69.147.154.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: CenturyLink Communications LLC

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	suspicious action Thu, 20 Feb 2020 10:27:28 -0300	2020-02-21 00:26:22
attack	Honeypot attack, port: 445, PTR: 69-147-154-42.arpa.kmcmail.net.	2020-01-13 21:41:54
attackspambots	Portscan or hack attempt detected by psad/fwsnort	2019-12-23 08:32:26
attackspam	Port Scan: TCP/445	2019-09-07 07:37:51
attack	Port Scan: TCP/445	2019-09-03 01:41:42
attackbots	445/tcp 445/tcp 445/tcp... [2019-06-24/08-23]8pkt,1pt.(tcp)	2019-08-24 03:07:52
attack	445/tcp [2019-06-24]1pkt	2019-06-25 05:58:43

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 69.147.154.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21904
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;69.147.154.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 25 05:58:38 CST 2019
;; MSG SIZE  rcvd: 117

Host info

42.154.147.69.in-addr.arpa domain name pointer 69-147-154-42.arpa.kmcmail.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
42.154.147.69.in-addr.arpa	name = 69-147-154-42.arpa.kmcmail.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
58.62.207.50	attackbotsspam	Jun 13 14:05:51 ns382633 sshd\[20927\]: Invalid user iq from 58.62.207.50 port 46538 Jun 13 14:05:51 ns382633 sshd\[20927\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.62.207.50 Jun 13 14:05:53 ns382633 sshd\[20927\]: Failed password for invalid user iq from 58.62.207.50 port 46538 ssh2 Jun 13 14:23:06 ns382633 sshd\[23725\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.62.207.50 user=root Jun 13 14:23:08 ns382633 sshd\[23725\]: Failed password for root from 58.62.207.50 port 57456 ssh2	2020-06-14 01:55:30
96.8.121.32	attackbots	2020-06-13T10:25:14.0037031495-001 sshd[21832]: Failed password for invalid user admin from 96.8.121.32 port 56672 ssh2 2020-06-13T10:29:49.5246381495-001 sshd[22043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.8.121.32 user=root 2020-06-13T10:29:51.0997911495-001 sshd[22043]: Failed password for root from 96.8.121.32 port 52306 ssh2 2020-06-13T10:34:26.2167741495-001 sshd[22188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.8.121.32 user=root 2020-06-13T10:34:28.1530981495-001 sshd[22188]: Failed password for root from 96.8.121.32 port 47946 ssh2 2020-06-13T10:39:05.0757751495-001 sshd[22409]: Invalid user Iqadmin from 96.8.121.32 port 43590 ...	2020-06-14 01:49:12
34.75.177.103	attack	Automated report (2020-06-13T21:42:14+08:00). Misbehaving bot detected at this address.	2020-06-14 01:45:11
192.144.226.142	attackbots	Jun 13 15:29:22 ns381471 sshd[10119]: Failed password for root from 192.144.226.142 port 53700 ssh2 Jun 13 15:31:45 ns381471 sshd[10241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.226.142	2020-06-14 01:38:12
125.227.112.25	attackspambots	Lines containing failures of 125.227.112.25 Jun 13 07:20:00 cdb sshd[14229]: Invalid user usuario1 from 125.227.112.25 port 48709 Jun 13 07:20:00 cdb sshd[14229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.227.112.25 Jun 13 07:20:03 cdb sshd[14229]: Failed password for invalid user usuario1 from 125.227.112.25 port 48709 ssh2 Jun 13 07:20:03 cdb sshd[14229]: Received disconnect from 125.227.112.25 port 48709:11: Bye Bye [preauth] Jun 13 07:20:03 cdb sshd[14229]: Disconnected from invalid user usuario1 125.227.112.25 port 48709 [preauth] Jun 13 07:32:22 cdb sshd[16332]: Invalid user debian-spamb from 125.227.112.25 port 50780 Jun 13 07:32:22 cdb sshd[16332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.227.112.25 Jun 13 07:32:24 cdb sshd[16332]: Failed password for invalid user debian-spamb from 125.227.112.25 port 50780 ssh2 Jun 13 07:32:24 cdb sshd[16332]: Received disconnect........ ------------------------------	2020-06-14 01:51:04
73.41.104.30	attackspambots	Multiple SSH login attempts.	2020-06-14 01:35:06
8.129.168.101	attack	[2020-06-13 13:48:40] NOTICE[1273] chan_sip.c: Registration from '' failed for '8.129.168.101:54771' - Wrong password [2020-06-13 13:48:40] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-13T13:48:40.023-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="0",SessionID="0x7f31c02f7128",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/8.129.168.101/54771",Challenge="47f33cf3",ReceivedChallenge="47f33cf3",ReceivedHash="69900704c8a668437366ffee83bd8fbd" [2020-06-13 13:48:40] NOTICE[1273] chan_sip.c: Registration from '' failed for '8.129.168.101:54769' - Wrong password [2020-06-13 13:48:40] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-13T13:48:40.025-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="0",SessionID="0x7f31c018ea98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/8.129.168.101/54769",Chal ...	2020-06-14 02:09:01
20.184.8.97	attack	Jun 13 13:19:27 sigma sshd\[19775\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.184.8.97 user=rootJun 13 13:23:04 sigma sshd\[19808\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.184.8.97 user=root ...	2020-06-14 01:59:02
188.32.38.91	attackbotsspam	1592050967 - 06/13/2020 14:22:47 Host: 188.32.38.91/188.32.38.91 Port: 445 TCP Blocked	2020-06-14 02:13:08
34.73.171.237	attack	Automated report (2020-06-13T21:52:16+08:00). Misbehaving bot detected at this address.	2020-06-14 02:16:01
159.89.171.81	attackbots	sshd	2020-06-14 01:34:19
14.243.42.92	attackbotsspam	20/6/13@08:23:05: FAIL: Alarm-Intrusion address from=14.243.42.92 ...	2020-06-14 01:59:25
139.59.66.101	attack	$f2bV_matches	2020-06-14 02:09:43
198.50.155.238	attackspambots	[Sat Jun 13 01:56:52 2020 GMT] "Bloomberg xxxxet Alerts" [], Subject: Be part of a covid test group	2020-06-14 01:59:44
213.169.39.218	attackspam	2020-06-13T11:02:13.2962071495-001 sshd[23187]: Invalid user headmaster from 213.169.39.218 port 36688 2020-06-13T11:02:13.2995211495-001 sshd[23187]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.169.39.218 2020-06-13T11:02:13.2962071495-001 sshd[23187]: Invalid user headmaster from 213.169.39.218 port 36688 2020-06-13T11:02:15.7525291495-001 sshd[23187]: Failed password for invalid user headmaster from 213.169.39.218 port 36688 ssh2 2020-06-13T11:06:00.9805481495-001 sshd[23334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.169.39.218 user=root 2020-06-13T11:06:02.9315401495-001 sshd[23334]: Failed password for root from 213.169.39.218 port 34786 ssh2 ...	2020-06-14 01:53:26

Recently Reported IPs

195.9.31.221	192.82.65.131	187.10.211.207	181.111.246.2
188.82.43.187	188.79.24.81	188.78.187.167	188.76.80.55
169.177.114.100	188.76.61.21	115.117.110.14	104.111.106.77
198.69.38.145	158.137.15.142	26.96.239.241	126.148.165.24
208.133.188.119	197.16.54.111	168.109.158.104	226.41.33.27