142.93.211.52 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	18355/tcp 17655/tcp 23164/tcp... [2020-06-29/08-30]30pkt,11pt.(tcp)	2020-08-31 04:47:16
attackbotsspam	TCP (SYN) 142.93.211.52:55428 -> port 17655, len 44	2020-07-09 19:46:23
attackbots	TCP (SYN) 142.93.211.52:40846 -> port 10, len 44	2020-07-07 23:42:41
attackspambots	Jun 16 05:54:36 debian-2gb-nbg1-2 kernel: \[14538380.792052\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=142.93.211.52 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=56604 PROTO=TCP SPT=52723 DPT=4151 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-16 12:51:47
attackbotsspam	trying to access non-authorized port	2020-06-12 04:00:52
attack	scans 2 times in preceeding hours on the ports (in chronological order) 21305 21305	2020-06-10 21:42:06
attackspam	Jun 1 16:18:42 home sshd[20537]: Failed password for root from 142.93.211.52 port 59430 ssh2 Jun 1 16:23:05 home sshd[20983]: Failed password for root from 142.93.211.52 port 36398 ssh2 ...	2020-06-01 23:12:03
attack	TCP (SYN) 142.93.211.52:58017 -> port 8175, len 44	2020-05-28 14:43:26
attackbotsspam	Invalid user kte from 142.93.211.52 port 38458	2020-05-24 07:10:11
attack	TCP (SYN) 142.93.211.52:57215 -> port 27278, len 44	2020-05-16 01:36:57
attackbotsspam	(sshd) Failed SSH login from 142.93.211.52 (IN/India/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 8 19:27:53 amsweb01 sshd[15559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 user=root May 8 19:27:56 amsweb01 sshd[15559]: Failed password for root from 142.93.211.52 port 58452 ssh2 May 8 19:34:04 amsweb01 sshd[16191]: Invalid user test from 142.93.211.52 port 54878 May 8 19:34:06 amsweb01 sshd[16191]: Failed password for invalid user test from 142.93.211.52 port 54878 ssh2 May 8 19:38:45 amsweb01 sshd[16590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 user=root	2020-05-09 03:26:00
attackspambots	Port scan(s) denied	2020-05-06 15:20:05
attackspam	Apr 13 14:36:43 debian-2gb-nbg1-2 kernel: \[9040397.859994\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=142.93.211.52 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=9007 PROTO=TCP SPT=50147 DPT=13294 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-13 22:02:17
attackbotsspam	Apr 6 20:27:39 dev0-dcde-rnet sshd[21615]: Failed password for root from 142.93.211.52 port 58686 ssh2 Apr 6 20:28:43 dev0-dcde-rnet sshd[21617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 Apr 6 20:28:46 dev0-dcde-rnet sshd[21617]: Failed password for invalid user wp from 142.93.211.52 port 44374 ssh2	2020-04-07 02:46:23
attack	$f2bV_matches	2020-03-21 15:21:26
attackspam	Mar 18 09:42:53 plusreed sshd[21598]: Invalid user testftp from 142.93.211.52 ...	2020-03-18 22:09:49
attack	Invalid user angel from 142.93.211.52 port 60046	2020-03-14 02:29:31
attackbots	Mar 12 09:44:24 work-partkepr sshd\[9549\]: Invalid user factorio from 142.93.211.52 port 50022 Mar 12 09:44:24 work-partkepr sshd\[9549\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 ...	2020-03-12 20:21:03
attackspambots	Mar 10 20:32:37 cp sshd[2891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52	2020-03-11 07:13:49
attack	Mar 1 19:36:49 MK-Soft-VM7 sshd[9797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 Mar 1 19:36:51 MK-Soft-VM7 sshd[9797]: Failed password for invalid user teamspeakbot from 142.93.211.52 port 40888 ssh2 ...	2020-03-02 04:17:17
