79.142.94.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: OBIT Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 79.142.94.142 on Port 445(SMB)	2020-07-13 06:17:00
attackspam	Honeypot attack, port: 445, PTR: h-kz-obit.obit.kz.	2020-01-13 18:57:36
attack	445/tcp [2019-08-06]1pkt	2019-08-07 11:05:02

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 79.142.94.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37850
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;79.142.94.142.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080602 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 07 11:04:57 CST 2019
;; MSG SIZE  rcvd: 117

Host info

142.94.142.79.in-addr.arpa domain name pointer h-kz-obit.obit.kz.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
142.94.142.79.in-addr.arpa	name = h-kz-obit.obit.kz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.29.159.167	attackspam	Apr 8 09:55:35 server sshd\[24104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.29.159.167 Apr 8 09:55:36 server sshd\[24104\]: Failed password for invalid user deploy from 222.29.159.167 port 32818 ssh2 Apr 9 07:48:21 server sshd\[26315\]: Invalid user ts from 222.29.159.167 Apr 9 07:48:21 server sshd\[26315\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.29.159.167 Apr 9 07:48:23 server sshd\[26315\]: Failed password for invalid user ts from 222.29.159.167 port 39730 ssh2 ...	2020-04-09 19:47:56
77.232.100.173	attackbotsspam	Apr 8 13:26:23 mx01 sshd[3572]: Invalid user teampspeak from 77.232.100.173 Apr 8 13:26:23 mx01 sshd[3572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.232.100.173 Apr 8 13:26:25 mx01 sshd[3572]: Failed password for invalid user teampspeak from 77.232.100.173 port 58582 ssh2 Apr 8 13:26:25 mx01 sshd[3572]: Received disconnect from 77.232.100.173: 11: Bye Bye [preauth] Apr 8 13:34:17 mx01 sshd[4632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.232.100.173 user=r.r Apr 8 13:34:19 mx01 sshd[4632]: Failed password for r.r from 77.232.100.173 port 60714 ssh2 Apr 8 13:34:19 mx01 sshd[4632]: Received disconnect from 77.232.100.173: 11: Bye Bye [preauth] Apr 8 13:38:32 mx01 sshd[5239]: Invalid user test1 from 77.232.100.173 Apr 8 13:38:32 mx01 sshd[5239]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.232.100.173 Apr 8 13:38:34 m........ -------------------------------	2020-04-09 19:19:44
222.186.30.167	attack	Apr 9 11:00:16 localhost sshd[97240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root Apr 9 11:00:18 localhost sshd[97240]: Failed password for root from 222.186.30.167 port 50119 ssh2 Apr 9 11:00:21 localhost sshd[97240]: Failed password for root from 222.186.30.167 port 50119 ssh2 Apr 9 11:00:16 localhost sshd[97240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root Apr 9 11:00:18 localhost sshd[97240]: Failed password for root from 222.186.30.167 port 50119 ssh2 Apr 9 11:00:21 localhost sshd[97240]: Failed password for root from 222.186.30.167 port 50119 ssh2 Apr 9 11:00:16 localhost sshd[97240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root Apr 9 11:00:18 localhost sshd[97240]: Failed password for root from 222.186.30.167 port 50119 ssh2 Apr 9 11:00:21 localhost sshd[97240]: Fa ...	2020-04-09 19:01:16
1.234.23.23	attackspambots	Apr 9 12:48:24 xeon sshd[19742]: Failed password for invalid user 2709 from 1.234.23.23 port 59864 ssh2	2020-04-09 19:11:10
49.234.94.128	attack	SSH invalid-user multiple login attempts	2020-04-09 19:10:44
45.71.208.253	attackbotsspam	Apr 9 13:56:40 webhost01 sshd[18519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.71.208.253 Apr 9 13:56:42 webhost01 sshd[18519]: Failed password for invalid user ubuntu from 45.71.208.253 port 36444 ssh2 ...	2020-04-09 19:14:47
