142.93.53.155 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	IP: 142.93.53.155 ASN: AS14061 DigitalOcean LLC Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 16/12/2019 9:52:44 AM UTC	2019-12-16 18:06:57

Comments on same subnet:

IP	Type	Details	Datetime
142.93.53.113	attack	Jun 9 14:08:18 debian-2gb-nbg1-2 kernel: \[13963233.624945\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=142.93.53.113 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=53146 PROTO=TCP SPT=40647 DPT=7441 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-09 21:03:27
142.93.53.214	attackspam	SSH login attempts.	2020-05-28 15:20:43
142.93.53.214	attack	May 21 19:47:29 ns382633 sshd\[24993\]: Invalid user jul from 142.93.53.214 port 43918 May 21 19:47:29 ns382633 sshd\[24993\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.53.214 May 21 19:47:31 ns382633 sshd\[24993\]: Failed password for invalid user jul from 142.93.53.214 port 43918 ssh2 May 21 19:53:45 ns382633 sshd\[26045\]: Invalid user ansible from 142.93.53.214 port 40642 May 21 19:53:45 ns382633 sshd\[26045\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.53.214	2020-05-22 02:58:27
142.93.53.113	attack	Unauthorized connection attempt detected from IP address 142.93.53.113 to port 10345 [T]	2020-05-07 01:56:28
142.93.53.214	attackbots	May 6 11:16:57 minden010 sshd[10471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.53.214 May 6 11:16:59 minden010 sshd[10471]: Failed password for invalid user rabbitmq from 142.93.53.214 port 33208 ssh2 May 6 11:20:57 minden010 sshd[12476]: Failed password for root from 142.93.53.214 port 43636 ssh2 ...	2020-05-06 18:04:54
142.93.53.214	attackbots	May 5 01:33:46 ift sshd\[49193\]: Invalid user ct from 142.93.53.214May 5 01:33:49 ift sshd\[49193\]: Failed password for invalid user ct from 142.93.53.214 port 36848 ssh2May 5 01:37:50 ift sshd\[50050\]: Invalid user qcp from 142.93.53.214May 5 01:37:52 ift sshd\[50050\]: Failed password for invalid user qcp from 142.93.53.214 port 48088 ssh2May 5 01:41:49 ift sshd\[50606\]: Invalid user maluks from 142.93.53.214 ...	2020-05-05 09:11:34
142.93.53.113	attackbots	May 3 11:06:13 debian-2gb-nbg1-2 kernel: \[10755677.222658\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=142.93.53.113 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=29840 PROTO=TCP SPT=48732 DPT=15885 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-03 17:29:00
142.93.53.214	attackspam	Apr 30 14:44:56 electroncash sshd[12907]: Invalid user tk from 142.93.53.214 port 44666 Apr 30 14:44:56 electroncash sshd[12907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.53.214 Apr 30 14:44:56 electroncash sshd[12907]: Invalid user tk from 142.93.53.214 port 44666 Apr 30 14:44:58 electroncash sshd[12907]: Failed password for invalid user tk from 142.93.53.214 port 44666 ssh2 Apr 30 14:49:21 electroncash sshd[14026]: Invalid user test from 142.93.53.214 port 51814 ...	2020-04-30 21:00:27
142.93.53.214	attack	Apr 28 08:44:01 NPSTNNYC01T sshd[29310]: Failed password for root from 142.93.53.214 port 40566 ssh2 Apr 28 08:48:28 NPSTNNYC01T sshd[29763]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.53.214 Apr 28 08:48:30 NPSTNNYC01T sshd[29763]: Failed password for invalid user gituser from 142.93.53.214 port 52862 ssh2 ...	2020-04-28 21:17:47
142.93.53.214	attackspambots	Invalid user admin from 142.93.53.214 port 59382	2020-04-23 06:12:10
142.93.53.214	attackspam	srv02 Mass scanning activity detected Target: 22893 ..	2020-04-20 07:36:35
142.93.53.214	attackspambots	Invalid user test from 142.93.53.214 port 51324	2020-04-18 17:51:35
142.93.53.214	attackspam	Apr 17 15:28:24 v22018086721571380 sshd[17578]: Failed password for invalid user jd from 142.93.53.214 port 59030 ssh2	2020-04-17 21:57:18
142.93.53.214	attackbots	Apr 13 19:12:00 OPSO sshd\[17369\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.53.214 user=root Apr 13 19:12:02 OPSO sshd\[17369\]: Failed password for root from 142.93.53.214 port 49278 ssh2 Apr 13 19:16:35 OPSO sshd\[18381\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.53.214 user=root Apr 13 19:16:37 OPSO sshd\[18381\]: Failed password for root from 142.93.53.214 port 48856 ssh2 Apr 13 19:21:00 OPSO sshd\[19513\]: Invalid user 2wsx from 142.93.53.214 port 48444 Apr 13 19:21:00 OPSO sshd\[19513\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.53.214	2020-04-14 01:31:02
142.93.53.113	attack	" "	2020-04-13 08:20:13

