142.93.143.85 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Trolling for resource vulnerabilities	2020-08-02 22:17:05
attackbots	142.93.143.85 - - [30/Jul/2020:12:29:59 +0200] "POST /xmlrpc.php HTTP/1.1" 403 21861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.143.85 - - [30/Jul/2020:12:46:22 +0200] "POST /xmlrpc.php HTTP/1.1" 403 31 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-30 19:09:59
attack	142.93.143.85 - - [11/Jul/2020:15:50:31 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.143.85 - - [11/Jul/2020:15:50:31 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.143.85 - - [11/Jul/2020:15:50:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-11 22:01:26
attackspambots	142.93.143.85 has been banned for [WebApp Attack] ...	2020-07-05 16:37:18
attackbots	142.93.143.85 - - [21/May/2020:05:55:31 +0200] "GET /wp-login.php HTTP/1.1" 200 6614 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.143.85 - - [21/May/2020:05:55:33 +0200] "POST /wp-login.php HTTP/1.1" 200 6865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.143.85 - - [21/May/2020:05:55:34 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-21 15:02:52

Comments on same subnet:

IP	Type	Details	Datetime
142.93.143.112	attack	Unauthorized connection attempt detected from IP address 142.93.143.112 to port 8278	2020-05-13 02:47:27
142.93.143.112	attackspambots	Port scan(s) denied	2020-05-01 22:04:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.143.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58795
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.143.85.			IN	A

;; AUTHORITY SECTION:
.			435	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052101 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 21 15:02:49 CST 2020
;; MSG SIZE  rcvd: 117

Host info

85.143.93.142.in-addr.arpa domain name pointer my.kendara.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
85.143.93.142.in-addr.arpa	name = my.kendara.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
200.6.188.38	attackbotsspam	Jul 1 05:55:20 vps65 sshd\[32213\]: Invalid user apache from 200.6.188.38 port 1465 Jul 1 05:55:20 vps65 sshd\[32213\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.6.188.38 ...	2019-07-01 14:50:19
170.24.97.219	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-01 03:25:43,062 INFO [amun_request_handler] PortScan Detected on Port: 445 (170.24.97.219)	2019-07-01 14:40:17
195.56.253.49	attackspam	Jul 1 05:55:40 ns3367391 sshd\[11902\]: Invalid user catego from 195.56.253.49 port 47538 Jul 1 05:55:40 ns3367391 sshd\[11902\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.56.253.49 ...	2019-07-01 14:39:06
79.103.67.167	attack	Jul 1 06:22:33 hermes dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 3 secs$: user=\, method=PLAIN, rip=79.103.67.167, lip=172.104.235.62, session=\ Jul 1 06:39:42 hermes dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 4 secs$: user=\, method=PLAIN, rip=79.103.67.167, lip=172.104.235.62, session=\ Jul 1 06:55:07 hermes dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 4 secs$: user=\, method=PLAIN, rip=79.103.67.167, lip=172.104.235.62, session=\<22XTl5aMrsFPZ0On\> ...	2019-07-01 14:57:21
222.186.52.123	attackspambots	Jul 1 08:47:46 fr01 sshd[23099]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.123 user=root Jul 1 08:47:48 fr01 sshd[23099]: Failed password for root from 222.186.52.123 port 20765 ssh2 Jul 1 08:47:55 fr01 sshd[23141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.123 user=root Jul 1 08:47:56 fr01 sshd[23141]: Failed password for root from 222.186.52.123 port 28254 ssh2 Jul 1 08:48:06 fr01 sshd[23143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.123 user=root Jul 1 08:48:08 fr01 sshd[23143]: Failed password for root from 222.186.52.123 port 35498 ssh2 ...	2019-07-01 15:22:27
213.170.247.117	attackbotsspam	TCP port 8080 (HTTP) attempt blocked by firewall. [2019-07-01 05:54:20]	2019-07-01 14:35:36
190.128.122.222	attack	ET EXPLOIT Netgear DGN Remote Command Execution	2019-07-01 15:07:15
182.75.201.82	attackbots	Fail2Ban Ban Triggered	2019-07-01 15:03:42
110.249.212.46	attack	port scan and connect, tcp 80 (http)	2019-07-01 14:20:35
201.28.212.146	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-01 02:54:01,767 INFO [amun_request_handler] PortSc] PortScan Detected on Port: 445 (201.28.212.146)	2019-07-01 14:58:20
191.53.52.181	attackspambots	$f2bV_matches	2019-07-01 15:23:42
51.77.213.181	attackspam	ssh failed login	2019-07-01 15:16:31
104.248.255.118	attack	SSH Brute Force	2019-07-01 15:25:11
51.38.129.120	attack	$f2bV_matches	2019-07-01 14:47:37
103.127.28.144	attackspam	Jul 1 08:18:08 nginx sshd[4603]: Invalid user hadoop from 103.127.28.144 Jul 1 08:18:08 nginx sshd[4603]: Received disconnect from 103.127.28.144 port 59222:11: Normal Shutdown, Thank you for playing [preauth]	2019-07-01 14:57:41

Recently Reported IPs

192.144.239.87	171.234.179.203	40.114.108.93	49.233.33.118
73.243.18.6	32.152.208.170	86.135.90.231	129.226.74.89
109.255.185.65	113.255.76.253	87.98.182.93	217.182.64.45
230.243.107.203	117.0.155.147	92.173.57.122	101.148.36.165
255.200.153.22	93.170.52.199	207.60.95.92	116.255.131.142