106.53.94.190	attack	2020-04-09T08:22:11.038096abusebot.cloudsearch.cf sshd[27494]: Invalid user zimbra from 106.53.94.190 port 43044 2020-04-09T08:22:11.045166abusebot.cloudsearch.cf sshd[27494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.94.190 2020-04-09T08:22:11.038096abusebot.cloudsearch.cf sshd[27494]: Invalid user zimbra from 106.53.94.190 port 43044 2020-04-09T08:22:13.118878abusebot.cloudsearch.cf sshd[27494]: Failed password for invalid user zimbra from 106.53.94.190 port 43044 ssh2 2020-04-09T08:28:25.439380abusebot.cloudsearch.cf sshd[27899]: Invalid user sinusbot3 from 106.53.94.190 port 44228 2020-04-09T08:28:25.452366abusebot.cloudsearch.cf sshd[27899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.94.190 2020-04-09T08:28:25.439380abusebot.cloudsearch.cf sshd[27899]: Invalid user sinusbot3 from 106.53.94.190 port 44228 2020-04-09T08:28:27.537743abusebot.cloudsearch.cf sshd[27899]: Failed pass ...	2020-04-09 19:21:08
181.209.75.77	attack	Unauthorized connection attempt detected from IP address 181.209.75.77 to port 23	2020-04-09 19:29:13
142.44.251.207	attack	(sshd) Failed SSH login from 142.44.251.207 (CA/Canada/ip207.ip-142-44-251.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 9 13:21:44 srv sshd[31465]: Invalid user ubuntu from 142.44.251.207 port 49263 Apr 9 13:21:46 srv sshd[31465]: Failed password for invalid user ubuntu from 142.44.251.207 port 49263 ssh2 Apr 9 13:33:37 srv sshd[356]: Invalid user administrator from 142.44.251.207 port 36139 Apr 9 13:33:39 srv sshd[356]: Failed password for invalid user administrator from 142.44.251.207 port 36139 ssh2 Apr 9 13:37:59 srv sshd[842]: Invalid user ubuntu from 142.44.251.207 port 41300	2020-04-09 19:31:35
13.126.194.180	attackbotsspam	SSH brute-force attempt	2020-04-09 19:46:15
106.12.222.252	attack	Apr 9 11:44:45 cloud sshd[4683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.222.252 Apr 9 11:44:47 cloud sshd[4683]: Failed password for invalid user test from 106.12.222.252 port 35760 ssh2	2020-04-09 19:21:54
222.186.15.10	attackbots	Apr 9 13:03:16 dcd-gentoo sshd[32109]: User root from 222.186.15.10 not allowed because none of user's groups are listed in AllowGroups Apr 9 13:03:19 dcd-gentoo sshd[32109]: error: PAM: Authentication failure for illegal user root from 222.186.15.10 Apr 9 13:03:16 dcd-gentoo sshd[32109]: User root from 222.186.15.10 not allowed because none of user's groups are listed in AllowGroups Apr 9 13:03:19 dcd-gentoo sshd[32109]: error: PAM: Authentication failure for illegal user root from 222.186.15.10 Apr 9 13:03:16 dcd-gentoo sshd[32109]: User root from 222.186.15.10 not allowed because none of user's groups are listed in AllowGroups Apr 9 13:03:19 dcd-gentoo sshd[32109]: error: PAM: Authentication failure for illegal user root from 222.186.15.10 Apr 9 13:03:19 dcd-gentoo sshd[32109]: Failed keyboard-interactive/pam for invalid user root from 222.186.15.10 port 24806 ssh2 ...	2020-04-09 19:29:55
177.30.47.9	attackspam	Apr 9 11:15:53 localhost sshd\[12651\]: Invalid user test from 177.30.47.9 port 45374 Apr 9 11:15:53 localhost sshd\[12651\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.30.47.9 Apr 9 11:15:55 localhost sshd\[12651\]: Failed password for invalid user test from 177.30.47.9 port 45374 ssh2 ...	2020-04-09 19:23:45
89.40.114.6	attackbotsspam	Apr 9 09:19:44 *** sshd[8120]: Invalid user ubuntu from 89.40.114.6	2020-04-09 19:03:09
178.128.150.158	attack	Apr 9 13:09:16 ewelt sshd[30602]: Invalid user ircbot from 178.128.150.158 port 60682 Apr 9 13:09:16 ewelt sshd[30602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.150.158 Apr 9 13:09:16 ewelt sshd[30602]: Invalid user ircbot from 178.128.150.158 port 60682 Apr 9 13:09:18 ewelt sshd[30602]: Failed password for invalid user ircbot from 178.128.150.158 port 60682 ssh2 ...	2020-04-09 19:42:48

Recently Reported IPs

175.136.225.178	197.47.39.114	233.15.253.183	194.44.38.51
188.254.75.94	123.0.211.194	143.47.167.68	47.254.200.17
222.85.139.106	213.74.110.94	189.171.15.135	203.218.97.108
93.155.130.148	47.91.107.159	90.194.173.136	115.58.56.127
80.80.173.58	43.226.124.10	103.73.160.134	189.91.5.223