69.10.52.142 - IPInfo

Basic Info

City: Secaucus

Region: New Jersey

Country: United States

Internet Service Provider: InterServer Inc

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Sep 30 19:07:02 php1 sshd\[3664\]: Invalid user 123456 from 69.10.52.142 Sep 30 19:07:02 php1 sshd\[3664\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.10.52.142 Sep 30 19:07:03 php1 sshd\[3664\]: Failed password for invalid user 123456 from 69.10.52.142 port 55662 ssh2 Sep 30 19:10:50 php1 sshd\[4095\]: Invalid user kristen from 69.10.52.142 Sep 30 19:10:50 php1 sshd\[4095\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.10.52.142	2019-10-01 13:25:52
attack	Sep 27 07:54:44 aat-srv002 sshd[16017]: Failed password for root from 69.10.52.142 port 60294 ssh2 Sep 27 07:58:45 aat-srv002 sshd[16162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.10.52.142 Sep 27 07:58:47 aat-srv002 sshd[16162]: Failed password for invalid user guest from 69.10.52.142 port 42082 ssh2 ...	2019-09-27 21:54:36
attackspam	2019-09-19 17:57:03,232 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 69.10.52.142 2019-09-19 18:30:00,470 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 69.10.52.142 2019-09-19 19:00:26,952 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 69.10.52.142 2019-09-19 19:30:53,648 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 69.10.52.142 2019-09-19 20:09:14,059 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 69.10.52.142 ...	2019-09-23 00:03:29
attackbotsspam	Sep 13 01:44:14 web9 sshd\[6122\]: Invalid user 123 from 69.10.52.142 Sep 13 01:44:14 web9 sshd\[6122\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.10.52.142 Sep 13 01:44:16 web9 sshd\[6122\]: Failed password for invalid user 123 from 69.10.52.142 port 34730 ssh2 Sep 13 01:47:44 web9 sshd\[6801\]: Invalid user hduser@123 from 69.10.52.142 Sep 13 01:47:44 web9 sshd\[6801\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.10.52.142	2019-09-13 20:30:47

