89.42.252.124 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Romania

Internet Service Provider: UPC Romania SRL

Hostname: unknown

Organization: Liberty Global B.V.

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Sep 1 03:20:18 web9 sshd\[3069\]: Invalid user gts from 89.42.252.124 Sep 1 03:20:18 web9 sshd\[3069\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Sep 1 03:20:20 web9 sshd\[3069\]: Failed password for invalid user gts from 89.42.252.124 port 57230 ssh2 Sep 1 03:23:39 web9 sshd\[3427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 user=root Sep 1 03:23:41 web9 sshd\[3427\]: Failed password for root from 89.42.252.124 port 53918 ssh2	2020-09-01 21:36:34
attack	Aug 6 11:56:28 Tower sshd[26797]: Connection from 89.42.252.124 port 33840 on 192.168.10.220 port 22 rdomain "" Aug 6 11:56:30 Tower sshd[26797]: Failed password for root from 89.42.252.124 port 33840 ssh2 Aug 6 11:56:30 Tower sshd[26797]: Received disconnect from 89.42.252.124 port 33840:11: Bye Bye [preauth] Aug 6 11:56:30 Tower sshd[26797]: Disconnected from authenticating user root 89.42.252.124 port 33840 [preauth]	2020-08-07 00:44:17
attackbotsspam	Jul 11 20:22:38 rush sshd[11464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Jul 11 20:22:39 rush sshd[11464]: Failed password for invalid user saikrushna from 89.42.252.124 port 58940 ssh2 Jul 11 20:26:02 rush sshd[11534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 ...	2020-07-12 04:47:48
attack	Total attacks: 2	2020-07-11 16:31:19
attack	Jul 9 07:14:49 onepixel sshd[1089167]: Invalid user kurama from 89.42.252.124 port 54430 Jul 9 07:14:49 onepixel sshd[1089167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Jul 9 07:14:49 onepixel sshd[1089167]: Invalid user kurama from 89.42.252.124 port 54430 Jul 9 07:14:51 onepixel sshd[1089167]: Failed password for invalid user kurama from 89.42.252.124 port 54430 ssh2 Jul 9 07:18:12 onepixel sshd[1091097]: Invalid user april from 89.42.252.124 port 51250	2020-07-09 17:30:58
attackbotsspam	Jun 24 08:32:11 ns392434 sshd[27295]: Invalid user hadoop from 89.42.252.124 port 41172 Jun 24 08:32:11 ns392434 sshd[27295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Jun 24 08:32:11 ns392434 sshd[27295]: Invalid user hadoop from 89.42.252.124 port 41172 Jun 24 08:32:13 ns392434 sshd[27295]: Failed password for invalid user hadoop from 89.42.252.124 port 41172 ssh2 Jun 24 08:36:26 ns392434 sshd[27325]: Invalid user ubuntu from 89.42.252.124 port 51156 Jun 24 08:36:26 ns392434 sshd[27325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Jun 24 08:36:26 ns392434 sshd[27325]: Invalid user ubuntu from 89.42.252.124 port 51156 Jun 24 08:36:29 ns392434 sshd[27325]: Failed password for invalid user ubuntu from 89.42.252.124 port 51156 ssh2 Jun 24 08:37:57 ns392434 sshd[27331]: Invalid user sk from 89.42.252.124 port 38110	2020-06-24 15:06:50
