City: unknown
Region: unknown
Country: United States of America
Internet Service Provider: DigitalOcean LLC
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attack | scan |
2020-08-26 17:58:47 |
| attackspam | Blocked for port scanning. Time: Fri Aug 21. 02:19:10 2020 +0200 IP: 142.93.94.49 (US/United States/-) Sample of block hits: Aug 21 02:16:11 vserv kernel: [6028936.526246] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=142.93.94.49 DST=[removed] LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=9060 PROTO=TCP SPT=22 DPT=143 WINDOW=8192 RES=0x00 SYN URGP=0 Aug 21 02:16:30 vserv kernel: [6028956.067268] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=142.93.94.49 DST=[removed] LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=9060 PROTO=TCP SPT=22 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0 Aug 21 02:16:59 vserv kernel: [6028984.864573] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=142.93.94.49 DST=[removed] LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=9060 PROTO=TCP SPT=22 DPT=143 WINDOW=8192 RES=0x00 SYN URGP=0 Aug 21 02:17:12 vserv kernel: [6028998.347248] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=142.93.94.49 DST=[removed] LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=9060 PROTO=TCP SPT=22 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0 |
2020-08-21 16:35:05 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 142.93.94.86 | attackbots | SSH brute-force: detected 6 distinct usernames within a 24-hour window. |
2019-12-24 02:13:13 |
| 142.93.94.86 | attackspam | Dec 22 23:27:42 wbs sshd\[26653\]: Invalid user piranha from 142.93.94.86 Dec 22 23:27:42 wbs sshd\[26653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.94.86 Dec 22 23:27:44 wbs sshd\[26653\]: Failed password for invalid user piranha from 142.93.94.86 port 49156 ssh2 Dec 22 23:33:38 wbs sshd\[27212\]: Invalid user root3333 from 142.93.94.86 Dec 22 23:33:38 wbs sshd\[27212\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.94.86 |
2019-12-23 17:36:15 |
| 142.93.94.86 | attackspambots | Dec 20 06:21:54 hcbbdb sshd\[19835\]: Invalid user ans from 142.93.94.86 Dec 20 06:21:54 hcbbdb sshd\[19835\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.94.86 Dec 20 06:21:56 hcbbdb sshd\[19835\]: Failed password for invalid user ans from 142.93.94.86 port 39584 ssh2 Dec 20 06:27:34 hcbbdb sshd\[21274\]: Invalid user nobody3333 from 142.93.94.86 Dec 20 06:27:34 hcbbdb sshd\[21274\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.94.86 |
2019-12-20 17:44:31 |
| 142.93.94.86 | attack | Dec 18 21:54:45 gw1 sshd[1888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.94.86 Dec 18 21:54:48 gw1 sshd[1888]: Failed password for invalid user abcdg from 142.93.94.86 port 35098 ssh2 ... |
2019-12-19 01:11:37 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.94.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40821
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.94.49. IN A
;; AUTHORITY SECTION:
. 225 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020082001 1800 900 604800 86400
;; Query time: 49 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Aug 21 16:34:58 CST 2020
;; MSG SIZE rcvd: 116Host 49.94.93.142.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 49.94.93.142.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 161.35.32.43 | attack | Invalid user mul from 161.35.32.43 port 32786 |
2020-05-21 17:05:43 |
| 194.61.2.94 | attackspam | Wordpress hack xmlrpc or wp-login |
2020-05-21 17:31:29 |
| 181.31.101.35 | attackbots | Invalid user vgh from 181.31.101.35 port 44162 |
2020-05-21 17:39:52 |
| 185.156.73.65 | attack | ET DROP Dshield Block Listed Source group 1 - port: 5855 proto: TCP cat: Misc Attack |
2020-05-21 17:22:10 |
| 120.237.123.242 | attackbotsspam | Invalid user wre from 120.237.123.242 port 12745 |
2020-05-21 17:27:04 |
| 35.226.165.144 | attackspam | Invalid user jrj from 35.226.165.144 port 52566 |
2020-05-21 17:14:18 |
| 121.231.154.203 | attack | SQL Injection |
2020-05-21 17:35:47 |
| 106.116.118.89 | attackspambots | May 21 11:29:29 jane sshd[5790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.116.118.89 May 21 11:29:31 jane sshd[5790]: Failed password for invalid user fdw from 106.116.118.89 port 35270 ssh2 ... |
2020-05-21 17:36:47 |
| 106.13.215.17 | attack | May 21 09:16:21 mellenthin sshd[13608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.215.17 May 21 09:16:23 mellenthin sshd[13608]: Failed password for invalid user tbm from 106.13.215.17 port 42938 ssh2 |
2020-05-21 17:32:51 |
| 50.63.92.69 | attackbots | Scanning for exploits - /shop/wp-includes/wlwmanifest.xml |
2020-05-21 17:08:00 |
| 151.255.126.150 | attack | May 21 05:52:19 * sshd[28055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.255.126.150 May 21 05:52:20 * sshd[28055]: Failed password for invalid user system from 151.255.126.150 port 1547 ssh2 |
2020-05-21 17:02:00 |
| 54.38.180.93 | attackspam | May 21 11:05:47 pkdns2 sshd\[40303\]: Invalid user dh from 54.38.180.93May 21 11:05:50 pkdns2 sshd\[40303\]: Failed password for invalid user dh from 54.38.180.93 port 37578 ssh2May 21 11:09:41 pkdns2 sshd\[40467\]: Invalid user virtualbox from 54.38.180.93May 21 11:09:43 pkdns2 sshd\[40467\]: Failed password for invalid user virtualbox from 54.38.180.93 port 44584 ssh2May 21 11:13:34 pkdns2 sshd\[40687\]: Invalid user wzc from 54.38.180.93May 21 11:13:36 pkdns2 sshd\[40687\]: Failed password for invalid user wzc from 54.38.180.93 port 51590 ssh2 ... |
2020-05-21 17:22:52 |
| 113.160.248.80 | attack | May 20 23:25:45 pixelmemory sshd[832822]: Invalid user uaa from 113.160.248.80 port 55083 May 20 23:25:45 pixelmemory sshd[832822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.160.248.80 May 20 23:25:45 pixelmemory sshd[832822]: Invalid user uaa from 113.160.248.80 port 55083 May 20 23:25:47 pixelmemory sshd[832822]: Failed password for invalid user uaa from 113.160.248.80 port 55083 ssh2 May 20 23:28:23 pixelmemory sshd[835565]: Invalid user nic from 113.160.248.80 port 36261 ... |
2020-05-21 17:15:14 |
| 185.220.100.249 | attack | May 21 03:51:41 ssh2 sshd[97531]: User root from tor-exit-10.zbau.f3netze.de not allowed because not listed in AllowUsers May 21 03:51:41 ssh2 sshd[97531]: Failed password for invalid user root from 185.220.100.249 port 32996 ssh2 May 21 03:51:42 ssh2 sshd[97531]: Failed password for invalid user root from 185.220.100.249 port 32996 ssh2 ... |
2020-05-21 17:24:00 |
| 125.124.199.251 | attackspambots | May 21 07:06:57 pve1 sshd[3407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.124.199.251 May 21 07:06:59 pve1 sshd[3407]: Failed password for invalid user spr from 125.124.199.251 port 48410 ssh2 ... |
2020-05-21 17:35:14 |