93.108.242.157

Basic Info

City: unknown

Region: unknown

Country: Portugal

Internet Service Provider: Vodafone Portugal - Communicacoes Pessoais S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt from IP address 93.108.242.157 on Port 445(SMB)	2020-07-04 03:49:32
attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 02-01-2020 23:05:40.	2020-01-03 08:41:48

Comments on same subnet:

IP	Type	Details	Datetime
93.108.242.140	attackspam	Oct 11 13:56:20 NPSTNNYC01T sshd[11746]: Failed password for root from 93.108.242.140 port 34022 ssh2 Oct 11 13:59:54 NPSTNNYC01T sshd[12050]: Failed password for root from 93.108.242.140 port 46409 ssh2 ...	2020-10-12 02:19:22
93.108.242.140	attackspam	DATE:2020-10-11 10:26:32, IP:93.108.242.140, PORT:ssh SSH brute force auth (docker-dc)	2020-10-11 18:09:30
93.108.242.140	attackspam	(sshd) Failed SSH login from 93.108.242.140 (PT/Portugal/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 10 17:23:04 server2 sshd[6736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.108.242.140 user=root Oct 10 17:23:04 server2 sshd[6736]: Failed password for root from 93.108.242.140 port 45379 ssh2 Oct 10 17:29:59 server2 sshd[8009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.108.242.140 user=root Oct 10 17:30:00 server2 sshd[8009]: Failed password for root from 93.108.242.140 port 23013 ssh2 Oct 10 17:33:36 server2 sshd[8502]: Invalid user apache from 93.108.242.140 port 43069	2020-10-11 01:52:26
93.108.242.140	attack	Sep 28 16:55:34 pve1 sshd[19253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.108.242.140 Sep 28 16:55:36 pve1 sshd[19253]: Failed password for invalid user noreply from 93.108.242.140 port 44053 ssh2 ...	2020-09-29 03:27:29
93.108.242.140	attackspam	SSH brutforce	2020-09-28 19:38:45
93.108.242.140	attack	reported through recidive - multiple failed attempts(SSH)	2020-09-23 21:24:09
93.108.242.140	attackspam	Sep 22 18:22:16 vps-51d81928 sshd[296848]: Invalid user sybase from 93.108.242.140 port 45602 Sep 22 18:22:16 vps-51d81928 sshd[296848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.108.242.140 Sep 22 18:22:16 vps-51d81928 sshd[296848]: Invalid user sybase from 93.108.242.140 port 45602 Sep 22 18:22:18 vps-51d81928 sshd[296848]: Failed password for invalid user sybase from 93.108.242.140 port 45602 ssh2 Sep 22 18:26:11 vps-51d81928 sshd[296926]: Invalid user admin from 93.108.242.140 port 33807 ...	2020-09-23 05:33:48
93.108.242.140	attackspambots	2020-09-12T09:50:37.301838yoshi.linuxbox.ninja sshd[2172536]: Failed password for root from 93.108.242.140 port 17758 ssh2 2020-09-12T09:52:48.702245yoshi.linuxbox.ninja sshd[2174090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.108.242.140 user=root 2020-09-12T09:52:50.841777yoshi.linuxbox.ninja sshd[2174090]: Failed password for root from 93.108.242.140 port 12694 ssh2 ...	2020-09-12 23:57:31
93.108.242.140	attack	<6 unauthorized SSH connections	2020-09-12 15:59:40
93.108.242.140	attackbots	SSH Invalid Login	2020-09-12 07:46:25
93.108.242.140	attackspambots	Aug 28 00:22:49 abendstille sshd\[13400\]: Invalid user cloud from 93.108.242.140 Aug 28 00:22:49 abendstille sshd\[13400\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.108.242.140 Aug 28 00:22:51 abendstille sshd\[13400\]: Failed password for invalid user cloud from 93.108.242.140 port 26168 ssh2 Aug 28 00:26:37 abendstille sshd\[17191\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.108.242.140 user=root Aug 28 00:26:39 abendstille sshd\[17191\]: Failed password for root from 93.108.242.140 port 16586 ssh2 ...	2020-08-28 06:35:44
93.108.242.140	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-21 16:06:32
93.108.242.140	attack	Invalid user zrb from 93.108.242.140 port 21599	2020-08-20 18:09:21
93.108.242.140	attackspambots	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-11 00:06:43
93.108.242.140	attackbots	Aug 7 08:11:39 lukav-desktop sshd\[20237\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.108.242.140 user=root Aug 7 08:11:41 lukav-desktop sshd\[20237\]: Failed password for root from 93.108.242.140 port 27116 ssh2 Aug 7 08:15:37 lukav-desktop sshd\[10126\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.108.242.140 user=root Aug 7 08:15:39 lukav-desktop sshd\[10126\]: Failed password for root from 93.108.242.140 port 48624 ssh2 Aug 7 08:19:33 lukav-desktop sshd\[10169\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.108.242.140 user=root	2020-08-07 15:05:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 93.108.242.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30702
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;93.108.242.157.			IN	A

;; AUTHORITY SECTION:
.			344	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010201 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 03 08:41:45 CST 2020
;; MSG SIZE  rcvd: 118

