City: unknown
Region: unknown
Country: unknown
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 142.93.240.62 | spamattack | PHISHING AND SPAM ATTACK FROM "Important Notification - newsletter@app.ksinergy.biz - " : SUBJECT "Congrats! Open Immediately! " : RECEIVED "from mail-02.ksinergy.biz ([142.93.240.62]:39126) " : DATE/TIMESENT "Mon, 01 Mar 2021 10:14:52 ": IP ADDRESS "inetnum: 142.93.0.0 - 142.93.255.255 OrgName: DigitalOcean, LLC |
2021-03-01 08:16:37 |
| 142.93.240.62 | spamattack | PHISHING AND SPAM ATTACK FROM "Casino For You - newsletter@app.ksinergy.biz -" : SUBJECT "Join today and receive an amazing welcome bonus " : RECEIVED "from mail-02.ksinergy.biz ([142.93.240.62]:57421) " : DATE/TIMESENT "Tue, 23 Feb 2021 01:27:07 " |
2021-02-23 04:32:24 |
| 142.93.212.91 | attackbotsspam | SSH BruteForce Attack |
2020-10-13 01:56:49 |
| 142.93.237.57 | attack | Multiport scan 2 ports : 1583 27080 |
2020-10-12 21:16:28 |
| 142.93.212.91 | attack | Oct 12 10:23:09 localhost sshd\[19098\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.212.91 user=root Oct 12 10:23:11 localhost sshd\[19098\]: Failed password for root from 142.93.212.91 port 59394 ssh2 Oct 12 10:27:27 localhost sshd\[19552\]: Invalid user sanjeev from 142.93.212.91 Oct 12 10:27:27 localhost sshd\[19552\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.212.91 Oct 12 10:27:29 localhost sshd\[19552\]: Failed password for invalid user sanjeev from 142.93.212.91 port 36984 ssh2 ... |
2020-10-12 17:20:25 |
| 142.93.237.57 | attack | 1089/tcp 5984/tcp [2020-10-11]2pkt |
2020-10-12 12:46:46 |
| 142.93.211.36 | attackspambots | Oct 12 00:25:27 *hidden* sshd[869]: Failed password for *hidden* from 142.93.211.36 port 56534 ssh2 Oct 12 00:28:28 *hidden* sshd[1320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.36 user=root Oct 12 00:28:30 *hidden* sshd[1320]: Failed password for *hidden* from 142.93.211.36 port 40212 ssh2 |
2020-10-12 07:11:11 |
| 142.93.209.251 | attackbotsspam | Oct 11 22:07:55 v2202009116398126984 sshd[2515868]: Invalid user elke from 142.93.209.251 port 44534 ... |
2020-10-12 06:24:15 |
| 142.93.223.118 | attackspam | SSH login attempts. |
2020-10-12 04:12:31 |
| 142.93.211.36 | attackspam | Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF) |
2020-10-11 23:23:00 |
| 142.93.209.251 | attack | Oct 11 16:26:57 sso sshd[30604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.209.251 Oct 11 16:26:59 sso sshd[30604]: Failed password for invalid user chris from 142.93.209.251 port 59794 ssh2 ... |
2020-10-11 22:34:31 |
| 142.93.223.118 | attackspam | SSH login attempts. |
2020-10-11 20:11:30 |
| 142.93.211.36 | attack | Fail2Ban |
2020-10-11 15:21:45 |
| 142.93.209.251 | attackbots | (sshd) Failed SSH login from 142.93.209.251 (IN/India/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 00:54:24 optimus sshd[28004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.209.251 user=root Oct 11 00:54:27 optimus sshd[28004]: Failed password for root from 142.93.209.251 port 54930 ssh2 Oct 11 01:19:11 optimus sshd[6951]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.209.251 user=root Oct 11 01:19:13 optimus sshd[6951]: Failed password for root from 142.93.209.251 port 56072 ssh2 Oct 11 01:24:49 optimus sshd[11852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.209.251 user=root |
2020-10-11 14:29:57 |
| 142.93.223.118 | attackspam | 2020-10-11T07:03:53.476597lavrinenko.info sshd[19701]: Failed password for root from 142.93.223.118 port 55582 ssh2 2020-10-11T07:07:58.292860lavrinenko.info sshd[19798]: Invalid user next from 142.93.223.118 port 33376 2020-10-11T07:07:58.302917lavrinenko.info sshd[19798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.223.118 2020-10-11T07:07:58.292860lavrinenko.info sshd[19798]: Invalid user next from 142.93.223.118 port 33376 2020-10-11T07:08:00.553715lavrinenko.info sshd[19798]: Failed password for invalid user next from 142.93.223.118 port 33376 ssh2 ... |
2020-10-11 12:10:33 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.2.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 320
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;142.93.2.12. IN A
;; AUTHORITY SECTION:
. 186 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400
;; Query time: 84 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 09:44:54 CST 2022
;; MSG SIZE rcvd: 104
