142.93.49.104 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Automatic report - XMLRPC Attack	2020-07-19 12:45:38

Comments on same subnet:

IP	Type	Details	Datetime
142.93.49.38	attack	WordPress XMLRPC scan :: 142.93.49.38 0.116 - [30/Aug/2020:06:32:05 0000] [censored_1] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-08-30 15:33:02
142.93.49.38	attack	Automatic report - XMLRPC Attack	2020-08-11 12:14:02
142.93.49.38	attack	familiengesundheitszentrum-fulda.de 142.93.49.38 [10/Aug/2020:19:57:19 +0200] "POST /wp-login.php HTTP/1.1" 200 6074 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" familiengesundheitszentrum-fulda.de 142.93.49.38 [10/Aug/2020:19:57:19 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4119 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-11 03:07:38
142.93.49.188	attackbotsspam	Jul 3 17:54:45 josie sshd[27769]: Did not receive identification string from 142.93.49.188 Jul 3 17:55:02 josie sshd[27879]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.49.188 user=r.r Jul 3 17:55:04 josie sshd[27879]: Failed password for r.r from 142.93.49.188 port 46602 ssh2 Jul 3 17:55:04 josie sshd[27880]: Received disconnect from 142.93.49.188: 11: Normal Shutdown, Thank you for playing Jul 3 17:55:30 josie sshd[27980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.49.188 user=r.r Jul 3 17:55:32 josie sshd[27980]: Failed password for r.r from 142.93.49.188 port 49456 ssh2 Jul 3 17:55:32 josie sshd[27981]: Received disconnect from 142.93.49.188: 11: Normal Shutdown, Thank you for playing Jul 3 17:55:56 josie sshd[28060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.49.188 user=r.r Jul 3 17:55:57 josie sshd[........ -------------------------------	2020-07-04 18:27:50
142.93.49.212	attackspam	RDP Bruteforce	2020-04-01 18:01:28
142.93.49.202	attack	...	2020-02-02 03:23:12
142.93.49.140	attackspambots	Automatic report - Banned IP Access	2019-11-21 23:22:42
142.93.49.202	attackspambots	Nov 21 08:09:12 vtv3 sshd[15335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.49.202 Nov 21 08:09:14 vtv3 sshd[15335]: Failed password for invalid user okasaki from 142.93.49.202 port 36832 ssh2 Nov 21 08:12:24 vtv3 sshd[16707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.49.202 Nov 21 08:24:42 vtv3 sshd[21291]: Failed password for root from 142.93.49.202 port 43072 ssh2 Nov 21 08:28:12 vtv3 sshd[22786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.49.202 Nov 21 08:28:14 vtv3 sshd[22786]: Failed password for invalid user freas from 142.93.49.202 port 51692 ssh2 Nov 21 08:40:48 vtv3 sshd[27861]: Failed password for root from 142.93.49.202 port 49314 ssh2 Nov 21 08:44:19 vtv3 sshd[28982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.49.202 Nov 21 08:44:21 vtv3 sshd[28982]: Failed password for invalid user fad	2019-11-21 15:55:59
142.93.49.202	attackspam	2019-11-13T08:48:05.701681abusebot-6.cloudsearch.cf sshd\[26093\]: Invalid user bergel from 142.93.49.202 port 35916	2019-11-13 17:08:19
142.93.49.202	attack	Nov 13 06:20:22 dedicated sshd[24419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.49.202 user=root Nov 13 06:20:24 dedicated sshd[24419]: Failed password for root from 142.93.49.202 port 35494 ssh2	2019-11-13 13:35:07
142.93.49.202	attack	Invalid user server from 142.93.49.202 port 34352	2019-11-13 06:24:15
142.93.49.140	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-11-13 02:31:50
142.93.49.202	attack	Nov 10 19:14:41 lnxmysql61 sshd[15492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.49.202	2019-11-11 03:19:51
142.93.49.202	attack	Nov 9 22:10:39 vps sshd[29930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.49.202 Nov 9 22:10:42 vps sshd[29930]: Failed password for invalid user deployer from 142.93.49.202 port 54308 ssh2 Nov 9 22:22:54 vps sshd[30433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.49.202 ...	2019-11-10 05:29:46
142.93.49.140	attackspam	Website hacking attempt: Wordpress admin access [wp-login.php]	2019-10-26 03:27:08

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.49.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30903
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.49.104.			IN	A

;; AUTHORITY SECTION:
.			559	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071801 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jul 19 12:45:30 CST 2020
;; MSG SIZE  rcvd: 117

