52.141.42.89 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Korea, Republic of

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	SSH/22 MH Probe, BF, Hack -	2019-11-27 20:21:08

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.141.42.89
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2404
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.141.42.89.			IN	A

;; AUTHORITY SECTION:
.			422	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112700 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 27 20:21:03 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 89.42.141.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 89.42.141.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
201.145.97.127	attackbots	suspicious action Mon, 24 Feb 2020 20:24:31 -0300	2020-02-25 08:27:58
122.200.93.11	attackbots	Feb 24 21:45:30 XXX sshd[8791]: Invalid user tom from 122.200.93.11 port 51306	2020-02-25 08:04:21
51.178.16.227	attackbotsspam	Feb 25 00:24:45 ks10 sshd[566145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.16.227 Feb 25 00:24:46 ks10 sshd[566145]: Failed password for invalid user ashok from 51.178.16.227 port 58286 ssh2 ...	2020-02-25 08:19:13
139.99.238.48	attackbotsspam	Feb 24 13:38:44 hpm sshd\[27797\]: Invalid user sandbox from 139.99.238.48 Feb 24 13:38:44 hpm sshd\[27797\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=48.ip-139-99-238.net Feb 24 13:38:46 hpm sshd\[27797\]: Failed password for invalid user sandbox from 139.99.238.48 port 36084 ssh2 Feb 24 13:45:48 hpm sshd\[28416\]: Invalid user digital from 139.99.238.48 Feb 24 13:45:48 hpm sshd\[28416\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=48.ip-139-99-238.net	2020-02-25 07:58:38
116.196.101.168	attackbotsspam	$f2bV_matches	2020-02-25 07:54:59
92.119.160.143	attackbotsspam	Feb 24 23:31:01 h2177944 kernel: \[5781255.261009\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=40040 PROTO=TCP SPT=51103 DPT=6501 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 24 23:31:01 h2177944 kernel: \[5781255.261023\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=40040 PROTO=TCP SPT=51103 DPT=6501 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 24 23:59:45 h2177944 kernel: \[5782978.232172\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=36864 PROTO=TCP SPT=51103 DPT=5617 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 24 23:59:45 h2177944 kernel: \[5782978.232185\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=36864 PROTO=TCP SPT=51103 DPT=5617 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 25 00:24:47 h2177944 kernel: \[5784480.365772\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.	2020-02-25 08:17:47
165.22.78.222	attackspam	Feb 25 01:10:08 plex sshd[29430]: Invalid user steamcmd from 165.22.78.222 port 34034	2020-02-25 08:31:13
134.209.154.207	attack	Feb 24 22:29:11 kmh-mb-001 sshd[2474]: Invalid user testing from 134.209.154.207 port 34164 Feb 24 22:29:11 kmh-mb-001 sshd[2474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.154.207 Feb 24 22:29:13 kmh-mb-001 sshd[2474]: Failed password for invalid user testing from 134.209.154.207 port 34164 ssh2 Feb 24 22:29:13 kmh-mb-001 sshd[2474]: Received disconnect from 134.209.154.207 port 34164:11: Bye Bye [preauth] Feb 24 22:29:13 kmh-mb-001 sshd[2474]: Disconnected from 134.209.154.207 port 34164 [preauth] Feb 24 22:44:22 kmh-mb-001 sshd[4577]: Invalid user james from 134.209.154.207 port 40198 Feb 24 22:44:22 kmh-mb-001 sshd[4577]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.154.207 Feb 24 22:44:24 kmh-mb-001 sshd[4577]: Failed password for invalid user james from 134.209.154.207 port 40198 ssh2 Feb 24 22:44:24 kmh-mb-001 sshd[4577]: Received disconnect from 134.209.154.2........ -------------------------------	2020-02-25 08:24:33
221.122.73.130	attackspambots	2020-02-25T10:41:50.217558luisaranguren sshd[1006266]: Invalid user centos from 221.122.73.130 port 42470 2020-02-25T10:41:52.407797luisaranguren sshd[1006266]: Failed password for invalid user centos from 221.122.73.130 port 42470 ssh2 ...	2020-02-25 08:30:12
185.175.93.101	attackbots	Fail2Ban Ban Triggered	2020-02-25 08:06:07
213.32.22.239	attackspam	Feb 24 14:08:11 tdfoods sshd\[3165\]: Invalid user golflife from 213.32.22.239 Feb 24 14:08:11 tdfoods sshd\[3165\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=239.ip-213-32-22.eu Feb 24 14:08:13 tdfoods sshd\[3165\]: Failed password for invalid user golflife from 213.32.22.239 port 41852 ssh2 Feb 24 14:17:03 tdfoods sshd\[4061\]: Invalid user zabbix from 213.32.22.239 Feb 24 14:17:03 tdfoods sshd\[4061\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=239.ip-213-32-22.eu	2020-02-25 08:21:59
124.156.54.103	attackspambots	Honeypot attack, port: 4567, PTR: PTR record not found	2020-02-25 08:28:47
118.173.233.149	attackbots	suspicious action Mon, 24 Feb 2020 20:24:34 -0300	2020-02-25 08:26:43
134.17.139.223	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2020-02-25 08:29:56
104.227.139.186	attackbotsspam	Feb 24 13:54:36 hanapaa sshd\[4043\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.227.139.186 user=daemon Feb 24 13:54:38 hanapaa sshd\[4043\]: Failed password for daemon from 104.227.139.186 port 59490 ssh2 Feb 24 14:01:57 hanapaa sshd\[4618\]: Invalid user quest from 104.227.139.186 Feb 24 14:01:57 hanapaa sshd\[4618\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.227.139.186 Feb 24 14:01:59 hanapaa sshd\[4618\]: Failed password for invalid user quest from 104.227.139.186 port 58768 ssh2	2020-02-25 08:09:34

Recently Reported IPs

180.196.171.187	132.206.175.6	211.28.225.90	60.66.91.101
22.242.118.15	26.106.18.222	240.167.131.28	25.124.99.88
201.186.124.177	90.145.195.86	31.217.206.252	92.21.94.217
100.188.243.26	214.103.118.58	154.62.254.142	73.181.210.38
118.121.13.43	112.29.172.224	27.100.26.45	78.180.151.133