attackspam	Jun 22 17:34:48 firewall sshd[15184]: Invalid user mc from 89.42.252.124 Jun 22 17:34:50 firewall sshd[15184]: Failed password for invalid user mc from 89.42.252.124 port 34170 ssh2 Jun 22 17:36:36 firewall sshd[15277]: Invalid user prueba1 from 89.42.252.124 ...	2020-06-23 05:27:04
attackbotsspam	Jun 21 04:07:02 django-0 sshd[27084]: Failed password for invalid user userftp from 89.42.252.124 port 38172 ssh2 Jun 21 04:12:47 django-0 sshd[27121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 user=root Jun 21 04:12:49 django-0 sshd[27121]: Failed password for root from 89.42.252.124 port 37910 ssh2 ...	2020-06-21 12:30:03
attackspambots	$f2bV_matches	2020-05-21 18:18:19
attackbots	2020-05-10T13:42:37.348668shield sshd\[5086\]: Invalid user name from 89.42.252.124 port 18413 2020-05-10T13:42:37.352238shield sshd\[5086\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 2020-05-10T13:42:38.826004shield sshd\[5086\]: Failed password for invalid user name from 89.42.252.124 port 18413 ssh2 2020-05-10T13:48:23.215217shield sshd\[7023\]: Invalid user odoo from 89.42.252.124 port 38806 2020-05-10T13:48:23.218997shield sshd\[7023\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124	2020-05-11 03:06:56
attack	web-1 [ssh_2] SSH Attack	2020-05-06 15:43:45
attack	2020-05-01T10:39:08.4330841495-001 sshd[24335]: Invalid user mcc from 89.42.252.124 port 29203 2020-05-01T10:39:10.1696021495-001 sshd[24335]: Failed password for invalid user mcc from 89.42.252.124 port 29203 ssh2 2020-05-01T10:45:37.9652551495-001 sshd[24596]: Invalid user abc1 from 89.42.252.124 port 29203 2020-05-01T10:45:37.9725921495-001 sshd[24596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 2020-05-01T10:45:37.9652551495-001 sshd[24596]: Invalid user abc1 from 89.42.252.124 port 29203 2020-05-01T10:45:39.7722611495-001 sshd[24596]: Failed password for invalid user abc1 from 89.42.252.124 port 29203 ssh2 ...	2020-05-02 00:07:17
attackbots	Invalid user ubuntu from 89.42.252.124 port 10188	2020-04-30 04:10:19
attackspambots	[ssh] SSH attack	2020-04-27 21:42:35
attack	$f2bV_matches	2020-04-26 02:52:59
attackbotsspam	2020-04-22T20:20:58.986239 sshd[17684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 user=root 2020-04-22T20:21:01.010189 sshd[17684]: Failed password for root from 89.42.252.124 port 1787 ssh2 2020-04-22T20:27:16.341856 sshd[17732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 user=root 2020-04-22T20:27:18.927446 sshd[17732]: Failed password for root from 89.42.252.124 port 21012 ssh2 ...	2020-04-23 02:29:01
attackspambots	Apr 10 04:37:38 server1 sshd\[6073\]: Invalid user ranger from 89.42.252.124 Apr 10 04:37:38 server1 sshd\[6073\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Apr 10 04:37:39 server1 sshd\[6073\]: Failed password for invalid user ranger from 89.42.252.124 port 22030 ssh2 Apr 10 04:43:41 server1 sshd\[7938\]: Invalid user admin from 89.42.252.124 Apr 10 04:43:41 server1 sshd\[7938\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 ...	2020-04-10 18:55:16
