52.162.142.114

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Invalid user admin from 52.162.142.114 port 30118	2020-07-18 18:59:27
attack	Jul 16 09:22:52 mout sshd[7492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.162.142.114 user=root Jul 16 09:22:55 mout sshd[7492]: Failed password for root from 52.162.142.114 port 12198 ssh2	2020-07-16 16:39:41

Type

Details

Datetime

attackspam

Invalid user admin from 52.162.142.114 port 30118

2020-07-18 18:59:27

attack

Jul 16 09:22:52 mout sshd[7492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.162.142.114  user=root
Jul 16 09:22:55 mout sshd[7492]: Failed password for root from 52.162.142.114 port 12198 ssh2

2020-07-16 16:39:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.162.142.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21975
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.162.142.114.			IN	A

;; AUTHORITY SECTION:
.			546	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071601 1800 900 604800 86400

;; Query time: 41 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 16 16:39:37 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 114.142.162.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 114.142.162.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.65.30.66	attack	Feb 7 14:45:12 Ubuntu-1404-trusty-64-minimal sshd\[30942\]: Invalid user lvh from 159.65.30.66 Feb 7 14:45:12 Ubuntu-1404-trusty-64-minimal sshd\[30942\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.30.66 Feb 7 14:45:13 Ubuntu-1404-trusty-64-minimal sshd\[30942\]: Failed password for invalid user lvh from 159.65.30.66 port 36842 ssh2 Feb 7 15:05:36 Ubuntu-1404-trusty-64-minimal sshd\[892\]: Invalid user oix from 159.65.30.66 Feb 7 15:05:36 Ubuntu-1404-trusty-64-minimal sshd\[892\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.30.66	2020-02-08 01:44:42
193.29.13.26	attack	20 attempts against mh-misbehave-ban on grain	2020-02-08 01:50:17
222.186.42.136	attack	Feb 7 18:40:49 debian64 sshd\[1610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.136 user=root Feb 7 18:40:51 debian64 sshd\[1610\]: Failed password for root from 222.186.42.136 port 39414 ssh2 Feb 7 18:40:55 debian64 sshd\[1610\]: Failed password for root from 222.186.42.136 port 39414 ssh2 ...	2020-02-08 01:42:02
65.19.174.248	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-08 01:33:28
93.174.95.41	attack	02/07/2020-09:21:07.663089 93.174.95.41 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-08 01:55:58
89.237.81.128	attackspambots	20/2/7@09:04:59: FAIL: Alarm-Telnet address from=89.237.81.128 ...	2020-02-08 01:46:35
190.217.23.161	attack	20/2/7@09:05:23: FAIL: Alarm-Network address from=190.217.23.161 20/2/7@09:05:23: FAIL: Alarm-Network address from=190.217.23.161 ...	2020-02-08 01:34:03
180.96.62.247	attack	fraudulent SSH attempt	2020-02-08 02:05:19
185.39.11.28	attackspam	Feb 7 17:11:06 host3 dovecot: pop3-login: Disconnected: Inactivity (auth failed, 1 attempts in 180 secs): user=, method=PLAIN, rip=185.39.11.28, lip=207.180.241.50, session= Feb 7 18:56:16 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=185.39.11.28, lip=207.180.241.50, session= Feb 7 18:57:00 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=185.39.11.28, lip=207.180.241.50, session= Feb 7 18:57:41 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=185.39.11.28, lip=207.180.241.50, session= Feb 7 18:59:37 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=185.39.11.28, lip=207.180.241.50, s ...	2020-02-08 02:01:09
218.92.0.191	attack	Feb 7 19:07:15 dcd-gentoo sshd[10455]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Feb 7 19:07:18 dcd-gentoo sshd[10455]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Feb 7 19:07:15 dcd-gentoo sshd[10455]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Feb 7 19:07:18 dcd-gentoo sshd[10455]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Feb 7 19:07:15 dcd-gentoo sshd[10455]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Feb 7 19:07:18 dcd-gentoo sshd[10455]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Feb 7 19:07:18 dcd-gentoo sshd[10455]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 34024 ssh2 ...	2020-02-08 02:13:44
14.167.172.13	attack	Feb 7 14:06:21 marvibiene sshd[33430]: Invalid user admin from 14.167.172.13 port 63554 Feb 7 14:06:22 marvibiene sshd[33430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.167.172.13 Feb 7 14:06:21 marvibiene sshd[33430]: Invalid user admin from 14.167.172.13 port 63554 Feb 7 14:06:25 marvibiene sshd[33430]: Failed password for invalid user admin from 14.167.172.13 port 63554 ssh2 ...	2020-02-08 02:01:55
79.41.12.68	attackspam	Feb 7 17:05:33 server sshd\[22219\]: Invalid user pi from 79.41.12.68 Feb 7 17:05:33 server sshd\[22219\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host68-12-dynamic.41-79-r.retail.telecomitalia.it Feb 7 17:05:33 server sshd\[22221\]: Invalid user pi from 79.41.12.68 Feb 7 17:05:33 server sshd\[22221\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host68-12-dynamic.41-79-r.retail.telecomitalia.it Feb 7 17:05:35 server sshd\[22219\]: Failed password for invalid user pi from 79.41.12.68 port 56750 ssh2 ...	2020-02-08 01:47:56
1.212.62.171	attackspambots	Feb 7 18:33:54 sd-53420 sshd\[7896\]: Invalid user lir from 1.212.62.171 Feb 7 18:33:54 sd-53420 sshd\[7896\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.212.62.171 Feb 7 18:33:56 sd-53420 sshd\[7896\]: Failed password for invalid user lir from 1.212.62.171 port 53616 ssh2 Feb 7 18:38:34 sd-53420 sshd\[8314\]: Invalid user iad from 1.212.62.171 Feb 7 18:38:34 sd-53420 sshd\[8314\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.212.62.171 ...	2020-02-08 01:41:08
163.172.127.200	attackbots	02/07/2020-10:16:10.966783 163.172.127.200 Protocol: 17 ET SCAN Sipvicious Scan	2020-02-08 01:44:22
115.59.77.175	attack	20/2/7@09:05:47: FAIL: IoT-Telnet address from=115.59.77.175 ...	2020-02-08 02:11:31

Recently Reported IPs

78.118.222.35	148.66.135.148	120.198.219.69	85.209.0.138
220.135.64.20	95.213.165.45	204.73.193.17	113.89.35.69
207.229.172.7	167.71.78.207	157.84.156.71	187.45.110.163
140.143.16.69	51.83.139.56	115.153.15.198	37.111.139.75
41.216.106.56	127.198.144.144	103.207.36.113	133.216.27.101