City: unknown
Region: unknown
Country: United States
Internet Service Provider: DigitalOcean LLC
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attack | detected by Fail2Ban |
2019-10-02 19:10:38 |
| attackspam | 2019-08-18T18:07:19.968877WS-Zach sshd[18293]: User root from 142.93.168.48 not allowed because none of user's groups are listed in AllowGroups 2019-08-18T18:07:19.980143WS-Zach sshd[18293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.168.48 user=root 2019-08-18T18:07:19.968877WS-Zach sshd[18293]: User root from 142.93.168.48 not allowed because none of user's groups are listed in AllowGroups 2019-08-18T18:07:22.068788WS-Zach sshd[18293]: Failed password for invalid user root from 142.93.168.48 port 38097 ssh2 2019-08-18T18:07:19.980143WS-Zach sshd[18293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.168.48 user=root 2019-08-18T18:07:19.968877WS-Zach sshd[18293]: User root from 142.93.168.48 not allowed because none of user's groups are listed in AllowGroups 2019-08-18T18:07:22.068788WS-Zach sshd[18293]: Failed password for invalid user root from 142.93.168.48 port 38097 ssh2 2019-08-18T18:07:24.897184WS-Zac |
2019-08-19 10:55:15 |
| attackspambots | 2019-07-08T14:33:34.760666WS-Zach sshd[11201]: Invalid user 666666 from 142.93.168.48 port 32909 2019-07-08T14:33:34.762543WS-Zach sshd[11201]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.168.48 2019-07-08T14:33:34.760666WS-Zach sshd[11201]: Invalid user 666666 from 142.93.168.48 port 32909 2019-07-08T14:33:37.044152WS-Zach sshd[11201]: Failed password for invalid user 666666 from 142.93.168.48 port 32909 ssh2 2019-07-08T14:33:42.274202WS-Zach sshd[11274]: Invalid user 888888 from 142.93.168.48 port 35281 ... |
2019-07-09 09:29:51 |
| attackbots | Brute force attempt |
2019-07-03 05:13:51 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 142.93.168.126 | attackspambots | [N10.H2.VM2] Port Scanner Detected Blocked by UFW |
2020-08-30 13:24:35 |
| 142.93.168.126 | attackbots | Port scan: Attack repeated for 24 hours |
2020-08-22 21:38:29 |
| 142.93.168.126 | attackbots | Port scan: Attack repeated for 24 hours |
2020-08-13 03:58:16 |
| 142.93.168.126 | attack | Port scan: Attack repeated for 24 hours |
2020-07-31 20:21:04 |
| 142.93.168.126 | attack | trying to access non-authorized port |
2020-05-28 05:35:41 |
| 142.93.168.126 | attackbots | Fail2Ban Ban Triggered |
2020-05-27 20:48:46 |
| 142.93.168.216 | attack | Honeypot attack, port: 5555, PTR: PTR record not found |
2020-05-07 12:59:51 |
| 142.93.168.126 | attack | 05/04/2020-21:10:47.895984 142.93.168.126 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-05-05 11:21:51 |
| 142.93.168.126 | attack | 12052/tcp 891/tcp 2587/tcp... [2020-04-13/05-03]67pkt,24pt.(tcp) |
2020-05-04 08:33:35 |
| 142.93.168.126 | attackbots | Port scan(s) denied |
2020-05-02 18:10:13 |
| 142.93.168.126 | attackspam | scans 2 times in preceeding hours on the ports (in chronological order) 32190 32190 |
2020-04-25 21:04:52 |
| 142.93.168.126 | attackbotsspam | ... |
2020-02-02 04:00:15 |
| 142.93.168.203 | attackspam | Automatic report - Web App Attack |
2019-06-30 11:29:28 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.168.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64273
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.168.48. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019070201 1800 900 604800 86400
