142.93.6.79 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	xmlrpc attack	2020-05-14 03:55:47

Comments on same subnet:

IP	Type	Details	Datetime
142.93.62.222	attack	Bad IP	2024-04-30 13:05:00
142.93.68.181	attack	TCP (SYN) 142.93.68.181:58096 -> port 5163, len 44	2020-10-10 06:23:00
142.93.68.181	attackspambots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-09 22:33:25
142.93.68.181	attackspam	Port scan denied	2020-10-09 14:23:39
142.93.62.231	attackbots	Oct 7 13:48:33 hosting sshd[12236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.62.231 user=root Oct 7 13:48:35 hosting sshd[12236]: Failed password for root from 142.93.62.231 port 48454 ssh2 ...	2020-10-08 06:47:50
142.93.62.231	attackspam	Oct 7 13:48:33 hosting sshd[12236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.62.231 user=root Oct 7 13:48:35 hosting sshd[12236]: Failed password for root from 142.93.62.231 port 48454 ssh2 ...	2020-10-07 23:09:21
142.93.62.231	attackspam	$f2bV_matches	2020-10-07 15:15:23
142.93.66.165	attackbots	MYH,DEF GET /wp-login.php	2020-10-03 06:22:50
142.93.66.165	attack	142.93.66.165 - - [02/Oct/2020:07:28:05 +0000] "POST /wp-login.php HTTP/1.1" 200 2077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:08 +0000] "POST /wp-login.php HTTP/1.1" 200 2055 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:10 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:12 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:14 +0000] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"	2020-10-03 01:50:22
142.93.66.165	attackspam	142.93.66.165 - - [02/Oct/2020:07:28:05 +0000] "POST /wp-login.php HTTP/1.1" 200 2077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:08 +0000] "POST /wp-login.php HTTP/1.1" 200 2055 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:10 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:12 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:14 +0000] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"	2020-10-02 22:18:34
142.93.66.165	attack	142.93.66.165 - - [02/Oct/2020:07:28:05 +0000] "POST /wp-login.php HTTP/1.1" 200 2077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:08 +0000] "POST /wp-login.php HTTP/1.1" 200 2055 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:10 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:12 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.93.66.165 - - [02/Oct/2020:07:28:14 +0000] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"	2020-10-02 18:51:05
142.93.66.165	attackbots	CMS (WordPress or Joomla) login attempt.	2020-10-02 15:26:09
142.93.62.231	attack	2020-09-24T20:15:59.264943abusebot-4.cloudsearch.cf sshd[28847]: Invalid user sms from 142.93.62.231 port 37906 2020-09-24T20:15:59.273521abusebot-4.cloudsearch.cf sshd[28847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.62.231 2020-09-24T20:15:59.264943abusebot-4.cloudsearch.cf sshd[28847]: Invalid user sms from 142.93.62.231 port 37906 2020-09-24T20:16:01.375888abusebot-4.cloudsearch.cf sshd[28847]: Failed password for invalid user sms from 142.93.62.231 port 37906 ssh2 2020-09-24T20:19:20.827360abusebot-4.cloudsearch.cf sshd[28854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.62.231 user=root 2020-09-24T20:19:22.187495abusebot-4.cloudsearch.cf sshd[28854]: Failed password for root from 142.93.62.231 port 47050 ssh2 2020-09-24T20:22:39.126038abusebot-4.cloudsearch.cf sshd[28860]: Invalid user bitcoin from 142.93.62.231 port 56162 ...	2020-09-25 05:16:47
142.93.62.231	attack	2020-09-22 UTC: (2x) - chart(2x)	2020-09-24 01:07:59
142.93.62.231	attack	Sep 23 07:12:32 staging sshd[71513]: Invalid user rochelle from 142.93.62.231 port 41190 Sep 23 07:12:32 staging sshd[71513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.62.231 Sep 23 07:12:32 staging sshd[71513]: Invalid user rochelle from 142.93.62.231 port 41190 Sep 23 07:12:34 staging sshd[71513]: Failed password for invalid user rochelle from 142.93.62.231 port 41190 ssh2 ...	2020-09-23 17:11:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.6.79
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13602
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.6.79.			IN	A

