Go
IP informations Cybercrime IP Feeds Raw whois
142.93.198.48
is a
Hacker
100 %
Canada
Report Abuse
1021attacks reported
830Brute-ForceSSH
59Brute-Force
52SSH
21Port ScanBrute-ForceSSH
19HackingBrute-ForceSSH
9Port ScanHackingBrute-ForceWeb App AttackSSH
9uncategorized
6Hacking
5Port ScanSSH
2DDoS AttackSSH
...
from 153 distinct reporters
and 10 distinct sources : BadIPs.com, Blocklist.de, darklist.de, FireHOL, Charles Haley, NoThink.org, danger.rulez.sk, Emerging Threats, NormShield.com, AbuseIPDB
142.93.198.48 was first signaled at 2019-01-17 00:40 and last record was at 2019-08-01 17:21.
IP

142.93.198.48

Organization
DigitalOcean, LLC
all IP owned by DigitalOcean, LLC
Localisation
Canada
Ontario, Toronto
NetRange : First & Last IP
142.93.0.0 - 142.93.255.255
Network CIDR
142.93.0.0/16

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2019-04-06 16:38 attacks Brute-ForceSSH AbuseIPDB Invalid user kamal from 142.93.198.48 port 47498 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.198
2019-04-06 15:40 attacks Brute-ForceSSH AbuseIPDB Apr 7 02:40:38 mail sshd[7320]: Invalid user weldon from 142.93.198.48
2019-04-06 14:32 attacks Brute-ForceSSH AbuseIPDB 2019-04-07T01:32:29.447147centos sshd\[12346\]: Invalid user melc from 142.93.198.48 port 59594 2019-04-07T01:32:29.451715centos sshd\[12346\]: pam_un
2019-04-06 13:06 attacks SSH AbuseIPDB ssh-bruteforce
2019-04-06 11:15 attacks Brute-ForceSSH AbuseIPDB (sshd) Failed SSH login from 142.93.198.48 (-): 5 in the last 3600 secs
2019-04-06 10:22 attacks Brute-ForceSSH AbuseIPDB  
2019-04-06 07:32 attacks Brute-ForceSSH AbuseIPDB Apr 6 16:32:02 MK-Soft-VM4 sshd\[9670\]: Invalid user ts3 from 142.93.198.48 port 34978 Apr 6 16:32:02 MK-Soft-VM4 sshd\[9670\]: pam_unix\(sshd:auth\)
2019-04-06 06:59 attacks Brute-ForceSSH AbuseIPDB Apr 6 11:59:37 Tower sshd[28904]: Connection from 142.93.198.48 port 39446 on 192.168.10.220 port 22 Apr 6 11:59:37 Tower sshd[28904]: Invalid user in
2019-04-06 01:41 attacks Brute-ForceSSH AbuseIPDB [Aegis] @ 2019-04-06 10:41:25 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attac
2019-04-06 01:37 attacks HackingBrute-ForceSSH AbuseIPDB SSH authentication failure x 6 reported by Fail2Ban
2019-04-06 01:20 attacks Brute-ForceSSH AbuseIPDB many_ssh_attempts
2019-04-06 00:54 attacks Brute-ForceSSH AbuseIPDB Apr 6 11:54:02 vmd17057 sshd\[13937\]: Invalid user ftpuser from 142.93.198.48 port 43512 Apr 6 11:54:02 vmd17057 sshd\[13937\]: pam_unix\(sshd:auth\)
2019-04-06 00:44 attacks Brute-ForceSSH AbuseIPDB ssh_attempt
2019-04-05 23:33 attacks Brute-ForceSSH AbuseIPDB  
2019-04-05 23:15 attacks Brute-ForceSSH AbuseIPDB Triggered by Fail2Ban
2019-04-05 23:12 attacks Brute-ForceSSH AbuseIPDB  
2019-04-05 22:21 attacks Brute-ForceSSH AbuseIPDB SSH-Bruteforce
2019-04-05 21:31 attacks Brute-ForceSSH AbuseIPDB Apr 6 08:31:39 icinga sshd[27993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.198.48 Apr 6 08:31:4
2019-04-05 21:21 attacks Brute-ForceSSH AbuseIPDB SSH Bruteforce
2019-04-05 16:22 attacks Brute-ForceSSH AbuseIPDB Apr 6 03:22:45 bouncer sshd\[24818\]: Invalid user mysql from 142.93.198.48 port 47434 Apr 6 03:22:45 bouncer sshd\[24818\]: pam_unix\(sshd:auth\): au
2019-04-05 08:38 attacks Brute-ForceSSH AbuseIPDB Apr 5 19:38:30 tuxlinux sshd[25191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.198.48 Apr 5 19:3
2019-04-05 08:37 attacks Brute-ForceSSH AbuseIPDB Apr 5 23:07:03 tanzim-HP-Z238-Microtower-Workstation sshd\[13907\]: Invalid user odoo from 142.93.198.48 Apr 5 23:07:03 tanzim-HP-Z238-Microtower-Work
