142.93.34.249 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United Kingdom of Great Britain and Northern Ireland

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Feb 2 20:52:16 pi sshd[28484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.249 Feb 2 20:52:18 pi sshd[28484]: Failed password for invalid user nu from 142.93.34.249 port 47668 ssh2	2020-03-14 02:19:58

Type

Details

Datetime

attackbotsspam

Feb  2 20:52:16 pi sshd[28484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.249 
Feb  2 20:52:18 pi sshd[28484]: Failed password for invalid user nu from 142.93.34.249 port 47668 ssh2

2020-03-14 02:19:58

Comments on same subnet:

IP	Type	Details	Datetime
142.93.34.237	attackbots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-01 18:50:53
142.93.34.237	attack	scans 2 times in preceeding hours on the ports (in chronological order) 2812 2812	2020-09-20 22:48:04
142.93.34.237	attackbotsspam	(sshd) Failed SSH login from 142.93.34.237 (GB/United Kingdom/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 20 02:32:21 optimus sshd[18174]: Invalid user postgres from 142.93.34.237 Sep 20 02:32:21 optimus sshd[18174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Sep 20 02:32:23 optimus sshd[18174]: Failed password for invalid user postgres from 142.93.34.237 port 53744 ssh2 Sep 20 02:34:07 optimus sshd[19447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 user=root Sep 20 02:34:09 optimus sshd[19447]: Failed password for root from 142.93.34.237 port 47652 ssh2	2020-09-20 14:39:11
142.93.34.237	attackbots	[ssh] SSH attack	2020-09-20 06:38:03
142.93.34.237	attack	Sep 9 08:23:48 root sshd[32474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 ...	2020-09-09 20:18:07
142.93.34.237	attackbots	Port scan denied	2020-09-09 14:15:06
142.93.34.237	attackspam	(sshd) Failed SSH login from 142.93.34.237 (GB/United Kingdom/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 8 17:44:52 server2 sshd[5793]: Invalid user opc from 142.93.34.237 Sep 8 17:44:52 server2 sshd[5793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Sep 8 17:44:54 server2 sshd[5793]: Failed password for invalid user opc from 142.93.34.237 port 48194 ssh2 Sep 8 17:50:46 server2 sshd[9000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 user=root Sep 8 17:50:48 server2 sshd[9000]: Failed password for root from 142.93.34.237 port 45140 ssh2	2020-09-09 06:26:28
142.93.34.237	attackspambots	TCP port : 5290	2020-09-02 22:11:05
142.93.34.237	attackbotsspam	Port scan denied	2020-09-02 14:01:13
142.93.34.237	attackspambots	Invalid user mongo from 142.93.34.237 port 43272	2020-09-02 07:02:07
142.93.34.237	attackspam	Aug 30 07:54:05 lukav-desktop sshd\[20305\]: Invalid user sftp from 142.93.34.237 Aug 30 07:54:05 lukav-desktop sshd\[20305\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Aug 30 07:54:08 lukav-desktop sshd\[20305\]: Failed password for invalid user sftp from 142.93.34.237 port 39110 ssh2 Aug 30 07:58:01 lukav-desktop sshd\[20345\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 user=root Aug 30 07:58:03 lukav-desktop sshd\[20345\]: Failed password for root from 142.93.34.237 port 47702 ssh2	2020-08-30 13:11:32
142.93.34.169	attackbotsspam	142.93.34.169 - - [24/Aug/2020:05:43:57 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [24/Aug/2020:05:43:58 +0100] "POST /wp-login.php HTTP/1.1" 200 1949 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.34.169 - - [24/Aug/2020:05:43:59 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-24 14:39:17
142.93.34.237	attackbotsspam	Invalid user demo from 142.93.34.237 port 45858	2020-08-22 06:25:00
142.93.34.169	attackbots	Attempt to hack Wordpress Login, XMLRPC or other login	2020-08-19 19:16:09
142.93.34.237	attack	Aug 18 12:30:05 vps-51d81928 sshd[708386]: Failed password for invalid user yuxin from 142.93.34.237 port 47050 ssh2 Aug 18 12:34:05 vps-51d81928 sshd[708526]: Invalid user josh from 142.93.34.237 port 55404 Aug 18 12:34:05 vps-51d81928 sshd[708526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.34.237 Aug 18 12:34:05 vps-51d81928 sshd[708526]: Invalid user josh from 142.93.34.237 port 55404 Aug 18 12:34:07 vps-51d81928 sshd[708526]: Failed password for invalid user josh from 142.93.34.237 port 55404 ssh2 ...	2020-08-18 22:29:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.34.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35003
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.34.249.			IN	A