attack	Fail2Ban - SSH Bruteforce Attempt	2020-04-07 08:53:31
attackspam	Unauthorised connection attempt detected at AUO NODE 1. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-06 03:26:04
attack	Mar 28 13:14:44 vpn01 sshd[32596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Mar 28 13:14:46 vpn01 sshd[32596]: Failed password for invalid user cjf from 89.42.252.124 port 16028 ssh2 ...	2020-03-28 20:28:22
attack	Mar 25 22:54:35 meumeu sshd[12311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Mar 25 22:54:37 meumeu sshd[12311]: Failed password for invalid user yamagiwa from 89.42.252.124 port 46842 ssh2 Mar 25 22:58:41 meumeu sshd[12784]: Failed password for sshd from 89.42.252.124 port 24961 ssh2 ...	2020-03-26 06:26:11
attackbotsspam	Invalid user temp from 89.42.252.124 port 52503	2020-03-22 07:50:00
attackspam	(sshd) Failed SSH login from 89.42.252.124 (RO/Romania/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 10 09:04:05 amsweb01 sshd[20452]: Invalid user kigwasshoi from 89.42.252.124 port 47204 Mar 10 09:04:08 amsweb01 sshd[20452]: Failed password for invalid user kigwasshoi from 89.42.252.124 port 47204 ssh2 Mar 10 09:11:57 amsweb01 sshd[21431]: Invalid user try from 89.42.252.124 port 11239 Mar 10 09:11:59 amsweb01 sshd[21431]: Failed password for invalid user try from 89.42.252.124 port 11239 ssh2 Mar 10 09:14:43 amsweb01 sshd[21777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 user=root	2020-03-10 17:23:16
attack	Mar 6 19:24:03 serwer sshd\[17641\]: Invalid user wy from 89.42.252.124 port 57607 Mar 6 19:24:03 serwer sshd\[17641\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Mar 6 19:24:05 serwer sshd\[17641\]: Failed password for invalid user wy from 89.42.252.124 port 57607 ssh2 ...	2020-03-07 05:34:20
attackbotsspam	Automatic report - Banned IP Access	2020-02-12 21:31:21
attackbotsspam	Feb 12 01:17:14 IngegnereFirenze sshd[19915]: Failed password for invalid user sather from 89.42.252.124 port 16691 ssh2 ...	2020-02-12 10:09:23
attackspam	Unauthorized connection attempt detected from IP address 89.42.252.124 to port 2220 [J]	2020-02-02 00:03:55
attackspambots	Unauthorized connection attempt detected from IP address 89.42.252.124 to port 2220 [J]	2020-01-30 20:37:37
attack	Dec 27 22:09:23 server sshd\[2233\]: Invalid user usr01 from 89.42.252.124 Dec 27 22:09:23 server sshd\[2233\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Dec 27 22:09:25 server sshd\[2233\]: Failed password for invalid user usr01 from 89.42.252.124 port 24274 ssh2 Dec 27 22:09:53 server sshd\[2280\]: Invalid user usr01 from 89.42.252.124 Dec 27 22:09:53 server sshd\[2280\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 ...	2019-12-28 03:32:26
attackbots	Automatic report - Banned IP Access	2019-12-24 17:11:49

