City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 142.93.149.57 | attack |
|
2020-08-28 16:17:34 |
| 142.93.149.57 | attack | SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: do-prod-us-north-clients-0106-9.do.binaryedge.ninja. |
2020-08-11 08:50:11 |
| 142.93.149.226 | attackspambots | Unauthorised access (Mar 5) SRC=142.93.149.226 LEN=40 TTL=48 ID=9153 TCP DPT=8080 WINDOW=17229 SYN Unauthorised access (Mar 4) SRC=142.93.149.226 LEN=40 TTL=48 ID=10114 TCP DPT=8080 WINDOW=17229 SYN Unauthorised access (Mar 3) SRC=142.93.149.226 LEN=40 TTL=48 ID=15698 TCP DPT=8080 WINDOW=4314 SYN |
2020-03-06 01:41:55 |
| 142.93.149.226 | attack | Unauthorized connection attempt detected from IP address 142.93.149.226 to port 23 [J] |
2020-03-02 17:39:50 |
| 142.93.149.34 | attackbots | WordPress login Brute force / Web App Attack on client site. |
2019-10-17 19:19:24 |
| 142.93.149.34 | attackbots | 142.93.149.34 - - [02/Oct/2019:18:41:06 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.149.34 - - [02/Oct/2019:18:41:08 +0200] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.149.34 - - [02/Oct/2019:18:41:09 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.149.34 - - [02/Oct/2019:18:41:10 +0200] "POST /wp-login.php HTTP/1.1" 200 1684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.149.34 - - [02/Oct/2019:18:41:13 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.149.34 - - [02/Oct/2019:18:41:13 +0200] "POST /wp-login.php HTTP/1.1" 200 1688 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2019-10-03 04:18:13 |
| 142.93.149.34 | attackspambots | ft-1848-basketball.de 142.93.149.34 \[27/Sep/2019:05:51:28 +0200\] "POST /wp-login.php HTTP/1.1" 200 2165 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ft-1848-basketball.de 142.93.149.34 \[27/Sep/2019:05:51:29 +0200\] "POST /wp-login.php HTTP/1.1" 200 2136 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-09-27 15:47:00 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.149.210
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22602
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;142.93.149.210. IN A
;; AUTHORITY SECTION:
. 504 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400
;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:23:31 CST 2022
;; MSG SIZE rcvd: 107210.149.93.142.in-addr.arpa domain name pointer elitedevelopments.ca-2021.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
210.149.93.142.in-addr.arpa name = elitedevelopments.ca-2021.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 222.186.169.192 | attackbotsspam | Apr 30 12:33:14 home sshd[30140]: Failed password for root from 222.186.169.192 port 48914 ssh2 Apr 30 12:33:27 home sshd[30140]: error: maximum authentication attempts exceeded for root from 222.186.169.192 port 48914 ssh2 [preauth] Apr 30 12:33:32 home sshd[30177]: Failed password for root from 222.186.169.192 port 51450 ssh2 ... |
2020-04-30 18:34:16 |
| 148.235.137.212 | attackspam | Apr 30 12:49:30 eventyay sshd[20731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.235.137.212 Apr 30 12:49:31 eventyay sshd[20731]: Failed password for invalid user leslie from 148.235.137.212 port 43930 ssh2 Apr 30 12:54:19 eventyay sshd[20882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.235.137.212 ... |
2020-04-30 19:03:30 |
| 125.122.171.206 | attack | lfd: (smtpauth) Failed SMTP AUTH login from 125.122.171.206 (-): 5 in the last 3600 secs - Sat Jun 2 23:55:45 2018 |
2020-04-30 18:43:11 |
