304abusebot.cloudsearch.cf sshd[23066]: Failed password for invalid user ang ...	2020-05-10 14:43:04
222.186.52.86	attackspambots	May 10 10:19:29 www2 sshd\[40168\]: Failed password for root from 222.186.52.86 port 52818 ssh2May 10 10:20:41 www2 sshd\[40464\]: Failed password for root from 222.186.52.86 port 21498 ssh2May 10 10:20:44 www2 sshd\[40464\]: Failed password for root from 222.186.52.86 port 21498 ssh2 ...	2020-05-10 15:23:01
94.102.51.29	attack	Port scan on 3 port(s): 53048 56387 57788	2020-05-10 14:39:09
98.143.148.45	attackbotsspam	May 10 04:16:52 game-panel sshd[2246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.143.148.45 May 10 04:16:54 game-panel sshd[2246]: Failed password for invalid user deploy from 98.143.148.45 port 40352 ssh2 May 10 04:19:38 game-panel sshd[2361]: Failed password for root from 98.143.148.45 port 45712 ssh2	2020-05-10 15:05:13
142.93.202.159	attack	2020-05-10T15:08:03.597361vivaldi2.tree2.info sshd[30283]: Invalid user perpetua from 142.93.202.159 2020-05-10T15:08:03.608706vivaldi2.tree2.info sshd[30283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.202.159 2020-05-10T15:08:03.597361vivaldi2.tree2.info sshd[30283]: Invalid user perpetua from 142.93.202.159 2020-05-10T15:08:05.838540vivaldi2.tree2.info sshd[30283]: Failed password for invalid user perpetua from 142.93.202.159 port 55558 ssh2 2020-05-10T15:11:59.735896vivaldi2.tree2.info sshd[30523]: Invalid user ubuntu from 142.93.202.159 ...	2020-05-10 15:14:40
162.243.10.64	attackbotsspam	May 10 08:20:39 h2829583 sshd[22346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.10.64	2020-05-10 15:19:47
111.67.194.44	attackspam	SSH brutforce	2020-05-10 14:47:56
148.72.31.119	attack	WordPress login Brute force / Web App Attack on client site.	2020-05-10 15:11:39
172.81.253.97	attackbotsspam	May 10 07:37:47 plex sshd[1218]: Invalid user admin from 172.81.253.97 port 34046	2020-05-10 15:06:22

最近上报的IP列表

77.175.100.122	153.184.37.28	140.224.103.179	93.102.133.51
222.62.226.1	222.52.117.36	73.201.109.255	114.98.127.23
103.11.201.134	74.208.150.36	193.202.110.21	99.72.14.101
15.106.250.30	68.241.37.76	222.161.209.130	52.230.136.130
101.238.199.84	195.242.192.240	39.199.232.203	66.85.99.168