城市(city): unknown
省份(region): unknown
国家(country): United States of America
运营商(isp): DigitalOcean LLC
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): Data Center/Web Hosting/Transit
| 类型 | 评论内容 | 时间 |
|---|---|---|
| attackbots | 142.93.52.3 (US/United States/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 16 07:43:32 server2 sshd[30326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.132.211 user=root Sep 16 07:43:34 server2 sshd[30326]: Failed password for root from 119.28.132.211 port 57056 ssh2 Sep 16 07:43:52 server2 sshd[30379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.217.161 user=root Sep 16 07:43:24 server2 sshd[30269]: Failed password for root from 142.93.52.3 port 60144 ssh2 Sep 16 07:43:19 server2 sshd[30128]: Failed password for root from 119.250.158.217 port 62043 ssh2 Sep 16 07:43:22 server2 sshd[30269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 user=root IP Addresses Blocked: 119.28.132.211 (HK/Hong Kong/-) 134.175.217.161 (CN/China/-) |
2020-09-16 23:30:14 |
| attack | Banned for a week because repeated abuses, for example SSH, but not only |
2020-09-16 15:47:17 |
| attack | detected by Fail2Ban |
2020-09-16 07:47:29 |
| attack | Sep 8 13:52:28 markkoudstaal sshd[19974]: Failed password for root from 142.93.52.3 port 39644 ssh2 Sep 8 13:56:14 markkoudstaal sshd[21048]: Failed password for root from 142.93.52.3 port 45878 ssh2 Sep 8 13:59:58 markkoudstaal sshd[22064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 ... |
2020-09-08 20:22:38 |
| attack | 2020-09-08T05:00:26.289010billing sshd[19563]: Failed password for root from 142.93.52.3 port 35248 ssh2 2020-09-08T05:03:36.432267billing sshd[25813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 user=root 2020-09-08T05:03:38.974327billing sshd[25813]: Failed password for root from 142.93.52.3 port 39546 ssh2 ... |
2020-09-08 12:17:30 |
| attack | Triggered by Fail2Ban at Ares web server |
2020-09-08 04:54:31 |
| attackbots | Aug 30 02:12:22 web9 sshd\[21063\]: Invalid user tamaki from 142.93.52.3 Aug 30 02:12:22 web9 sshd\[21063\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 Aug 30 02:12:24 web9 sshd\[21063\]: Failed password for invalid user tamaki from 142.93.52.3 port 41090 ssh2 Aug 30 02:16:22 web9 sshd\[21548\]: Invalid user admin from 142.93.52.3 Aug 30 02:16:22 web9 sshd\[21548\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 |
2020-08-30 20:27:55 |
| attackbotsspam | Aug 17 14:05:26 [host] sshd[5813]: Invalid user to Aug 17 14:05:26 [host] sshd[5813]: pam_unix(sshd:a Aug 17 14:05:28 [host] sshd[5813]: Failed password |
2020-08-17 21:49:53 |
| attack | k+ssh-bruteforce |
2020-08-07 08:35:44 |
| attackbotsspam | Aug 6 02:09:31 firewall sshd[10490]: Failed password for root from 142.93.52.3 port 51364 ssh2 Aug 6 02:13:18 firewall sshd[10609]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 user=root Aug 6 02:13:20 firewall sshd[10609]: Failed password for root from 142.93.52.3 port 34064 ssh2 ... |
2020-08-06 13:22:04 |
| attack | Aug 4 13:57:57 piServer sshd[7616]: Failed password for root from 142.93.52.3 port 39134 ssh2 Aug 4 14:00:41 piServer sshd[7924]: Failed password for root from 142.93.52.3 port 57462 ssh2 ... |
2020-08-04 21:30:59 |
| attack | Jul 31 16:50:10 *hidden* sshd[7811]: Failed password for *hidden* from 142.93.52.3 port 33184 ssh2 Jul 31 16:54:07 *hidden* sshd[17514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 user=root Jul 31 16:54:09 *hidden* sshd[17514]: Failed password for *hidden* from 142.93.52.3 port 45844 ssh2 Jul 31 16:58:05 *hidden* sshd[27196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 user=root Jul 31 16:58:07 *hidden* sshd[27196]: Failed password for *hidden* from 142.93.52.3 port 58508 ssh2 |
