City: unknown
Region: unknown
Country: United States
Internet Service Provider: DigitalOcean LLC
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackbots | Nov 26 06:29:31 lnxweb62 sshd[5895]: Failed password for root from 142.93.2.63 port 58154 ssh2 Nov 26 06:29:31 lnxweb62 sshd[5895]: Failed password for root from 142.93.2.63 port 58154 ssh2 |
2019-11-26 13:39:42 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 142.93.240.62 | spamattack | PHISHING AND SPAM ATTACK FROM "Important Notification - newsletter@app.ksinergy.biz - " : SUBJECT "Congrats! Open Immediately! " : RECEIVED "from mail-02.ksinergy.biz ([142.93.240.62]:39126) " : DATE/TIMESENT "Mon, 01 Mar 2021 10:14:52 ": IP ADDRESS "inetnum: 142.93.0.0 - 142.93.255.255 OrgName: DigitalOcean, LLC |
2021-03-01 08:16:37 |
| 142.93.240.62 | spamattack | PHISHING AND SPAM ATTACK FROM "Casino For You - newsletter@app.ksinergy.biz -" : SUBJECT "Join today and receive an amazing welcome bonus " : RECEIVED "from mail-02.ksinergy.biz ([142.93.240.62]:57421) " : DATE/TIMESENT "Tue, 23 Feb 2021 01:27:07 " |
2021-02-23 04:32:24 |
| 142.93.212.91 | attackbotsspam | SSH BruteForce Attack |
2020-10-13 01:56:49 |
| 142.93.237.57 | attack | Multiport scan 2 ports : 1583 27080 |
2020-10-12 21:16:28 |
| 142.93.212.91 | attack | Oct 12 10:23:09 localhost sshd\[19098\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.212.91 user=root Oct 12 10:23:11 localhost sshd\[19098\]: Failed password for root from 142.93.212.91 port 59394 ssh2 Oct 12 10:27:27 localhost sshd\[19552\]: Invalid user sanjeev from 142.93.212.91 Oct 12 10:27:27 localhost sshd\[19552\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.212.91 Oct 12 10:27:29 localhost sshd\[19552\]: Failed password for invalid user sanjeev from 142.93.212.91 port 36984 ssh2 ... |
2020-10-12 17:20:25 |
| 142.93.237.57 | attack | 1089/tcp 5984/tcp [2020-10-11]2pkt |
2020-10-12 12:46:46 |
| 142.93.211.36 | attackspambots | Oct 12 00:25:27 *hidden* sshd[869]: Failed password for *hidden* from 142.93.211.36 port 56534 ssh2 Oct 12 00:28:28 *hidden* sshd[1320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.36 user=root Oct 12 00:28:30 *hidden* sshd[1320]: Failed password for *hidden* from 142.93.211.36 port 40212 ssh2 |
2020-10-12 07:11:11 |
| 142.93.209.251 | attackbotsspam | Oct 11 22:07:55 v2202009116398126984 sshd[2515868]: Invalid user elke from 142.93.209.251 port 44534 ... |
2020-10-12 06:24:15 |
| 142.93.223.118 | attackspam | SSH login attempts. |
2020-10-12 04:12:31 |
| 142.93.211.36 | attackspam | Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF) |
2020-10-11 23:23:00 |
| 142.93.209.251 | attack | Oct 11 16:26:57 sso sshd[30604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.209.251 Oct 11 16:26:59 sso sshd[30604]: Failed password for invalid user chris from 142.93.209.251 port 59794 ssh2 ... |
2020-10-11 22:34:31 |
| 142.93.223.118 | attackspam | SSH login attempts. |
2020-10-11 20:11:30 |
| 142.93.211.36 | attack | Fail2Ban |
2020-10-11 15:21:45 |
| 142.93.209.251 | attackbots | (sshd) Failed SSH login from 142.93.209.251 (IN/India/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 00:54:24 optimus sshd[28004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.209.251 user=root Oct 11 00:54:27 optimus sshd[28004]: Failed password for root from 142.93.209.251 port 54930 ssh2 Oct 11 01:19:11 optimus sshd[6951]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.209.251 user=root Oct 11 01:19:13 optimus sshd[6951]: Failed password for root from 142.93.209.251 port 56072 ssh2 Oct 11 01:24:49 optimus sshd[11852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.209.251 user=root |
2020-10-11 14:29:57 |
| 142.93.223.118 | attackspam | 2020-10-11T07:03:53.476597lavrinenko.info sshd[19701]: Failed password for root from 142.93.223.118 port 55582 ssh2 2020-10-11T07:07:58.292860lavrinenko.info sshd[19798]: Invalid user next from 142.93.223.118 port 33376 2020-10-11T07:07:58.302917lavrinenko.info sshd[19798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.223.118 2020-10-11T07:07:58.292860lavrinenko.info sshd[19798]: Invalid user next from 142.93.223.118 port 33376 2020-10-11T07:08:00.553715lavrinenko.info sshd[19798]: Failed password for invalid user next from 142.93.223.118 port 33376 ssh2 ... |
2020-10-11 12:10:33 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.2.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33273
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.2.63. IN A
;; AUTHORITY SECTION:
. 328 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019112501 1800 900 604800 86400
;; Query time: 869 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 26 13:39:36 CST 2019
