144.217.5.242 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
144.217.50.88	attackspam	Jul 18 15:30:23 IngegnereFirenze sshd[26969]: Did not receive identification string from 144.217.50.88 port 35742 ...	2020-07-19 00:30:50
144.217.50.88	attackbots	Jul 14 20:27:43 debian-2gb-nbg1-2 kernel: \[17009831.928560\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=144.217.50.88 DST=195.201.40.59 LEN=40 TOS=0x18 PREC=0x00 TTL=239 ID=38599 PROTO=TCP SPT=44812 DPT=22 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-15 04:02:33
144.217.55.70	attackspam	SSH invalid-user multiple login attempts	2020-05-25 13:27:11
144.217.55.70	attackspambots	2020-05-11T13:02:25.984626abusebot-5.cloudsearch.cf sshd[16168]: Invalid user ts3srv from 144.217.55.70 port 59478 2020-05-11T13:02:25.992688abusebot-5.cloudsearch.cf sshd[16168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip70.ip-144-217-55.net 2020-05-11T13:02:25.984626abusebot-5.cloudsearch.cf sshd[16168]: Invalid user ts3srv from 144.217.55.70 port 59478 2020-05-11T13:02:27.559903abusebot-5.cloudsearch.cf sshd[16168]: Failed password for invalid user ts3srv from 144.217.55.70 port 59478 ssh2 2020-05-11T13:05:57.924687abusebot-5.cloudsearch.cf sshd[16223]: Invalid user krammer from 144.217.55.70 port 41848 2020-05-11T13:05:57.931973abusebot-5.cloudsearch.cf sshd[16223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip70.ip-144-217-55.net 2020-05-11T13:05:57.924687abusebot-5.cloudsearch.cf sshd[16223]: Invalid user krammer from 144.217.55.70 port 41848 2020-05-11T13:05:59.603871abusebot-5.cloudsear ...	2020-05-11 23:57:19
144.217.50.88	attackbots	05/08/2020-16:47:41.871975 144.217.50.88 Protocol: 6 ET SCAN Suspicious inbound to PostgreSQL port 5432	2020-05-09 07:32:23
144.217.50.88	attack	May 2 22:34:24 debian-2gb-nbg1-2 kernel: \[10710571.318215\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=144.217.50.88 DST=195.201.40.59 LEN=40 TOS=0x18 PREC=0x00 TTL=239 ID=22164 PROTO=TCP SPT=45948 DPT=22025 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-03 05:21:53
144.217.50.88	attack	Unauthorized connection attempt detected from IP address 144.217.50.88 to port 5023	2020-04-15 19:05:11
144.217.50.88	attackbots	4022/tcp 22/tcp 1723/tcp... [2020-02-12/04-06]32pkt,13pt.(tcp)	2020-04-06 18:32:41
144.217.58.161	attack	Email rejected due to spam filtering	2020-04-02 00:45:01
144.217.5.235	attack	trying to access non-authorized port	2020-03-30 13:50:07
144.217.5.235	attackspambots	Invalid user admin from 144.217.5.235 port 55530	2020-03-20 03:24:43
144.217.50.66	attack	/wp-admin/admin-ajax.php?do_reset_wordpress=true attack	2020-02-20 01:15:48
144.217.50.66	attack	144.217.50.66 - - [18/Feb/2020:17:10:06 -0300] "POST /wp-admin/admin-ajax.php?do_reset_wordpress=true HTTP/1.1" 302 - "wp-admin/edit.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 144.217.50.66 - - [18/Feb/2020:17:10:08 -0300] "GET /wp-admin/ HTTP/1.1" 302 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 144.217.50.66 - - [18/Feb/2020:17:10:08 -0300] "GET /wp-login.php?redirect_to=wp-admin%2F&reauth=1 HTTP/1.1" 200 1124 "wp-admin/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"	2020-02-19 10:26:23
144.217.54.51	attack	Invalid user shuai from 144.217.54.51 port 38714	2020-01-10 22:13:24
144.217.54.51	attack	Invalid user squid from 144.217.54.51 port 55158	2019-12-27 08:25:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 144.217.5.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33617
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;144.217.5.242.			IN	A

;; AUTHORITY SECTION:
.			289	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:30:54 CST 2022
;; MSG SIZE  rcvd: 106