Host 12.2.93.142.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 12.2.93.142.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 31.199.193.162 | attack | Failed password for root from 31.199.193.162 port 15409 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.199.193.162 user=root Failed password for root from 31.199.193.162 port 60503 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.199.193.162 user=root Failed password for root from 31.199.193.162 port 1161 ssh2 |
2020-03-12 17:54:58 |
| 139.255.250.20 | attackspambots | Unauthorized connection attempt detected from IP address 139.255.250.20 to port 445 |
2020-03-12 18:12:41 |
| 192.184.46.235 | attack | 20/3/11@23:48:09: FAIL: Alarm-Intrusion address from=192.184.46.235 ... |
2020-03-12 18:30:18 |
| 192.241.213.213 | attackbotsspam | firewall-block, port(s): 8091/tcp |
2020-03-12 18:16:45 |
| 123.24.206.251 | attackspambots | Invalid user admin from 123.24.206.251 port 51780 |
2020-03-12 18:23:47 |
| 45.133.99.2 | attack | Mar 12 11:06:25 mailserver postfix/smtps/smtpd[85338]: connect from unknown[45.133.99.2] Mar 12 11:06:31 mailserver dovecot: auth-worker(85314): sql([hidden],45.133.99.2): unknown user Mar 12 11:06:33 mailserver postfix/smtps/smtpd[85338]: warning: unknown[45.133.99.2]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 12 11:06:33 mailserver postfix/smtps/smtpd[85338]: lost connection after AUTH from unknown[45.133.99.2] Mar 12 11:06:33 mailserver postfix/smtps/smtpd[85338]: disconnect from unknown[45.133.99.2] Mar 12 11:06:33 mailserver postfix/smtps/smtpd[85338]: connect from unknown[45.133.99.2] Mar 12 11:06:41 mailserver postfix/smtps/smtpd[85350]: connect from unknown[45.133.99.2] Mar 12 11:06:42 mailserver postfix/smtps/smtpd[85338]: lost connection after AUTH from unknown[45.133.99.2] Mar 12 11:06:42 mailserver postfix/smtps/smtpd[85338]: disconnect from unknown[45.133.99.2] Mar 12 11:06:48 mailserver dovecot: auth-worker(85314): sql(gyroy,45.133.99.2): unknown user |
2020-03-12 18:09:08 |
| 190.85.34.142 | attack | 2020-03-12T01:08:32.768035linuxbox-skyline sshd[54267]: Invalid user password123 from 190.85.34.142 port 54550 ... |
2020-03-12 18:27:31 |
| 123.235.36.26 | attack | Automatic report: SSH brute force attempt |
2020-03-12 18:08:09 |
| 89.40.114.6 | attackspam | Automatic report: SSH brute force attempt |
2020-03-12 18:14:01 |
| 37.9.47.121 | attackspam | B: zzZZzz blocked content access |
2020-03-12 18:19:42 |
| 213.171.216.60 | spam | MARRE de ces ORDURES et autres FILS de PUTE genre SOUS MERDES capables de POLLUER STUPIDEMENT pour ne pas dire CONNEMENT la Planète par des POURRIELS INUTILES sur des listes VOLÉES on ne sait où et SANS notre accord ! X-Originating-IP: [213.171.216.60] Received: from 10.200.77.176 (EHLO smtp.livemail.co.uk) (213.171.216.60) by mta1047.mail.ir2.yahoo.com with SMTPS; Received: from mvtp (unknown [188.162.198.188]) (Authenticated sender: web@keepfitwithkelly.co.uk) by smtp.livemail.co.uk (Postfix) with ESMTPSA id EB0D52805CD; Message-ID: <0d619dcec5ee3b3711a41241b573595531f1e6ff@keepfitwithkelly.co.uk> Reply-To: Jennifer From: Jennifer keepfitwithkelly.co.uk (FALSE EMPTY Web Site to STOP to host and destroiy IP and access keys !)>fasthosts.co.uk keepfitwithkelly.co.uk>88.208.252.239 88.208.252.239>fasthosts.co.uk https://www.mywot.com/scorecard/keepfitwithkelly.co.uk https://www.mywot.com/scorecard/fasthosts.co.uk https://en.asytech.cn/check-ip/88.208.252.239 ortaggi.co.uk>one.com>joker.com one.com>195.47.247.9 joker.com>194.245.148.200 194.245.148.200>nrw.net which resend to csl.de nrw.net>joker.com csl.de>nrw.net https://www.mywot.com/scorecard/one.com https://www.mywot.com/scorecard/joker.com https://www.mywot.com/scorecard/nrw.net https://www.mywot.com/scorecard/csl.de https://en.asytech.cn/check-ip/195.47.247.9 https://en.asytech.cn/check-ip/194.245.148.200 which send to : https://honeychicksfinder.com/pnguakzjfkmgrtk%3Ft%3Dshh&sa=D&sntz=1&usg=AFQjCNGvyrBCDGwYkoLXFlDkbYHNh0OsYg honeychicksfinder.com>gdpr-masked.com honeychicksfinder.com>104.27.137.81 gdpr-masked.com>endurance.com AGAIN... https://www.mywot.com/scorecard/honeychicksfinder.com https://www.mywot.com/scorecard/gdpr-masked.com https://www.mywot.com/scorecard/endurance.com https://en.asytech.cn/check-ip/104.27.137.81 |
2020-03-12 18:21:42 |
| 176.119.141.79 | attack | B: Magento admin pass test (wrong country) |
2020-03-12 18:19:23 |
| 192.241.235.28 | attack | Port 5903 scan denied |
2020-03-12 18:34:45 |
| 185.85.238.244 | attackbots | WordPress login Brute force / Web App Attack on client site. |
2020-03-12 18:32:20 |
| 14.244.74.252 | attack | Unauthorized connection attempt detected from IP address 14.244.74.252 to port 445 |
2020-03-12 17:55:38 |