142.93.208.92 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Dec 26 07:18:41 mail sshd\[2145\]: Invalid user ftpuser from 142.93.208.92 Dec 26 07:18:53 mail sshd\[2149\]: Invalid user git from 142.93.208.92 Dec 26 07:19:06 mail sshd\[2166\]: Invalid user oracle from 142.93.208.92 Dec 26 07:19:33 mail sshd\[2172\]: Invalid user ftpuser from 142.93.208.92 Dec 26 07:19:47 mail sshd\[2175\]: Invalid user oracle from 142.93.208.92 ...	2019-12-26 22:06:43
attackbots	2019-12-25T07:09:01.598728shield sshd\[31609\]: Invalid user redis from 142.93.208.92 port 53980 2019-12-25T07:09:01.603088shield sshd\[31609\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.208.92 2019-12-25T07:09:03.531532shield sshd\[31609\]: Failed password for invalid user redis from 142.93.208.92 port 53980 ssh2 2019-12-25T07:12:35.235777shield sshd\[559\]: Invalid user www from 142.93.208.92 port 33408 2019-12-25T07:12:35.240148shield sshd\[559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.208.92	2019-12-25 20:39:01

Type

Details

Datetime

attackbotsspam

Dec 26 07:18:41 mail sshd\[2145\]: Invalid user ftpuser from 142.93.208.92
Dec 26 07:18:53 mail sshd\[2149\]: Invalid user git from 142.93.208.92
Dec 26 07:19:06 mail sshd\[2166\]: Invalid user oracle from 142.93.208.92
Dec 26 07:19:33 mail sshd\[2172\]: Invalid user ftpuser from 142.93.208.92
Dec 26 07:19:47 mail sshd\[2175\]: Invalid user oracle from 142.93.208.92
...

2019-12-26 22:06:43

attackbots

2019-12-25T07:09:01.598728shield sshd\[31609\]: Invalid user redis from 142.93.208.92 port 53980
2019-12-25T07:09:01.603088shield sshd\[31609\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.208.92
2019-12-25T07:09:03.531532shield sshd\[31609\]: Failed password for invalid user redis from 142.93.208.92 port 53980 ssh2
2019-12-25T07:12:35.235777shield sshd\[559\]: Invalid user www from 142.93.208.92 port 33408
2019-12-25T07:12:35.240148shield sshd\[559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.208.92

2019-12-25 20:39:01

Comments on same subnet:

