142.11.2.122 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
142.11.227.94	attackspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-08 01:39:17
142.11.227.94	attackbotsspam	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: hwsrv-478380.hostwindsdns.com.	2020-10-07 17:47:26
142.11.238.168	attack	Sep 12 17:41:38 [snip] postfix/smtpd[28492]: warning: hwsrv-774736.hostwindsdns.com[142.11.238.168]: SASL login authentication failed: UGFzc3dvcmQ6 Sep 12 17:52:15 [snip] postfix/smtpd[30402]: warning: hwsrv-774736.hostwindsdns.com[142.11.238.168]: SASL login authentication failed: UGFzc3dvcmQ6 Sep 12 18:02:50 [snip] postfix/smtpd[32352]: warning: hwsrv-774736.hostwindsdns.com[142.11.238.168]: SASL login authentication failed: UGFzc3dvcmQ6 Sep 12 18:13:31 [snip] postfix/smtpd[1946]: warning: hwsrv-774736.hostwindsdns.com[142.11.238.168]: SASL login authentication failed: UGFzc3dvcmQ6 Sep 12 18:24:12 [snip] postfix/smtpd[3942]: warning: hwsrv-774736.hostwindsdns.com[142.11.238.168]: SASL login authentication failed: UGFzc3dvcmQ6[...]	2020-09-13 01:35:58
142.11.238.168	attack	Lines containing failures of 142.11.238.168 Sep 8 22:13:04 box postfix/smtpd[27420]: connect from hwsrv-774736.hostwindsdns.com[142.11.238.168] Sep 8 22:13:06 box postfix/smtpd[27420]: lost connection after CONNECT from hwsrv-774736.hostwindsdns.com[142.11.238.168] Sep 8 22:13:06 box postfix/smtpd[27420]: disconnect from hwsrv-774736.hostwindsdns.com[142.11.238.168] commands=0/0 Sep 8 22:13:08 box postfix/smtpd[27420]: connect from hwsrv-774736.hostwindsdns.com[142.11.238.168] Sep 8 22:13:08 box postfix/smtpd[27420]: NOQUEUE: reject: RCPT from hwsrv-774736.hostwindsdns.com[142.11.238.168]: 450 4.1.8 : Sender address rejected: Domain not found; from=x@x helo= Sep 8 22:13:09 box postfix/smtpd[27420]: lost connection after RCPT from hwsrv-774736.hostwindsdns.com[142.11.238.168] Sep 8 22:13:09 box postfix/smtpd[27420]: disconnect from hwsrv-774736.hostwindsdns.com[142.11.238.168] ehlo=1 mail=1 rcpt=0/1 commands=2/3 Sep 8 22:13:09 box postfix/smtpd........ ------------------------------	2020-09-12 17:35:17
142.11.242.146	attackspambots	E-Mail Spam (RBL) [REJECTED]	2020-09-10 21:46:42
142.11.242.146	attackbots	E-Mail Spam (RBL) [REJECTED]	2020-09-10 13:29:05
142.11.242.146	attackbots	E-Mail Spam (RBL) [REJECTED]	2020-09-10 04:11:43
142.11.240.221	attack	E-Mail Spam (RBL) [REJECTED]	2020-09-09 19:07:40
142.11.240.221	attack	E-Mail Spam (RBL) [REJECTED]	2020-09-09 13:02:16
142.11.240.221	attack	E-Mail Spam (RBL) [REJECTED]	2020-09-09 05:18:57
142.11.236.46	attackbots	TCP (SYN) 142.11.236.46:44586 -> port 22, len 40	2020-08-14 14:55:20
142.11.240.183	attackspam	Jul 19 20:59:48 mail postfix/smtpd[29955]: warning: hwsrv-751545.hostwindsdns.com[142.11.240.183]: SASL login authentication failed: authentication failure	2020-08-08 19:51:53
142.11.253.132	attackspam	142.11.253.132 has been banned for [spam] ...	2020-07-28 23:04:44
142.11.242.201	spam	Recieved as SMS	2020-07-28 13:54:46
142.11.202.43	attack	Jul 22 17:52:13 dri postfix/smtpd[11566]: warning: hwsrv-752326.hostwindsdns.com[142.11.202.43]: SASL login authentication failed: UGFzc3dvcmQ6 Jul 22 17:52:22 dri postfix/smtpd[11566]: warning: hwsrv ...	2020-07-22 23:14:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.11.2.122
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52679
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;142.11.2.122.			IN	A

;; AUTHORITY SECTION:
.			569	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 04:01:33 CST 2022
;; MSG SIZE  rcvd: 105

