City: Santa Clara
Region: California
Country: United States
Internet Service Provider: DigitalOcean LLC
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attack | Nov 9 15:29:12 finn sshd[16183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.88.25 user=r.r Nov 9 15:29:15 finn sshd[16183]: Failed password for r.r from 142.93.88.25 port 36474 ssh2 Nov 9 15:29:15 finn sshd[16183]: Received disconnect from 142.93.88.25 port 36474:11: Bye Bye [preauth] Nov 9 15:29:15 finn sshd[16183]: Disconnected from 142.93.88.25 port 36474 [preauth] Nov 9 15:42:09 finn sshd[19158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.88.25 user=r.r Nov 9 15:42:11 finn sshd[19158]: Failed password for r.r from 142.93.88.25 port 40758 ssh2 Nov 9 15:42:11 finn sshd[19158]: Received disconnect from 142.93.88.25 port 40758:11: Bye Bye [preauth] Nov 9 15:42:11 finn sshd[19158]: Disconnected from 142.93.88.25 port 40758 [preauth] Nov 9 15:45:53 finn sshd[20357]: Invalid user gigi from 142.93.88.25 port 54244 Nov 9 15:45:53 finn sshd[20357]: pam_unix(sshd........ ------------------------------- |
2019-11-10 18:38:35 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 142.93.88.45 | attackbots | $f2bV_matches |
2019-11-02 23:54:43 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.88.25
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17262
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.88.25. IN A
;; AUTHORITY SECTION:
. 272 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019111000 1800 900 604800 86400
;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 10 18:38:32 CST 2019
;; MSG SIZE rcvd: 116Host 25.88.93.142.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 25.88.93.142.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 93.174.93.195 | attackbotsspam | 93.174.93.195 was recorded 5 times by 4 hosts attempting to connect to the following ports: 10011,10015. Incident counter (4h, 24h, all-time): 5, 26, 14519 |
2020-10-01 07:10:36 |
| 51.75.86.211 | attackspambots | *Port Scan* detected from 51.75.86.211 (DE/Germany/Hesse/Frankfurt am Main/ip211.ip-51-75-86.eu). 4 hits in the last 120 seconds |
2020-10-01 07:16:52 |
| 45.227.254.30 | attack | scans 6 times in preceeding hours on the ports (in chronological order) 44212 44211 44210 44214 33671 3895 |
2020-10-01 07:18:15 |
| 193.27.228.172 | attack | Port-scan: detected 211 distinct ports within a 24-hour window. |
2020-10-01 07:02:00 |
| 5.188.159.48 | attack | ET CINS Active Threat Intelligence Poor Reputation IP group 4 - port: 8443 proto: tcp cat: Misc Attackbytes: 60 |
2020-10-01 07:25:37 |
| 101.251.219.100 | attack |
|
2020-10-01 07:08:57 |
| 185.153.199.132 | attackspam | Found on Binary Defense / proto=6 . srcport=40904 . dstport=3410 . (78) |
2020-10-01 07:03:56 |
| 46.161.27.48 | attackspam | ET CINS Active Threat Intelligence Poor Reputation IP group 29 - port: 10000 proto: tcp cat: Misc Attackbytes: 60 |
2020-10-01 07:17:24 |
| 212.95.175.140 | attack |
|
2020-10-01 06:59:06 |
| 195.54.161.59 | attackbots | scans 5 times in preceeding hours on the ports (in chronological order) 54782 4017 50450 3636 2112 resulting in total of 25 scans from 195.54.160.0/23 block. |
2020-10-01 07:01:13 |
| 45.129.33.15 | attackspam | [MK-Root1] Blocked by UFW |
2020-10-01 07:22:56 |
| 45.227.255.204 | attackbots | Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-09-30T23:12:45Z |
2020-10-01 07:17:56 |
| 202.147.192.242 | attackbotsspam | Oct 1 01:38:38 pkdns2 sshd\[54636\]: Invalid user rafael from 202.147.192.242Oct 1 01:38:40 pkdns2 sshd\[54636\]: Failed password for invalid user rafael from 202.147.192.242 port 56984 ssh2Oct 1 01:41:14 pkdns2 sshd\[54772\]: Invalid user vtcbikes from 202.147.192.242Oct 1 01:41:16 pkdns2 sshd\[54772\]: Failed password for invalid user vtcbikes from 202.147.192.242 port 38156 ssh2Oct 1 01:42:05 pkdns2 sshd\[54802\]: Invalid user ts3server from 202.147.192.242Oct 1 01:42:08 pkdns2 sshd\[54802\]: Failed password for invalid user ts3server from 202.147.192.242 port 50700 ssh2 ... |
2020-10-01 07:27:40 |
| 89.248.167.141 | attackspam | [N1.H1.VM1] Port Scanner Detected Blocked by UFW |
2020-10-01 07:13:58 |
| 45.129.33.100 | attackspam | ET DROP Dshield Block Listed Source group 1 - port: 9202 proto: tcp cat: Misc Attackbytes: 60 |
2020-10-01 07:20:20 |