2019-04-05 08:10 attacks Brute-ForceSSH AbuseIPDB 2019-04-05T19:09:58.9455691240 sshd\[3717\]: Invalid user zabbix from 142.93.198.48 port 39412 2019-04-05T19:09:58.9504451240 sshd\[3717\]: pam_unix\(
2019-04-05 07:56 attacks Brute-ForceSSH AbuseIPDB Apr 5 19:55:35 srv-4 sshd\[12310\]: Invalid user party from 142.93.198.48 Apr 5 19:55:35 srv-4 sshd\[12310\]: pam_unix\(sshd:auth\): authentication fa
2019-04-05 07:54 attacks Brute-ForceSSH AbuseIPDB Apr 5 18:54:05 vpn01 sshd\[4850\]: Invalid user party from 142.93.198.48 Apr 5 18:54:05 vpn01 sshd\[4850\]: pam_unix\(sshd:auth\): authentication fail
2019-04-04 21:14 attacks Brute-ForceSSH AbuseIPDB Apr 5 08:14:01 mail sshd\[12096\]: Invalid user angel from 142.93.198.48 port 51680 Apr 5 08:14:01 mail sshd\[12096\]: Disconnected from 142.93.198.48
2019-04-04 20:30 attacks Brute-ForceSSH AbuseIPDB Apr 5 06:29:37 mail sshd\[32444\]: Invalid user windowserver from 142.93.198.48 port 41132 Apr 5 06:29:37 mail sshd\[32444\]: pam_unix\(sshd:auth\): a
2019-04-04 16:19 attacks Brute-ForceSSH AbuseIPDB Apr 5 03:18:59 pornomens sshd\[23052\]: Invalid user aptproxy from 142.93.198.48 port 47306 Apr 5 03:18:59 pornomens sshd\[23052\]: pam_unix\(sshd:aut
2019-04-04 16:02 attacks Brute-ForceSSH AbuseIPDB Apr 5 08:02:57 itv-usvr-01 sshd[29976]: Invalid user pgsql from 142.93.198.48
2019-04-04 10:34 attacks Brute-ForceSSH AbuseIPDB  
2019-04-04 08:48 attacks Brute-ForceSSH AbuseIPDB Apr 3 05:57:32 mail sshd[20031]: Invalid user kz from 142.93.198.48
2019-04-04 05:20 attacks Brute-ForceSSH AbuseIPDB 2019-04-04T16:20:42.274707scmdmz1 sshd\[23294\]: Invalid user http from 142.93.198.48 port 46516 2019-04-04T16:20:42.277413scmdmz1 sshd\[23294\]: pam_
2019-04-04 03:46 attacks Port ScanSSH AbuseIPDB  
2019-04-04 02:45 attacks Brute-ForceSSH AbuseIPDB SSH Brute-Force reported by Fail2Ban
2019-04-03 23:25 attacks Brute-ForceSSH AbuseIPDB Apr 4 10:25:42 MK-Soft-Root2 sshd\[21296\]: Invalid user robert from 142.93.198.48 port 53772 Apr 4 10:25:42 MK-Soft-Root2 sshd\[21296\]: pam_unix\(ss
2019-04-03 21:46 attacks Port ScanBrute-ForceSSH AbuseIPDB $f2bV_matches
2019-04-03 14:43 attacks Brute-ForceSSH AbuseIPDB  
2019-04-03 13:48 attacks Brute-ForceSSH AbuseIPDB  
2019-04-03 13:38 attacks Brute-ForceSSH AbuseIPDB SSH-BruteForce
2019-04-03 13:08 attacks Brute-ForceSSH AbuseIPDB Apr 3 22:08:12 localhost sshd\[57272\]: Invalid user hbase from 142.93.198.48 port 37488 Apr 3 22:08:12 localhost sshd\[57272\]: pam_unix\(sshd:auth\)
2019-04-03 12:57 attacks Brute-ForceSSH AbuseIPDB Apr 3 23:57:18 vmd17057 sshd\[30686\]: Invalid user fax from 142.93.198.48 port 39048 Apr 3 23:57:18 vmd17057 sshd\[30686\]: pam_unix\(sshd:auth\): au
2019-04-03 11:47 attacks Brute-ForceSSH AbuseIPDB  
2019-04-03 10:32 attacks Brute-ForceSSH AbuseIPDB Triggered by Fail2Ban at Vostok web server
2019-04-03 06:07 attacks Brute-ForceSSH AbuseIPDB Apr 3 17:01:22 ns41 sshd[31338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.198.48 Apr 3 17:01:23
2019-04-03 04:35 attacks Brute-ForceSSH AbuseIPDB Apr 3 15:35:36 vpn01 sshd\[27879\]: Invalid user ftp_test from 142.93.198.48 Apr 3 15:35:36 vpn01 sshd\[27879\]: pam_unix\(sshd:auth\): authentication
2019-04-03 02:18 attacks Brute-ForceSSH AbuseIPDB Apr 3 13:15:03 apollo sshd\[28593\]: Invalid user aj from 142.93.198.48Apr 3 13:15:05 apollo sshd\[28593\]: Failed password for invalid user aj from 1
2019-04-02 23:51 attacks Brute-Force AbuseIPDB Apr 3 08:50:30 localhost sshd\[8380\]: Invalid user develop from 142.93.198.48 port 59638 Apr 3 08:50:30 localhost sshd\[8380\]: pam_unix\(sshd:auth\)
