142.93.216.193

Basic Info

City: Bengaluru

Region: Karnataka

Country: India

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH bruteforce (Triggered fail2ban)	2020-03-17 06:42:03

Comments on same subnet:

IP	Type	Details	Datetime
142.93.216.97	attackspam	SSH Brute Force	2020-09-23 23:16:31
142.93.216.97	attackbotsspam	Sep 22 20:18:56 hanapaa sshd\[16387\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 user=root Sep 22 20:18:58 hanapaa sshd\[16387\]: Failed password for root from 142.93.216.97 port 50322 ssh2 Sep 22 20:23:20 hanapaa sshd\[16719\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 user=root Sep 22 20:23:22 hanapaa sshd\[16719\]: Failed password for root from 142.93.216.97 port 59966 ssh2 Sep 22 20:27:54 hanapaa sshd\[17100\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 user=root	2020-09-23 15:30:35
142.93.216.97	attack	Sep 23 01:15:21 piServer sshd[2469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 Sep 23 01:15:23 piServer sshd[2469]: Failed password for invalid user ahmed from 142.93.216.97 port 55418 ssh2 Sep 23 01:19:37 piServer sshd[3087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 ...	2020-09-23 07:23:48
142.93.216.97	attack	Sep 16 14:22:44 pornomens sshd\[5538\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 user=root Sep 16 14:22:46 pornomens sshd\[5538\]: Failed password for root from 142.93.216.97 port 47298 ssh2 Sep 16 14:28:13 pornomens sshd\[5606\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 user=root ...	2020-09-17 01:59:29
142.93.216.97	attack	SSH Brute Force	2020-09-16 18:16:28
142.93.216.68	attackspam	2020-08-28T04:05:16.766901hostname sshd[18188]: Invalid user evelyn from 142.93.216.68 port 36100 2020-08-28T04:05:19.147483hostname sshd[18188]: Failed password for invalid user evelyn from 142.93.216.68 port 36100 ssh2 2020-08-28T04:09:12.331442hostname sshd[19739]: Invalid user pieter from 142.93.216.68 port 41426 ...	2020-08-28 05:14:22
142.93.216.68	attack	Aug 20 08:32:38 ny01 sshd[19239]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.68 Aug 20 08:32:40 ny01 sshd[19239]: Failed password for invalid user kafka from 142.93.216.68 port 33572 ssh2 Aug 20 08:34:52 ny01 sshd[19543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.68	2020-08-20 20:52:15
142.93.216.68	attackbotsspam	Aug 20 05:58:16 vmd26974 sshd[15433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.68 Aug 20 05:58:18 vmd26974 sshd[15433]: Failed password for invalid user hdis_mng from 142.93.216.68 port 45634 ssh2 ...	2020-08-20 13:43:49
142.93.216.97	attackspambots	2020-08-18T07:53:53.127152ks3355764 sshd[6863]: Failed password for invalid user wenbin from 142.93.216.97 port 45812 ssh2 2020-08-18T09:54:05.641164ks3355764 sshd[8179]: Invalid user kr from 142.93.216.97 port 51930 ...	2020-08-18 17:14:32
142.93.216.97	attack	Aug 17 18:03:39 dhoomketu sshd[2427134]: Failed password for invalid user benjamin from 142.93.216.97 port 60924 ssh2 Aug 17 18:08:16 dhoomketu sshd[2427270]: Invalid user ubuntu from 142.93.216.97 port 44228 Aug 17 18:08:16 dhoomketu sshd[2427270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 Aug 17 18:08:16 dhoomketu sshd[2427270]: Invalid user ubuntu from 142.93.216.97 port 44228 Aug 17 18:08:18 dhoomketu sshd[2427270]: Failed password for invalid user ubuntu from 142.93.216.97 port 44228 ssh2 ...	2020-08-17 20:49:20
142.93.216.97	attackbots	Bruteforce detected by fail2ban	2020-08-13 16:50:17
142.93.216.97	attackbots	Aug 12 15:45:54 vmd36147 sshd[12017]: Failed password for root from 142.93.216.97 port 37176 ssh2 Aug 12 15:50:37 vmd36147 sshd[22589]: Failed password for root from 142.93.216.97 port 47474 ssh2 ...	2020-08-13 00:25:38
142.93.216.97	attack	2020-08-11T01:59:39.0186481495-001 sshd[65383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 user=root 2020-08-11T01:59:41.6033341495-001 sshd[65383]: Failed password for root from 142.93.216.97 port 54248 ssh2 2020-08-11T02:01:58.0350441495-001 sshd[65495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 user=root 2020-08-11T02:01:59.8371401495-001 sshd[65495]: Failed password for root from 142.93.216.97 port 59724 ssh2 2020-08-11T02:04:22.9198341495-001 sshd[408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.97 user=root 2020-08-11T02:04:24.4910341495-001 sshd[408]: Failed password for root from 142.93.216.97 port 37046 ssh2 ...	2020-08-11 18:06:24
142.93.216.68	attackbotsspam	Aug 4 20:32:04 OPSO sshd\[9456\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.68 user=root Aug 4 20:32:07 OPSO sshd\[9456\]: Failed password for root from 142.93.216.68 port 47110 ssh2 Aug 4 20:36:27 OPSO sshd\[10618\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.68 user=root Aug 4 20:36:29 OPSO sshd\[10618\]: Failed password for root from 142.93.216.68 port 58406 ssh2 Aug 4 20:40:54 OPSO sshd\[11464\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.68 user=root	2020-08-05 05:30:58
142.93.216.157	attack	Lines containing failures of 142.93.216.157 Aug 2 07:14:21 linuxrulz sshd[12011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.157 user=r.r Aug 2 07:14:23 linuxrulz sshd[12011]: Failed password for r.r from 142.93.216.157 port 54234 ssh2 Aug 2 07:14:24 linuxrulz sshd[12011]: Received disconnect from 142.93.216.157 port 54234:11: Bye Bye [preauth] Aug 2 07:14:24 linuxrulz sshd[12011]: Disconnected from authenticating user r.r 142.93.216.157 port 54234 [preauth] Aug 2 07:26:49 linuxrulz sshd[13828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.216.157 user=r.r Aug 2 07:26:51 linuxrulz sshd[13828]: Failed password for r.r from 142.93.216.157 port 42002 ssh2 Aug 2 07:26:52 linuxrulz sshd[13828]: Received disconnect from 142.93.216.157 port 42002:11: Bye Bye [preauth] Aug 2 07:26:52 linuxrulz sshd[13828]: Disconnected from authenticating user r.r 142.93.216.157 po........ ------------------------------	2020-08-03 03:11:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.216.193
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32966
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.216.193.			IN	A