Host info

157.242.108.93.in-addr.arpa domain name pointer 157.242.108.93.rev.vodafone.pt.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
157.242.108.93.in-addr.arpa	name = 157.242.108.93.rev.vodafone.pt.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
27.3.144.138	attackspam	Unauthorized connection attempt from IP address 27.3.144.138 on Port 445(SMB)	2020-02-28 23:05:36
171.221.226.23	attackspam	Unauthorized connection attempt from IP address 171.221.226.23 on Port 143(IMAP)	2020-02-28 22:29:34
203.218.93.160	attackspambots	suspicious action Fri, 28 Feb 2020 10:32:22 -0300	2020-02-28 23:02:30
54.37.154.113	attack	Feb 28 15:14:14 vps691689 sshd[22842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.154.113 Feb 28 15:14:16 vps691689 sshd[22842]: Failed password for invalid user administrator from 54.37.154.113 port 44566 ssh2 ...	2020-02-28 22:27:56
141.98.10.141	attackbotsspam	2020-02-28 15:16:45 dovecot_login authenticator failed for \(User\) \[141.98.10.141\]: 535 Incorrect authentication data \(set_id=info@no-server.de\) 2020-02-28 15:20:23 dovecot_login authenticator failed for \(User\) \[141.98.10.141\]: 535 Incorrect authentication data \(set_id=webmaste\) 2020-02-28 15:22:11 dovecot_login authenticator failed for \(User\) \[141.98.10.141\]: 535 Incorrect authentication data \(set_id=info@no-server.de\) 2020-02-28 15:22:58 dovecot_login authenticator failed for \(User\) \[141.98.10.141\]: 535 Incorrect authentication data \(set_id=webmaste\) 2020-02-28 15:23:04 dovecot_login authenticator failed for \(User\) \[141.98.10.141\]: 535 Incorrect authentication data \(set_id=webmaste\) ...	2020-02-28 22:32:24
178.122.104.41	attack	Autoban 178.122.104.41 AUTH/CONNECT	2020-02-28 22:37:23
139.199.228.133	attackbotsspam	Feb 28 04:25:03 wbs sshd\[25809\]: Invalid user jenkins from 139.199.228.133 Feb 28 04:25:03 wbs sshd\[25809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.228.133 Feb 28 04:25:04 wbs sshd\[25809\]: Failed password for invalid user jenkins from 139.199.228.133 port 39752 ssh2 Feb 28 04:29:36 wbs sshd\[26186\]: Invalid user clark from 139.199.228.133 Feb 28 04:29:36 wbs sshd\[26186\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.228.133	2020-02-28 22:38:57
136.232.234.82	attackbotsspam	Unauthorized connection attempt from IP address 136.232.234.82 on Port 445(SMB)	2020-02-28 22:24:18
59.127.148.148	attack	suspicious action Fri, 28 Feb 2020 10:32:46 -0300	2020-02-28 22:42:39
117.215.141.55	attack	20/2/28@09:20:01: FAIL: Alarm-Network address from=117.215.141.55 ...	2020-02-28 22:29:53
138.204.81.13	attackbots	Unauthorized connection attempt from IP address 138.204.81.13 on Port 445(SMB)	2020-02-28 23:07:02
185.36.81.23	attackbotsspam	Feb 28 14:21:55 mail postfix/smtpd\[20233\]: warning: unknown\[185.36.81.23\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Feb 28 14:54:34 mail postfix/smtpd\[21570\]: warning: unknown\[185.36.81.23\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Feb 28 15:06:40 mail postfix/smtpd\[21570\]: warning: unknown\[185.36.81.23\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Feb 28 15:27:27 mail postfix/smtpd\[22232\]: warning: unknown\[185.36.81.23\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-02-28 22:32:04
75.130.124.90	attack	Feb 28 04:20:34 tdfoods sshd\[13991\]: Invalid user daniel from 75.130.124.90 Feb 28 04:20:34 tdfoods sshd\[13991\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=075-130-124-090.biz.spectrum.com Feb 28 04:20:36 tdfoods sshd\[13991\]: Failed password for invalid user daniel from 75.130.124.90 port 29616 ssh2 Feb 28 04:29:58 tdfoods sshd\[14761\]: Invalid user lhl from 75.130.124.90 Feb 28 04:29:58 tdfoods sshd\[14761\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=075-130-124-090.biz.spectrum.com	2020-02-28 22:48:11
139.59.171.46	attackbotsspam	139.59.171.46 - - \[28/Feb/2020:14:32:53 +0100\] "POST /wp-login.php HTTP/1.0" 200 6997 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.59.171.46 - - \[28/Feb/2020:14:32:54 +0100\] "POST /wp-login.php HTTP/1.0" 200 6864 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.59.171.46 - - \[28/Feb/2020:14:32:55 +0100\] "POST /wp-login.php HTTP/1.0" 200 6860 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-02-28 22:26:55
59.153.252.97	attackbots	Unauthorized connection attempt from IP address 59.153.252.97 on Port 445(SMB)	2020-02-28 22:33:34

Recently Reported IPs

225.73.93.53	177.181.5.71	63.12.184.120	36.184.1.108
9.87.183.87	223.39.12.154	99.127.6.239	79.147.192.240
57.131.46.49	81.254.143.164	65.204.249.186	153.101.42.41
77.29.126.86	3.229.232.35	82.22.144.202	89.88.146.121
37.78.56.217	183.15.123.242	38.150.21.59	100.194.202.151