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.53.155
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59291
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.53.155.			IN	A

;; AUTHORITY SECTION:
.			557	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121600 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 16 18:06:54 CST 2019
;; MSG SIZE  rcvd: 117

Host info

155.53.93.142.in-addr.arpa domain name pointer ghiz2.daerns.live.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
155.53.93.142.in-addr.arpa	name = ghiz2.daerns.live.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
117.193.245.29	attackbotsspam	$f2bV_matches	2020-02-05 14:25:59
180.76.134.77	attackspambots	Feb 5 07:56:21 lukav-desktop sshd\[19492\]: Invalid user vl from 180.76.134.77 Feb 5 07:56:21 lukav-desktop sshd\[19492\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.134.77 Feb 5 07:56:24 lukav-desktop sshd\[19492\]: Failed password for invalid user vl from 180.76.134.77 port 56934 ssh2 Feb 5 07:59:32 lukav-desktop sshd\[20932\]: Invalid user wp-user from 180.76.134.77 Feb 5 07:59:32 lukav-desktop sshd\[20932\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.134.77	2020-02-05 14:46:16
78.31.71.108	attackspam	RDP Brute-Force (honeypot 13)	2020-02-05 14:45:03
194.250.217.209	attackspambots	Autoban 194.250.217.209 AUTH/CONNECT	2020-02-05 14:32:02
222.186.30.76	attack	2020-02-05T06:58:32.971683centos sshd\[4120\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root 2020-02-05T06:58:35.038608centos sshd\[4120\]: Failed password for root from 222.186.30.76 port 61922 ssh2 2020-02-05T06:58:37.703938centos sshd\[4120\]: Failed password for root from 222.186.30.76 port 61922 ssh2	2020-02-05 14:06:02
211.226.54.253	attack	Feb 5 05:53:55 grey postfix/smtpd\[27214\]: NOQUEUE: reject: RCPT from unknown\[211.226.54.253\]: 554 5.7.1 Service unavailable\; Client host \[211.226.54.253\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=211.226.54.253\; from=\ to=\ proto=ESMTP helo=\<\[211.226.54.253\]\> ...	2020-02-05 14:20:13
142.93.63.151	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2020-02-05 14:23:38
110.137.182.236	attack	20/2/4@23:54:04: FAIL: Alarm-Network address from=110.137.182.236 ...	2020-02-05 14:12:57
156.236.119.194	attack	Unauthorized connection attempt detected from IP address 156.236.119.194 to port 2220 [J]	2020-02-05 14:17:39
146.148.51.169	attack	Automatic report - XMLRPC Attack	2020-02-05 14:14:38
46.246.63.6	attackbots	Scanned 1 times in the last 24 hours on port 22	2020-02-05 14:03:52
138.0.60.6	attack	Feb 5 01:19:26 plusreed sshd[23242]: Invalid user !QAZXCDE#@WS from 138.0.60.6 ...	2020-02-05 14:20:49
185.156.73.52	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 26163 proto: TCP cat: Misc Attack	2020-02-05 14:06:27
54.169.96.173	attackspambots	Autoban 54.169.96.173 AUTH/CONNECT	2020-02-05 14:09:21
34.251.241.226	attackspambots	02/05/2020-06:22:13.498530 34.251.241.226 Protocol: 6 ET POLICY Cleartext WordPress Login	2020-02-05 14:40:25

Recently Reported IPs

183.186.204.147	150.107.204.193	115.84.88.84	122.51.222.17
54.36.185.10	169.255.9.182	94.142.140.219	40.92.71.17
136.143.188.54	40.92.19.60	36.78.41.147	202.6.234.123
170.254.248.61	180.158.1.177	218.104.198.194	2.180.230.41
222.252.12.27	110.77.232.233	189.41.210.95	120.227.166.4