;; AUTHORITY SECTION:
.			415	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051301 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 14 03:55:43 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 79.6.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 79.6.93.142.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
113.110.193.192	attackspam	Unauthorized connection attempt from IP address 113.110.193.192 on Port 445(SMB)	2019-10-09 08:04:54
171.235.84.8	attackspambots	v+ssh-bruteforce	2019-10-09 07:39:30
172.106.164.33	attack	Jun 14 11:13:37 server sshd\[153520\]: Invalid user admin from 172.106.164.33 Jun 14 11:13:37 server sshd\[153520\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.106.164.33 Jun 14 11:13:39 server sshd\[153520\]: Failed password for invalid user admin from 172.106.164.33 port 20233 ssh2 ...	2019-10-09 12:08:51
187.102.71.1	attackspam	2019-10-08 16:54:49 H=(187-102-71-1.customer.foxinternet.com.br) [187.102.71.1]:34128 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-10-08 16:54:50 H=(187-102-71-1.customer.foxinternet.com.br) [187.102.71.1]:34128 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-10-08 16:54:50 H=(187-102-71-1.customer.foxinternet.com.br) [187.102.71.1]:34128 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) ...	2019-10-09 07:56:25
175.211.112.254	attackspam	Oct 8 05:20:44 *** sshd[11656]: Failed password for invalid user open from 175.211.112.254 port 33464 ssh2	2019-10-09 07:37:12
187.33.237.86	attackbotsspam	Unauthorized connection attempt from IP address 187.33.237.86 on Port 445(SMB)	2019-10-09 07:53:32
106.75.78.135	attackspambots	port scan and connect, tcp 5984 (couchdb)	2019-10-09 07:47:45
129.204.244.2	attackbotsspam	Oct 8 13:34:35 * sshd[18429]: Failed password for invalid user 123 from 129.204.244.2 port 42958 ssh2 Oct 8 13:36:01 * sshd[18453]: Failed password for invalid user Lille!23 from 129.204.244.2 port 55100 ssh2 Oct 8 13:43:26 * sshd[18625]: Failed password for invalid user 123Press from 129.204.244.2 port 47300 ssh2 Oct 8 13:44:49 * sshd[18656]: Failed password for invalid user Network123 from 129.204.244.2 port 59440 ssh2 Oct 8 13:47:41 *** sshd[18689]: Failed password for invalid user Maria1@3 from 129.204.244.2 port 55488 ssh2	2019-10-09 07:49:19
107.173.145.168	attackbots	2019-10-08T23:16:06.111604abusebot-8.cloudsearch.cf sshd\[23395\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.173.145.168 user=root	2019-10-09 07:37:38
198.50.197.221	attackbots	SSH invalid-user multiple login attempts	2019-10-09 08:08:26
80.211.131.17	attackspambots	" "	2019-10-09 12:12:08
223.202.201.138	attackspam	Oct 9 01:23:41 mail sshd[7690]: Failed password for root from 223.202.201.138 port 39573 ssh2 Oct 9 01:28:13 mail sshd[9428]: Failed password for root from 223.202.201.138 port 59384 ssh2	2019-10-09 07:48:30
222.186.175.151	attackspam	Oct 8 23:43:21 sshgateway sshd\[17428\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.151 user=root Oct 8 23:43:23 sshgateway sshd\[17428\]: Failed password for root from 222.186.175.151 port 60934 ssh2 Oct 8 23:43:40 sshgateway sshd\[17428\]: error: maximum authentication attempts exceeded for root from 222.186.175.151 port 60934 ssh2 \[preauth\]	2019-10-09 07:46:56
142.93.174.47	attack	Oct 9 05:53:21 vps691689 sshd[18154]: Failed password for root from 142.93.174.47 port 52448 ssh2 Oct 9 05:57:46 vps691689 sshd[18242]: Failed password for root from 142.93.174.47 port 39944 ssh2 ...	2019-10-09 12:07:35
106.12.82.84	attack	Oct 9 01:30:57 mail sshd[10588]: Failed password for root from 106.12.82.84 port 43714 ssh2 Oct 9 01:35:38 mail sshd[12358]: Failed password for root from 106.12.82.84 port 52874 ssh2	2019-10-09 08:02:56

Recently Reported IPs

176.236.16.6	69.232.196.220	145.57.40.108	207.227.204.70
226.105.223.244	87.11.88.130	82.200.221.18	156.96.118.172
189.248.76.222	139.99.218.54	95.51.177.148	166.170.98.243
95.47.46.136	90.178.94.74	99.107.219.87	31.88.115.188
46.34.232.122	8.247.210.254	200.252.172.101	184.228.137.248