142.93.204.3 - IPInfo

基本信息:

城市(city): North Bergen

省份(region): New Jersey

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Jul 4 11:30:21 dedicated sshd[1032]: Invalid user mustang from 142.93.204.3 port 46510	2019-07-04 19:42:21
attack	Jun 23 13:18:46 amit sshd\[27571\]: Invalid user admin from 142.93.204.3 Jun 23 13:18:46 amit sshd\[27571\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.204.3 Jun 23 13:18:48 amit sshd\[27571\]: Failed password for invalid user admin from 142.93.204.3 port 46156 ssh2 ...	2019-06-24 00:55:48

类型

评论内容

时间

attackbots

Jul  4 11:30:21 dedicated sshd[1032]: Invalid user mustang from 142.93.204.3 port 46510

2019-07-04 19:42:21

attack

Jun 23 13:18:46 amit sshd\[27571\]: Invalid user admin from 142.93.204.3
Jun 23 13:18:46 amit sshd\[27571\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.204.3
Jun 23 13:18:48 amit sshd\[27571\]: Failed password for invalid user admin from 142.93.204.3 port 46156 ssh2
...

2019-06-24 00:55:48

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.204.221	attackspam	Automatic report - Banned IP Access	2020-07-27 23:32:54
142.93.204.9	attackspambots	Port scan: Attack repeated for 24 hours	2020-07-24 17:32:43
142.93.204.221	attack	142.93.204.221 - - [11/Jul/2020:09:40:03 +0100] "POST /wp-login.php HTTP/1.1" 200 1948 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [11/Jul/2020:09:40:15 +0100] "POST /wp-login.php HTTP/1.1" 200 1890 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [11/Jul/2020:09:40:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1926 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-11 17:00:30
142.93.204.221	attackbots	Automatic report - WordPress Brute Force	2020-07-10 18:11:55
142.93.204.221	attackspambots	WordPress login Brute force / Web App Attack on client site.	2020-07-06 17:31:16
142.93.204.221	attack	142.93.204.221 - - [26/Jun/2020:10:15:14 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Jun/2020:10:15:15 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Jun/2020:10:15:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-26 17:33:37
142.93.204.221	attack	WordPress (CMS) attack attempts. Date: 2020 Jun 01. 05:25:38 Source IP: 142.93.204.221 Portion of the log(s): 142.93.204.221 - [01/Jun/2020:05:25:20 +0200] "GET /wp-login.php HTTP/1.1" 200 1962 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - [01/Jun/2020:05:25:25 +0200] "POST /wp-login.php HTTP/1.1" 200 2411 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - [01/Jun/2020:05:25:31 +0200] "GET /wp-login.php HTTP/1.1" 200 1962 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - [01/Jun/2020:05:25:32 +0200] "POST /wp-login.php HTTP/1.1" 200 2414 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - [01/Jun/2020:05:25:32 +0200] "POST /xmlrpc.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-01 13:07:34
142.93.204.221	attackbots	Automatic report - XMLRPC Attack	2020-05-26 10:05:16
142.93.204.221	attackspambots	xmlrpc attack	2020-05-23 23:23:08
142.93.204.221	attackbotsspam	wp-login.php	2020-05-20 03:58:29
142.93.204.221	attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-04-18 20:56:56
142.93.204.89	attackspam	Apr 3 14:41:45 XXX sshd[39784]: Invalid user ubnt from 142.93.204.89 port 42676	2020-04-03 22:35:37
142.93.204.89	attackspam	SSH Server BruteForce Attack	2020-04-03 14:40:28
142.93.204.221	attack	142.93.204.221 - - [26/Mar/2020:22:19:52 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:52 +0100] "POST /wp-login.php HTTP/1.1" 200 2297 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:53 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:53 +0100] "POST /wp-login.php HTTP/1.1" 200 2272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:58 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:58 +0100] "POST /wp-login.php HTTP/1.1" 200 2272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-27 06:12:58
142.93.204.221	attackspam	Unauthorized connection attempt detected, IP banned.	2020-03-25 08:40:53

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.204.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48736
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.204.3.			IN	A

