142.11.216.53 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Hostwinds LLC.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Oct 22 03:48:04 ip-172-31-62-245 sshd\[28762\]: Failed password for root from 142.11.216.53 port 44220 ssh2\ Oct 22 03:48:05 ip-172-31-62-245 sshd\[28764\]: Invalid user admin from 142.11.216.53\ Oct 22 03:48:06 ip-172-31-62-245 sshd\[28764\]: Failed password for invalid user admin from 142.11.216.53 port 46274 ssh2\ Oct 22 03:48:07 ip-172-31-62-245 sshd\[28766\]: Invalid user admin from 142.11.216.53\ Oct 22 03:48:09 ip-172-31-62-245 sshd\[28766\]: Failed password for invalid user admin from 142.11.216.53 port 47980 ssh2\	2019-10-22 19:45:28

Type

Details

Datetime

attackspambots

Oct 22 03:48:04 ip-172-31-62-245 sshd\[28762\]: Failed password for root from 142.11.216.53 port 44220 ssh2\
Oct 22 03:48:05 ip-172-31-62-245 sshd\[28764\]: Invalid user admin from 142.11.216.53\
Oct 22 03:48:06 ip-172-31-62-245 sshd\[28764\]: Failed password for invalid user admin from 142.11.216.53 port 46274 ssh2\
Oct 22 03:48:07 ip-172-31-62-245 sshd\[28766\]: Invalid user admin from 142.11.216.53\
Oct 22 03:48:09 ip-172-31-62-245 sshd\[28766\]: Failed password for invalid user admin from 142.11.216.53 port 47980 ssh2\

2019-10-22 19:45:28

Comments on same subnet:

IP	Type	Details	Datetime
142.11.216.5	attack	Dec 8 12:16:50 v22018076590370373 sshd[30768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.11.216.5 ...	2020-02-02 04:35:58
142.11.216.5	attackspam	Lines containing failures of 142.11.216.5 Dec 16 09:33:00 shared06 sshd[10629]: Invalid user naolu from 142.11.216.5 port 59188 Dec 16 09:33:00 shared06 sshd[10629]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.11.216.5 Dec 16 09:33:03 shared06 sshd[10629]: Failed password for invalid user naolu from 142.11.216.5 port 59188 ssh2 Dec 16 09:33:03 shared06 sshd[10629]: Received disconnect from 142.11.216.5 port 59188:11: Bye Bye [preauth] Dec 16 09:33:03 shared06 sshd[10629]: Disconnected from invalid user naolu 142.11.216.5 port 59188 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=142.11.216.5	2019-12-16 18:20:59
142.11.216.5	attackspam	Dec 15 08:59:43 lnxded64 sshd[21543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.11.216.5	2019-12-15 16:06:48
142.11.216.5	attackbots	Dec 2 16:35:34 server sshd\[10736\]: Invalid user user from 142.11.216.5 Dec 2 16:35:34 server sshd\[10736\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=hwsrv-632656.hostwindsdns.com Dec 2 16:35:37 server sshd\[10736\]: Failed password for invalid user user from 142.11.216.5 port 53024 ssh2 Dec 2 16:43:55 server sshd\[13099\]: Invalid user lisa from 142.11.216.5 Dec 2 16:43:55 server sshd\[13099\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=hwsrv-632656.hostwindsdns.com ...	2019-12-02 23:30:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.11.216.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 998
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.11.216.53.			IN	A

;; AUTHORITY SECTION:
.			198	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102200 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 22 19:45:25 CST 2019
;; MSG SIZE  rcvd: 117

Host info

53.216.11.142.in-addr.arpa domain name pointer hwsrv-626458.hostwindsdns.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
53.216.11.142.in-addr.arpa	name = hwsrv-626458.hostwindsdns.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
13.68.222.199	attack	[AUTOMATIC REPORT] - 21 tries in total - SSH BRUTE FORCE - IP banned	2020-06-28 19:26:27
94.25.181.156	attackbots	Brute force attempt	2020-06-28 18:51:58
106.13.124.76	attackbots	$f2bV_matches	2020-06-28 19:09:42
116.24.67.190	attackbots	20 attempts against mh-ssh on train	2020-06-28 18:55:58
175.136.213.254	attack	TCP (SYN) 175.136.213.254:65349 -> port 23, len 44	2020-06-28 19:17:12
138.68.234.162	attackbotsspam	2020-06-28T03:32:13.818915ionos.janbro.de sshd[46585]: Failed password for invalid user ashley from 138.68.234.162 port 49106 ssh2 2020-06-28T03:36:09.827754ionos.janbro.de sshd[46608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.234.162 user=root 2020-06-28T03:36:12.076636ionos.janbro.de sshd[46608]: Failed password for root from 138.68.234.162 port 48918 ssh2 2020-06-28T03:40:00.279093ionos.janbro.de sshd[46629]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.234.162 user=root 2020-06-28T03:40:01.905765ionos.janbro.de sshd[46629]: Failed password for root from 138.68.234.162 port 48716 ssh2 2020-06-28T03:44:05.983738ionos.janbro.de sshd[46636]: Invalid user sys from 138.68.234.162 port 48518 2020-06-28T03:44:06.102796ionos.janbro.de sshd[46636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.234.162 2020-06-28T03:44:05.983738ionos.janbro ...	2020-06-28 19:19:40
36.155.115.227	attackbots	Jun 28 10:08:12 cp sshd[26187]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.155.115.227	2020-06-28 19:21:14
150.109.45.228	attack	Jun 28 08:43:52 vmd17057 sshd[28227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.45.228 Jun 28 08:43:54 vmd17057 sshd[28227]: Failed password for invalid user test from 150.109.45.228 port 54004 ssh2 ...	2020-06-28 19:02:08
61.177.172.177	attackbots	Jun 28 13:02:58 nas sshd[8331]: Failed password for root from 61.177.172.177 port 4935 ssh2 Jun 28 13:03:04 nas sshd[8331]: Failed password for root from 61.177.172.177 port 4935 ssh2 Jun 28 13:03:10 nas sshd[8331]: Failed password for root from 61.177.172.177 port 4935 ssh2 Jun 28 13:03:17 nas sshd[8331]: Failed password for root from 61.177.172.177 port 4935 ssh2 ...	2020-06-28 19:22:21
50.2.209.134	spam	Aggressive email spammer on subnet 50.2.209.%	2020-06-28 19:20:08
193.32.161.147	attack	06/28/2020-06:31:40.334542 193.32.161.147 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-06-28 19:15:50
82.65.66.122	attack	SQLinjection	2020-06-28 18:56:59
45.134.179.57	attackbots	Jun 28 13:06:35 debian-2gb-nbg1-2 kernel: \[15601043.047290\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.134.179.57 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=4334 PROTO=TCP SPT=46943 DPT=38015 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-28 19:23:19
106.124.131.70	attackspam	$f2bV_matches	2020-06-28 18:52:47
37.49.230.231	attackbotsspam	[portscan] tcp/22 [SSH] [scan/connect: 2 time(s)] in blocklist.de:'listed [unkn]' in sorbs:'listed [unkn]' in gbudb.net:'listed' *(RWIN=65535)(06281032)	2020-06-28 19:05:10

Recently Reported IPs

36.89.183.113	95.215.228.220	188.50.177.192	170.233.123.158
95.245.235.96	54.215.131.85	185.173.74.190	179.49.117.37
51.79.141.173	146.66.185.201	162.158.142.132	109.60.62.41
94.255.186.30	51.159.20.222	153.127.93.21	159.203.98.121
113.20.99.83	198.211.109.148	79.131.204.87	193.193.235.230