attackbotsspam	Feb 28 11:51:56 web1 sshd\[14010\]: Invalid user newuser from 142.93.211.52 Feb 28 11:51:56 web1 sshd\[14010\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 Feb 28 11:51:58 web1 sshd\[14010\]: Failed password for invalid user newuser from 142.93.211.52 port 48318 ssh2 Feb 28 11:59:42 web1 sshd\[14743\]: Invalid user nagios from 142.93.211.52 Feb 28 11:59:42 web1 sshd\[14743\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52	2020-02-29 06:12:42
attackbots	Feb 7 23:15:39 silence02 sshd[12820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 Feb 7 23:15:40 silence02 sshd[12820]: Failed password for invalid user gcx from 142.93.211.52 port 42340 ssh2 Feb 7 23:19:07 silence02 sshd[13140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52	2020-02-08 06:39:31
attackspam	Feb 2 00:35:42 MK-Soft-Root2 sshd[15856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 Feb 2 00:35:43 MK-Soft-Root2 sshd[15856]: Failed password for invalid user test from 142.93.211.52 port 45620 ssh2 ...	2020-02-02 07:41:12
attackspambots	Feb 1 20:04:07 lnxmysql61 sshd[24204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52	2020-02-02 03:50:46
attack	Jan 26 07:52:14 MK-Soft-Root2 sshd[30865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 Jan 26 07:52:17 MK-Soft-Root2 sshd[30865]: Failed password for invalid user system from 142.93.211.52 port 52342 ssh2 ...	2020-01-26 14:59:46
attackbotsspam	Unauthorized connection attempt detected from IP address 142.93.211.52 to port 2220 [J]	2020-01-23 11:39:50
attackspam	Unauthorized connection attempt detected from IP address 142.93.211.52 to port 2220 [J]	2020-01-22 23:24:29
attackbotsspam	Jan 20 15:09:51 vpn01 sshd[24668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.52 Jan 20 15:09:52 vpn01 sshd[24668]: Failed password for invalid user admin from 142.93.211.52 port 52022 ssh2 ...	2020-01-20 22:33:04
attackbots	Invalid user karina from 142.93.211.52 port 55084	2020-01-18 23:34:10
attackspambots	Unauthorized connection attempt detected from IP address 142.93.211.52 to port 2220 [J]	2020-01-18 02:59:40

Comments on same subnet:

IP	Type	Details	Datetime
142.93.211.36	attackspambots	Oct 12 00:25:27 hidden sshd[869]: Failed password for hidden from 142.93.211.36 port 56534 ssh2 Oct 12 00:28:28 hidden sshd[1320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.36 user=root Oct 12 00:28:30 hidden sshd[1320]: Failed password for hidden from 142.93.211.36 port 40212 ssh2	2020-10-12 07:11:11
142.93.211.36	attackspam	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-10-11 23:23:00
142.93.211.36	attack	Fail2Ban	2020-10-11 15:21:45
142.93.211.36	attackspambots	Port probing on unauthorized port 22	2020-10-11 08:40:42
142.93.211.192	attack	Aug 31 22:18:26 srv-ubuntu-dev3 sshd[127298]: Invalid user wow from 142.93.211.192 Aug 31 22:18:26 srv-ubuntu-dev3 sshd[127298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.192 Aug 31 22:18:26 srv-ubuntu-dev3 sshd[127298]: Invalid user wow from 142.93.211.192 Aug 31 22:18:29 srv-ubuntu-dev3 sshd[127298]: Failed password for invalid user wow from 142.93.211.192 port 39680 ssh2 Aug 31 22:22:18 srv-ubuntu-dev3 sshd[127737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.192 user=root Aug 31 22:22:20 srv-ubuntu-dev3 sshd[127737]: Failed password for root from 142.93.211.192 port 45048 ssh2 Aug 31 22:26:06 srv-ubuntu-dev3 sshd[128146]: Invalid user tomcat2 from 142.93.211.192 Aug 31 22:26:06 srv-ubuntu-dev3 sshd[128146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.192 Aug 31 22:26:06 srv-ubuntu-dev3 sshd[128146]: Invalid user tomc ...	2020-09-01 04:59:43