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 69.10.52.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44749
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;69.10.52.142.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090901 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 10 01:19:00 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 142.52.10.69.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 142.52.10.69.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
85.185.75.98	attackbots	11/25/2019-01:22:35.238869 85.185.75.98 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-11-25 20:09:51
209.235.23.125	attack	Failed password for invalid user rathvon from 209.235.23.125 port 35452 ssh2 Invalid user changeme from 209.235.23.125 port 43816 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.235.23.125 Failed password for invalid user changeme from 209.235.23.125 port 43816 ssh2 Invalid user yuan from 209.235.23.125 port 52134 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.235.23.125	2019-11-25 20:37:44
185.208.148.54	attackbots	Automatic report - Port Scan Attack	2019-11-25 20:25:40
177.103.254.24	attackspam	2019-11-25T11:40:35.823107centos sshd\[20942\]: Invalid user server from 177.103.254.24 port 34424 2019-11-25T11:40:35.827947centos sshd\[20942\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.103.254.24 2019-11-25T11:40:37.632073centos sshd\[20942\]: Failed password for invalid user server from 177.103.254.24 port 34424 ssh2	2019-11-25 20:01:21
114.119.4.74	attackbotsspam	Invalid user csgo from 114.119.4.74 port 46250 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.119.4.74 Failed password for invalid user csgo from 114.119.4.74 port 46250 ssh2 Invalid user robin from 114.119.4.74 port 59984 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.119.4.74	2019-11-25 20:29:14
112.216.51.122	attack	2019-11-25T07:27:33.955223abusebot-5.cloudsearch.cf sshd\[24478\]: Invalid user gong from 112.216.51.122 port 36848	2019-11-25 20:31:08
189.171.50.188	attack	Nov 25 01:48:01 server6 sshd[17593]: reveeclipse mapping checking getaddrinfo for dsl-189-171-50-188-dyn.prod-infinhostnameum.com.mx [189.171.50.188] failed - POSSIBLE BREAK-IN ATTEMPT! Nov 25 01:48:03 server6 sshd[17593]: Failed password for invalid user guest from 189.171.50.188 port 40576 ssh2 Nov 25 01:48:03 server6 sshd[17593]: Received disconnect from 189.171.50.188: 11: Bye Bye [preauth] Nov 25 02:04:54 server6 sshd[30210]: reveeclipse mapping checking getaddrinfo for dsl-189-171-50-188-dyn.prod-infinhostnameum.com.mx [189.171.50.188] failed - POSSIBLE BREAK-IN ATTEMPT! Nov 25 02:04:54 server6 sshd[30210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.171.50.188 user=r.r Nov 25 02:04:56 server6 sshd[30210]: Failed password for r.r from 189.171.50.188 port 33626 ssh2 Nov 25 02:04:56 server6 sshd[30210]: Received disconnect from 189.171.50.188: 11: Bye Bye [preauth] Nov 25 02:08:22 server6 sshd[32723]: reveeclipse mapp........ -------------------------------	2019-11-25 20:20:56
159.89.129.215	attack	159.89.129.215 - - \[25/Nov/2019:06:22:12 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 159.89.129.215 - - \[25/Nov/2019:06:22:13 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-11-25 20:21:18
159.89.169.137	attackbotsspam	$f2bV_matches	2019-11-25 20:01:41
92.62.74.3	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/92.62.74.3/ KG - 1H : (2) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : KG NAME ASN : ASN29061 IP : 92.62.74.3 CIDR : 92.62.74.0/24 PREFIX COUNT : 36 UNIQUE IP COUNT : 17408 ATTACKS DETECTED ASN29061 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 2 DateTime : 2019-11-25 07:22:03 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-25 20:28:46
195.29.105.125	attack	Nov 25 13:00:39 MK-Soft-VM8 sshd[20651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.29.105.125 Nov 25 13:00:41 MK-Soft-VM8 sshd[20651]: Failed password for invalid user shuster from 195.29.105.125 port 37892 ssh2 ...	2019-11-25 20:02:03
81.28.100.97	attackspambots	Nov 25 07:22:02 smtp postfix/smtpd[52757]: NOQUEUE: reject: RCPT from wait.shrewdmhealth.com[81.28.100.97]: 554 5.7.1 Service unavailable; Client host [81.28.100.97] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= ...	2019-11-25 20:30:46
173.200.46.77	attack	173.200.46.77 has been banned for [spam] ...	2019-11-25 20:23:22
106.54.25.82	attack	Nov 25 06:43:02 mail1 sshd\[28346\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.25.82 user=root Nov 25 06:43:04 mail1 sshd\[28346\]: Failed password for root from 106.54.25.82 port 60716 ssh2 Nov 25 07:13:52 mail1 sshd\[10388\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.25.82 user=root Nov 25 07:13:54 mail1 sshd\[10388\]: Failed password for root from 106.54.25.82 port 37810 ssh2 Nov 25 07:21:57 mail1 sshd\[14132\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.25.82 user=mysql ...	2019-11-25 20:32:43
183.129.141.44	attack	Nov 25 17:17:04 vibhu-HP-Z238-Microtower-Workstation sshd\[22662\]: Invalid user kishigami from 183.129.141.44 Nov 25 17:17:04 vibhu-HP-Z238-Microtower-Workstation sshd\[22662\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.129.141.44 Nov 25 17:17:07 vibhu-HP-Z238-Microtower-Workstation sshd\[22662\]: Failed password for invalid user kishigami from 183.129.141.44 port 40018 ssh2 Nov 25 17:24:28 vibhu-HP-Z238-Microtower-Workstation sshd\[22963\]: Invalid user server from 183.129.141.44 Nov 25 17:24:28 vibhu-HP-Z238-Microtower-Workstation sshd\[22963\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.129.141.44 ...	2019-11-25 20:00:48

Recently Reported IPs

217.94.194.236	222.215.112.28	200.23.43.109	67.128.141.24
3.181.131.145	8.222.158.72	12.152.122.26	99.104.144.9
197.228.99.2	52.162.4.189	14.199.172.36	185.93.2.107
50.16.153.247	196.224.199.168	174.99.151.95	191.45.119.137
173.226.130.184	184.34.135.202	14.109.106.169	73.159.181.20