142.93.204.89 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Apr 3 14:41:45 XXX sshd[39784]: Invalid user ubnt from 142.93.204.89 port 42676	2020-04-03 22:35:37
attackspam	SSH Server BruteForce Attack	2020-04-03 14:40:28

Comments on same subnet:

IP	Type	Details	Datetime
142.93.204.221	attackspam	Automatic report - Banned IP Access	2020-07-27 23:32:54
142.93.204.9	attackspambots	Port scan: Attack repeated for 24 hours	2020-07-24 17:32:43
142.93.204.221	attack	142.93.204.221 - - [11/Jul/2020:09:40:03 +0100] "POST /wp-login.php HTTP/1.1" 200 1948 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [11/Jul/2020:09:40:15 +0100] "POST /wp-login.php HTTP/1.1" 200 1890 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [11/Jul/2020:09:40:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1926 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-11 17:00:30
142.93.204.221	attackbots	Automatic report - WordPress Brute Force	2020-07-10 18:11:55
142.93.204.221	attackspambots	WordPress login Brute force / Web App Attack on client site.	2020-07-06 17:31:16
142.93.204.221	attack	142.93.204.221 - - [26/Jun/2020:10:15:14 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Jun/2020:10:15:15 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Jun/2020:10:15:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-26 17:33:37
142.93.204.221	attack	WordPress (CMS) attack attempts. Date: 2020 Jun 01. 05:25:38 Source IP: 142.93.204.221 Portion of the log(s): 142.93.204.221 - [01/Jun/2020:05:25:20 +0200] "GET /wp-login.php HTTP/1.1" 200 1962 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - [01/Jun/2020:05:25:25 +0200] "POST /wp-login.php HTTP/1.1" 200 2411 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - [01/Jun/2020:05:25:31 +0200] "GET /wp-login.php HTTP/1.1" 200 1962 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - [01/Jun/2020:05:25:32 +0200] "POST /wp-login.php HTTP/1.1" 200 2414 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - [01/Jun/2020:05:25:32 +0200] "POST /xmlrpc.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-01 13:07:34
142.93.204.221	attackbots	Automatic report - XMLRPC Attack	2020-05-26 10:05:16
142.93.204.221	attackspambots	xmlrpc attack	2020-05-23 23:23:08
142.93.204.221	attackbotsspam	wp-login.php	2020-05-20 03:58:29
142.93.204.221	attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-04-18 20:56:56
142.93.204.221	attack	142.93.204.221 - - [26/Mar/2020:22:19:52 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:52 +0100] "POST /wp-login.php HTTP/1.1" 200 2297 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:53 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:53 +0100] "POST /wp-login.php HTTP/1.1" 200 2272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:58 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.204.221 - - [26/Mar/2020:22:19:58 +0100] "POST /wp-login.php HTTP/1.1" 200 2272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-27 06:12:58
142.93.204.221	attackspam	Unauthorized connection attempt detected, IP banned.	2020-03-25 08:40:53
142.93.204.235	attackbots	CMS (WordPress or Joomla) login attempt.	2020-03-09 05:19:12
142.93.204.221	attack	Wordpress Admin Login attack	2020-02-27 14:53:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.204.89
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30351
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.204.89.			IN	A