;; MSG SIZE rcvd: 115
Host 63.2.93.142.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 63.2.93.142.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 176.43.188.232 | attackspambots | Splunk® : port scan detected: Jul 24 01:31:06 testbed kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:c0:42:d0:39:2c:30:08:00 SRC=176.43.188.232 DST=104.248.11.191 LEN=44 TOS=0x00 PREC=0x00 TTL=48 ID=8213 PROTO=TCP SPT=38105 DPT=60001 WINDOW=61873 RES=0x00 SYN URGP=0 |
2019-07-24 13:56:40 |
| 80.82.77.33 | attackspambots | Honeypot hit. |
2019-07-24 13:05:38 |
| 78.42.135.211 | attackbots | Jul 22 23:44:51 *** sshd[29146]: Failed password for invalid user anurag from 78.42.135.211 port 52176 ssh2 Jul 22 23:57:49 *** sshd[29165]: Failed password for invalid user tmp from 78.42.135.211 port 53638 ssh2 Jul 23 00:07:52 *** sshd[29271]: Failed password for invalid user git from 78.42.135.211 port 54600 ssh2 Jul 23 00:32:34 *** sshd[29463]: Failed password for invalid user test2 from 78.42.135.211 port 54480 ssh2 Jul 23 00:41:17 *** sshd[29560]: Failed password for invalid user toby from 78.42.135.211 port 45740 ssh2 Jul 23 00:49:19 *** sshd[29633]: Failed password for invalid user marketing from 78.42.135.211 port 37270 ssh2 Jul 23 01:00:08 *** sshd[29681]: Failed password for invalid user alex from 78.42.135.211 port 46124 ssh2 Jul 23 01:09:14 *** sshd[30333]: Failed password for invalid user snoopy from 78.42.135.211 port 37328 ssh2 Jul 23 01:18:37 *** sshd[30351]: Failed password for invalid user julius from 78.42.135.211 port 56772 ssh2 Jul 23 01:24:15 *** sshd[30443]: Failed password for invalid |
2019-07-24 13:24:18 |
| 218.92.0.197 | attack | Jul 23 22:06:43 ArkNodeAT sshd\[23976\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.197 user=root Jul 23 22:06:45 ArkNodeAT sshd\[23976\]: Failed password for root from 218.92.0.197 port 63633 ssh2 Jul 23 22:06:48 ArkNodeAT sshd\[23976\]: Failed password for root from 218.92.0.197 port 63633 ssh2 |
2019-07-24 13:00:56 |
| 200.45.147.45 | attack | Automatic report - Port Scan Attack |
2019-07-24 13:43:37 |
| 92.50.249.166 | attack | Jul 24 07:11:11 SilenceServices sshd[20295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.50.249.166 Jul 24 07:11:12 SilenceServices sshd[20295]: Failed password for invalid user ser from 92.50.249.166 port 44544 ssh2 Jul 24 07:15:32 SilenceServices sshd[23418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.50.249.166 |
2019-07-24 13:16:11 |
| 45.55.35.40 | attackspambots | Jul 24 06:55:01 tux-35-217 sshd\[27896\]: Invalid user cl from 45.55.35.40 port 49484 Jul 24 06:55:01 tux-35-217 sshd\[27896\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.35.40 Jul 24 06:55:03 tux-35-217 sshd\[27896\]: Failed password for invalid user cl from 45.55.35.40 port 49484 ssh2 Jul 24 06:59:27 tux-35-217 sshd\[27914\]: Invalid user ludo from 45.55.35.40 port 45318 Jul 24 06:59:27 tux-35-217 sshd\[27914\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.35.40 ... |
2019-07-24 13:15:10 |
| 111.204.157.197 | attackbotsspam | 2019-07-24T05:03:03.953651abusebot-5.cloudsearch.cf sshd\[2577\]: Invalid user osmc from 111.204.157.197 port 47426 |
2019-07-24 13:23:36 |
| 121.122.103.212 | attackbotsspam | Jul 24 03:26:51 fr01 sshd[11477]: Invalid user nano from 121.122.103.212 Jul 24 03:26:51 fr01 sshd[11477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.122.103.212 Jul 24 03:26:51 fr01 sshd[11477]: Invalid user nano from 121.122.103.212 Jul 24 03:26:53 fr01 sshd[11477]: Failed password for invalid user nano from 121.122.103.212 port 6928 ssh2 ... |
2019-07-24 12:55:17 |
| 94.81.194.42 | attackspam | Jul 24 06:43:00 ArkNodeAT sshd\[8361\]: Invalid user virtual from 94.81.194.42 Jul 24 06:43:00 ArkNodeAT sshd\[8361\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.81.194.42 Jul 24 06:43:02 ArkNodeAT sshd\[8361\]: Failed password for invalid user virtual from 94.81.194.42 port 42937 ssh2 |
2019-07-24 13:20:49 |
| 124.156.162.218 | attackspambots | Trying to deliver email spam, but blocked by RBL |
2019-07-24 13:08:20 |
| 54.37.151.239 | attackbotsspam | Jul 24 07:24:40 SilenceServices sshd[30004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.151.239 Jul 24 07:24:42 SilenceServices sshd[30004]: Failed password for invalid user fog from 54.37.151.239 port 52054 ssh2 Jul 24 07:30:29 SilenceServices sshd[1615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.151.239 |
2019-07-24 13:41:57 |
| 92.253.112.207 | attackbots | " " |
2019-07-24 13:27:35 |
| 173.44.34.84 | attackbotsspam | 19/7/23@16:06:22: FAIL: Alarm-Intrusion address from=173.44.34.84 ... |
2019-07-24 13:14:16 |
| 148.66.145.134 | attack | xmlrpc attack |
2019-07-24 13:12:52 |