219.93.6.3 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Malaysia

Internet Service Provider: Lembaga Jurukur Tanah Semenanjung Malaysia

Hostname: unknown

Organization: unknown

Usage Type: Organization

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 219.93.6.3 to port 2220 [J]	2020-01-05 03:22:44
attackspambots	Jan 3 14:34:20 legacy sshd[19647]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.93.6.3 Jan 3 14:34:21 legacy sshd[19647]: Failed password for invalid user maxwell from 219.93.6.3 port 58914 ssh2 Jan 3 14:38:28 legacy sshd[19855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.93.6.3 ...	2020-01-03 22:53:11
attack	Dec 24 21:20:28 * sshd[8022]: Failed password for invalid user ml from 219.93.6.3 port 33128 ssh2 Dec 24 21:21:47 * sshd[8036]: Failed password for invalid user egizio from 219.93.6.3 port 43968 ssh2 Dec 24 21:25:46 * sshd[8091]: Failed password for invalid user hou from 219.93.6.3 port 48398 ssh2 Dec 24 21:27:09 * sshd[8104]: Failed password for invalid user bakerg from 219.93.6.3 port 59302 ssh2 Dec 24 21:29:51 * sshd[8143]: Failed password for invalid user beta from 219.93.6.3 port 52852 ssh2 Dec 24 21:31:15 * sshd[8165]: Failed password for invalid user server from 219.93.6.3 port 35472 ssh2 Dec 24 21:32:44 * sshd[8187]: Failed password for invalid user halvorsrud from 219.93.6.3 port 46350 ssh2 Dec 24 21:35:27 * sshd[8221]: Failed password for invalid user seby from 219.93.6.3 port 39870 ssh2 Dec 24 21:36:46 * sshd[8238]: Failed password for invalid user tarbet from 219.93.6.3 port 50790 ssh2 Dec 24 21:38:04 * sshd[8256]: Failed password for invalid user xuan from 219.93.6.3 port 3348	2019-12-28 05:24:58
attack	$f2bV_matches	2019-12-18 18:21:35
attackbots	Dec 10 22:32:39 marvibiene sshd[17128]: Invalid user test from 219.93.6.3 port 51660 Dec 10 22:32:39 marvibiene sshd[17128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.93.6.3 Dec 10 22:32:39 marvibiene sshd[17128]: Invalid user test from 219.93.6.3 port 51660 Dec 10 22:32:40 marvibiene sshd[17128]: Failed password for invalid user test from 219.93.6.3 port 51660 ssh2 ...	2019-12-11 07:36:04

Comments on same subnet:

IP	Type	Details	Datetime
219.93.6.6	attack	Feb 2 20:14:02 web9 sshd\[20330\]: Invalid user 77777777 from 219.93.6.6 Feb 2 20:14:02 web9 sshd\[20330\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.93.6.6 Feb 2 20:14:05 web9 sshd\[20330\]: Failed password for invalid user 77777777 from 219.93.6.6 port 58130 ssh2 Feb 2 20:16:25 web9 sshd\[20538\]: Invalid user gmd from 219.93.6.6 Feb 2 20:16:25 web9 sshd\[20538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.93.6.6	2020-02-03 14:27:09
219.93.6.6	attackspam	Jan 31 06:58:07 OPSO sshd\[24328\]: Invalid user kanwarpreet@123 from 219.93.6.6 port 33286 Jan 31 06:58:07 OPSO sshd\[24328\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.93.6.6 Jan 31 06:58:08 OPSO sshd\[24328\]: Failed password for invalid user kanwarpreet@123 from 219.93.6.6 port 33286 ssh2 Jan 31 07:01:22 OPSO sshd\[25131\]: Invalid user mudrika from 219.93.6.6 port 32782 Jan 31 07:01:22 OPSO sshd\[25131\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.93.6.6	2020-01-31 14:05:44
219.93.6.6	attack	Unauthorized connection attempt detected from IP address 219.93.6.6 to port 2220 [J]	2020-01-25 02:43:50
219.93.6.6	attackbots	Unauthorized connection attempt detected from IP address 219.93.6.6 to port 2220 [J]	2020-01-19 04:19:24
219.93.6.6	attack	Unauthorized connection attempt detected from IP address 219.93.6.6 to port 2220 [J]	2020-01-17 05:16:33
219.93.6.6	attack	$f2bV_matches	2020-01-08 13:01:37
219.93.67.113	attack	Jun 28 15:27:41 ovpn sshd\[27972\]: Invalid user kafka from 219.93.67.113 Jun 28 15:27:41 ovpn sshd\[27972\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.93.67.113 Jun 28 15:27:43 ovpn sshd\[27972\]: Failed password for invalid user kafka from 219.93.67.113 port 38498 ssh2 Jun 28 15:46:23 ovpn sshd\[28620\]: Invalid user nationale from 219.93.67.113 Jun 28 15:46:23 ovpn sshd\[28620\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.93.67.113	2019-06-29 01:37:13
219.93.67.113	attackbotsspam	Invalid user alok from 219.93.67.113 port 36532 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.93.67.113 Failed password for invalid user alok from 219.93.67.113 port 36532 ssh2 Invalid user nnjoki from 219.93.67.113 port 33394 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.93.67.113	2019-06-27 02:43:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 219.93.6.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34862
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;219.93.6.3.			IN	A