Host info

104.49.93.142.in-addr.arpa domain name pointer joshjohnson.io-backup.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
104.49.93.142.in-addr.arpa	name = joshjohnson.io-backup.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.25.144.133	attackspam	2020-07-14T20:27:52.049716+02:00 sshd[1982]: Failed password for invalid user enrico from 118.25.144.133 port 49290 ssh2	2020-07-15 03:29:31
175.24.102.249	attack	Jul 14 15:36:16 george sshd[29090]: Failed password for invalid user cubes from 175.24.102.249 port 47988 ssh2 Jul 14 15:39:18 george sshd[29242]: Invalid user jian from 175.24.102.249 port 55408 Jul 14 15:39:18 george sshd[29242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.102.249 Jul 14 15:39:21 george sshd[29242]: Failed password for invalid user jian from 175.24.102.249 port 55408 ssh2 Jul 14 15:42:22 george sshd[29295]: Invalid user zabbix from 175.24.102.249 port 34588 ...	2020-07-15 03:50:41
62.28.253.197	attack	Jul 14 21:32:50 odroid64 sshd\[28403\]: Invalid user mukund from 62.28.253.197 Jul 14 21:32:50 odroid64 sshd\[28403\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.28.253.197 ...	2020-07-15 03:48:10
23.99.96.247	attack	Jul 14 20:28:00 rancher-0 sshd[302088]: Invalid user 123 from 23.99.96.247 port 21265 Jul 14 20:28:02 rancher-0 sshd[302088]: Failed password for invalid user 123 from 23.99.96.247 port 21265 ssh2 ...	2020-07-15 03:32:29
52.149.134.171	attack	Jul 14 20:27:51 odroid64 sshd\[25506\]: Invalid user 123 from 52.149.134.171 Jul 14 20:27:51 odroid64 sshd\[25506\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.171 ...	2020-07-15 03:49:39
13.78.164.172	attack	$f2bV_matches	2020-07-15 03:49:12
93.86.102.94	attackbotsspam	Unauthorized connection attempt detected from IP address 93.86.102.94 to port 23	2020-07-15 03:47:44
13.78.149.65	attack	Brute-force attempt banned	2020-07-15 03:33:21
198.20.103.244	attackspambots	[Wed Jul 15 02:02:17 2020] - DDoS Attack From IP: 198.20.103.244 Port: 17370	2020-07-15 03:57:12
145.239.95.241	attackspam	Jul 14 19:41:09 ns3033917 sshd[12381]: Invalid user hz from 145.239.95.241 port 32810 Jul 14 19:41:11 ns3033917 sshd[12381]: Failed password for invalid user hz from 145.239.95.241 port 32810 ssh2 Jul 14 19:47:22 ns3033917 sshd[12433]: Invalid user admin from 145.239.95.241 port 60786 ...	2020-07-15 03:57:50
27.128.162.183	attackspambots	$f2bV_matches	2020-07-15 03:37:23
168.61.52.106	attack	Jul 14 20:28:00 santamaria sshd\[2006\]: Invalid user 123 from 168.61.52.106 Jul 14 20:28:00 santamaria sshd\[2006\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.61.52.106 Jul 14 20:28:02 santamaria sshd\[2006\]: Failed password for invalid user 123 from 168.61.52.106 port 5295 ssh2 ...	2020-07-15 03:29:17
104.44.141.85	attackspam	Lines containing failures of 104.44.141.85 Jul 14 00:48:38 nemesis sshd[15502]: Invalid user admin from 104.44.141.85 port 53571 Jul 14 00:48:38 nemesis sshd[15503]: Invalid user admin from 104.44.141.85 port 53573 Jul 14 00:48:38 nemesis sshd[15505]: Invalid user admin from 104.44.141.85 port 53576 Jul 14 00:48:38 nemesis sshd[15504]: Invalid user admin from 104.44.141.85 port 53575 Jul 14 00:48:38 nemesis sshd[15502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 ........ ----------------------------------------------- https://www.blockl	2020-07-15 03:39:35
52.146.35.191	attack	2020-07-14T18:28:03.200810randservbullet-proofcloud-66.localdomain sshd[26709]: Invalid user 123 from 52.146.35.191 port 56446 2020-07-14T18:28:03.204884randservbullet-proofcloud-66.localdomain sshd[26709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.146.35.191 2020-07-14T18:28:03.200810randservbullet-proofcloud-66.localdomain sshd[26709]: Invalid user 123 from 52.146.35.191 port 56446 2020-07-14T18:28:05.102187randservbullet-proofcloud-66.localdomain sshd[26709]: Failed password for invalid user 123 from 52.146.35.191 port 56446 ssh2 ...	2020-07-15 03:27:18
41.89.96.238	attack	(sshd) Failed SSH login from 41.89.96.238 (KE/Kenya/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 15 01:27:45 serv sshd[25505]: Invalid user donald from 41.89.96.238 port 55850 Jul 15 01:27:47 serv sshd[25505]: Failed password for invalid user donald from 41.89.96.238 port 55850 ssh2	2020-07-15 03:46:19

Recently Reported IPs

138.128.96.236	138.128.77.3	93.119.164.33	139.55.215.125
54.224.145.36	164.163.121.211	118.122.115.9	113.22.110.112
1.54.159.109	172.249.79.2	220.94.90.148	217.93.11.92
113.6.136.25	200.98.133.21	72.52.75.205	191.18.167.159
111.231.231.22	210.216.87.223	45.172.108.77	217.61.40.77