142.93.65.212 - IPInfo

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
142.93.65.163	attack	Automatic report - Banned IP Access	2019-07-20 09:14:05
142.93.65.163	attackbotsspam	142.93.65.163 - - [07/Jul/2019:01:15:04 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.65.163 - - [07/Jul/2019:01:15:04 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.65.163 - - [07/Jul/2019:01:15:05 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.65.163 - - [07/Jul/2019:01:15:05 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.65.163 - - [07/Jul/2019:01:15:05 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.65.163 - - [07/Jul/2019:01:15:05 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-07 07:37:13
142.93.65.163	attackbotsspam	www.geburtshaus-fulda.de 142.93.65.163 \[29/Jun/2019:13:10:57 +0200\] "POST /wp-login.php HTTP/1.1" 200 5787 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.geburtshaus-fulda.de 142.93.65.163 \[29/Jun/2019:13:10:58 +0200\] "POST /wp-login.php HTTP/1.1" 200 5791 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-06-29 20:19:46
142.93.65.163	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-06-26 17:25:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.65.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62655
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.65.212.			IN	A

;; AUTHORITY SECTION:
.			403	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122502 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 26 05:48:50 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 212.65.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 212.65.93.142.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
78.29.184.69	attackspam	2019-07-03 18:11:40 H=([78.29.184.69]) [78.29.184.69]:2046 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=78.29.184.69) 2019-07-03 18:11:40 unexpected disconnection while reading SMTP command from ([78.29.184.69]) [78.29.184.69]:2046 I=[10.100.18.21]:25 (error: Connection reset by peer) 2019-07-03 19:30:45 H=([78.29.184.69]) [78.29.184.69]:28138 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=78.29.184.69) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=78.29.184.69	2019-07-06 16:18:52
113.176.89.116	attackbotsspam	$f2bV_matches	2019-07-06 16:17:45
85.31.177.238	attackspambots	[portscan] Port scan	2019-07-06 16:54:57
201.240.5.56	attackspam	2019-07-03 18:22:33 H=(client-201.240.5.56.speedy.net.pe) [201.240.5.56]:38987 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=201.240.5.56) 2019-07-03 18:22:33 unexpected disconnection while reading SMTP command from (client-201.240.5.56.speedy.net.pe) [201.240.5.56]:38987 I=[10.100.18.21]:25 (error: Connection reset by peer) 2019-07-03 19:55:02 H=(client-201.240.5.56.speedy.net.pe) [201.240.5.56]:17147 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=201.240.5.56) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=201.240.5.56	2019-07-06 16:46:06
66.70.188.25	attackbotsspam	Jul 6 08:18:48 ns3367391 sshd\[27833\]: Invalid user fstab from 66.70.188.25 port 46404 Jul 6 08:18:50 ns3367391 sshd\[27833\]: Failed password for invalid user fstab from 66.70.188.25 port 46404 ssh2 ...	2019-07-06 16:51:08
54.36.149.5	attackbots	Automatic report - Web App Attack	2019-07-06 16:16:48
178.164.241.31	attackbotsspam	Jul 4 00:24:38 datentool sshd[25709]: Invalid user khostnameti from 178.164.241.31 Jul 4 00:24:38 datentool sshd[25709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.164.241.31 Jul 4 00:24:40 datentool sshd[25709]: Failed password for invalid user khostnameti from 178.164.241.31 port 44196 ssh2 Jul 4 00:29:05 datentool sshd[25732]: Invalid user kui from 178.164.241.31 Jul 4 00:29:05 datentool sshd[25732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.164.241.31 Jul 4 00:29:06 datentool sshd[25732]: Failed password for invalid user kui from 178.164.241.31 port 40505 ssh2 Jul 4 00:31:33 datentool sshd[25737]: Invalid user XXX from 178.164.241.31 Jul 4 00:31:33 datentool sshd[25737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.164.241.31 Jul 4 00:31:35 datentool sshd[25737]: Failed password for invalid user XXX from 178.16........ -------------------------------	2019-07-06 16:55:35
87.250.145.203	attackbots	Precedence: bulk x-application: smashmail Pervert deviant spam	2019-07-06 16:35:48
181.230.56.215	attackspambots	2019-07-03 19:17:59 H=(215-56-230-181.cab.prima.com.ar) [181.230.56.215]:6267 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=181.230.56.215) 2019-07-03 19:17:59 unexpected disconnection while reading SMTP command from (215-56-230-181.cab.prima.com.ar) [181.230.56.215]:6267 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-07-03 19:59:47 H=(215-56-230-181.cab.prima.com.ar) [181.230.56.215]:47093 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=181.230.56.215) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=181.230.56.215	2019-07-06 16:51:40
168.228.148.206	attackbotsspam	failed_logins	2019-07-06 16:46:46
59.106.70.43	attackspam	GET contents with UA "Java/1.8.0_102" used without "robot.txt" rules.	2019-07-06 16:15:39
5.69.200.61	attackspambots	2019-07-03 18:55:04 H=0545c83d.skybroadband.com [5.69.200.61]:57791 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=5.69.200.61) 2019-07-03 18:55:05 unexpected disconnection while reading SMTP command from 0545c83d.skybroadband.com [5.69.200.61]:57791 I=[10.100.18.23]:25 (error: Connection reset by peer) 2019-07-03 19:39:45 H=0545c83d.skybroadband.com [5.69.200.61]:26915 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=5.69.200.61) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=5.69.200.61	2019-07-06 16:22:35
77.247.110.207	attackspambots	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-07-06 16:32:15
128.199.69.86	attackspambots	2019-07-06T08:11:03.303882scmdmz1 sshd\[29507\]: Invalid user curt from 128.199.69.86 port 54304 2019-07-06T08:11:03.307591scmdmz1 sshd\[29507\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.69.86 2019-07-06T08:11:05.085816scmdmz1 sshd\[29507\]: Failed password for invalid user curt from 128.199.69.86 port 54304 ssh2 ...	2019-07-06 16:26:12
222.180.162.8	attackbots	$f2bV_matches	2019-07-06 16:28:18

Recently Reported IPs

101.132.131.185	217.229.124.124	39.38.89.39	95.76.3.51
100.33.123.41	102.87.222.100	138.0.173.129	47.234.163.121
172.81.215.106	89.252.131.23	186.69.64.210	66.239.172.253
90.224.65.161	177.23.189.217	2600:387:a:9::6b	157.43.111.66
177.102.219.231	124.122.15.224	185.183.147.79	170.235.17.42