IP	Type	Details	Datetime
142.93.208.69	attackbots	04/12/2020-17:16:51.543747 142.93.208.69 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-13 08:28:08
142.93.208.158	attack	SSH login attempts.	2020-03-19 16:07:54
142.93.208.220	attackbots	Mar 13 14:03:07 web8 sshd\[15273\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.208.220 user=root Mar 13 14:03:09 web8 sshd\[15273\]: Failed password for root from 142.93.208.220 port 57966 ssh2 Mar 13 14:08:03 web8 sshd\[17919\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.208.220 user=root Mar 13 14:08:05 web8 sshd\[17919\]: Failed password for root from 142.93.208.220 port 41744 ssh2 Mar 13 14:12:56 web8 sshd\[20670\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.208.220 user=root	2020-03-13 23:10:13
142.93.208.158	attackbotsspam	Mar 9 18:36:45 lukav-desktop sshd\[16609\]: Invalid user tr from 142.93.208.158 Mar 9 18:36:45 lukav-desktop sshd\[16609\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.208.158 Mar 9 18:36:46 lukav-desktop sshd\[16609\]: Failed password for invalid user tr from 142.93.208.158 port 36694 ssh2 Mar 9 18:40:15 lukav-desktop sshd\[16638\]: Invalid user docs from 142.93.208.158 Mar 9 18:40:15 lukav-desktop sshd\[16638\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.208.158	2020-03-10 03:20:21
142.93.208.250	attack	2020-03-07T12:44:19.452885dmca.cloudsearch.cf sshd[26998]: Invalid user ubuntu from 142.93.208.250 port 52048 2020-03-07T12:44:19.459556dmca.cloudsearch.cf sshd[26998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=demo.b2grow.com 2020-03-07T12:44:19.452885dmca.cloudsearch.cf sshd[26998]: Invalid user ubuntu from 142.93.208.250 port 52048 2020-03-07T12:44:21.949980dmca.cloudsearch.cf sshd[26998]: Failed password for invalid user ubuntu from 142.93.208.250 port 52048 ssh2 2020-03-07T12:48:08.529859dmca.cloudsearch.cf sshd[27227]: Invalid user leo from 142.93.208.250 port 52778 2020-03-07T12:48:08.535947dmca.cloudsearch.cf sshd[27227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=demo.b2grow.com 2020-03-07T12:48:08.529859dmca.cloudsearch.cf sshd[27227]: Invalid user leo from 142.93.208.250 port 52778 2020-03-07T12:48:10.465672dmca.cloudsearch.cf sshd[27227]: Failed password for invalid user leo from 142. ...	2020-03-07 21:06:37
142.93.208.24	attackbots	Jan1505:49:43server4pure-ftpd:$\?@103.16.228.20$[WARNING]Authenticationfailedforuser[info]Jan1505:49:09server4pure-ftpd:$\?@144.217.197.11$[WARNING]Authenticationfailedforuser[info]Jan1505:49:28server4pure-ftpd:$\?@144.217.197.11$[WARNING]Authenticationfailedforuser[info]Jan1505:49:30server4pure-ftpd:$\?@103.16.228.20$[WARNING]Authenticationfailedforuser[info]Jan1505:49:55server4pure-ftpd:$\?@142.93.208.24$[WARNING]Authenticationfailedforuser[info]Jan1505:49:56server4pure-ftpd:$\?@103.16.228.20$[WARNING]Authenticationfailedforuser[info]Jan1505:49:59server4pure-ftpd:$\?@103.18.179.196$[WARNING]Authenticationfailedforuser[info]Jan1505:50:02server4pure-ftpd:$\?@35.194.4.89$[WARNING]Authenticationfailedforuser[info]Jan1505:49:22server4pure-ftpd:$\?@144.217.197.11$[WARNING]Authenticationfailedforuser[info]Jan1505:49:48server4pure-ftpd:$\?@103.16.228.20$[WARNING]Authenticationfailedforuser[info]IPAddressesBlocked:103.16.228.20$HK/HongKong/www.northridgefinancialpartners.com$144.217.197.11\(US/	2020-01-15 17:25:24
142.93.208.250	attackbotsspam	Unauthorized connection attempt detected from IP address 142.93.208.250 to port 2220 [J]	2020-01-14 05:10:49
142.93.208.190	attackbotsspam	RDP Bruteforce	2019-12-18 21:48:05
142.93.208.219	attackspambots	Sep 7 13:18:40 eddieflores sshd\[27227\]: Invalid user postgres from 142.93.208.219 Sep 7 13:18:40 eddieflores sshd\[27227\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.208.219 Sep 7 13:18:42 eddieflores sshd\[27227\]: Failed password for invalid user postgres from 142.93.208.219 port 34816 ssh2 Sep 7 13:23:09 eddieflores sshd\[27563\]: Invalid user oracle from 142.93.208.219 Sep 7 13:23:09 eddieflores sshd\[27563\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.208.219	2019-09-08 07:33:17
142.93.208.219	attackspambots	Sep 5 00:35:31 hpm sshd\[13710\]: Invalid user webmaster from 142.93.208.219 Sep 5 00:35:31 hpm sshd\[13710\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.208.219 Sep 5 00:35:33 hpm sshd\[13710\]: Failed password for invalid user webmaster from 142.93.208.219 port 38906 ssh2 Sep 5 00:40:11 hpm sshd\[14245\]: Invalid user mysqlmysql from 142.93.208.219 Sep 5 00:40:11 hpm sshd\[14245\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.208.219	2019-09-05 18:55:20
142.93.208.219	attack	Aug 28 05:57:31 hiderm sshd\[29194\]: Invalid user test from 142.93.208.219 Aug 28 05:57:31 hiderm sshd\[29194\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.208.219 Aug 28 05:57:33 hiderm sshd\[29194\]: Failed password for invalid user test from 142.93.208.219 port 57578 ssh2 Aug 28 06:02:13 hiderm sshd\[29594\]: Invalid user ftpuser1 from 142.93.208.219 Aug 28 06:02:13 hiderm sshd\[29594\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.208.219	2019-08-29 07:52:12
142.93.208.219	attackbots	Aug 22 12:54:39 vps691689 sshd[19492]: Failed password for root from 142.93.208.219 port 49438 ssh2 Aug 22 12:59:39 vps691689 sshd[19631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.208.219 ...	2019-08-22 19:15:07
142.93.208.158	attackbots	SSH Brute-Force reported by Fail2Ban	2019-08-13 03:51:15
142.93.208.158	attackbots	19.07.2019 02:02:44 SSH access blocked by firewall	2019-07-19 10:35:13
142.93.208.158	attackbots	Jul 17 04:09:03 pornomens sshd\[14137\]: Invalid user orange from 142.93.208.158 port 51408 Jul 17 04:09:03 pornomens sshd\[14137\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.208.158 Jul 17 04:09:05 pornomens sshd\[14137\]: Failed password for invalid user orange from 142.93.208.158 port 51408 ssh2 ...	2019-07-17 10:15:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.208.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49572
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.208.92.			IN	A

