City: unknown
Region: unknown
Country: United States
Internet Service Provider: DigitalOcean LLC
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspam | SSH Brute-Force reported by Fail2Ban |
2019-08-08 03:46:30 |
| attackbotsspam | Aug 7 19:35:31 srv-4 sshd\[5044\]: Invalid user computerunabh\303\244ngig from 142.93.91.42 Aug 7 19:35:31 srv-4 sshd\[5044\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.91.42 Aug 7 19:35:32 srv-4 sshd\[5044\]: Failed password for invalid user computerunabh\303\244ngig from 142.93.91.42 port 37570 ssh2 ... |
2019-08-08 01:05:22 |
| attack | Aug 6 22:16:44 xtremcommunity sshd\[345\]: Invalid user es from 142.93.91.42 port 37374 Aug 6 22:16:44 xtremcommunity sshd\[345\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.91.42 Aug 6 22:16:46 xtremcommunity sshd\[345\]: Failed password for invalid user es from 142.93.91.42 port 37374 ssh2 Aug 6 22:21:17 xtremcommunity sshd\[521\]: Invalid user blaze from 142.93.91.42 port 33884 Aug 6 22:21:17 xtremcommunity sshd\[521\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.91.42 ... |
2019-08-07 10:26:10 |
| attackspam | Aug 2 22:47:56 ip-172-31-62-245 sshd\[25474\]: Invalid user server from 142.93.91.42\ Aug 2 22:47:57 ip-172-31-62-245 sshd\[25474\]: Failed password for invalid user server from 142.93.91.42 port 57678 ssh2\ Aug 2 22:52:10 ip-172-31-62-245 sshd\[25485\]: Invalid user othello from 142.93.91.42\ Aug 2 22:52:11 ip-172-31-62-245 sshd\[25485\]: Failed password for invalid user othello from 142.93.91.42 port 51992 ssh2\ Aug 2 22:56:28 ip-172-31-62-245 sshd\[25517\]: Invalid user martin from 142.93.91.42\ |
2019-08-03 07:16:58 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 142.93.91.65 | attack | Sep 23 02:40:19 web1 sshd\[18827\]: Invalid user admin from 142.93.91.65 Sep 23 02:40:19 web1 sshd\[18827\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.91.65 Sep 23 02:40:21 web1 sshd\[18827\]: Failed password for invalid user admin from 142.93.91.65 port 37296 ssh2 Sep 23 02:40:23 web1 sshd\[18827\]: Failed password for invalid user admin from 142.93.91.65 port 37296 ssh2 Sep 23 02:40:24 web1 sshd\[18827\]: Failed password for invalid user admin from 142.93.91.65 port 37296 ssh2 |
2019-09-23 22:13:29 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.91.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54417
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.91.42. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019080202 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 03 07:16:53 CST 2019
;; MSG SIZE rcvd: 116Host 42.91.93.142.in-addr.arpa. not found: 3(NXDOMAIN)Server: 67.207.67.2
Address: 67.207.67.2#53
** server can't find 42.91.93.142.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 211.22.154.223 | attackspam | SSH bruteforce (Triggered fail2ban) |
2019-10-05 04:26:06 |
| 148.72.207.248 | attackbotsspam | Oct 4 09:58:59 hanapaa sshd\[23020\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-207-248.ip.secureserver.net user=root Oct 4 09:59:01 hanapaa sshd\[23020\]: Failed password for root from 148.72.207.248 port 36626 ssh2 Oct 4 10:03:39 hanapaa sshd\[23388\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-207-248.ip.secureserver.net user=root Oct 4 10:03:41 hanapaa sshd\[23388\]: Failed password for root from 148.72.207.248 port 48724 ssh2 Oct 4 10:08:03 hanapaa sshd\[23743\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-207-248.ip.secureserver.net user=root |
2019-10-05 04:15:31 |
| 69.17.158.101 | attackbots | Oct 4 21:51:52 dev0-dcfr-rnet sshd[970]: Failed password for root from 69.17.158.101 port 59462 ssh2 Oct 4 22:04:15 dev0-dcfr-rnet sshd[984]: Failed password for root from 69.17.158.101 port 59748 ssh2 |
2019-10-05 04:13:03 |
| 45.55.88.94 | attackbots | Oct 4 21:09:22 MK-Soft-VM7 sshd[305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.88.94 Oct 4 21:09:24 MK-Soft-VM7 sshd[305]: Failed password for invalid user 123qwerty456 from 45.55.88.94 port 47239 ssh2 ... |
2019-10-05 04:09:31 |
| 187.12.181.106 | attack | 2019-10-04T20:19:35.975897abusebot-8.cloudsearch.cf sshd\[29800\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.12.181.106 user=root |
2019-10-05 04:26:40 |
| 193.32.160.140 | attackspambots | SSH/SMTP Brute Force |
2019-10-05 04:17:21 |
| 202.151.30.145 | attackbots | Oct 5 01:53:58 areeb-Workstation sshd[23149]: Failed password for root from 202.151.30.145 port 32854 ssh2 ... |
2019-10-05 04:41:35 |
| 183.134.199.68 | attackspam | 2019-10-04T20:19:42.628453shield sshd\[12270\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.134.199.68 user=root 2019-10-04T20:19:44.732104shield sshd\[12270\]: Failed password for root from 183.134.199.68 port 59298 ssh2 2019-10-04T20:24:17.351599shield sshd\[13301\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.134.199.68 user=root 2019-10-04T20:24:19.544984shield sshd\[13301\]: Failed password for root from 183.134.199.68 port 59415 ssh2 2019-10-04T20:28:49.572755shield sshd\[14172\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.134.199.68 user=root |
2019-10-05 04:38:47 |
| 122.102.29.102 | attackspambots | Autoban 122.102.29.102 AUTH/CONNECT |
2019-10-05 04:35:31 |
| 46.38.144.146 | attackspambots | Trying to log into mailserver (postfix/smtp) using multiple names and passwords |
2019-10-05 04:42:00 |
| 142.93.49.140 | attackspam | [munged]::443 142.93.49.140 - - [04/Oct/2019:18:43:22 +0200] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 142.93.49.140 - - [04/Oct/2019:18:43:23 +0200] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 142.93.49.140 - - [04/Oct/2019:18:43:24 +0200] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 142.93.49.140 - - [04/Oct/2019:18:43:26 +0200] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 142.93.49.140 - - [04/Oct/2019:18:43:32 +0200] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 142.93.49.140 - - [04/Oct/2019:18:43:33 +0200] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubun |
2019-10-05 04:28:25 |
| 37.49.231.101 | attackbots | Scanning random ports - tries to find possible vulnerable services |
2019-10-05 04:09:42 |
| 218.38.12.44 | attackbotsspam | 445/tcp 445/tcp 445/tcp... [2019-08-04/10-04]13pkt,1pt.(tcp) |
2019-10-05 04:09:55 |
| 178.128.39.92 | attackspambots | Oct 4 17:15:23 sauna sshd[137070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.39.92 Oct 4 17:15:25 sauna sshd[137070]: Failed password for invalid user Contrasena12# from 178.128.39.92 port 60678 ssh2 ... |
2019-10-05 04:26:58 |
| 109.149.175.107 | attack | 5500/tcp 88/tcp 88/tcp [2019-09-24/10-04]3pkt |
2019-10-05 04:29:29 |