195.93.142.70 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Poland

Internet Service Provider: PLJ Telecom S.C. Pawel Kurpiewski Anna Stec

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 195.93.142.70 to port 80	2020-03-18 22:05:10

Comments on same subnet:

IP	Type	Details	Datetime
195.93.142.198	attack	Aug 27 11:28:07 mail.srvfarm.net postfix/smtps/smtpd[1506077]: warning: unknown[195.93.142.198]: SASL PLAIN authentication failed: Aug 27 11:28:07 mail.srvfarm.net postfix/smtps/smtpd[1506077]: lost connection after AUTH from unknown[195.93.142.198] Aug 27 11:29:36 mail.srvfarm.net postfix/smtps/smtpd[1506846]: warning: unknown[195.93.142.198]: SASL PLAIN authentication failed: Aug 27 11:29:36 mail.srvfarm.net postfix/smtps/smtpd[1506846]: lost connection after AUTH from unknown[195.93.142.198] Aug 27 11:29:55 mail.srvfarm.net postfix/smtpd[1488218]: warning: unknown[195.93.142.198]: SASL PLAIN authentication failed:	2020-08-28 09:10:12
195.93.142.181	attack	(PL/Poland/-) SMTP Bruteforcing attempts	2020-06-05 18:53:05

Type

Details

Datetime

195.93.142.198

attack

Aug 27 11:28:07 mail.srvfarm.net postfix/smtps/smtpd[1506077]: warning: unknown[195.93.142.198]: SASL PLAIN authentication failed: 
Aug 27 11:28:07 mail.srvfarm.net postfix/smtps/smtpd[1506077]: lost connection after AUTH from unknown[195.93.142.198]
Aug 27 11:29:36 mail.srvfarm.net postfix/smtps/smtpd[1506846]: warning: unknown[195.93.142.198]: SASL PLAIN authentication failed: 
Aug 27 11:29:36 mail.srvfarm.net postfix/smtps/smtpd[1506846]: lost connection after AUTH from unknown[195.93.142.198]
Aug 27 11:29:55 mail.srvfarm.net postfix/smtpd[1488218]: warning: unknown[195.93.142.198]: SASL PLAIN authentication failed:

2020-08-28 09:10:12

195.93.142.181

attack

(PL/Poland/-) SMTP Bruteforcing attempts

2020-06-05 18:53:05

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 195.93.142.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21138
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;195.93.142.70.			IN	A

;; AUTHORITY SECTION:
.			218	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031800 1800 900 604800 86400

;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 18 22:05:03 CST 2020
;; MSG SIZE  rcvd: 117