;; AUTHORITY SECTION:
.			475	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040300 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 03 14:40:04 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 89.204.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 89.204.93.142.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.234.82.78	attackspam	Sep823:44:03server4pure-ftpd:\(\?@114.234.82.78\)[WARNING]Authenticationfailedforuser[www]Sep823:59:49server4pure-ftpd:\(\?@129.204.230.125\)[WARNING]Authenticationfailedforuser[www]Sep823:59:20server4pure-ftpd:\(\?@129.204.230.125\)[WARNING]Authenticationfailedforuser[www]Sep823:59:35server4pure-ftpd:\(\?@129.204.230.125\)[WARNING]Authenticationfailedforuser[www]Sep823:43:07server4pure-ftpd:\(\?@117.95.105.99\)[WARNING]Authenticationfailedforuser[www]Sep823:43:02server4pure-ftpd:\(\?@117.95.105.99\)[WARNING]Authenticationfailedforuser[www]Sep823:59:42server4pure-ftpd:\(\?@129.204.230.125\)[WARNING]Authenticationfailedforuser[www]Sep823:43:57server4pure-ftpd:\(\?@114.234.82.78\)[WARNING]Authenticationfailedforuser[www]Sep823:59:25server4pure-ftpd:\(\?@129.204.230.125\)[WARNING]Authenticationfailedforuser[www]Sep823:59:26server4pure-ftpd:\(\?@129.204.230.125\)[WARNING]Authenticationfailedforuser[www]IPAddressesBlocked:	2019-09-09 07:34:44
134.175.29.208	attackbots	Sep 8 12:49:42 wbs sshd\[26772\]: Invalid user tomc@t from 134.175.29.208 Sep 8 12:49:42 wbs sshd\[26772\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.29.208 Sep 8 12:49:44 wbs sshd\[26772\]: Failed password for invalid user tomc@t from 134.175.29.208 port 33594 ssh2 Sep 8 12:54:02 wbs sshd\[27217\]: Invalid user gmodserver from 134.175.29.208 Sep 8 12:54:02 wbs sshd\[27217\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.29.208	2019-09-09 06:59:17
183.82.123.14	attackbotsspam	firewall-block, port(s): 445/tcp	2019-09-09 07:42:12
106.13.34.190	attack	Sep 8 13:18:41 lcprod sshd\[31376\]: Invalid user mc from 106.13.34.190 Sep 8 13:18:41 lcprod sshd\[31376\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.190 Sep 8 13:18:43 lcprod sshd\[31376\]: Failed password for invalid user mc from 106.13.34.190 port 41926 ssh2 Sep 8 13:20:13 lcprod sshd\[31506\]: Invalid user tester from 106.13.34.190 Sep 8 13:20:13 lcprod sshd\[31506\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.190	2019-09-09 07:27:59
221.179.126.178	attackbots	23/tcp 37215/tcp... [2019-08-14/09-08]12pkt,2pt.(tcp)	2019-09-09 07:28:33
46.29.166.225	attackspam	WordPress XMLRPC scan :: 46.29.166.225 0.128 BYPASS [09/Sep/2019:05:30:55 1000] [censored_1] "POST /xmlrpc.php HTTP/1.1" 200 413 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-09-09 07:04:42
139.219.0.29	attack	ssh failed login	2019-09-09 07:23:09
49.88.112.116	attack	Sep 8 13:32:41 php1 sshd\[14274\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root Sep 8 13:32:43 php1 sshd\[14274\]: Failed password for root from 49.88.112.116 port 14401 ssh2 Sep 8 13:33:33 php1 sshd\[14358\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root Sep 8 13:33:35 php1 sshd\[14358\]: Failed password for root from 49.88.112.116 port 19641 ssh2 Sep 8 13:34:23 php1 sshd\[14446\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root	2019-09-09 07:35:49
116.109.70.96	attackspam	Automatic report - Port Scan Attack	2019-09-09 07:03:06
218.98.40.140	attack	Sep 9 00:53:19 herz-der-gamer sshd[30906]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.40.140 user=root Sep 9 00:53:21 herz-der-gamer sshd[30906]: Failed password for root from 218.98.40.140 port 59726 ssh2 ...	2019-09-09 07:02:51
185.176.27.118	attack	09/08/2019-18:44:57.400361 185.176.27.118 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-09-09 07:24:57
2001:41d0:1004:f7e::	attackspambots	[munged]::443 2001:41d0:1004:f7e:: - - [08/Sep/2019:22:53:53 +0200] "POST /[munged]: HTTP/1.1" 200 6987 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2001:41d0:1004:f7e:: - - [08/Sep/2019:22:53:56 +0200] "POST /[munged]: HTTP/1.1" 200 6850 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2001:41d0:1004:f7e:: - - [08/Sep/2019:22:53:56 +0200] "POST /[munged]: HTTP/1.1" 200 6850 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2001:41d0:1004:f7e:: - - [08/Sep/2019:22:53:57 +0200] "POST /[munged]: HTTP/1.1" 200 6846 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2001:41d0:1004:f7e:: - - [08/Sep/2019:22:53:57 +0200] "POST /[munged]: HTTP/1.1" 200 6846 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2001:41d0:1004:f7e:: - - [08/Sep/2019:22:53:58 +0200] "POST /[munged]: HTTP	2019-09-09 06:59:56
188.127.224.51	attackspam	27017/tcp 27017/tcp 27017/tcp [2019-09-01/08]3pkt	2019-09-09 07:07:35
167.114.185.237	attackbotsspam	Sep 9 05:10:11 areeb-Workstation sshd[15447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.185.237 Sep 9 05:10:13 areeb-Workstation sshd[15447]: Failed password for invalid user uftp from 167.114.185.237 port 45280 ssh2 ...	2019-09-09 07:44:22
101.99.15.40	attackspam	445/tcp 445/tcp 445/tcp... [2019-07-11/09-08]13pkt,1pt.(tcp)	2019-09-09 07:00:55

Recently Reported IPs

221.8.155.83	70.122.247.113	179.182.217.22	119.93.133.197
203.234.68.220	78.204.75.16	37.70.190.194	113.190.254.160
17.88.103.142	103.45.99.172	49.206.210.200	171.241.9.116
185.246.210.152	180.180.24.134	150.129.238.143	103.141.188.147
17.69.196.192	50.252.114.117	162.158.186.145	148.70.40.218