142.93.149.226

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorised access (Mar 5) SRC=142.93.149.226 LEN=40 TTL=48 ID=9153 TCP DPT=8080 WINDOW=17229 SYN Unauthorised access (Mar 4) SRC=142.93.149.226 LEN=40 TTL=48 ID=10114 TCP DPT=8080 WINDOW=17229 SYN Unauthorised access (Mar 3) SRC=142.93.149.226 LEN=40 TTL=48 ID=15698 TCP DPT=8080 WINDOW=4314 SYN	2020-03-06 01:41:55
attack	Unauthorized connection attempt detected from IP address 142.93.149.226 to port 23 [J]	2020-03-02 17:39:50

Type

Details

Datetime

attackspambots

Unauthorised access (Mar  5) SRC=142.93.149.226 LEN=40 TTL=48 ID=9153 TCP DPT=8080 WINDOW=17229 SYN 
Unauthorised access (Mar  4) SRC=142.93.149.226 LEN=40 TTL=48 ID=10114 TCP DPT=8080 WINDOW=17229 SYN 
Unauthorised access (Mar  3) SRC=142.93.149.226 LEN=40 TTL=48 ID=15698 TCP DPT=8080 WINDOW=4314 SYN

2020-03-06 01:41:55

attack

Unauthorized connection attempt detected from IP address 142.93.149.226 to port 23 [J]

2020-03-02 17:39:50

Comments on same subnet:

IP	Type	Details	Datetime
142.93.149.57	attack	TCP (SYN) 142.93.149.57:39570 -> port 8080, len 44	2020-08-28 16:17:34
142.93.149.57	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: do-prod-us-north-clients-0106-9.do.binaryedge.ninja.	2020-08-11 08:50:11
142.93.149.34	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-10-17 19:19:24
142.93.149.34	attackbots	142.93.149.34 - - [02/Oct/2019:18:41:06 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.149.34 - - [02/Oct/2019:18:41:08 +0200] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.149.34 - - [02/Oct/2019:18:41:09 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.149.34 - - [02/Oct/2019:18:41:10 +0200] "POST /wp-login.php HTTP/1.1" 200 1684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.149.34 - - [02/Oct/2019:18:41:13 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.149.34 - - [02/Oct/2019:18:41:13 +0200] "POST /wp-login.php HTTP/1.1" 200 1688 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-03 04:18:13
142.93.149.34	attackspambots	ft-1848-basketball.de 142.93.149.34 \[27/Sep/2019:05:51:28 +0200\] "POST /wp-login.php HTTP/1.1" 200 2165 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ft-1848-basketball.de 142.93.149.34 \[27/Sep/2019:05:51:29 +0200\] "POST /wp-login.php HTTP/1.1" 200 2136 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-09-27 15:47:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.149.226
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 195
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.149.226.			IN	A

;; AUTHORITY SECTION:
.			405	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030200 1800 900 604800 86400