;; AUTHORITY SECTION:
.			447	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031601 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 17 06:42:00 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 193.216.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 193.216.93.142.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.244.25.73	attackbots	SSH Bruteforce attack	2019-07-11 10:47:08
185.88.196.30	attack	Jul 10 20:39:22 XXX sshd[1512]: Invalid user vs from 185.88.196.30 port 41856	2019-07-11 11:22:58
37.120.135.221	attackspam	\[2019-07-10 22:26:59\] NOTICE\[13443\] chan_sip.c: Registration from '\' failed for '37.120.135.221:1282' - Wrong password \[2019-07-10 22:26:59\] SECURITY\[13451\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-10T22:26:59.509-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="11405",SessionID="0x7f02f9572cd8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.120.135.221/64383",Challenge="436f49c5",ReceivedChallenge="436f49c5",ReceivedHash="81a02569dc6b4e29a4c2e8a0b25a0be7" \[2019-07-10 22:28:09\] NOTICE\[13443\] chan_sip.c: Registration from '\' failed for '37.120.135.221:1274' - Wrong password \[2019-07-10 22:28:09\] SECURITY\[13451\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-10T22:28:09.833-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="11612",SessionID="0x7f02f9572cd8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/	2019-07-11 10:40:21
197.227.101.253	attack	Jul 10 21:00:33 vps65 sshd\[13048\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.227.101.253 Jul 10 21:00:33 vps65 sshd\[13050\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.227.101.253 ...	2019-07-11 10:53:30
180.252.212.120	attack	Unauthorized connection attempt from IP address 180.252.212.120 on Port 445(SMB)	2019-07-11 10:38:16
198.108.67.78	attack	Wed 10 15:24:15 2568/tcp	2019-07-11 11:08:01
182.18.171.148	attackspam	2019-07-11T00:51:10.038841scmdmz1 sshd\[12667\]: Invalid user claudette from 182.18.171.148 port 48568 2019-07-11T00:51:10.041659scmdmz1 sshd\[12667\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.18.171.148 2019-07-11T00:51:11.930549scmdmz1 sshd\[12667\]: Failed password for invalid user claudette from 182.18.171.148 port 48568 ssh2 ...	2019-07-11 10:34:50
139.99.107.166	attack	Jul 11 03:19:10 srv-4 sshd\[6492\]: Invalid user dev from 139.99.107.166 Jul 11 03:19:10 srv-4 sshd\[6492\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.107.166 Jul 11 03:19:12 srv-4 sshd\[6492\]: Failed password for invalid user dev from 139.99.107.166 port 41082 ssh2 ...	2019-07-11 11:20:43
186.185.73.250	attack	Unauthorized connection attempt from IP address 186.185.73.250 on Port 445(SMB)	2019-07-11 10:27:52
107.170.238.152	attackspam	808/tcp 27780/tcp 2095/tcp... [2019-05-14/07-08]29pkt,25pt.(tcp),1pt.(udp)	2019-07-11 10:57:34
209.200.5.4	attack	Unauthorised access (Jul 10) SRC=209.200.5.4 LEN=40 TTL=241 ID=32479 TCP DPT=445 WINDOW=1024 SYN	2019-07-11 10:27:30
71.78.18.166	attackbotsspam	firewall-block, port(s): 23/tcp	2019-07-11 11:18:36
201.13.83.142	attackspam	Multiple failed RDP login attempts	2019-07-11 11:10:06
147.75.123.65	attack	Unauthorised access (Jul 10) SRC=147.75.123.65 LEN=52 TTL=106 ID=24103 DF TCP DPT=445 WINDOW=8192 SYN	2019-07-11 10:54:39
179.225.179.13	attack	firewall-block, port(s): 23/tcp	2019-07-11 10:51:00

Recently Reported IPs

27.105.227.223	92.12.132.59	188.233.37.178	131.38.219.120
197.40.244.78	200.93.9.68	217.198.60.53	173.13.152.105
123.198.190.2	181.59.55.81	188.36.32.222	86.28.186.177
24.182.195.164	77.42.88.248	210.2.223.28	46.52.87.185
218.42.231.133	27.77.21.66	36.67.175.75	184.22.210.199