Host info

242.5.217.144.in-addr.arpa domain name pointer 242.ip-144-217-5.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
242.5.217.144.in-addr.arpa	name = 242.ip-144-217-5.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.65.112.93	attackbotsspam	Dec 7 13:41:00 sachi sshd\[14061\]: Invalid user sony from 159.65.112.93 Dec 7 13:41:00 sachi sshd\[14061\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.112.93 Dec 7 13:41:02 sachi sshd\[14061\]: Failed password for invalid user sony from 159.65.112.93 port 41586 ssh2 Dec 7 13:46:10 sachi sshd\[14664\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.112.93 user=root Dec 7 13:46:11 sachi sshd\[14664\]: Failed password for root from 159.65.112.93 port 51884 ssh2	2019-12-08 07:58:37
104.245.144.42	attackspam	(From celeste.cookson94@gmail.com) Do you want to post your ad on tons of online ad sites every month? One tiny investment every month will get you virtually endless traffic to your site forever!Get more info by visiting: http://www.submitmyadnow.tech	2019-12-08 08:02:30
106.54.10.188	attackbotsspam	SSH-BruteForce	2019-12-08 07:56:45
104.236.224.69	attack	Dec 7 13:41:09 php1 sshd\[19971\]: Invalid user vx from 104.236.224.69 Dec 7 13:41:09 php1 sshd\[19971\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.224.69 Dec 7 13:41:12 php1 sshd\[19971\]: Failed password for invalid user vx from 104.236.224.69 port 34290 ssh2 Dec 7 13:46:19 php1 sshd\[20718\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.224.69 user=root Dec 7 13:46:21 php1 sshd\[20718\]: Failed password for root from 104.236.224.69 port 38984 ssh2	2019-12-08 07:57:49
60.165.42.199	attack	Dec 8 01:27:16 vmd38886 sshd\[21709\]: Invalid user osmc from 60.165.42.199 port 42429 Dec 8 01:27:16 vmd38886 sshd\[21709\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.165.42.199 Dec 8 01:27:18 vmd38886 sshd\[21709\]: Failed password for invalid user osmc from 60.165.42.199 port 42429 ssh2	2019-12-08 08:32:53
222.186.175.220	attackbotsspam	Dec 7 14:24:14 php1 sshd\[26002\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.220 user=root Dec 7 14:24:16 php1 sshd\[26002\]: Failed password for root from 222.186.175.220 port 10442 ssh2 Dec 7 14:24:32 php1 sshd\[26022\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.220 user=root Dec 7 14:24:33 php1 sshd\[26022\]: Failed password for root from 222.186.175.220 port 27156 ssh2 Dec 7 14:24:46 php1 sshd\[26022\]: Failed password for root from 222.186.175.220 port 27156 ssh2	2019-12-08 08:28:43
106.13.81.162	attack	Dec 8 01:11:40 [host] sshd[21657]: Invalid user guest from 106.13.81.162 Dec 8 01:11:40 [host] sshd[21657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.81.162 Dec 8 01:11:42 [host] sshd[21657]: Failed password for invalid user guest from 106.13.81.162 port 32778 ssh2	2019-12-08 08:15:33
138.197.103.160	attackspam	Dec 7 14:20:50 web9 sshd\[22340\]: Invalid user admin from 138.197.103.160 Dec 7 14:20:50 web9 sshd\[22340\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.103.160 Dec 7 14:20:52 web9 sshd\[22340\]: Failed password for invalid user admin from 138.197.103.160 port 53994 ssh2 Dec 7 14:26:29 web9 sshd\[23228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.103.160 user=uucp Dec 7 14:26:30 web9 sshd\[23228\]: Failed password for uucp from 138.197.103.160 port 36530 ssh2	2019-12-08 08:30:23
111.230.29.17	attackspam	Dec 8 00:56:04 vps647732 sshd[32198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.29.17 Dec 8 00:56:06 vps647732 sshd[32198]: Failed password for invalid user serial from 111.230.29.17 port 38606 ssh2 ...	2019-12-08 08:07:01
121.229.10.174	attackbots	Dec 7 22:12:26 h2022099 sshd[32291]: reveeclipse mapping checking getaddrinfo for 174.10.229.121.broad.nj.js.dynamic.163data.com.cn [121.229.10.174] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 7 22:12:26 h2022099 sshd[32291]: Invalid user cpanel from 121.229.10.174 Dec 7 22:12:26 h2022099 sshd[32291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.10.174 Dec 7 22:12:28 h2022099 sshd[32291]: Failed password for invalid user cpanel from 121.229.10.174 port 40721 ssh2 Dec 7 22:12:29 h2022099 sshd[32291]: Received disconnect from 121.229.10.174: 11: Bye Bye [preauth] Dec 7 22:20:25 h2022099 sshd[1136]: reveeclipse mapping checking getaddrinfo for 174.10.229.121.broad.nj.js.dynamic.163data.com.cn [121.229.10.174] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 7 22:20:25 h2022099 sshd[1136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.10.174 user=r.r Dec 7 22:20:27 h2022099 ssh........ -------------------------------	2019-12-08 07:59:38
124.158.179.6	attackbotsspam	Unauthorized connection attempt from IP address 124.158.179.6 on Port 445(SMB)	2019-12-08 08:12:48
84.53.244.182	attack	Unauthorized connection attempt from IP address 84.53.244.182 on Port 445(SMB)	2019-12-08 08:21:01
185.50.198.121	attack	xmlrpc attack	2019-12-08 08:33:24
2a00:d680:30:50::67	attack	xmlrpc attack	2019-12-08 08:28:15
51.89.151.214	attackspam	Dec 8 02:01:51 sauna sshd[224211]: Failed password for root from 51.89.151.214 port 35686 ssh2 Dec 8 02:07:10 sauna sshd[224626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.89.151.214 ...	2019-12-08 08:17:40

Recently Reported IPs

144.217.4.242	144.217.66.149	144.217.66.107	144.217.66.192
144.217.64.67	144.217.66.46	144.217.66.188	144.217.68.78
144.217.69.95	144.217.67.42	144.217.70.118	144.217.71.120
144.217.71.150	144.217.72.25	144.217.71.148	144.217.72.28
144.217.72.55	144.217.72.92	144.217.72.151	144.217.72.42