75.142.99.96 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Charter Communications Inc

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Aug 28 03:54:56 django-0 sshd[11037]: Invalid user admin from 75.142.99.96 Aug 28 03:54:58 django-0 sshd[11037]: Failed password for invalid user admin from 75.142.99.96 port 50070 ssh2 Aug 28 03:55:00 django-0 sshd[11041]: Invalid user admin from 75.142.99.96 ...	2020-08-28 19:25:27

Type

Details

Datetime

attack

Aug 28 03:54:56 django-0 sshd[11037]: Invalid user admin from 75.142.99.96
Aug 28 03:54:58 django-0 sshd[11037]: Failed password for invalid user admin from 75.142.99.96 port 50070 ssh2
Aug 28 03:55:00 django-0 sshd[11041]: Invalid user admin from 75.142.99.96
...

2020-08-28 19:25:27

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 75.142.99.96
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34872
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;75.142.99.96.			IN	A

;; AUTHORITY SECTION:
.			438	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082800 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Aug 28 19:25:22 CST 2020
;; MSG SIZE  rcvd: 116

Host info

96.99.142.75.in-addr.arpa domain name pointer 075-142-099-096.res.spectrum.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
96.99.142.75.in-addr.arpa	name = 075-142-099-096.res.spectrum.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.88.112.73	attackbots	Nov 21 15:43:48 pi sshd\[21927\]: Failed password for root from 49.88.112.73 port 62363 ssh2 Nov 21 15:45:11 pi sshd\[21949\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.73 user=root Nov 21 15:45:13 pi sshd\[21949\]: Failed password for root from 49.88.112.73 port 46306 ssh2 Nov 21 15:45:15 pi sshd\[21949\]: Failed password for root from 49.88.112.73 port 46306 ssh2 Nov 21 15:45:18 pi sshd\[21949\]: Failed password for root from 49.88.112.73 port 46306 ssh2 ...	2019-11-22 00:17:54
183.90.100.209	attackbots	/wp-login.php	2019-11-22 00:01:34
62.28.132.131	attackspam	Bad mail behaviour	2019-11-22 00:33:46
201.205.137.173	attackbots	Nov 20 20:26:41 server2 sshd[5624]: Address 201.205.137.173 maps to mail.gruposervica.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Nov 20 20:26:41 server2 sshd[5624]: Invalid user watcher from 201.205.137.173 Nov 20 20:26:41 server2 sshd[5624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.205.137.173 Nov 20 20:26:43 server2 sshd[5624]: Failed password for invalid user watcher from 201.205.137.173 port 53552 ssh2 Nov 20 20:26:43 server2 sshd[5624]: Received disconnect from 201.205.137.173: 11: Bye Bye [preauth] Nov 20 20:39:03 server2 sshd[6628]: Address 201.205.137.173 maps to mail.gruposervica.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Nov 20 20:39:03 server2 sshd[6628]: Invalid user test from 201.205.137.173 Nov 20 20:39:03 server2 sshd[6628]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.205.137.173 ........ ----------------------------------------	2019-11-22 00:12:03
206.189.123.144	attackbots	Nov 21 16:36:45 sd-53420 sshd\[5977\]: Invalid user ts3bot from 206.189.123.144 Nov 21 16:36:45 sd-53420 sshd\[5977\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.123.144 Nov 21 16:36:47 sd-53420 sshd\[5977\]: Failed password for invalid user ts3bot from 206.189.123.144 port 44512 ssh2 Nov 21 16:37:01 sd-53420 sshd\[6053\]: Invalid user ts3bot from 206.189.123.144 Nov 21 16:37:01 sd-53420 sshd\[6053\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.123.144 ...	2019-11-21 23:58:58
139.59.71.19	attack	139.59.71.19 - - \[21/Nov/2019:15:54:35 +0100\] "POST /wp-login.php HTTP/1.0" 200 7538 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.59.71.19 - - \[21/Nov/2019:15:54:37 +0100\] "POST /wp-login.php HTTP/1.0" 200 7534 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.59.71.19 - - \[21/Nov/2019:15:54:40 +0100\] "POST /wp-login.php HTTP/1.0" 200 7524 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-22 00:29:46
222.186.180.41	attackbotsspam	Nov 21 17:04:31 dev0-dcde-rnet sshd[17387]: Failed password for root from 222.186.180.41 port 34934 ssh2 Nov 21 17:04:44 dev0-dcde-rnet sshd[17387]: error: maximum authentication attempts exceeded for root from 222.186.180.41 port 34934 ssh2 [preauth] Nov 21 17:04:51 dev0-dcde-rnet sshd[17389]: Failed password for root from 222.186.180.41 port 22020 ssh2	2019-11-22 00:08:19
222.186.180.8	attack	Nov 21 16:57:10 legacy sshd[336]: Failed password for root from 222.186.180.8 port 52008 ssh2 Nov 21 16:57:23 legacy sshd[336]: error: maximum authentication attempts exceeded for root from 222.186.180.8 port 52008 ssh2 [preauth] Nov 21 16:57:29 legacy sshd[344]: Failed password for root from 222.186.180.8 port 50120 ssh2 ...	2019-11-22 00:02:54
123.201.125.126	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-22 00:20:51
80.98.98.180	attack	Nov 21 16:56:52 cvbnet sshd[29657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.98.98.180 Nov 21 16:56:55 cvbnet sshd[29657]: Failed password for invalid user tameishi from 80.98.98.180 port 39339 ssh2 ...	2019-11-22 00:31:53
118.24.95.31	attackspam	Nov 21 16:21:12 eventyay sshd[22284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.95.31 Nov 21 16:21:14 eventyay sshd[22284]: Failed password for invalid user thman from 118.24.95.31 port 50554 ssh2 Nov 21 16:26:23 eventyay sshd[22369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.95.31 ...	2019-11-22 00:13:26
159.203.197.6	attackspam	159.203.197.6 was recorded 13 times by 13 hosts attempting to connect to the following ports: 2095. Incident counter (4h, 24h, all-time): 13, 25, 119	2019-11-22 00:38:20
164.132.53.185	attackspam	2019-11-21T16:01:02.108413abusebot-5.cloudsearch.cf sshd\[21856\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.scd.ovh user=root	2019-11-22 00:10:11
40.117.78.147	attack	Nov 21 05:45:36 hpm sshd\[4988\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.117.78.147 user=root Nov 21 05:45:38 hpm sshd\[4988\]: Failed password for root from 40.117.78.147 port 38018 ssh2 Nov 21 05:50:05 hpm sshd\[5349\]: Invalid user haase from 40.117.78.147 Nov 21 05:50:05 hpm sshd\[5349\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.117.78.147 Nov 21 05:50:08 hpm sshd\[5349\]: Failed password for invalid user haase from 40.117.78.147 port 50134 ssh2	2019-11-22 00:03:47
123.13.200.122	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-22 00:45:28

Recently Reported IPs

2600:3c04::f03c:92ff:fe0f:6911	192.35.168.164	106.53.238.15	162.243.129.8
119.45.200.136	237.50.114.75	129.43.19.6	91.126.45.52
62.234.106.112	106.110.50.229	218.69.191.127	81.214.111.161
170.253.51.133	125.160.114.150	81.219.95.138	114.35.152.62
78.101.81.191	60.11.215.83	124.132.136.85	116.79.186.155