2020-08-01 03:33:18 |
| attack | Jul 25 10:17:08 vps sshd[25858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 Jul 25 10:17:10 vps sshd[25858]: Failed password for invalid user cristiano from 142.93.52.3 port 56604 ssh2 Jul 25 10:21:28 vps sshd[26138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 ... |
2020-07-25 18:25:15 |
| attackbotsspam | Jun 30 17:56:45 h1745522 sshd[22297]: Invalid user bhq from 142.93.52.3 port 51416 Jun 30 17:56:45 h1745522 sshd[22297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 Jun 30 17:56:45 h1745522 sshd[22297]: Invalid user bhq from 142.93.52.3 port 51416 Jun 30 17:56:47 h1745522 sshd[22297]: Failed password for invalid user bhq from 142.93.52.3 port 51416 ssh2 Jun 30 18:00:00 h1745522 sshd[22582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 user=root Jun 30 18:00:02 h1745522 sshd[22582]: Failed password for root from 142.93.52.3 port 50798 ssh2 Jun 30 18:03:15 h1745522 sshd[24059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 user=root Jun 30 18:03:17 h1745522 sshd[24059]: Failed password for root from 142.93.52.3 port 50176 ssh2 Jun 30 18:06:31 h1745522 sshd[24229]: Invalid user vpnuser from 142.93.52.3 port 49556 ... |
2020-07-01 04:29:01 |
| attack | Jun 28 17:24:04 ns382633 sshd\[11870\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 user=root Jun 28 17:24:07 ns382633 sshd\[11870\]: Failed password for root from 142.93.52.3 port 44448 ssh2 Jun 28 17:38:41 ns382633 sshd\[14687\]: Invalid user deploy from 142.93.52.3 port 44512 Jun 28 17:38:41 ns382633 sshd\[14687\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 Jun 28 17:38:43 ns382633 sshd\[14687\]: Failed password for invalid user deploy from 142.93.52.3 port 44512 ssh2 |
2020-06-29 02:03:53 |
| attackbotsspam | 2020-06-20T20:04:34.105871 sshd[29862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 2020-06-20T20:04:34.092494 sshd[29862]: Invalid user dita from 142.93.52.3 port 56306 2020-06-20T20:04:35.740889 sshd[29862]: Failed password for invalid user dita from 142.93.52.3 port 56306 ssh2 2020-06-21T06:27:54.256836 sshd[10458]: Invalid user jtorres from 142.93.52.3 port 33280 ... |
2020-06-21 13:47:11 |
| attackbotsspam | Jun 20 16:35:56 home sshd[6196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 Jun 20 16:35:58 home sshd[6196]: Failed password for invalid user huang from 142.93.52.3 port 56412 ssh2 Jun 20 16:36:55 home sshd[6280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 ... |
2020-06-20 23:04:33 |
| attackbots | Auto Fail2Ban report, multiple SSH login attempts. |
2020-06-12 18:48:29 |
| attackbotsspam | 2020-06-10T10:29:48.313269rocketchat.forhosting.nl sshd[22744]: Failed password for root from 142.93.52.3 port 51554 ssh2 2020-06-10T10:33:03.691457rocketchat.forhosting.nl sshd[22790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 user=ftp 2020-06-10T10:33:04.949573rocketchat.forhosting.nl sshd[22790]: Failed password for ftp from 142.93.52.3 port 53192 ssh2 ... |
2020-06-10 16:56:01 |
| attackbots | SSH Login Bruteforce |
2020-06-09 18:39:26 |
| attackspambots | May 28 19:46:10 web1 sshd\[3741\]: Failed password for invalid user sociedad from 142.93.52.3 port 42684 ssh2 May 28 19:49:28 web1 sshd\[4047\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 user=root May 28 19:49:30 web1 sshd\[4047\]: Failed password for root from 142.93.52.3 port 42286 ssh2 May 28 19:52:48 web1 sshd\[4329\]: Invalid user test from 142.93.52.3 May 28 19:52:48 web1 sshd\[4329\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 |