142.93.211.36	attackspam	2020-08-26T20:53:13.113962abusebot-5.cloudsearch.cf sshd[5221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=destek.in user=root 2020-08-26T20:53:15.000419abusebot-5.cloudsearch.cf sshd[5221]: Failed password for root from 142.93.211.36 port 33020 ssh2 2020-08-26T20:53:21.008214abusebot-5.cloudsearch.cf sshd[5223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=destek.in user=root 2020-08-26T20:53:22.522677abusebot-5.cloudsearch.cf sshd[5223]: Failed password for root from 142.93.211.36 port 33524 ssh2 2020-08-26T20:53:28.853992abusebot-5.cloudsearch.cf sshd[5225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=destek.in user=root 2020-08-26T20:53:30.800157abusebot-5.cloudsearch.cf sshd[5225]: Failed password for root from 142.93.211.36 port 34016 ssh2 2020-08-26T20:53:36.106838abusebot-5.cloudsearch.cf sshd[5227]: pam_unix(sshd:auth): authentication failure; ...	2020-08-27 06:04:02
142.93.211.44	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-15 22:30:29
142.93.211.44	attackbotsspam	Jun 27 23:53:17 plex sshd[11781]: Invalid user user from 142.93.211.44 port 53454	2020-06-28 06:02:49
142.93.211.44	attackbotsspam	2020-06-15T03:51:59.198676mail.csmailer.org sshd[15765]: Failed password for root from 142.93.211.44 port 48402 ssh2 2020-06-15T03:55:36.484497mail.csmailer.org sshd[16119]: Invalid user sammy from 142.93.211.44 port 45372 2020-06-15T03:55:36.487297mail.csmailer.org sshd[16119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.44 2020-06-15T03:55:36.484497mail.csmailer.org sshd[16119]: Invalid user sammy from 142.93.211.44 port 45372 2020-06-15T03:55:38.813385mail.csmailer.org sshd[16119]: Failed password for invalid user sammy from 142.93.211.44 port 45372 ssh2 ...	2020-06-15 13:06:14
142.93.211.44	attackspambots	Jun 12 19:42:20 hpm sshd\[6948\]: Invalid user 123456 from 142.93.211.44 Jun 12 19:42:20 hpm sshd\[6948\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.44 Jun 12 19:42:22 hpm sshd\[6948\]: Failed password for invalid user 123456 from 142.93.211.44 port 41572 ssh2 Jun 12 19:43:23 hpm sshd\[7050\]: Invalid user zjcl123 from 142.93.211.44 Jun 12 19:43:23 hpm sshd\[7050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.44	2020-06-13 14:05:30
142.93.211.44	attackbots	May 25 22:50:37 eventyay sshd[9631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.211.44 May 25 22:50:39 eventyay sshd[9631]: Failed password for invalid user college from 142.93.211.44 port 44360 ssh2 May 25 22:55:07 eventyay sshd[9723]: Failed password for root from 142.93.211.44 port 48732 ssh2 ...	2020-05-26 04:56:51
142.93.211.176	attack	$f2bV_matches	2020-05-26 03:58:31
142.93.211.111	attackspambots	05/19/2020-19:43:03.985365 142.93.211.111 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-20 08:43:51
142.93.211.44	attackbotsspam	SSH brute-force: detected 14 distinct usernames within a 24-hour window.	2020-05-11 06:39:54
142.93.211.44	attackbotsspam	May 6 02:21:33 XXX sshd[52445]: Invalid user mysql from 142.93.211.44 port 43788	2020-05-07 08:46:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.211.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21249
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.211.52.			IN	A

;; AUTHORITY SECTION:
.			88	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011700 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 18 02:59:37 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 52.211.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.211.93.142.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
42.123.96.135	attack	Portscan or hack attempt detected by psad/fwsnort	2020-01-01 18:18:15
203.110.94.169	attack	(imapd) Failed IMAP login from 203.110.94.169 (IN/India/-): 1 in the last 3600 secs	2020-01-01 18:16:29