;; AUTHORITY SECTION:
.			172	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122500 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 25 20:38:53 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 92.208.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 92.208.93.142.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.238.59.136	attackbotsspam	[portscan] Port scan	2020-03-01 22:18:37
85.133.159.241	attackbots	Honeypot attack, port: 445, PTR: 85.133.159.241.pos-1-0.7tir.sepanta.net.	2020-03-01 22:11:35
51.178.78.153	attackbotsspam	Attack prevented, ip blocked.	2020-03-01 21:57:07
64.190.205.9	attack	Feb 26 01:15:13 vzhost sshd[10222]: Address 64.190.205.9 maps to 64.190.205.9.static.skysilk.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Feb 26 01:15:13 vzhost sshd[10222]: Invalid user art from 64.190.205.9 Feb 26 01:15:13 vzhost sshd[10222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.190.205.9 Feb 26 01:15:14 vzhost sshd[10222]: Failed password for invalid user art from 64.190.205.9 port 49436 ssh2 Feb 26 01:39:05 vzhost sshd[14487]: Address 64.190.205.9 maps to 64.190.205.9.static.skysilk.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Feb 26 01:39:05 vzhost sshd[14487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.190.205.9 user=r.r Feb 26 01:39:07 vzhost sshd[14487]: Failed password for r.r from 64.190.205.9 port 51892 ssh2 Feb 26 01:49:08 vzhost sshd[16345]: Address 64.190.205.9 maps to 64.190.205.9.static.skys........ -------------------------------	2020-03-01 21:59:19
187.188.176.238	attackbots	Unauthorized connection attempt detected from IP address 187.188.176.238 to port 1433 [J]	2020-03-01 21:49:33
41.38.235.134	attack	" "	2020-03-01 22:13:37
193.112.42.13	attackspam	Mar 1 15:15:59 dedicated sshd[15300]: Invalid user liangmm from 193.112.42.13 port 58516	2020-03-01 22:16:58
118.24.149.248	attackbots	Mar 1 14:26:22 lnxweb61 sshd[28121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.149.248	2020-03-01 21:41:11
216.245.197.14	attackbots	[2020-03-01 08:26:14] NOTICE[1148] chan_sip.c: Registration from '"701" ' failed for '216.245.197.14:5204' - Wrong password [2020-03-01 08:26:14] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-01T08:26:14.677-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="701",SessionID="0x7fd82c538db8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.245.197.14/5204",Challenge="3d64269d",ReceivedChallenge="3d64269d",ReceivedHash="4392e871555fe6b6aa8f81a7af1819b6" [2020-03-01 08:26:14] NOTICE[1148] chan_sip.c: Registration from '"701" ' failed for '216.245.197.14:5204' - Wrong password [2020-03-01 08:26:14] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-01T08:26:14.762-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="701",SessionID="0x7fd82c81c298",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.2 ...	2020-03-01 21:49:56
155.94.129.154	attackspam	Mar 1 14:26:26 pmg postfix/postscreen\[26159\]: NOQUEUE: reject: RCPT from \[155.94.129.154\]:40065: 550 5.7.1 Service unavailable\; client \[155.94.129.154\] blocked using zen.spamhaus.org\; from=\<7748-51-201439-513-domagoj=rii.hr@mail.powerbolty.xyz\>, to=\, proto=ESMTP, helo=\	2020-03-01 21:36:55
178.128.207.188	attack	RDP Brute-Force (honeypot 5)	2020-03-01 21:56:24
63.82.48.114	attack	Mar 1 14:25:52 grey postfix/smtpd\[25260\]: NOQUEUE: reject: RCPT from grain.saparel.com\[63.82.48.114\]: 554 5.7.1 Service unavailable\; Client host \[63.82.48.114\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[63.82.48.114\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-03-01 22:13:05
116.58.230.93	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-01 22:16:32
51.75.160.215	attack	$f2bV_matches	2020-03-01 22:07:49
185.216.140.252	attackbots	Triggered: repeated knocking on closed ports.	2020-03-01 21:35:15

Recently Reported IPs

182.97.131.241	60.214.153.118	24.139.145.250	164.132.63.169
190.236.205.24	185.57.29.212	171.251.238.117	124.123.100.166
14.169.159.225	90.140.5.3	61.231.31.138	36.75.184.209
96.89.216.246	197.252.1.63	175.183.6.206	120.253.200.219
116.206.38.49	45.95.35.51	41.233.194.88	117.65.234.158