;; AUTHORITY SECTION:
.			461	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031300 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 14 02:19:50 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 249.34.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 249.34.93.142.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
121.17.30.44	attack	07/04/2020-12:56:18.786577 121.17.30.44 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-07-05 02:03:23
206.214.9.10	attackbotsspam	Spam gateway	2020-07-05 02:18:48
111.229.74.27	attackbots	$f2bV_matches	2020-07-05 02:18:14
182.254.244.109	attack	Jul 4 14:13:36 vps333114 sshd[21492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.244.109 Jul 4 14:13:38 vps333114 sshd[21492]: Failed password for invalid user testuser from 182.254.244.109 port 43380 ssh2 ...	2020-07-05 02:37:48
119.252.143.6	attackbots	2020-07-04T17:33:52.577827abusebot-8.cloudsearch.cf sshd[18605]: Invalid user zeppelin from 119.252.143.6 port 42882 2020-07-04T17:33:52.583775abusebot-8.cloudsearch.cf sshd[18605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.252.143.6 2020-07-04T17:33:52.577827abusebot-8.cloudsearch.cf sshd[18605]: Invalid user zeppelin from 119.252.143.6 port 42882 2020-07-04T17:33:54.356611abusebot-8.cloudsearch.cf sshd[18605]: Failed password for invalid user zeppelin from 119.252.143.6 port 42882 ssh2 2020-07-04T17:40:44.378679abusebot-8.cloudsearch.cf sshd[18619]: Invalid user backup from 119.252.143.6 port 22534 2020-07-04T17:40:44.384277abusebot-8.cloudsearch.cf sshd[18619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.252.143.6 2020-07-04T17:40:44.378679abusebot-8.cloudsearch.cf sshd[18619]: Invalid user backup from 119.252.143.6 port 22534 2020-07-04T17:40:46.051548abusebot-8.cloudsearch.cf sshd[186 ...	2020-07-05 02:21:38
128.14.209.244	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-07-05 02:29:41
170.130.143.22	attackbots	170.130.143.22 has been banned for [spam] ...	2020-07-05 02:24:35
128.14.209.229	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-07-05 02:36:57
46.38.145.254	attack	2020-07-04 17:39:37 auth_plain authenticator failed for (User) [46.38.145.254]: 535 Incorrect authentication data (set_id=cpanel.web@mail.csmailer.org) 2020-07-04 17:40:19 auth_plain authenticator failed for (User) [46.38.145.254]: 535 Incorrect authentication data (set_id=psi@mail.csmailer.org) 2020-07-04 17:41:05 auth_plain authenticator failed for (User) [46.38.145.254]: 535 Incorrect authentication data (set_id=oh@mail.csmailer.org) 2020-07-04 17:41:57 auth_plain authenticator failed for (User) [46.38.145.254]: 535 Incorrect authentication data (set_id=prestige@mail.csmailer.org) 2020-07-04 17:42:42 auth_plain authenticator failed for (User) [46.38.145.254]: 535 Incorrect authentication data (set_id=arlene@mail.csmailer.org) ...	2020-07-05 02:04:29
42.101.46.118	attackspam	Jul 4 16:59:16 Ubuntu-1404-trusty-64-minimal sshd\[28988\]: Invalid user mobile from 42.101.46.118 Jul 4 16:59:16 Ubuntu-1404-trusty-64-minimal sshd\[28988\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.101.46.118 Jul 4 16:59:18 Ubuntu-1404-trusty-64-minimal sshd\[28988\]: Failed password for invalid user mobile from 42.101.46.118 port 55458 ssh2 Jul 4 17:03:23 Ubuntu-1404-trusty-64-minimal sshd\[1673\]: Invalid user hary from 42.101.46.118 Jul 4 17:03:23 Ubuntu-1404-trusty-64-minimal sshd\[1673\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.101.46.118	2020-07-05 02:25:29
168.227.99.10	attackbotsspam	Jul 4 19:53:00 vmd48417 sshd[8304]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.227.99.10	2020-07-05 02:15:26
130.180.66.97	attack	Jul 4 20:16:48 lukav-desktop sshd\[28270\]: Invalid user rr from 130.180.66.97 Jul 4 20:16:48 lukav-desktop sshd\[28270\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.180.66.97 Jul 4 20:16:50 lukav-desktop sshd\[28270\]: Failed password for invalid user rr from 130.180.66.97 port 52870 ssh2 Jul 4 20:21:41 lukav-desktop sshd\[28344\]: Invalid user user5 from 130.180.66.97 Jul 4 20:21:41 lukav-desktop sshd\[28344\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.180.66.97	2020-07-05 02:25:06
50.2.209.244	attackspambots	Return-Path: Received: from mail.peaceinprocess.com (mail-a.webstudioninetytwo.com [50.2.209.244]) by sm21.webhosting-secure.com with SMTP; Sat, 4 Jul 2020 04:26:16 -0700	2020-07-05 02:16:46
128.14.209.181	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-07-05 02:40:58
36.90.179.187	attackspambots	Lines containing failures of 36.90.179.187 Jul 1 05:39:33 shared01 sshd[3088]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.90.179.187 user=r.r Jul 1 05:39:34 shared01 sshd[3088]: Failed password for r.r from 36.90.179.187 port 50976 ssh2 Jul 1 05:39:34 shared01 sshd[3088]: Received disconnect from 36.90.179.187 port 50976:11: Bye Bye [preauth] Jul 1 05:39:34 shared01 sshd[3088]: Disconnected from authenticating user r.r 36.90.179.187 port 50976 [preauth] Jul 1 05:43:39 shared01 sshd[4594]: Invalid user Redistoor from 36.90.179.187 port 41964 Jul 1 05:43:39 shared01 sshd[4594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.90.179.187 Jul 1 05:43:41 shared01 sshd[4594]: Failed password for invalid user Redistoor from 36.90.179.187 port 41964 ssh2 Jul 1 05:43:41 shared01 sshd[4594]: Received disconnect from 36.90.179.187 port 41964:11: Bye Bye [preauth] Jul 1 05:43:41 share........ ------------------------------	2020-07-05 02:02:58

Recently Reported IPs

87.76.14.132	206.189.129.164	158.46.185.220	28.145.201.197
116.72.34.12	1.179.146.154	118.122.124.9	14.174.104.61
181.112.225.34	203.156.223.254	149.0.67.61	125.166.211.176
206.189.133.187	190.128.166.70	183.89.237.230	1.4.137.148
129.211.48.30	89.42.187.129	223.152.94.80	5.232.36.53