;; AUTHORITY SECTION:
.			482	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121002 1800 900 604800 86400

;; Query time: 299 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 11 07:36:01 CST 2019
;; MSG SIZE  rcvd: 114

Host info

3.6.93.219.in-addr.arpa domain name pointer ljt.org.my.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
3.6.93.219.in-addr.arpa	name = ljt.org.my.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
175.4.212.149	attackbots	Honeypot attack, port: 81, PTR: PTR record not found	2020-07-24 23:00:04
82.64.201.47	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-24 22:42:31
217.170.204.126	attackbots	Jul 24 16:04:57 master sshd[4062]: Failed password for invalid user admin from 217.170.204.126 port 11322 ssh2 Jul 24 16:05:01 master sshd[4064]: Failed password for invalid user admin from 217.170.204.126 port 12016 ssh2	2020-07-24 22:43:39
128.199.44.102	attackbotsspam	Jul 24 13:47:50 *** sshd[24667]: Invalid user samson from 128.199.44.102	2020-07-24 22:56:44
196.27.127.61	attack	Jul 24 07:42:32 server1 sshd\[21914\]: Invalid user pl from 196.27.127.61 Jul 24 07:42:32 server1 sshd\[21914\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.27.127.61 Jul 24 07:42:34 server1 sshd\[21914\]: Failed password for invalid user pl from 196.27.127.61 port 54604 ssh2 Jul 24 07:47:47 server1 sshd\[23407\]: Invalid user huanghao from 196.27.127.61 Jul 24 07:47:47 server1 sshd\[23407\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.27.127.61 ...	2020-07-24 23:06:52
120.132.68.57	attack	Jul 24 16:09:21 vps647732 sshd[27162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.68.57 Jul 24 16:09:23 vps647732 sshd[27162]: Failed password for invalid user ccm from 120.132.68.57 port 38559 ssh2 ...	2020-07-24 23:01:54
61.177.172.61	attackspam	SSH Brute-force	2020-07-24 23:13:32
183.82.121.34	attack	Jul 24 16:26:22 Ubuntu-1404-trusty-64-minimal sshd\[30421\]: Invalid user chuck from 183.82.121.34 Jul 24 16:26:22 Ubuntu-1404-trusty-64-minimal sshd\[30421\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.121.34 Jul 24 16:26:24 Ubuntu-1404-trusty-64-minimal sshd\[30421\]: Failed password for invalid user chuck from 183.82.121.34 port 45944 ssh2 Jul 24 16:37:53 Ubuntu-1404-trusty-64-minimal sshd\[7164\]: Invalid user macky from 183.82.121.34 Jul 24 16:37:53 Ubuntu-1404-trusty-64-minimal sshd\[7164\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.121.34	2020-07-24 22:39:10
144.178.132.126	attackbotsspam	Automatic report - Port Scan Attack	2020-07-24 22:46:47
192.99.15.15	attackspambots	192.99.15.15 - - [24/Jul/2020:15:41:18 +0100] "POST /wp-login.php HTTP/1.1" 200 5591 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.15.15 - - [24/Jul/2020:15:42:58 +0100] "POST /wp-login.php HTTP/1.1" 200 5603 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.15.15 - - [24/Jul/2020:15:44:33 +0100] "POST /wp-login.php HTTP/1.1" 200 5591 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ...	2020-07-24 23:01:07
207.154.235.23	attack	Jul 24 14:38:42 django-0 sshd[29174]: Invalid user test from 207.154.235.23 ...	2020-07-24 22:55:14
49.88.112.112	attack	July 24 2020, 11:11:09 [sshd] - Banned from the Mad Pony WordPress hosting platform by Fail2ban.	2020-07-24 23:14:12
218.92.0.251	attackbotsspam	Jul 24 12:02:50 vps46666688 sshd[10508]: Failed password for root from 218.92.0.251 port 64793 ssh2 Jul 24 12:03:02 vps46666688 sshd[10508]: error: maximum authentication attempts exceeded for root from 218.92.0.251 port 64793 ssh2 [preauth] ...	2020-07-24 23:06:20
94.241.251.52	attackspam	Honeypot attack, port: 445, PTR: line52-124.adsl.kirov.ru.	2020-07-24 23:11:24
104.144.30.170	attackbots	(From whitlow.retha@gmail.com) This Google doc exposes how this scamdemic is part of a bigger plan to crush your business and keep it closed or semi-operational (with heavy rescritions) while big corporations remain open without consequences. This Covid lie has ruined many peoples lives and businesses and is all done on purpose to bring about the One World Order. It goes much deeper than this but the purpose of this doc is to expose the evil and wickedness that works in the background to ruin peoples lives. So feel free to share this message with friends and family. No need to reply to the email i provided above as its not registered. But this information will tell you everything you need to know. https://docs.google.com/document/d/14MuVe_anmrcDQl4sZhDqzhQy0Pbhrx9A/edit. In case the document is taken down, here is a backup source https://fakecovidscam.com	2020-07-24 23:10:58

Recently Reported IPs

186.232.211.153	184.139.237.221	139.162.237.200	81.5.221.251
23.47.50.99	6.69.18.248	42.81.214.95	193.124.239.94
221.149.158.103	5.46.135.115	77.92.233.70	201.20.100.254
185.184.79.31	217.66.64.8	253.30.202.173	14.161.40.66
5.170.120.231	180.242.181.228	168.253.113.224	103.201.141.166