City: Santa Clara
Region: California
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 142.93.88.25 | attack | Nov 9 15:29:12 finn sshd[16183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.88.25 user=r.r Nov 9 15:29:15 finn sshd[16183]: Failed password for r.r from 142.93.88.25 port 36474 ssh2 Nov 9 15:29:15 finn sshd[16183]: Received disconnect from 142.93.88.25 port 36474:11: Bye Bye [preauth] Nov 9 15:29:15 finn sshd[16183]: Disconnected from 142.93.88.25 port 36474 [preauth] Nov 9 15:42:09 finn sshd[19158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.88.25 user=r.r Nov 9 15:42:11 finn sshd[19158]: Failed password for r.r from 142.93.88.25 port 40758 ssh2 Nov 9 15:42:11 finn sshd[19158]: Received disconnect from 142.93.88.25 port 40758:11: Bye Bye [preauth] Nov 9 15:42:11 finn sshd[19158]: Disconnected from 142.93.88.25 port 40758 [preauth] Nov 9 15:45:53 finn sshd[20357]: Invalid user gigi from 142.93.88.25 port 54244 Nov 9 15:45:53 finn sshd[20357]: pam_unix(sshd........ ------------------------------- |
2019-11-10 18:38:35 |
| 142.93.88.45 | attackbots | $f2bV_matches |
2019-11-02 23:54:43 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 142.93.0.0 - 142.93.255.255
CIDR: 142.93.0.0/16
NetName: DIGITALOCEAN-142-93-0-0
NetHandle: NET-142-93-0-0-1
Parent: NET142 (NET-142-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: DigitalOcean, LLC (DO-13)
RegDate: 2018-07-12
Updated: 2020-04-03
Comment: Routing and Peering Policy can be found at https://www.as14061.net
Comment:
Comment: Please submit abuse reports at https://www.digitalocean.com/company/contact/#abuse
Ref: https://rdap.arin.net/registry/ip/142.93.0.0
OrgName: DigitalOcean, LLC
OrgId: DO-13
Address: 105 Edgeview Drive, Suite 425
City: Broomfield
StateProv: CO
PostalCode: 80021
Country: US
RegDate: 2012-05-14
Updated: 2025-04-11
Ref: https://rdap.arin.net/registry/entity/DO-13
OrgNOCHandle: NOC32014-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-646-827-4366
OrgNOCEmail: noc@digitalocean.com
OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
OrgAbuseHandle: DIGIT19-ARIN
OrgAbuseName: DigitalOcean Abuse
OrgAbusePhone: +1-646-827-4366
OrgAbuseEmail: abuse@digitalocean.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN
OrgTechHandle: NOC32014-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-646-827-4366
OrgTechEmail: noc@digitalocean.com
OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.88.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9856
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;142.93.88.159. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026032801 1800 900 604800 86400
;; Query time: 29 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 29 12:00:16 CST 2026
;; MSG SIZE rcvd: 106Host 159.88.93.142.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 159.88.93.142.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 103.192.78.220 | attack | Sep 10 03:16:03 nexus sshd[11365]: Invalid user admin from 103.192.78.220 port 46834 Sep 10 03:16:03 nexus sshd[11365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.192.78.220 Sep 10 03:16:05 nexus sshd[11365]: Failed password for invalid user admin from 103.192.78.220 port 46834 ssh2 Sep 10 03:16:05 nexus sshd[11365]: Connection closed by 103.192.78.220 port 46834 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.192.78.220 |
2019-09-10 10:21:01 |
| 134.209.97.61 | attackspam | Sep 9 16:17:47 php1 sshd\[30189\]: Invalid user 210 from 134.209.97.61 Sep 9 16:17:47 php1 sshd\[30189\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.97.61 Sep 9 16:17:49 php1 sshd\[30189\]: Failed password for invalid user 210 from 134.209.97.61 port 46756 ssh2 Sep 9 16:24:27 php1 sshd\[30970\]: Invalid user p4ssw0rd from 134.209.97.61 Sep 9 16:24:27 php1 sshd\[30970\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.97.61 |