122.14.228.229	attack	Jan 1 10:49:26 mail sshd\[29743\]: Invalid user sv from 122.14.228.229 Jan 1 10:49:26 mail sshd\[29743\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.14.228.229 Jan 1 10:49:28 mail sshd\[29743\]: Failed password for invalid user sv from 122.14.228.229 port 45386 ssh2 ...	2020-01-01 18:13:44
49.248.106.61	attack	" "	2020-01-01 17:54:58
67.55.92.90	attack	Jan 1 10:40:44 * sshd[32000]: Failed password for mail from 67.55.92.90 port 44328 ssh2 Jan 1 10:46:40 * sshd[32675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.55.92.90	2020-01-01 18:27:58
212.156.17.218	attack	$f2bV_matches	2020-01-01 18:23:54
120.228.188.240	attack	Scanning	2020-01-01 18:28:52
177.193.93.228	attack	Automatic report - Port Scan Attack	2020-01-01 18:26:37
106.13.97.16	attack	Jan 1 11:12:16 DAAP sshd[23496]: Invalid user joakim from 106.13.97.16 port 45280 Jan 1 11:12:16 DAAP sshd[23496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.97.16 Jan 1 11:12:16 DAAP sshd[23496]: Invalid user joakim from 106.13.97.16 port 45280 Jan 1 11:12:18 DAAP sshd[23496]: Failed password for invalid user joakim from 106.13.97.16 port 45280 ssh2 Jan 1 11:14:18 DAAP sshd[23531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.97.16 user=backup Jan 1 11:14:21 DAAP sshd[23531]: Failed password for backup from 106.13.97.16 port 33798 ssh2 ...	2020-01-01 18:30:53
186.227.77.218	attackbots	Automatic report - Port Scan Attack	2020-01-01 18:25:42
46.38.144.179	attackspam	Jan 1 10:45:27 relay postfix/smtpd\[20306\]: warning: unknown\[46.38.144.179\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 1 10:46:16 relay postfix/smtpd\[23133\]: warning: unknown\[46.38.144.179\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 1 10:48:40 relay postfix/smtpd\[20306\]: warning: unknown\[46.38.144.179\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 1 10:49:35 relay postfix/smtpd\[31137\]: warning: unknown\[46.38.144.179\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 1 10:52:02 relay postfix/smtpd\[20302\]: warning: unknown\[46.38.144.179\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-01-01 18:04:27
185.176.27.30	attackbots	01/01/2020-11:20:47.642850 185.176.27.30 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-01 18:31:43
89.142.77.34	attackbots	Scanning	2020-01-01 18:03:05
203.193.179.56	attackbotsspam	1577859840 - 01/01/2020 07:24:00 Host: 203.193.179.56/203.193.179.56 Port: 445 TCP Blocked	2020-01-01 18:11:02
178.62.181.73	attackspam	Dec 30 07:48:53 josie sshd[4233]: Invalid user test from 178.62.181.73 Dec 30 07:48:53 josie sshd[4233]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.181.73 Dec 30 07:48:55 josie sshd[4233]: Failed password for invalid user test from 178.62.181.73 port 58132 ssh2 Dec 30 07:48:55 josie sshd[4237]: Received disconnect from 178.62.181.73: 11: Bye Bye Dec 30 08:00:48 josie sshd[16000]: Invalid user sapphira from 178.62.181.73 Dec 30 08:00:48 josie sshd[16000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.181.73 Dec 30 08:00:50 josie sshd[16000]: Failed password for invalid user sapphira from 178.62.181.73 port 42250 ssh2 Dec 30 08:00:50 josie sshd[16004]: Received disconnect from 178.62.181.73: 11: Bye Bye Dec 30 08:03:11 josie sshd[18604]: Invalid user datoo from 178.62.181.73 Dec 30 08:03:11 josie sshd[18604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 eu........ -------------------------------	2020-01-01 18:26:15

Recently Reported IPs

188.149.155.92	33.122.75.35	185.249.198.46	93.250.158.149
146.199.171.103	138.201.95.98	107.173.219.101	103.228.183.10
94.9.63.175	77.20.22.120	45.32.28.219	27.76.82.0
5.253.27.243	13.57.133.225	5.145.252.171	5.37.192.201
46.72.53.4	173.12.35.75	160.75.251.196	175.193.177.175