2019-04-02 21:24 attacks Brute-ForceSSH AbuseIPDB Apr 3 06:20:05 mail sshd\[9769\]: Invalid user melev from 142.93.198.48 port 49458 Apr 3 06:20:05 mail sshd\[9769\]: pam_unix\(sshd:auth\): authentica
2019-04-02 18:57 attacks Brute-ForceSSH AbuseIPDB Apr 3 05:57:32 mail sshd[20031]: Invalid user kz from 142.93.198.48
2019-04-02 11:02 attacks DDoS AttackSSH AbuseIPDB Apr 2 21:02:46 l02a sshd\[29727\]: Invalid user fs from 142.93.198.48 Apr 2 21:02:46 l02a sshd\[29727\]: pam_unix\(sshd:auth\): authentication failure
2019-01-17 00:40 attacks Brute-ForceSSH AbuseIPDB Jan 17 11:40:21 vps66 sshd\[31159\]: Invalid user terminfo from 142.93.198.48 port 58432 Jan 17 11:40:21 vps66 sshd\[31159\]: pam_unix\(sshd:auth\): a
2019-01-17 01:51 attacks Brute-ForceSSH AbuseIPDB Jan 17 12:47:24 apollo sshd\[25061\]: Invalid user fnjenga from 142.93.198.48Jan 17 12:47:26 apollo sshd\[25061\]: Failed password for invalid user fn
2019-01-17 01:51 attacks Brute-ForceSSH AbuseIPDB $f2bV_matches
2019-01-17 04:38 attacks AbuseIPDB Jan 17 14:30:42 vps466218 sshd[31633]: Invalid user nemi from 142.93.198.48 port 41220 Jan 17 14:30:42 vps466218 sshd[31633]: pam_unix(sshd:auth): aut
2019-01-17 06:17 attacks Brute-ForceSSH AbuseIPDB  
2019-01-17 06:55 attacks Brute-ForceSSH AbuseIPDB Jan 17 16:55:41 MK-Soft-VM5 sshd\[27394\]: Invalid user nagios from 142.93.198.48 port 47344 Jan 17 16:55:41 MK-Soft-VM5 sshd\[27394\]: pam_unix\(sshd
2019-01-17 07:17 attacks Brute-ForceSSH AbuseIPDB Jan 17 18:11:22 ns41 sshd[29373]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.198.48 Jan 17 18:11:2
2019-01-17 08:28 attacks Brute-ForceSSH AbuseIPDB Jan 17 18:20:48 ns3041690 sshd[12961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.198.48 user=gnat
2019-01-17 11:31 attacks Brute-ForceSSH AbuseIPDB 'Fail2Ban'
2019-01-17 12:11 attacks Brute-ForceSSH AbuseIPDB Jan 17 23:07:57 tux-35-217 sshd\[383\]: Invalid user vagrant5 from 142.93.198.48 port 52170 Jan 17 23:07:57 tux-35-217 sshd\[383\]: pam_unix\(sshd:aut
2019-03-29 18:18 attacks bi_any_0_1d BadIPs.com  
2019-03-29 18:19 attacks Bad Web Bot bi_badbots_0_1d BadIPs.com  
2019-03-29 18:19 attacks Brute-Force bi_bruteforce_0_1d BadIPs.com  
2019-03-29 18:20 attacks SSH bi_sshd_0_1d BadIPs.com  
2019-03-29 18:20 attacks SSH bi_ssh_0_1d BadIPs.com  
2019-03-29 18:21 attacks blocklist_de Blocklist.de  
2019-03-29 18:21 attacks SSH blocklist_de_ssh Blocklist.de  
2019-03-29 18:23 attacks darklist_de darklist.de  
2019-03-29 18:27 attacks firehol_level2 FireHOL  
2019-03-29 18:28 attacks firehol_level4 FireHOL  
2019-03-29 18:35 attacks SSH haley_ssh Charles Haley  
2019-06-03 23:00 attacks SSH nt_ssh_7d NoThink.org  
2019-06-05 20:34 attacks bi_default_0_1d BadIPs.com  
2019-06-05 20:34 attacks bi_unknown_0_1d BadIPs.com  
2019-06-30 19:20 attacks Web App AttackApache Attack blocklist_de_apache Blocklist.de  
2019-06-30 19:20 attacks Brute-Force blocklist_de_bruteforce Blocklist.de  
2019-07-08 11:41 attacks Brute-Force bruteforceblocker danger.rulez.sk  
2019-07-08 11:45 attacks firehol_level3 FireHOL  
2019-07-09 10:41 attacks et_compromised Emerging Threats  
2019-08-01 17:20 attacks Brute-Force normshield_all_bruteforce NormShield.com  
2019-08-01 17:21 attacks Brute-Force normshield_high_bruteforce NormShield.com  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse
IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
anonymizer
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
attacks
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
malware
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