Host info

70.142.93.195.in-addr.arpa domain name pointer 195-93-142-70.pljtelecom.pl.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
70.142.93.195.in-addr.arpa	name = 195-93-142-70.pljtelecom.pl.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.55.145.31	attackbots	prod8 ...	2020-08-28 06:28:06
139.59.40.240	attackspambots	Aug 27 22:13:10 onepixel sshd[4130541]: Invalid user liam from 139.59.40.240 port 47290 Aug 27 22:13:10 onepixel sshd[4130541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.40.240 Aug 27 22:13:10 onepixel sshd[4130541]: Invalid user liam from 139.59.40.240 port 47290 Aug 27 22:13:11 onepixel sshd[4130541]: Failed password for invalid user liam from 139.59.40.240 port 47290 ssh2 Aug 27 22:17:04 onepixel sshd[4131175]: Invalid user tiptop from 139.59.40.240 port 51396	2020-08-28 06:31:38
174.138.43.162	attack	SSH Invalid Login	2020-08-28 06:04:22
190.14.57.130	attackspambots	1598562484 - 08/27/2020 23:08:04 Host: 190.14.57.130/190.14.57.130 Port: 445 TCP Blocked	2020-08-28 06:21:25
107.174.44.184	attackspam	Aug 28 00:06:27 vpn01 sshd[8312]: Failed password for root from 107.174.44.184 port 45896 ssh2 Aug 28 00:08:00 vpn01 sshd[8370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.174.44.184 ...	2020-08-28 06:11:50
179.159.58.134	attackbotsspam	trying to access non-authorized port	2020-08-28 06:19:26
20.53.9.27	attackbotsspam	Aug 27 23:30:56 lnxmail61 postfix/smtps/smtpd[15308]: warning: unknown[20.53.9.27]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-08-28 06:33:17
201.48.192.60	attack	2020-08-28T04:38:46.578589hostname sshd[31152]: Failed password for invalid user dipak from 201.48.192.60 port 45166 ssh2 2020-08-28T04:44:09.289901hostname sshd[796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.192.60 user=root 2020-08-28T04:44:10.926587hostname sshd[796]: Failed password for root from 201.48.192.60 port 37594 ssh2 ...	2020-08-28 06:35:06
45.58.42.254	attackbotsspam	(pop3d) Failed POP3 login from 45.58.42.254 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 28 01:38:20 ir1 dovecot[3110802]: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=45.58.42.254, lip=5.63.12.44, session=	2020-08-28 06:02:37
192.241.235.73	attack	trying to access non-authorized port	2020-08-28 05:59:21
14.221.96.46	attackbotsspam	Lines containing failures of 14.221.96.46 Aug 27 23:01:26 ghostnameioc sshd[24680]: Invalid user user1 from 14.221.96.46 port 6798 Aug 27 23:01:26 ghostnameioc sshd[24680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.221.96.46 Aug 27 23:01:28 ghostnameioc sshd[24680]: Failed password for invalid user user1 from 14.221.96.46 port 6798 ssh2 Aug 27 23:01:28 ghostnameioc sshd[24680]: Received disconnect from 14.221.96.46 port 6798:11: Bye Bye [preauth] Aug 27 23:01:28 ghostnameioc sshd[24680]: Disconnected from invalid user user1 14.221.96.46 port 6798 [preauth] Aug 27 23:04:55 ghostnameioc sshd[24765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.221.96.46 user=r.r Aug 27 23:04:57 ghostnameioc sshd[24765]: Failed password for r.r from 14.221.96.46 port 7918 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.221.96.46	2020-08-28 05:59:36
218.55.177.7	attackbotsspam	Aug 28 00:11:04 ip106 sshd[5713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.55.177.7 Aug 28 00:11:06 ip106 sshd[5713]: Failed password for invalid user sysadmin from 218.55.177.7 port 50039 ssh2 ...	2020-08-28 06:15:02
89.187.0.3	attackbots	Aug 26 17:46:59 online-web-1 sshd[3023933]: Invalid user nagios from 89.187.0.3 port 44358 Aug 26 17:46:59 online-web-1 sshd[3023933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.187.0.3 Aug 26 17:47:01 online-web-1 sshd[3023933]: Failed password for invalid user nagios from 89.187.0.3 port 44358 ssh2 Aug 26 17:47:02 online-web-1 sshd[3023933]: Received disconnect from 89.187.0.3 port 44358:11: Bye Bye [preauth] Aug 26 17:47:02 online-web-1 sshd[3023933]: Disconnected from 89.187.0.3 port 44358 [preauth] Aug 26 17:51:59 online-web-1 sshd[3024261]: Received disconnect from 89.187.0.3 port 39956:11: Bye Bye [preauth] Aug 26 17:51:59 online-web-1 sshd[3024261]: Disconnected from 89.187.0.3 port 39956 [preauth] Aug 26 17:54:33 online-web-1 sshd[3025154]: Invalid user ebook from 89.187.0.3 port 52454 Aug 26 17:54:33 online-web-1 sshd[3025154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhos........ -------------------------------	2020-08-28 06:29:46
51.254.129.128	attackbots	Bruteforce detected by fail2ban	2020-08-28 06:12:08
181.61.221.93	attack	Aug 28 01:23:48 journals sshd\[34981\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.61.221.93 user=root Aug 28 01:23:50 journals sshd\[34981\]: Failed password for root from 181.61.221.93 port 54410 ssh2 Aug 28 01:26:02 journals sshd\[35179\]: Invalid user student3 from 181.61.221.93 Aug 28 01:26:02 journals sshd\[35179\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.61.221.93 Aug 28 01:26:03 journals sshd\[35179\]: Failed password for invalid user student3 from 181.61.221.93 port 56276 ssh2 ...	2020-08-28 06:30:57

Recently Reported IPs

95.79.139.222	91.241.19.109	94.254.50.251	151.237.94.253
82.213.38.147	2a03:b0c0:2:d0::cab:c001	152.0.96.202	141.196.201.232
95.71.73.243	94.176.189.32	185.120.90.59	190.230.71.59
48.187.76.163	248.169.125.178	243.199.73.210	155.94.134.162
113.191.79.74	152.127.5.49	36.226.232.143	186.69.230.167