2020-05-29 14:59:25 |
| attackbots | " " |
2020-05-28 21:40:08 |
| attackbots | SSH/22 MH Probe, BF, Hack - |
2020-05-26 22:20:06 |
| attackspambots | no |
2020-05-26 03:58:46 |
| attackbots | $f2bV_matches |
2020-05-23 00:35:30 |
| attack | May 22 06:28:34 srv-ubuntu-dev3 sshd[111418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 May 22 06:28:34 srv-ubuntu-dev3 sshd[111418]: Invalid user xfc from 142.93.52.3 May 22 06:28:36 srv-ubuntu-dev3 sshd[111418]: Failed password for invalid user xfc from 142.93.52.3 port 58408 ssh2 May 22 06:31:48 srv-ubuntu-dev3 sshd[112642]: Invalid user ozc from 142.93.52.3 May 22 06:31:48 srv-ubuntu-dev3 sshd[112642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 May 22 06:31:48 srv-ubuntu-dev3 sshd[112642]: Invalid user ozc from 142.93.52.3 May 22 06:31:51 srv-ubuntu-dev3 sshd[112642]: Failed password for invalid user ozc from 142.93.52.3 port 36788 ssh2 May 22 06:35:06 srv-ubuntu-dev3 sshd[114063]: Invalid user zpb from 142.93.52.3 May 22 06:35:06 srv-ubuntu-dev3 sshd[114063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 May 22 06: ... |
2020-05-22 12:41:38 |
| attackspambots | Invalid user admin from 142.93.52.3 port 59888 |
2020-05-15 14:07:50 |
| attack | May 7 20:21:56 ns381471 sshd[4283]: Failed password for root from 142.93.52.3 port 48216 ssh2 May 7 20:23:39 ns381471 sshd[4323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 |
2020-05-08 03:45:21 |
| attackspam | $f2bV_matches |
2020-04-26 04:44:57 |
| attack | Apr 22 17:04:44 gw1 sshd[29988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 Apr 22 17:04:46 gw1 sshd[29988]: Failed password for invalid user admin from 142.93.52.3 port 58626 ssh2 ... |
2020-04-22 20:39:37 |
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 142.93.52.174 | attackspam | 142.93.52.174 - - [21/Sep/2020:20:43:25 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.52.174 - - [21/Sep/2020:20:55:53 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-09-22 03:16:06 |
| 142.93.52.174 | attack | 142.93.52.174 - - [21/Sep/2020:12:12:36 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.52.174 - - [21/Sep/2020:12:12:37 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.52.174 - - [21/Sep/2020:12:12:39 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-09-21 19:01:02 |
| 142.93.52.174 | attackspam | Attempt to hack Wordpress Login, XMLRPC or other login |
2020-08-17 06:43:23 |
| 142.93.52.174 | attackspambots | 142.93.52.174 - - [11/Jul/2020:06:15:19 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.52.174 - - [11/Jul/2020:06:15:26 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.52.174 - - [11/Jul/2020:06:15:26 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.52.174 - - [11/Jul/2020:06:15:27 +0200] "POST /wp-login.php HTTP/1.1" 200 2030 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.52.174 - - [11/Jul/2020:06:15:27 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.52.174 - - [11/Jul/2020:06:15:27 +0200] "POST /wp-login.php HTTP/1.1" 200 2030 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Fir ... |
2020-07-11 13:36:24 |
| 142.93.52.174 | attack | 142.93.52.174 - - \[28/May/2020:15:40:10 +0200\] "POST /wp-login.php HTTP/1.0" 200 6728 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.52.174 - - \[28/May/2020:15:40:12 +0200\] "POST /wp-login.php HTTP/1.0" 200 6558 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 142.93.52.174 - - \[28/May/2020:15:40:23 +0200\] "POST /wp-login.php HTTP/1.0" 200 6552 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2020-05-29 00:20:51 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.52.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51274