;; Query time: 77 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 02 17:39:46 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 226.149.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 226.149.93.142.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.163.176.97	attack	Jul 4 23:30:56 tuxlinux sshd[34782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.163.176.97 user=root Jul 4 23:30:58 tuxlinux sshd[34782]: Failed password for root from 118.163.176.97 port 49510 ssh2 Jul 4 23:30:56 tuxlinux sshd[34782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.163.176.97 user=root Jul 4 23:30:58 tuxlinux sshd[34782]: Failed password for root from 118.163.176.97 port 49510 ssh2 Jul 4 23:42:53 tuxlinux sshd[38088]: Invalid user lll from 118.163.176.97 port 33672 ...	2020-07-05 05:45:51
185.220.101.205	attackspam	Jul 4 22:27:38 mail webmin[14993]: Invalid login as root from 185.220.101.205 Jul 4 22:27:41 mail webmin[14998]: Non-existent login as admin from 185.220.101.205 Jul 4 22:27:48 mail webmin[15001]: Invalid login as root from 185.220.101.205 ...	2020-07-05 05:41:57
106.51.76.115	attackspam	Jul 4 14:39:27 dignus sshd[26479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.76.115 Jul 4 14:39:29 dignus sshd[26479]: Failed password for invalid user jingxin from 106.51.76.115 port 28246 ssh2 Jul 4 14:42:41 dignus sshd[26790]: Invalid user oracle from 106.51.76.115 port 54845 Jul 4 14:42:41 dignus sshd[26790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.76.115 Jul 4 14:42:43 dignus sshd[26790]: Failed password for invalid user oracle from 106.51.76.115 port 54845 ssh2 ...	2020-07-05 05:55:13
222.186.175.151	attack	Jul 4 23:30:33 abendstille sshd\[25649\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.151 user=root Jul 4 23:30:35 abendstille sshd\[25649\]: Failed password for root from 222.186.175.151 port 11650 ssh2 Jul 4 23:30:46 abendstille sshd\[25802\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.151 user=root Jul 4 23:30:46 abendstille sshd\[25649\]: Failed password for root from 222.186.175.151 port 11650 ssh2 Jul 4 23:30:47 abendstille sshd\[25802\]: Failed password for root from 222.186.175.151 port 35134 ssh2 ...	2020-07-05 05:39:41
186.225.102.58	attack	Jul 4 21:39:21 124388 sshd[14438]: Invalid user yutianyu from 186.225.102.58 port 31714 Jul 4 21:39:21 124388 sshd[14438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.225.102.58 Jul 4 21:39:21 124388 sshd[14438]: Invalid user yutianyu from 186.225.102.58 port 31714 Jul 4 21:39:23 124388 sshd[14438]: Failed password for invalid user yutianyu from 186.225.102.58 port 31714 ssh2 Jul 4 21:42:48 124388 sshd[14603]: Invalid user lixuan from 186.225.102.58 port 33358	2020-07-05 05:49:26
222.186.175.217	attackspam	Jul 4 23:42:29 ns381471 sshd[21376]: Failed password for root from 222.186.175.217 port 23848 ssh2 Jul 4 23:42:42 ns381471 sshd[21376]: error: maximum authentication attempts exceeded for root from 222.186.175.217 port 23848 ssh2 [preauth]	2020-07-05 05:55:46
185.176.27.254	attackbots	07/04/2020-17:42:40.423440 185.176.27.254 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-07-05 05:49:44
101.89.150.171	attackspam	Jul 5 00:15:32 journals sshd\[72650\]: Invalid user scpuser from 101.89.150.171 Jul 5 00:15:32 journals sshd\[72650\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.150.171 Jul 5 00:15:34 journals sshd\[72650\]: Failed password for invalid user scpuser from 101.89.150.171 port 44042 ssh2 Jul 5 00:18:39 journals sshd\[72925\]: Invalid user olimex from 101.89.150.171 Jul 5 00:18:39 journals sshd\[72925\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.150.171 ...	2020-07-05 05:32:14
218.92.0.251	attackspam	Jul 4 23:42:39 vm1 sshd[3340]: Failed password for root from 218.92.0.251 port 55986 ssh2 Jul 4 23:42:52 vm1 sshd[3340]: error: maximum authentication attempts exceeded for root from 218.92.0.251 port 55986 ssh2 [preauth] ...	2020-07-05 05:46:37
190.113.142.197	attackspam	Brute force attempt	2020-07-05 05:44:01
35.189.172.158	attack	SSH Invalid Login	2020-07-05 05:49:05
197.42.152.164	attack	20/7/4@16:27:51: FAIL: Alarm-Network address from=197.42.152.164 ...	2020-07-05 05:36:17
18.162.229.31	attack	18.162.229.31 - - [04/Jul/2020:23:03:35 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15185 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 18.162.229.31 - - [04/Jul/2020:23:25:39 +0200] "POST /xmlrpc.php HTTP/1.1" 403 10516 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-05 05:40:10
61.191.55.33	attackbotsspam	SSH Invalid Login	2020-07-05 05:47:03
80.211.128.151	attack	Jul 4 23:38:17 nextcloud sshd\[32235\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.128.151 user=root Jul 4 23:38:19 nextcloud sshd\[32235\]: Failed password for root from 80.211.128.151 port 39360 ssh2 Jul 4 23:42:29 nextcloud sshd\[5134\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.128.151 user=root	2020-07-05 05:57:08

Recently Reported IPs

101.231.210.34	110.80.153.241	182.161.47.171	50.188.174.253
109.124.166.180	204.8.251.124	98.235.78.187	54.96.40.131
97.12.95.63	89.238.186.98	65.208.200.39	122.15.239.235
43.80.110.66	23.162.232.255	51.91.114.71	106.47.40.168
212.221.222.181	72.99.104.105	62.143.168.223	106.1.148.27