Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: CenturyLink Communications LLC

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:
Type Details Datetime
attack
suspicious action Thu, 20 Feb 2020 10:27:28 -0300
2020-02-21 00:26:22
attack
Honeypot attack, port: 445, PTR: 69-147-154-42.arpa.kmcmail.net.
2020-01-13 21:41:54
attackspambots
Portscan or hack attempt detected by psad/fwsnort
2019-12-23 08:32:26
attackspam
Port Scan: TCP/445
2019-09-07 07:37:51
attack
Port Scan: TCP/445
2019-09-03 01:41:42
attackbots
445/tcp 445/tcp 445/tcp...
[2019-06-24/08-23]8pkt,1pt.(tcp)
2019-08-24 03:07:52
attack
445/tcp
[2019-06-24]1pkt
2019-06-25 05:58:43
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 69.147.154.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21904
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;69.147.154.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 25 05:58:38 CST 2019
;; MSG SIZE  rcvd: 117
Host info
42.154.147.69.in-addr.arpa domain name pointer 69-147-154-42.arpa.kmcmail.net.
Nslookup info:
Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
42.154.147.69.in-addr.arpa	name = 69-147-154-42.arpa.kmcmail.net.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
103.28.2.60 attackspam
Invalid user webmaster from 103.28.2.60 port 51552
2019-11-26 20:51:37
45.80.64.246 attackbots
Invalid user qwe from 45.80.64.246 port 46760
2019-11-26 21:16:36
149.56.23.154 attack
2019-11-26T06:08:08.5011251495-001 sshd\[10640\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns529890.ip-149-56-23.net
2019-11-26T06:08:10.1596211495-001 sshd\[10640\]: Failed password for invalid user dicky from 149.56.23.154 port 41586 ssh2
2019-11-26T07:09:10.9534271495-001 sshd\[12765\]: Invalid user margaux12345 from 149.56.23.154 port 57346
2019-11-26T07:09:10.9615711495-001 sshd\[12765\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns529890.ip-149-56-23.net
2019-11-26T07:09:13.3506791495-001 sshd\[12765\]: Failed password for invalid user margaux12345 from 149.56.23.154 port 57346 ssh2
2019-11-26T07:12:26.8969171495-001 sshd\[12919\]: Invalid user xyz from 149.56.23.154 port 36276
...
2019-11-26 20:44:51
156.195.199.67 attackspambots
port scan and connect, tcp 80 (http)
2019-11-26 20:44:29
14.177.187.148 attackbotsspam
Automatic report - Port Scan Attack
2019-11-26 20:51:05
176.121.14.118 attackbots
MultiHost/MultiPort Probe, Scan, Hack -
2019-11-26 21:20:40
138.197.78.121 attackspambots
2019-11-26T08:55:38.017147abusebot-5.cloudsearch.cf sshd\[2505\]: Invalid user contrasena!qaz from 138.197.78.121 port 46934
2019-11-26 21:04:38
209.17.96.186 attackbotsspam
209.17.96.186 was recorded 7 times by 7 hosts attempting to connect to the following ports: 5222,8443,5901,401,3443,16010,44818. Incident counter (4h, 24h, all-time): 7, 41, 805
2019-11-26 21:21:52
200.195.172.114 attackbotsspam
Nov 26 12:11:00 ns381471 sshd[12260]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.195.172.114
Nov 26 12:11:02 ns381471 sshd[12260]: Failed password for invalid user admin from 200.195.172.114 port 21011 ssh2
2019-11-26 20:42:09
218.92.0.131 attack
Brute-force attempt banned
2019-11-26 21:03:49
75.178.12.122 attackspam
Automatic report - Port Scan Attack
2019-11-26 21:02:10
178.128.52.97 attack
Nov 26 03:10:10 TORMINT sshd\[30984\]: Invalid user guest from 178.128.52.97
Nov 26 03:10:10 TORMINT sshd\[30984\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.52.97
Nov 26 03:10:12 TORMINT sshd\[30984\]: Failed password for invalid user guest from 178.128.52.97 port 36738 ssh2
...
2019-11-26 21:03:03
173.160.41.137 attackspam
2019-11-26T11:27:06.202489abusebot-4.cloudsearch.cf sshd\[21563\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.convergence-solutions.com  user=root
2019-11-26 21:07:22
212.92.112.111 attackbots
IDS
2019-11-26 20:48:48
51.83.71.72 attackspam
Nov 26 10:46:55 heicom postfix/smtpd\[19969\]: warning: 72.ip-51-83-71.eu\[51.83.71.72\]: SASL LOGIN authentication failed: authentication failure
Nov 26 10:51:18 heicom postfix/smtpd\[20041\]: warning: 72.ip-51-83-71.eu\[51.83.71.72\]: SASL LOGIN authentication failed: authentication failure
Nov 26 11:14:13 heicom postfix/smtpd\[19969\]: warning: 72.ip-51-83-71.eu\[51.83.71.72\]: SASL LOGIN authentication failed: authentication failure
Nov 26 11:45:23 heicom postfix/smtpd\[21871\]: warning: 72.ip-51-83-71.eu\[51.83.71.72\]: SASL LOGIN authentication failed: authentication failure
Nov 26 12:10:06 heicom postfix/smtpd\[21840\]: warning: 72.ip-51-83-71.eu\[51.83.71.72\]: SASL LOGIN authentication failed: authentication failure
...
2019-11-26 20:38:44

Recently Reported IPs

195.9.31.221 192.82.65.131 187.10.211.207 181.111.246.2
188.82.43.187 188.79.24.81 188.78.187.167 188.76.80.55
169.177.114.100 188.76.61.21 115.117.110.14 104.111.106.77
198.69.38.145 158.137.15.142 26.96.239.241 126.148.165.24
208.133.188.119 197.16.54.111 168.109.158.104 226.41.33.27