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.52.3. IN A
;; AUTHORITY SECTION:
. 501 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020041201 1800 900 604800 86400
;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 13 08:35:04 CST 2020
;; MSG SIZE rcvd: 115
Host 3.52.93.142.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 3.52.93.142.in-addr.arpa: NXDOMAIN
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 106.54.18.121 | attackbots | Fail2Ban Ban Triggered |
2019-11-25 06:05:39 |
| 94.199.198.137 | attackspambots | Invalid user maddex from 94.199.198.137 port 60812 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.199.198.137 Failed password for invalid user maddex from 94.199.198.137 port 60812 ssh2 Invalid user sieger from 94.199.198.137 port 40908 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.199.198.137 |
2019-11-25 06:23:29 |
| 112.64.137.178 | attackbotsspam | Automatic report - Banned IP Access |
2019-11-25 06:08:48 |
| 218.92.0.211 | attackspambots | Nov 24 23:07:44 eventyay sshd[4376]: Failed password for root from 218.92.0.211 port 54153 ssh2 Nov 24 23:08:31 eventyay sshd[4390]: Failed password for root from 218.92.0.211 port 60922 ssh2 ... |
2019-11-25 06:18:45 |
| 123.207.88.97 | attack | " " |
2019-11-25 06:06:31 |
| 81.22.45.25 | attackspambots | 11/24/2019-17:13:01.216232 81.22.45.25 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2019-11-25 06:18:26 |
| 217.165.183.151 | attackbots | Port 1433 Scan |
2019-11-25 06:28:23 |
| 106.13.48.201 | attackbotsspam | 2019-11-24T09:43:44.811340homeassistant sshd[13296]: Failed password for invalid user super from 106.13.48.201 port 32880 ssh2 2019-11-24T14:44:08.884618homeassistant sshd[5697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.201 user=mail ... |
2019-11-25 06:35:14 |
| 119.28.191.184 | attack | Invalid user guillan from 119.28.191.184 port 34126 |
2019-11-25 06:34:19 |
| 40.73.65.160 | attack | Nov 24 09:44:51 plusreed sshd[4249]: Invalid user webmaster from 40.73.65.160 ... |
2019-11-25 06:11:10 |
| 168.232.130.188 | attackspambots | 2019-11-24T14:44:45.535Z CLOSE host=168.232.130.188 port=56139 fd=4 time=20.017 bytes=13 ... |
2019-11-25 06:13:03 |
| 89.248.168.112 | attackspambots | Fail2Ban Ban Triggered |
2019-11-25 06:37:28 |
| 202.146.235.79 | attack | Nov 24 19:12:27 server sshd\[17058\]: Invalid user admin from 202.146.235.79 Nov 24 19:12:27 server sshd\[17058\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.146.235.79 Nov 24 19:12:29 server sshd\[17058\]: Failed password for invalid user admin from 202.146.235.79 port 52588 ssh2 Nov 24 19:34:50 server sshd\[22803\]: Invalid user yuklung from 202.146.235.79 Nov 24 19:34:50 server sshd\[22803\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.146.235.79 ... |
2019-11-25 06:09:55 |
| 46.101.48.191 | attackspambots | Nov 24 18:50:27 [host] sshd[19748]: Invalid user ljm7206 from 46.101.48.191 Nov 24 18:50:27 [host] sshd[19748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.48.191 Nov 24 18:50:29 [host] sshd[19748]: Failed password for invalid user ljm7206 from 46.101.48.191 port 44608 ssh2 |
2019-11-25 06:24:30 |
| 77.146.101.146 | attack | (sshd) Failed SSH login from 77.146.101.146 (FR/France/Finistère/Plouzane/146.101.146.77.rev.sfr.net/[AS15557 SFR SA]): 1 in the last 3600 secs |
2019-11-25 06:35:29 |