2019-09-10 10:34:31 |
| 218.98.40.152 | attack | Sep 9 20:39:17 aat-srv002 sshd[31639]: Failed password for root from 218.98.40.152 port 62073 ssh2 Sep 9 20:39:19 aat-srv002 sshd[31639]: Failed password for root from 218.98.40.152 port 62073 ssh2 Sep 9 20:39:21 aat-srv002 sshd[31639]: Failed password for root from 218.98.40.152 port 62073 ssh2 Sep 9 20:39:26 aat-srv002 sshd[31654]: Failed password for root from 218.98.40.152 port 23058 ssh2 ... |
2019-09-10 09:51:51 |
| 173.234.181.79 | attack | Contact form spam, No Accept Header from Bolton, doctorversegen@gmail.com |
2019-09-10 10:17:42 |
| 113.176.14.36 | attackbots | Unauthorised access (Sep 10) SRC=113.176.14.36 LEN=52 TTL=116 ID=19939 DF TCP DPT=445 WINDOW=8192 SYN |
2019-09-10 10:14:04 |
| 46.101.39.199 | attackspambots | Sep 10 03:47:39 core sshd[4471]: Invalid user p@ssw0rd123 from 46.101.39.199 port 44663 Sep 10 03:47:42 core sshd[4471]: Failed password for invalid user p@ssw0rd123 from 46.101.39.199 port 44663 ssh2 ... |
2019-09-10 10:02:58 |
| 177.85.140.226 | attackspam | Lines containing failures of 177.85.140.226 (max 1000) Sep 10 07:17:43 Server sshd[22051]: Invalid user admin from 177.85.140.226 port 59526 Sep 10 07:17:43 Server sshd[22051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.85.140.226 Sep 10 07:17:45 Server sshd[22051]: Failed password for invalid user admin from 177.85.140.226 port 59526 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=177.85.140.226 |
2019-09-10 10:32:30 |
| 178.128.162.10 | attack | Sep 9 16:07:05 tdfoods sshd\[28341\]: Invalid user deploy from 178.128.162.10 Sep 9 16:07:05 tdfoods sshd\[28341\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.162.10 Sep 9 16:07:07 tdfoods sshd\[28341\]: Failed password for invalid user deploy from 178.128.162.10 port 45710 ssh2 Sep 9 16:12:35 tdfoods sshd\[28949\]: Invalid user student from 178.128.162.10 Sep 9 16:12:35 tdfoods sshd\[28949\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.162.10 |
2019-09-10 10:20:39 |
| 188.166.158.153 | attackbots | WordPress login Brute force / Web App Attack on client site. |
2019-09-10 10:24:11 |
| 46.249.52.134 | attackbots | CloudCIX Reconnaissance Scan Detected, PTR: s1.xitens.nl. |
2019-09-10 09:55:27 |
| 141.98.9.195 | attack | Sep 10 03:48:30 webserver postfix/smtpd\[22340\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 10 03:49:24 webserver postfix/smtpd\[31363\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 10 03:50:17 webserver postfix/smtpd\[31363\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 10 03:51:09 webserver postfix/smtpd\[31363\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 10 03:52:01 webserver postfix/smtpd\[22340\]: warning: unknown\[141.98.9.195\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2019-09-10 09:52:53 |
| 51.75.146.122 | attackbotsspam | Sep 10 03:44:11 SilenceServices sshd[2701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.146.122 Sep 10 03:44:13 SilenceServices sshd[2701]: Failed password for invalid user guest from 51.75.146.122 port 48188 ssh2 Sep 10 03:49:26 SilenceServices sshd[7084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.146.122 |
2019-09-10 10:06:25 |
| 217.112.128.40 | attack | Postfix DNSBL listed. Trying to send SPAM. |
2019-09-10 10:33:32 |
| 37.6.89.18 | attackbotsspam | DATE:2019-09-10 03:23:16, IP:37.6.89.18, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc) |
2019-09-10 10:14:30 |
| 93.104.178.153 | attackspambots | Automatic report - Port Scan Attack |
2019-09-10 09:49:40 |