;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 03 05:13:45 CST 2019
;; MSG SIZE rcvd: 11748.168.93.142.in-addr.arpa domain name pointer anonymouse.tor.nerds-r-us.net.Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
48.168.93.142.in-addr.arpa name = anonymouse.tor.nerds-r-us.net.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 120.92.50.55 | attack | SSH bruteforce |
2020-03-20 17:35:39 |
| 117.69.30.228 | attack | Email spam message |
2020-03-20 17:59:24 |
| 175.5.55.34 | attackbotsspam | Automatic report - Port Scan Attack |
2020-03-20 17:48:31 |
| 222.186.180.223 | attackbotsspam | Mar 20 15:24:57 areeb-Workstation sshd[23609]: Failed password for root from 222.186.180.223 port 28478 ssh2 Mar 20 15:25:02 areeb-Workstation sshd[23609]: Failed password for root from 222.186.180.223 port 28478 ssh2 ... |
2020-03-20 17:56:32 |
| 123.155.154.204 | attackspam | Mar 20 10:11:54 lnxded63 sshd[13103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.155.154.204 Mar 20 10:11:54 lnxded63 sshd[13103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.155.154.204 Mar 20 10:11:56 lnxded63 sshd[13103]: Failed password for invalid user cpanelconnecttrack from 123.155.154.204 port 56092 ssh2 |
2020-03-20 17:32:38 |
| 209.17.97.58 | attackspambots | firewall-block, port(s): 4443/tcp |
2020-03-20 17:57:52 |
| 115.68.220.10 | attack | $f2bV_matches |
2020-03-20 17:47:53 |
| 27.72.50.119 | attackspam | Unauthorised access (Mar 20) SRC=27.72.50.119 LEN=52 TTL=110 ID=2334 DF TCP DPT=445 WINDOW=8192 SYN |
2020-03-20 18:01:27 |
| 167.71.255.100 | attack | DATE:2020-03-20 04:54:30, IP:167.71.255.100, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc) |
2020-03-20 17:41:52 |
| 73.57.8.235 | attackbotsspam | SSH authentication failure x 6 reported by Fail2Ban ... |
2020-03-20 17:27:48 |
| 78.157.209.196 | attackspam | SSH brutforce |
2020-03-20 18:08:28 |
| 159.203.73.181 | attackspam | Mar 20 10:44:59 cp sshd[5229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.73.181 Mar 20 10:44:59 cp sshd[5229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.73.181 |
2020-03-20 17:58:50 |
| 142.112.87.158 | attackbots | Mar 20 04:03:42 ns392434 sshd[946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.112.87.158 user=root Mar 20 04:03:44 ns392434 sshd[946]: Failed password for root from 142.112.87.158 port 59608 ssh2 Mar 20 04:38:32 ns392434 sshd[1762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.112.87.158 user=root Mar 20 04:38:33 ns392434 sshd[1762]: Failed password for root from 142.112.87.158 port 35988 ssh2 Mar 20 04:49:53 ns392434 sshd[2219]: Invalid user lishanbin from 142.112.87.158 port 33290 Mar 20 04:49:53 ns392434 sshd[2219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.112.87.158 Mar 20 04:49:53 ns392434 sshd[2219]: Invalid user lishanbin from 142.112.87.158 port 33290 Mar 20 04:49:55 ns392434 sshd[2219]: Failed password for invalid user lishanbin from 142.112.87.158 port 33290 ssh2 Mar 20 05:01:21 ns392434 sshd[2491]: Invalid user weixin from 142.112.87.158 port 58836 |
2020-03-20 17:23:16 |
| 42.3.51.30 | attackspam | 2020-03-19 UTC: (30x) - cpaneleximfilter,diego,info,infusion-stoked,lusifen,mysql,odoo,root(21x),ubuntu,xulei |
2020-03-20 17:55:10 |
| 14.247.150.218 | attackspam | attempting port 139 and 445 connections on honeypot IPs |
2020-03-20 18:04:37 |