| 183.230.154.121 | attackbotsspam | Brute force blocker - service: proftpd1 - aantal: 102 - Mon Jun 4 04:50:14 2018 |
2020-04-30 18:32:35 |
| 186.43.128.245 | attack | lfd: (smtpauth) Failed SMTP AUTH login from 186.43.128.245 (245.186-43-128.etapanet.net): 5 in the last 3600 secs - Sat Jun 2 13:33:47 2018 |
2020-04-30 18:55:58 |
| 206.189.149.9 | attackbots | Apr 30 09:40:29 ns392434 sshd[25686]: Invalid user admin from 206.189.149.9 port 39422 Apr 30 09:40:29 ns392434 sshd[25686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.149.9 Apr 30 09:40:29 ns392434 sshd[25686]: Invalid user admin from 206.189.149.9 port 39422 Apr 30 09:40:31 ns392434 sshd[25686]: Failed password for invalid user admin from 206.189.149.9 port 39422 ssh2 Apr 30 09:47:00 ns392434 sshd[26016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.149.9 user=root Apr 30 09:47:02 ns392434 sshd[26016]: Failed password for root from 206.189.149.9 port 60668 ssh2 Apr 30 09:52:20 ns392434 sshd[26208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.149.9 user=root Apr 30 09:52:22 ns392434 sshd[26208]: Failed password for root from 206.189.149.9 port 41232 ssh2 Apr 30 09:57:31 ns392434 sshd[26393]: Invalid user nicholas from 206.189.149.9 port 50022 |
2020-04-30 18:49:48 |
| 178.128.150.158 | attack | web-1 [ssh] SSH Attack |
2020-04-30 19:03:13 |
| 125.118.148.109 | attack | lfd: (smtpauth) Failed SMTP AUTH login from 125.118.148.109 (-): 5 in the last 3600 secs - Sat Jun 2 23:59:36 2018 |
2020-04-30 18:41:48 |
| 115.96.64.36 | attack | [ThuApr3006:23:11.6855042020][:error][pid5784:tid47899155105536][client115.96.64.36:56053][client115.96.64.36]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchof"rx\^0\$"against"REQUEST_HEADERS:Content-Length"required.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"96"][id"392301"][rev"7"][msg"Atomicorp.comWAFRules:RequestContainingContent\,butMissingContent-Typeheader"][severity"NOTICE"][tag"no_ar"][hostname"127.0.0.1"][uri"/cgi-bin/mainfunction.cgi"][unique_id"XqpSrwyW5I9nI1GWNH4bNgAAABQ"][ThuApr3006:23:12.9248412020][:error][pid28575:tid47899159308032][client115.96.64.36:56149][client115.96.64.36]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchof"rx\^0\$"against"REQUEST_HEADERS:Content-Length"required.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"96"][id"392301"][rev"7"][msg"Atomicorp.comWAFRules:RequestContainingContent\,butMissingContent-Typeheader"][severity"NOTICE"][tag"no_ar"][hostname"127.0.0.1"][uri"/cg |
2020-04-30 18:44:31 |
| 42.100.34.113 | attackspambots | Brute force blocker - service: proftpd1 - aantal: 52 - Sat Jun 2 23:20:13 2018 |
2020-04-30 19:07:06 |
| 119.42.72.156 | attack | lfd: (smtpauth) Failed SMTP AUTH login from 119.42.72.156 (-): 5 in the last 3600 secs - Sat Jun 2 13:31:37 2018 |
2020-04-30 18:58:16 |
| 220.191.14.190 | attackbotsspam | lfd: (smtpauth) Failed SMTP AUTH login from 220.191.14.190 (190.14.191.220.broad.hz.zj.dynamic.163data.com.cn): 5 in the last 3600 secs - Sat Jun 2 08:22:33 2018 |
2020-04-30 19:02:10 |
| 54.37.71.235 | attackspambots | Invalid user an from 54.37.71.235 port 52609 |
2020-04-30 18:42:56 |
| 217.217.179.17 | attackbotsspam | lfd: (smtpauth) Failed SMTP AUTH login from 217.217.179.17 (ES/Spain/217.217.179.17.dyn.user.ono.com): 5 in the last 3600 secs - Sun Jun 3 15:42:49 2018 |
2020-04-30 18:31:44 |
| 51.254.32.102 | attackspam | This client attempted to login to an administrator account on a Website, or abused from another resource. |
2020-04-30 18:29:30 |