142.11.216.244

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
142.11.216.5	attack	Dec 8 12:16:50 v22018076590370373 sshd[30768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.11.216.5 ...	2020-02-02 04:35:58
142.11.216.5	attackspam	Lines containing failures of 142.11.216.5 Dec 16 09:33:00 shared06 sshd[10629]: Invalid user naolu from 142.11.216.5 port 59188 Dec 16 09:33:00 shared06 sshd[10629]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.11.216.5 Dec 16 09:33:03 shared06 sshd[10629]: Failed password for invalid user naolu from 142.11.216.5 port 59188 ssh2 Dec 16 09:33:03 shared06 sshd[10629]: Received disconnect from 142.11.216.5 port 59188:11: Bye Bye [preauth] Dec 16 09:33:03 shared06 sshd[10629]: Disconnected from invalid user naolu 142.11.216.5 port 59188 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=142.11.216.5	2019-12-16 18:20:59
142.11.216.5	attackspam	Dec 15 08:59:43 lnxded64 sshd[21543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.11.216.5	2019-12-15 16:06:48
142.11.216.5	attackbots	Dec 2 16:35:34 server sshd\[10736\]: Invalid user user from 142.11.216.5 Dec 2 16:35:34 server sshd\[10736\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=hwsrv-632656.hostwindsdns.com Dec 2 16:35:37 server sshd\[10736\]: Failed password for invalid user user from 142.11.216.5 port 53024 ssh2 Dec 2 16:43:55 server sshd\[13099\]: Invalid user lisa from 142.11.216.5 Dec 2 16:43:55 server sshd\[13099\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=hwsrv-632656.hostwindsdns.com ...	2019-12-02 23:30:06
142.11.216.53	attackspambots	Oct 22 03:48:04 ip-172-31-62-245 sshd\[28762\]: Failed password for root from 142.11.216.53 port 44220 ssh2\ Oct 22 03:48:05 ip-172-31-62-245 sshd\[28764\]: Invalid user admin from 142.11.216.53\ Oct 22 03:48:06 ip-172-31-62-245 sshd\[28764\]: Failed password for invalid user admin from 142.11.216.53 port 46274 ssh2\ Oct 22 03:48:07 ip-172-31-62-245 sshd\[28766\]: Invalid user admin from 142.11.216.53\ Oct 22 03:48:09 ip-172-31-62-245 sshd\[28766\]: Failed password for invalid user admin from 142.11.216.53 port 47980 ssh2\	2019-10-22 19:45:28

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.11.216.244
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2664
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;142.11.216.244.			IN	A

;; AUTHORITY SECTION:
.			206	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 83 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:18:51 CST 2022
;; MSG SIZE  rcvd: 107

Host info

244.216.11.142.in-addr.arpa domain name pointer hwsrv-653099.hostwindsdns.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
244.216.11.142.in-addr.arpa	name = hwsrv-653099.hostwindsdns.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.63.194.35	attack	TCP (SYN) 92.63.194.35:41027 -> port 1723, len 60	2020-06-06 04:10:01
46.244.83.44	attackspambots	Telnet Honeypot -> Telnet Bruteforce / Login	2020-06-06 04:13:52
222.186.175.167	attack	Jun 5 21:52:41 vps sshd[469094]: Failed password for root from 222.186.175.167 port 46688 ssh2 Jun 5 21:52:45 vps sshd[469094]: Failed password for root from 222.186.175.167 port 46688 ssh2 Jun 5 21:52:48 vps sshd[469094]: Failed password for root from 222.186.175.167 port 46688 ssh2 Jun 5 21:52:52 vps sshd[469094]: Failed password for root from 222.186.175.167 port 46688 ssh2 Jun 5 21:52:54 vps sshd[469094]: Failed password for root from 222.186.175.167 port 46688 ssh2 ...	2020-06-06 04:13:31
112.126.59.53	attack	"Possible Remote File Inclusion (RFI) Attack: URL Parameter using IP Address - Matched Data: h://172.104.128.137 found within ARGS:redirect_to: h://172.104.128.137/wp-admin/"	2020-06-06 04:32:00
36.231.138.105	attackspam	Honeypot attack, port: 445, PTR: 36-231-138-105.dynamic-ip.hinet.net.	2020-06-06 04:39:40
162.243.136.87	attack	Unauthorized connection attempt detected from IP address 162.243.136.87 to port 21 [T]	2020-06-06 04:26:41
222.186.180.142	attack	06/05/2020-16:43:26.316201 222.186.180.142 Protocol: 6 ET SCAN Potential SSH Scan	2020-06-06 04:43:42
45.232.183.9	attackbotsspam	Honeypot attack, port: 445, PTR: static-45.232.183.9-locallink.com.br.	2020-06-06 04:42:53
117.121.214.50	attack	Jun 5 19:43:29 vmi345603 sshd[26184]: Failed password for root from 117.121.214.50 port 49076 ssh2 ...	2020-06-06 04:12:14
222.240.95.159	attackspambots	Failed password for root from 222.240.95.159 port 10368 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.240.95.159 user=root Failed password for root from 222.240.95.159 port 8662 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.240.95.159 user=root Failed password for root from 222.240.95.159 port 11158 ssh2	2020-06-06 04:43:11
45.153.185.22	attackspam	TCP (SYN) 45.153.185.22:33175 -> port 23, len 44	2020-06-06 04:11:25
183.56.201.121	attack	Jun 5 08:47:53 Tower sshd[33974]: Connection from 183.56.201.121 port 50231 on 192.168.10.220 port 22 rdomain "" Jun 5 08:47:56 Tower sshd[33974]: Failed password for root from 183.56.201.121 port 50231 ssh2 Jun 5 08:47:56 Tower sshd[33974]: Received disconnect from 183.56.201.121 port 50231:11: Bye Bye [preauth] Jun 5 08:47:56 Tower sshd[33974]: Disconnected from authenticating user root 183.56.201.121 port 50231 [preauth]	2020-06-06 04:09:27
195.58.56.9	attackspam	[04/Jun/2020:02:52:47 -0400] "GET / HTTP/1.1" Chrome 51.0 UA	2020-06-06 04:22:45
208.109.11.224	attackspam	POST /wp-login.php HTTP/1.1 POST /wp-login.php HTTP/1.1 POST /wp-login.php HTTP/1.1	2020-06-06 04:36:13
178.93.0.150	attack	[04/Jun/2020:19:59:30 -0400] "GET / HTTP/1.1" Chrome 52.0 UA	2020-06-06 04:24:18

Recently Reported IPs

142.11.202.104	142.11.211.85	142.11.230.202	142.11.243.227
142.11.243.224	142.11.226.118	142.110.204.12	142.112.161.69
142.112.27.121	142.111.79.34	142.11.246.14	142.117.152.202
142.118.134.7	142.113.10.89	142.127.235.252	142.112.6.50
142.118.85.125	142.129.62.161	142.126.129.135	142.131.15.233