Host info

122.2.11.142.in-addr.arpa domain name pointer 122.142-11-2.cellcom.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
122.2.11.142.in-addr.arpa	name = 122.142-11-2.cellcom.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.31.83	attackspam	Sep 10 02:54:22 server2 sshd\[15136\]: User root from 222.186.31.83 not allowed because not listed in AllowUsers Sep 10 02:54:29 server2 sshd\[15138\]: User root from 222.186.31.83 not allowed because not listed in AllowUsers Sep 10 02:57:44 server2 sshd\[15423\]: User root from 222.186.31.83 not allowed because not listed in AllowUsers Sep 10 03:02:58 server2 sshd\[28557\]: User root from 222.186.31.83 not allowed because not listed in AllowUsers Sep 10 03:02:59 server2 sshd\[28754\]: User root from 222.186.31.83 not allowed because not listed in AllowUsers Sep 10 03:02:59 server2 sshd\[29089\]: User root from 222.186.31.83 not allowed because not listed in AllowUsers	2020-09-10 08:04:43
149.56.15.98	attack	Sep 10 02:08:32 hosting sshd[10133]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.ip-149-56-15.net user=root Sep 10 02:08:34 hosting sshd[10133]: Failed password for root from 149.56.15.98 port 52073 ssh2 ...	2020-09-10 08:28:01
190.198.14.90	attackspam	20/9/9@12:48:30: FAIL: Alarm-Network address from=190.198.14.90 20/9/9@12:48:30: FAIL: Alarm-Network address from=190.198.14.90 ...	2020-09-10 08:31:28
49.151.178.229	attackbots	1599670146 - 09/09/2020 18:49:06 Host: 49.151.178.229/49.151.178.229 Port: 445 TCP Blocked	2020-09-10 08:17:12
2607:5300:203:d86::	attack	xmlrpc attack	2020-09-10 08:15:07
182.65.204.1	attack	TCP Port Scanning	2020-09-10 08:06:14
181.48.225.126	attackbots	2020-09-09T18:55:54.449405abusebot.cloudsearch.cf sshd[24047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.225.126 user=root 2020-09-09T18:55:56.681147abusebot.cloudsearch.cf sshd[24047]: Failed password for root from 181.48.225.126 port 35270 ssh2 2020-09-09T18:59:41.575114abusebot.cloudsearch.cf sshd[24096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.225.126 user=root 2020-09-09T18:59:43.636209abusebot.cloudsearch.cf sshd[24096]: Failed password for root from 181.48.225.126 port 39932 ssh2 2020-09-09T19:03:31.140719abusebot.cloudsearch.cf sshd[24158]: Invalid user ethos from 181.48.225.126 port 44586 2020-09-09T19:03:31.147839abusebot.cloudsearch.cf sshd[24158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.225.126 2020-09-09T19:03:31.140719abusebot.cloudsearch.cf sshd[24158]: Invalid user ethos from 181.48.225.126 port 44586 2020-0 ...	2020-09-10 08:38:39
184.105.247.230	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-09-10 08:12:31
103.105.59.80	attackspambots	SSH / Telnet Brute Force Attempts on Honeypot	2020-09-10 08:04:55
209.141.46.97	attack	Sep 9 18:41:15 vps sshd[2378]: Failed password for root from 209.141.46.97 port 59300 ssh2 Sep 9 18:46:38 vps sshd[2612]: Failed password for root from 209.141.46.97 port 43084 ssh2 ...	2020-09-10 08:02:30
49.235.136.49	attack	Failed password for invalid user mila from 49.235.136.49 port 53452 ssh2	2020-09-10 08:28:50
24.52.62.19	attackspam	Brute forcing email accounts	2020-09-10 08:05:13
51.91.76.3	attackspambots	Sep 10 00:17:22 vm0 sshd[26114]: Failed password for root from 51.91.76.3 port 57000 ssh2 ...	2020-09-10 08:35:18
94.30.142.179	attackbots	Sep 9 18:48:28 melroy-server sshd[24703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.30.142.179 Sep 9 18:48:30 melroy-server sshd[24703]: Failed password for invalid user dircreate from 94.30.142.179 port 55876 ssh2 ...	2020-09-10 08:32:17
189.125.102.208	attack	SSH Invalid Login	2020-09-10 08:31:46

Recently Reported IPs

138.122.247.9	218.65.65.19	138.128.188.18	138.128.163.18
138.128.176.122	138.128.188.122	138.128.179.210	138.128.161.180
138.128.160.162	138.128.174.10	138.128.182.178	138.128.187.74
138.128.170.10	138.128.161.181	138.128.245.163	138.197.11.238
138.197.108.91	138.197.104.2	138.197.102.116	138.197.102.177