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 89.42.252.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60495
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;89.42.252.124.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041201 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 10:21:44 +08 2019
;; MSG SIZE  rcvd: 117

Host info

Host 124.252.42.89.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 124.252.42.89.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
61.177.172.102	attackbots	Jul 20 18:59:48 vps sshd[68863]: Failed password for root from 61.177.172.102 port 54745 ssh2 Jul 20 18:59:50 vps sshd[68863]: Failed password for root from 61.177.172.102 port 54745 ssh2 Jul 20 18:59:58 vps sshd[69534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.102 user=root Jul 20 18:59:59 vps sshd[69534]: Failed password for root from 61.177.172.102 port 13000 ssh2 Jul 20 19:00:02 vps sshd[69534]: Failed password for root from 61.177.172.102 port 13000 ssh2 ...	2020-07-21 01:00:31
74.82.47.29	attack	srv02 Mass scanning activity detected Target: 17 ..	2020-07-21 01:31:18
125.43.69.155	attackspambots	Jul 20 14:28:13 host sshd[5635]: Invalid user lmy from 125.43.69.155 port 48132 ...	2020-07-21 01:22:46
142.93.60.53	attackspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-20T15:47:57Z and 2020-07-20T15:55:56Z	2020-07-21 01:30:19
165.22.143.3	attackbots	Jul 20 16:23:14 debian-2gb-nbg1-2 kernel: \[17513534.054528\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=165.22.143.3 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=34908 PROTO=TCP SPT=41894 DPT=7604 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-21 00:57:08
182.23.3.226	attack	Jul 20 16:43:14 onepixel sshd[1739294]: Invalid user web3 from 182.23.3.226 port 36080 Jul 20 16:43:14 onepixel sshd[1739294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.23.3.226 Jul 20 16:43:14 onepixel sshd[1739294]: Invalid user web3 from 182.23.3.226 port 36080 Jul 20 16:43:16 onepixel sshd[1739294]: Failed password for invalid user web3 from 182.23.3.226 port 36080 ssh2 Jul 20 16:48:09 onepixel sshd[1742017]: Invalid user clara from 182.23.3.226 port 47048	2020-07-21 01:15:34
185.51.215.226	attackspambots	Unauthorized connection attempt detected from IP address 185.51.215.226 to port 445	2020-07-21 01:25:10
132.232.68.138	attackbots	2020-07-20T14:52:18.722775abusebot-2.cloudsearch.cf sshd[3923]: Invalid user alistair from 132.232.68.138 port 38230 2020-07-20T14:52:18.729295abusebot-2.cloudsearch.cf sshd[3923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.68.138 2020-07-20T14:52:18.722775abusebot-2.cloudsearch.cf sshd[3923]: Invalid user alistair from 132.232.68.138 port 38230 2020-07-20T14:52:21.126949abusebot-2.cloudsearch.cf sshd[3923]: Failed password for invalid user alistair from 132.232.68.138 port 38230 ssh2 2020-07-20T14:55:15.717479abusebot-2.cloudsearch.cf sshd[3972]: Invalid user carl from 132.232.68.138 port 34462 2020-07-20T14:55:15.721447abusebot-2.cloudsearch.cf sshd[3972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.68.138 2020-07-20T14:55:15.717479abusebot-2.cloudsearch.cf sshd[3972]: Invalid user carl from 132.232.68.138 port 34462 2020-07-20T14:55:17.752561abusebot-2.cloudsearch.cf sshd[3972]: ...	2020-07-21 00:53:51
178.239.151.237	attackspambots	Automatic report - Port Scan Attack	2020-07-21 01:06:29
45.95.168.124	attackbots	SSH Server BruteForce Attack	2020-07-21 01:33:06
64.227.79.125	attackbots	Jul 20 19:07:14 dhoomketu sshd[1702075]: Invalid user deepesh from 64.227.79.125 port 38656 Jul 20 19:07:14 dhoomketu sshd[1702075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.227.79.125 Jul 20 19:07:14 dhoomketu sshd[1702075]: Invalid user deepesh from 64.227.79.125 port 38656 Jul 20 19:07:16 dhoomketu sshd[1702075]: Failed password for invalid user deepesh from 64.227.79.125 port 38656 ssh2 Jul 20 19:11:07 dhoomketu sshd[1702196]: Invalid user croissant from 64.227.79.125 port 50004 ...	2020-07-21 01:15:57
222.186.169.192	attackbots	Jul 20 19:00:08 ns381471 sshd[8907]: Failed password for root from 222.186.169.192 port 1034 ssh2 Jul 20 19:00:11 ns381471 sshd[8907]: Failed password for root from 222.186.169.192 port 1034 ssh2	2020-07-21 01:03:53
54.76.120.237	attack	20 attempts against mh-misbehave-ban on sonic	2020-07-21 00:59:08
114.98.231.143	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-21 01:30:39
223.207.226.137	attack	Port Scan ...	2020-07-21 01:29:46

Recently Reported IPs

222.242.104.188	109.190.132.235	42.200.198.53	192.34.61.38
190.193.92.26	177.106.24.168	117.48.206.48	51.68.220.249
178.62.14.176	92.62.131.113	3.80.242.14	45.64.126.88
89.40.116.98	185.227.182.183	142.4.208.21	198.108.67.41
189.8.68.56	169.56.104.165	103.89.90.83	190.178.225.181