142.93.104.142

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 142.93.104.142 to port 135 [J]	2020-03-01 03:39:28

Comments on same subnet:

IP	Type	Details	Datetime
142.93.104.32	attack	2020-06-30T10:28:50.487141morrigan.ad5gb.com sshd[2920184]: Invalid user counter from 142.93.104.32 port 57248 2020-06-30T10:28:52.174935morrigan.ad5gb.com sshd[2920184]: Failed password for invalid user counter from 142.93.104.32 port 57248 ssh2	2020-07-01 05:43:49
142.93.104.32	attack	Jun 30 08:32:39 hell sshd[1978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.104.32 Jun 30 08:32:41 hell sshd[1978]: Failed password for invalid user usertest from 142.93.104.32 port 34712 ssh2 ...	2020-06-30 20:16:04
142.93.104.32	attackbotsspam	$f2bV_matches	2020-06-19 23:39:20
142.93.104.32	attackbots	2020-06-10T19:25:22.5932121240 sshd\[12667\]: Invalid user admin123 from 142.93.104.32 port 56308 2020-06-10T19:25:22.5976411240 sshd\[12667\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.104.32 2020-06-10T19:25:24.8603061240 sshd\[12667\]: Failed password for invalid user admin123 from 142.93.104.32 port 56308 ssh2 ...	2020-06-11 02:17:14
142.93.104.32	attack	Jun 3 08:31:15 abendstille sshd\[32095\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.104.32 user=root Jun 3 08:31:17 abendstille sshd\[32095\]: Failed password for root from 142.93.104.32 port 50084 ssh2 Jun 3 08:34:19 abendstille sshd\[2621\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.104.32 user=root Jun 3 08:34:21 abendstille sshd\[2621\]: Failed password for root from 142.93.104.32 port 49174 ssh2 Jun 3 08:40:30 abendstille sshd\[8628\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.104.32 user=root ...	2020-06-03 17:15:48
142.93.104.32	attack	May 27 11:36:21 MainVPS sshd[19231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.104.32 user=root May 27 11:36:23 MainVPS sshd[19231]: Failed password for root from 142.93.104.32 port 58974 ssh2 May 27 11:39:37 MainVPS sshd[22001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.104.32 user=root May 27 11:39:40 MainVPS sshd[22001]: Failed password for root from 142.93.104.32 port 56924 ssh2 May 27 11:43:06 MainVPS sshd[25274]: Invalid user test from 142.93.104.32 port 54890 ...	2020-05-27 18:05:31
142.93.104.32	attackspambots	Failed password for invalid user vpq from 142.93.104.32 port 49154 ssh2	2020-05-24 16:58:40
142.93.104.162	attackbotsspam	T: f2b 404 5x	2020-05-20 02:43:40
142.93.104.32	attack	May 13 09:34:04 legacy sshd[22287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.104.32 May 13 09:34:06 legacy sshd[22287]: Failed password for invalid user user from 142.93.104.32 port 45318 ssh2 May 13 09:37:50 legacy sshd[22404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.104.32 ...	2020-05-13 16:03:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.104.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26276
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.104.142.			IN	A

;; AUTHORITY SECTION:
.			536	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022900 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 01 03:39:22 CST 2020
;; MSG SIZE  rcvd: 118

Host info

142.104.93.142.in-addr.arpa domain name pointer min-extra-grab-416-de-prod.binaryedge.ninja.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.104.93.142.in-addr.arpa	name = min-extra-grab-416-de-prod.binaryedge.ninja.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.163	attack	Sep 4 03:55:07 firewall sshd[2984]: Failed password for root from 222.186.175.163 port 53348 ssh2 Sep 4 03:55:10 firewall sshd[2984]: Failed password for root from 222.186.175.163 port 53348 ssh2 Sep 4 03:55:13 firewall sshd[2984]: Failed password for root from 222.186.175.163 port 53348 ssh2 ...	2020-09-04 15:02:52
103.81.154.88	attackspambots	Sep 3 18:48:00 mellenthin postfix/smtpd[19006]: NOQUEUE: reject: RCPT from unknown[103.81.154.88]: 554 5.7.1 Service unavailable; Client host [103.81.154.88] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/103.81.154.88; from= to= proto=ESMTP helo=<[103.81.154.122]>	2020-09-04 14:55:40
114.35.32.167	attackspambots	Port probing on unauthorized port 23	2020-09-04 15:15:32
189.234.178.212	attack	20/9/3@12:48:14: FAIL: Alarm-Network address from=189.234.178.212 20/9/3@12:48:14: FAIL: Alarm-Network address from=189.234.178.212 20/9/3@12:48:14: FAIL: Alarm-Network address from=189.234.178.212 ...	2020-09-04 14:40:30
197.50.232.198	attackspam	20/9/3@12:47:44: FAIL: Alarm-Network address from=197.50.232.198 ...	2020-09-04 15:06:10
188.226.167.212	attack	$f2bV_matches	2020-09-04 15:16:35
139.199.10.43	attackspam	TCP (SYN) 139.199.10.43:56883 -> port 445, len 44	2020-09-04 15:13:58
204.48.20.244	attackbotsspam	Invalid user leon from 204.48.20.244 port 44680	2020-09-04 14:38:32
112.85.42.73	attack	Sep 4 08:55:51 vps647732 sshd[20604]: Failed password for root from 112.85.42.73 port 43962 ssh2 ...	2020-09-04 15:08:36
45.79.122.36	attackspam	Lines containing failures of 45.79.122.36 Sep 2 01:16:36 metroid sshd[31387]: Invalid user px from 45.79.122.36 port 33474 Sep 2 01:16:36 metroid sshd[31387]: Received disconnect from 45.79.122.36 port 33474:11: Bye Bye [preauth] Sep 2 01:16:36 metroid sshd[31387]: Disconnected from invalid user px 45.79.122.36 port 33474 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.79.122.36	2020-09-04 14:36:39
201.249.13.77	attack	Port probing on unauthorized port 445	2020-09-04 14:59:05
54.145.46.204	attackspambots	SMTP Screen: 54.145.46.204 (United States): tried sending to 6 unknown recipients	2020-09-04 15:02:35
144.217.12.194	attackspambots	Invalid user tomcat from 144.217.12.194 port 44462	2020-09-04 14:56:30
124.172.152.184	attackbots	21 attempts against mh-misbehave-ban on glow	2020-09-04 15:07:28
105.235.135.204	attack	Sep 3 18:48:21 mellenthin postfix/smtpd[20928]: NOQUEUE: reject: RCPT from unknown[105.235.135.204]: 554 5.7.1 Service unavailable; Client host [105.235.135.204] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/105.235.135.204; from= to= proto=ESMTP helo=<[105.235.135.204]>	2020-09-04 14:36:07

Recently Reported IPs

70.234.3.212	69.10.108.190	61.227.6.179	59.126.55.105
88.213.97.223	59.2.0.69	58.71.210.64	82.71.245.95
161.209.151.103	46.200.17.140	37.181.226.227	45.83.65.115
188.255.161.222	45.83.65.103	182.103.229.201	42.232.100.134
187.116.121.254	39.72.78.114	184.16.146.105	37.6.109.37