NetRange: 142.93.0.0 - 142.93.255.255
CIDR: 142.93.0.0/16
NetName: DO-13
NetHandle: NET-142-93-0-0-1
Parent: NET142 (NET-142-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: DigitalOcean, LLC (DO-13)
RegDate: 2018-07-12
Updated: 2018-07-12
Ref: https://rdap.arin.net/registry/ip/ 142.93.0.0

OrgName: DigitalOcean, LLC
OrgId: DO-13
Address: 101 Ave of the Americas
Address: 10th Floor
City: New York
StateProv: NY
PostalCode: 10013
Country: US
RegDate: 2012-05-14
Updated: 2018-07-17
Comment: http://www.digitalocean.com
Comment: Simple Cloud Hosting
Ref: https://rdap.arin.net/registry/entity/DO-13

OrgAbuseHandle: ABUSE5232-ARIN
OrgAbuseName: Abuse, DigitalOcean
OrgAbusePhone: +1-347-875-6044
OrgAbuseEmail: abuse@digitalocean.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE5232-ARIN

OrgNOCHandle: NOC32014-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-347-875-6044
OrgNOCEmail: noc@digitalocean.com
OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN

OrgTechHandle: NOC32014-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-347-875-6044
OrgTechEmail: noc@digitalocean.com
OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
most specific ip range is highlighted
Updated : 2019-07-15