City: unknown
Region: unknown
Country: United States
Internet Service Provider: DigitalOcean LLC
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attack | Invalid user admin from 142.93.221.103 port 52712 |
2019-06-25 03:42:49 |
| attackspambots | Invalid user admin from 142.93.221.103 port 52712 |
2019-06-24 13:40:10 |
| attackspam | 2019-06-23T11:43:21.429338abusebot-4.cloudsearch.cf sshd\[4588\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.221.103 user=root |
2019-06-23 20:05:12 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 142.93.221.179 | attack | Dec 26 11:42:45 reporting sshd[7083]: Did not receive identification string from 142.93.221.179 Dec 26 11:45:25 reporting sshd[8059]: Did not receive identification string from 142.93.221.179 Dec 26 11:45:34 reporting sshd[8141]: User r.r from 142.93.221.179 not allowed because not listed in AllowUsers Dec 26 11:45:34 reporting sshd[8141]: Failed password for invalid user r.r from 142.93.221.179 port 57912 ssh2 Dec 26 11:45:34 reporting sshd[8143]: User r.r from 142.93.221.179 not allowed because not listed in AllowUsers Dec 26 11:45:34 reporting sshd[8143]: Failed password for invalid user r.r from 142.93.221.179 port 60532 ssh2 Dec 26 11:45:35 reporting sshd[8145]: User r.r from 142.93.221.179 not allowed because not listed in AllowUsers Dec 26 11:45:35 reporting sshd[8145]: Failed password for invalid user r.r from 142.93.221.17 .... truncated .... shd[12190]: Failed password for invalid user data from 142.93.221.179 port 41008 ssh2 Dec 26 11:53:23 reporting sshd[12........ ------------------------------- |
2019-12-27 03:53:19 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.221.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22438
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.221.103. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019061400 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jun 14 17:42:11 CST 2019
;; MSG SIZE rcvd: 118
Host 103.221.93.142.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 67.207.67.2
Address: 67.207.67.2#53
** server can't find 103.221.93.142.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 150.95.24.185 | attack | Aug 20 19:43:21 lcprod sshd\[15843\]: Invalid user csmi from 150.95.24.185 Aug 20 19:43:21 lcprod sshd\[15843\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=v150-95-24-185.a009.g.bkk1.static.cnode.io Aug 20 19:43:23 lcprod sshd\[15843\]: Failed password for invalid user csmi from 150.95.24.185 port 45161 ssh2 Aug 20 19:48:38 lcprod sshd\[16391\]: Invalid user newtest from 150.95.24.185 Aug 20 19:48:38 lcprod sshd\[16391\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=v150-95-24-185.a009.g.bkk1.static.cnode.io |
2019-08-21 13:52:33 |
| 92.119.160.143 | attackbotsspam | Splunk® : port scan detected: Aug 21 01:45:01 testbed kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:c0:42:d0:39:2c:30:08:00 SRC=92.119.160.143 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x20 TTL=246 ID=61451 PROTO=TCP SPT=48262 DPT=26662 WINDOW=1024 RES=0x00 SYN URGP=0 |
2019-08-21 13:45:48 |
| 107.170.244.110 | attack | Aug 21 08:00:21 legacy sshd[9845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.244.110 Aug 21 08:00:23 legacy sshd[9845]: Failed password for invalid user teamspeak from 107.170.244.110 port 39340 ssh2 Aug 21 08:04:31 legacy sshd[9999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.244.110 ... |
2019-08-21 14:11:07 |
| 36.81.196.155 | attackbotsspam | Unauthorized connection attempt from IP address 36.81.196.155 on Port 445(SMB) |
2019-08-21 14:07:03 |
| 142.93.251.39 | attack | [ssh] SSH attack |
2019-08-21 13:52:58 |
| 128.199.83.29 | attackspambots | Aug 21 03:24:36 v22019058497090703 sshd[24281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.83.29 Aug 21 03:24:38 v22019058497090703 sshd[24281]: Failed password for invalid user reginaldo from 128.199.83.29 port 52340 ssh2 Aug 21 03:29:59 v22019058497090703 sshd[24710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.83.29 ... |
2019-08-21 13:53:16 |
| 129.226.56.22 | attackspambots | Aug 20 19:08:11 friendsofhawaii sshd\[10692\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.56.22 user=root Aug 20 19:08:13 friendsofhawaii sshd\[10692\]: Failed password for root from 129.226.56.22 port 54002 ssh2 Aug 20 19:12:36 friendsofhawaii sshd\[11262\]: Invalid user lotus from 129.226.56.22 Aug 20 19:12:36 friendsofhawaii sshd\[11262\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.56.22 Aug 20 19:12:38 friendsofhawaii sshd\[11262\]: Failed password for invalid user lotus from 129.226.56.22 port 40414 ssh2 |
2019-08-21 13:25:09 |
| 45.55.12.248 | attackspam | Aug 21 05:19:59 shared-1 sshd\[19684\]: Invalid user test from 45.55.12.248Aug 21 05:23:17 shared-1 sshd\[19691\]: Invalid user lachlan from 45.55.12.248 ... |
2019-08-21 13:39:16 |
| 139.59.37.209 | attack | 2019-08-21T05:08:58.337791abusebot-8.cloudsearch.cf sshd\[24296\]: Invalid user db2fenc1 from 139.59.37.209 port 53766 |
2019-08-21 13:20:10 |
| 206.189.84.119 | attack | 2019-08-08T11:34:34.016229wiz-ks3 sshd[16223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.84.119 user=root 2019-08-08T11:34:35.783230wiz-ks3 sshd[16223]: Failed password for root from 206.189.84.119 port 53120 ssh2 2019-08-08T11:35:11.209958wiz-ks3 sshd[16225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.84.119 user=root 2019-08-08T11:35:13.861299wiz-ks3 sshd[16225]: Failed password for root from 206.189.84.119 port 57136 ssh2 2019-08-08T11:35:47.113097wiz-ks3 sshd[16227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.84.119 user=root 2019-08-08T11:35:49.704522wiz-ks3 sshd[16227]: Failed password for root from 206.189.84.119 port 32902 ssh2 2019-08-08T11:36:24.043422wiz-ks3 sshd[16231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.84.119 user=root 2019-08-08T11:36:26.383548wiz-ks3 sshd[16231]: Failed pa |
2019-08-21 14:01:22 |
| 103.31.54.72 | attackspambots | 211/tcp 212/tcp 213/tcp... [2019-06-26/08-20]298pkt,47pt.(tcp),1tp.(icmp) |
2019-08-21 13:49:15 |
| 116.111.234.143 | attack | Unauthorized connection attempt from IP address 116.111.234.143 on Port 445(SMB) |
2019-08-21 13:45:24 |
| 85.224.105.174 | attackspambots | NAME : B2-BISP + e-mail abuse : abuse@telenor.se CIDR : 85.224.104.0/22 SYN Flood DDoS Attack SE - block certain countries :) IP: 85.224.105.174 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl |
2019-08-21 14:16:28 |
| 184.105.139.109 | attackbotsspam | Splunk® : port scan detected: Aug 21 01:54:53 testbed kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:64:c3:d6:0b:ef:f0:08:00 SRC=184.105.139.109 DST=104.248.11.191 LEN=29 TOS=0x00 PREC=0x00 TTL=57 ID=18624 DF PROTO=UDP SPT=16733 DPT=19 LEN=9 |
2019-08-21 14:15:48 |
| 211.99.9.68 | attack | SSH Brute-Forcing (ownc) |
2019-08-21 13:29:46 |