;; AUTHORITY SECTION:
.			3299	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041500 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 15 20:35:25 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 3.204.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 3.204.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
195.231.3.146	attack	Mar 31 21:05:56 mail.srvfarm.net postfix/smtpd[740123]: warning: unknown[195.231.3.146]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 31 21:05:56 mail.srvfarm.net postfix/smtpd[740123]: lost connection after AUTH from unknown[195.231.3.146] Mar 31 21:10:42 mail.srvfarm.net postfix/smtpd[740062]: warning: unknown[195.231.3.146]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 31 21:10:42 mail.srvfarm.net postfix/smtpd[740062]: lost connection after AUTH from unknown[195.231.3.146] Mar 31 21:10:47 mail.srvfarm.net postfix/smtpd[740123]: warning: unknown[195.231.3.146]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 31 21:10:47 mail.srvfarm.net postfix/smtpd[740123]: lost connection after AUTH from unknown[195.231.3.146]	2020-04-01 04:18:55
203.162.166.17	attackspam	Mar 31 19:14:10 host5 sshd[12499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.162.166.17 user=root Mar 31 19:14:12 host5 sshd[12499]: Failed password for root from 203.162.166.17 port 40564 ssh2 ...	2020-04-01 04:23:51
46.166.129.156	attackbotsspam	Mar 31 20:52:20 srv-ubuntu-dev3 sshd[20799]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.166.129.156 user=root Mar 31 20:52:22 srv-ubuntu-dev3 sshd[20799]: Failed password for root from 46.166.129.156 port 48268 ssh2 Mar 31 20:52:24 srv-ubuntu-dev3 sshd[20799]: Failed password for root from 46.166.129.156 port 48268 ssh2 Mar 31 20:52:20 srv-ubuntu-dev3 sshd[20799]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.166.129.156 user=root Mar 31 20:52:22 srv-ubuntu-dev3 sshd[20799]: Failed password for root from 46.166.129.156 port 48268 ssh2 Mar 31 20:52:24 srv-ubuntu-dev3 sshd[20799]: Failed password for root from 46.166.129.156 port 48268 ssh2 Mar 31 20:52:20 srv-ubuntu-dev3 sshd[20799]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.166.129.156 user=root Mar 31 20:52:22 srv-ubuntu-dev3 sshd[20799]: Failed password for root from 46.166.129.156 port 4826 ...	2020-04-01 04:33:13
208.71.172.46	attackspambots	SSH Brute-Force attacks	2020-04-01 04:29:59
5.39.88.60	attackbots	20 attempts against mh-ssh on cloud	2020-04-01 04:22:21
1.162.15.203	attackbotsspam	Honeypot attack, port: 445, PTR: 1-162-15-203.dynamic-ip.hinet.net.	2020-04-01 04:36:17
50.227.195.3	attack	Invalid user qxg from 50.227.195.3 port 53218	2020-04-01 04:09:34
222.186.15.62	attackspambots	IP blocked	2020-04-01 04:20:28
46.27.140.1	attackbots	Mar 31 14:19:51 server1 sshd\[14598\]: Failed password for root from 46.27.140.1 port 49574 ssh2 Mar 31 14:23:38 server1 sshd\[15792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.27.140.1 user=root Mar 31 14:23:40 server1 sshd\[15792\]: Failed password for root from 46.27.140.1 port 33840 ssh2 Mar 31 14:27:31 server1 sshd\[17695\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.27.140.1 user=root Mar 31 14:27:32 server1 sshd\[17695\]: Failed password for root from 46.27.140.1 port 46346 ssh2 ...	2020-04-01 04:43:00
94.102.56.215	attackspambots	firewall-block, port(s): 4099/udp	2020-04-01 04:39:47
111.231.71.157	attackspambots	Mar 31 21:34:48 mail sshd[30194]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.71.157 user=root Mar 31 21:34:50 mail sshd[30194]: Failed password for root from 111.231.71.157 port 59728 ssh2 Mar 31 21:52:39 mail sshd[25942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.71.157 user=root Mar 31 21:52:42 mail sshd[25942]: Failed password for root from 111.231.71.157 port 55322 ssh2 Mar 31 21:58:00 mail sshd[1866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.71.157 user=root Mar 31 21:58:02 mail sshd[1866]: Failed password for root from 111.231.71.157 port 56976 ssh2 ...	2020-04-01 04:34:06
167.99.72.147	attack	WordPress login Brute force / Web App Attack on client site.	2020-04-01 04:25:51
115.84.253.162	attackspam	Mar 31 18:39:45 pornomens sshd\[10900\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.84.253.162 user=root Mar 31 18:39:47 pornomens sshd\[10900\]: Failed password for root from 115.84.253.162 port 19310 ssh2 Mar 31 18:44:53 pornomens sshd\[10914\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.84.253.162 user=root ...	2020-04-01 04:43:28
157.230.230.152	attackspam	$f2bV_matches	2020-04-01 04:42:36
54.37.232.108	attack	Fail2Ban Ban Triggered (2)	2020-04-01 04:41:48

最近上报的IP列表

95.40.73.6	51.79.130.141	117.158.134.217	167.86.79.4
51.79.130.129	94.221.178.104	81.171.56.97	8.29.198.27
178.122.222.178	167.99.208.22	46.105.98.93	218.41.153.193
186.46.61.214	50.87.248.44	51.79.130.175	39.96.179.145
122.155.209.90	51.79.130.138	195.24.207.199	216.243.58.154